Create Interactive Tour

Windows Analysis Report
http://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974

Overview

General Information

Sample URL:http://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974
Analysis ID:1422435

Detection

HTMLPhisher
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected HtmlPhish54
HTML page contains suspicious iframes
Performs DNS queries to domains with low reputation
Found iframes
HTML body contains low number of good links
HTML page contains hidden URLs or javascript code
HTML page contains obfuscate script src
Stores files to the Windows start menu directory

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 1336 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 372 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1908,i,9028333003551819095,18391759697580386841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup
SourceRuleDescriptionAuthorStrings
8.13.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
    9.16.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
      9.14.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
        8.13.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
          9.16.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
            Click to see the 5 entries
            No Sigma rule has matched
            No Snort rule has matched

            Click to jump to signature section

            Show All Signature Results

            Phishing

            barindex
            Source: Yara matchFile source: 8.13.pages.csv, type: HTML
            Source: Yara matchFile source: 9.16.pages.csv, type: HTML
            Source: Yara matchFile source: 9.14.pages.csv, type: HTML
            Source: Yara matchFile source: 8.13.pages.csv, type: HTML
            Source: Yara matchFile source: 9.16.pages.csv, type: HTML
            Source: Yara matchFile source: 9.14.pages.csv, type: HTML
            Source: Yara matchFile source: 8.13.pages.csv, type: HTML
            Source: Yara matchFile source: 9.14.pages.csv, type: HTML
            Source: Yara matchFile source: 9.19.pages.csv, type: HTML
            Source: Yara matchFile source: 9.16.pages.csv, type: HTML
            Source: https://5c7092bf.1342a94e0d1a953a2049ebc5.workers.dev/HTTP Parser: position:fixed;top:0;left:0;bottom:0;right:0;width:100%;height:100%;border:none;margin:0;padding:0;overflow:hidden;z-index:999999
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: Number of links: 0
            Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gxx2s/0x4AAAAAAAWQL1lev_HR6Kzv/auto/normalHTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gxx2s/0x4AAAAAAAWQL1lev_HR6Kzv/auto/normal
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: <input type="password" .../> found
            Source: https://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974HTTP Parser: No favicon
            Source: https://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974HTTP Parser: No favicon
            Source: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcE_6MUAAAAACM2aL4qbFG8PNDIIl4krUNCLmXE&co=aHR0cHM6Ly9sb29rZXJzdHVkaW8uZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=24sxf9ethdf0HTTP Parser: No favicon
            Source: https://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974/page/p_w2kxxix6ddHTTP Parser: No favicon
            Source: https://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974/page/p_w2kxxix6ddHTTP Parser: No favicon
            Source: https://5c7092bf.1342a94e0d1a953a2049ebc5.workers.dev/HTTP Parser: No favicon
            Source: https://5c7092bf.1342a94e0d1a953a2049ebc5.workers.dev/HTTP Parser: No favicon
            Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gxx2s/0x4AAAAAAAWQL1lev_HR6Kzv/auto/normalHTTP Parser: No favicon
            Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gxx2s/0x4AAAAAAAWQL1lev_HR6Kzv/auto/normalHTTP Parser: No favicon
            Source: https://5c7092bf.1342a94e0d1a953a2049ebc5.workers.dev/HTTP Parser: No favicon
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9CHTTP Parser: No favicon
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No favicon
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No favicon
            Source: https://outlook.office365.com/owa/prefetch.aspxHTTP Parser: No favicon
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No favicon
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No <meta name="author".. found
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/?jfd64ekzo=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9MDZhYzU3ZjktNGM5Zi0yZDY0LTJlN2ItNGRiZDJiZWM3NzgzJnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODQ4MTg2NjQyNDIxNzI1Mi5mNmJmODJjNy01OGVhLTRkNWEtOTUyMC03NzZlMzliM2ZjNDYmc3RhdGU9RGNzN0ZvQWdEQUJCME9keEloRHk0emlBMEZwNmZWUE1kaHREQ0tjN1hNeWVvRktOckpnSUlXRlJaTHkzakcwNEZkaFdCM3E0UTJQTW9DcXJ0bEgzSkluLVh1bjlldm9C&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
            Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49792 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.17:49834 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.17:49835 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.17:49874 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49876 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49880 version: TLS 1.2

            Networking

            barindex
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: 8ecoc03nvib.543256r252762029202032983292e98h9e.xyz
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: 8ecoc03nvib.543256r252762029202032983292e98h9e.xyz
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: 8ecoc03nvib.543256r252762029202032983292e98h9e.xyz
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: 8ecoc03nvib.543256r252762029202032983292e98h9e.xyz
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 184.30.122.249
            Source: unknownTCP traffic detected without corresponding DNS query: 184.30.122.249
            Source: unknownTCP traffic detected without corresponding DNS query: 23.206.222.123
            Source: unknownTCP traffic detected without corresponding DNS query: 23.206.222.123
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownDNS traffic detected: queries for: lookerstudio.google.com
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
            Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
            Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
            Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
            Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
            Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
            Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
            Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
            Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
            Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49690
            Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
            Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
            Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
            Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
            Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
            Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
            Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
            Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
            Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
            Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
            Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
            Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
            Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
            Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
            Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
            Source: unknownNetwork traffic detected: HTTP traffic on port 49676 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
            Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
            Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
            Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
            Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
            Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
            Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
            Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
            Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
            Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
            Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
            Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
            Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49690 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
            Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
            Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
            Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
            Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 443
            Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49792 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.17:49834 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.17:49835 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.17:49874 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49876 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49880 version: TLS 1.2
            Source: classification engineClassification label: mal56.phis.troj.win@22/89@32/353
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1908,i,9028333003551819095,18391759697580386841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1908,i,9028333003551819095,18391759697580386841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire Infrastructure1
            Drive-by Compromise
            Windows Management Instrumentation1
            Registry Run Keys / Startup Folder
            1
            Process Injection
            1
            Masquerading
            OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
            Encrypted Channel
            Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
            Registry Run Keys / Startup Folder
            1
            Process Injection
            LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
            Non-Application Layer Protocol
            Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
            Application Layer Protocol
            Automated ExfiltrationData Encrypted for Impact

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand
            SourceDetectionScannerLabelLink
            http://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e9740%Avira URL Cloudsafe
            No Antivirus matches
            No Antivirus matches
            No Antivirus matches
            SourceDetectionScannerLabelLink
            about:blank0%Avira URL Cloudsafe
            NameIPActiveMaliciousAntivirus DetectionReputation
            lookerstudio.google.com
            172.217.2.206
            truefalse
              high
              5c7092bf.1342a94e0d1a953a2049ebc5.workers.dev
              172.67.182.221
              truefalse
                unknown
                part-0013.t-0009.t-msedge.net
                13.107.213.41
                truefalse
                  unknown
                  cs1100.wpc.omegacdn.net
                  152.199.4.44
                  truefalse
                    unknown
                    plus.l.google.com
                    142.250.189.142
                    truefalse
                      high
                      challenges.cloudflare.com
                      104.17.2.184
                      truefalse
                        high
                        www.google.com
                        142.250.217.228
                        truefalse
                          high
                          8ecoc03nvib.543256r252762029202032983292e98h9e.xyz
                          158.255.213.124
                          truetrue
                            unknown
                            LYH-efz.ms-acdc.office.com
                            52.96.182.18
                            truefalse
                              high
                              r4.res.office365.com
                              unknown
                              unknownfalse
                                high
                                aadcdn.msftauth.net
                                unknown
                                unknownfalse
                                  unknown
                                  apis.google.com
                                  unknown
                                  unknownfalse
                                    high
                                    outlook.office365.com
                                    unknown
                                    unknownfalse
                                      high
                                      NameMaliciousAntivirus DetectionReputation
                                      https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcE_6MUAAAAACM2aL4qbFG8PNDIIl4krUNCLmXE&co=aHR0cHM6Ly9sb29rZXJzdHVkaW8uZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=24sxf9ethdf0false
                                        high
                                        https://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974/page/p_w2kxxix6ddfalse
                                          high
                                          https://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974false
                                            high
                                            about:blankfalse
                                            • Avira URL Cloud: safe
                                            low
                                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/gxx2s/0x4AAAAAAAWQL1lev_HR6Kzv/auto/normalfalse
                                              high
                                              https://5c7092bf.1342a94e0d1a953a2049ebc5.workers.dev/true
                                                unknown
                                                https://outlook.office365.com/owa/prefetch.aspxfalse
                                                  high
                                                  • No. of IPs < 25%
                                                  • 25% < No. of IPs < 50%
                                                  • 50% < No. of IPs < 75%
                                                  • 75% < No. of IPs
                                                  IPDomainCountryFlagASNASN NameMalicious
                                                  142.250.189.142
                                                  plus.l.google.comUnited States
                                                  15169GOOGLEUSfalse
                                                  192.178.50.78
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  40.126.28.19
                                                  unknownUnited States
                                                  8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                  142.250.217.238
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  104.17.3.184
                                                  unknownUnited States
                                                  13335CLOUDFLARENETUSfalse
                                                  172.217.15.202
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  142.250.217.163
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  172.217.15.206
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  13.107.213.41
                                                  part-0013.t-0009.t-msedge.netUnited States
                                                  8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                  142.251.35.234
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  142.251.35.232
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  172.217.2.206
                                                  lookerstudio.google.comUnited States
                                                  15169GOOGLEUSfalse
                                                  158.255.213.124
                                                  8ecoc03nvib.543256r252762029202032983292e98h9e.xyzEuropean Union
                                                  29802HVC-ASUStrue
                                                  142.250.189.131
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  172.67.182.221
                                                  5c7092bf.1342a94e0d1a953a2049ebc5.workers.devUnited States
                                                  13335CLOUDFLARENETUSfalse
                                                  104.21.83.230
                                                  unknownUnited States
                                                  13335CLOUDFLARENETUSfalse
                                                  192.178.50.67
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  1.1.1.1
                                                  unknownAustralia
                                                  13335CLOUDFLARENETUSfalse
                                                  52.96.182.18
                                                  LYH-efz.ms-acdc.office.comUnited States
                                                  8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                  192.178.50.42
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  142.250.217.228
                                                  www.google.comUnited States
                                                  15169GOOGLEUSfalse
                                                  142.250.217.206
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  142.250.64.202
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  142.250.189.138
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  142.250.217.227
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  173.194.217.84
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  20.189.173.28
                                                  unknownUnited States
                                                  8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                  23.208.28.138
                                                  unknownUnited States
                                                  20940AKAMAI-ASN1EUfalse
                                                  142.250.217.174
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  239.255.255.250
                                                  unknownReserved
                                                  unknownunknownfalse
                                                  142.250.217.234
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  142.250.64.170
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  104.17.2.184
                                                  challenges.cloudflare.comUnited States
                                                  13335CLOUDFLARENETUSfalse
                                                  142.250.217.195
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  172.217.3.74
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  20.42.73.31
                                                  unknownUnited States
                                                  8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                  142.250.217.170
                                                  unknownUnited States
                                                  15169GOOGLEUSfalse
                                                  IP
                                                  192.168.2.17
                                                  192.168.2.23
                                                  Joe Sandbox version:40.0.0 Tourmaline
                                                  Analysis ID:1422435
                                                  Start date and time:2024-04-08 17:23:02 +02:00
                                                  Joe Sandbox product:CloudBasic
                                                  Overall analysis duration:
                                                  Hypervisor based Inspection enabled:false
                                                  Report type:full
                                                  Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                  Sample URL:http://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974
                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                  Number of analysed new started processes analysed:19
                                                  Number of new started drivers analysed:0
                                                  Number of existing processes analysed:0
                                                  Number of existing drivers analysed:0
                                                  Number of injected processes analysed:0
                                                  Technologies:
                                                  • EGA enabled
                                                  Analysis Mode:stream
                                                  Analysis stop reason:Timeout
                                                  Detection:MAL
                                                  Classification:mal56.phis.troj.win@22/89@32/353
                                                  • Exclude process from analysis (whitelisted): SIHClient.exe
                                                  • Excluded IPs from analysis (whitelisted): 142.250.189.131, 142.250.217.238, 173.194.217.84, 34.104.35.123, 142.250.189.138, 142.250.217.195, 142.250.217.163, 172.217.15.206, 142.251.35.232, 192.178.50.67, 142.251.35.234, 192.178.50.42, 142.250.217.170, 142.250.217.202, 192.178.50.74, 142.250.64.202, 172.217.2.202, 142.250.217.234, 142.250.64.170, 172.217.15.202, 142.250.217.227
                                                  • Excluded domains from analysis (whitelisted): fonts.googleapis.com, ssl.gstatic.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com, clients2.google.com, edgedl.me.gvt1.com, www.googletagmanager.com, clients.l.google.com, www.gstatic.com, content-people-pa.googleapis.com, www.google-analytics.com
                                                  • Not all processes where analyzed, report is missing behavior information
                                                  • VT rate limit hit for: http://lookerstudio.google.com/reporting/471f6d11-9fc6-4382-92a9-62afa720e974
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 8 14:23:31 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2677
                                                  Entropy (8bit):4.001474845054519
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:E0AABBEE0FE1B23100B03E1FC385A914
                                                  SHA1:182D97970F203C2153BC253EB67E0D7E96C5FAC0
                                                  SHA-256:0CB7BEB4226E7900FD2615CBE386D86CE2011BAAD60948D24819E48536B8ED4B
                                                  SHA-512:683067AA02C64FF405D4B0B734EFEE0EE2B391DDD502FCFA2502A1FFDFA80368E226DD540376419C37147BAF0ABB96207AAC5A07C3ECE0F7681C20D2A6BA6669
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:L..................F.@.. ...$+.,.............y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X.z....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.z....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X.z....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X.z...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.z...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............G.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 8 14:23:30 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2679
                                                  Entropy (8bit):4.015691242973238
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:767AB80E4DC5A16371D0816EFABB9D83
                                                  SHA1:DE0AC1B2165DCD69415F77EBA899F6F2BEFBCB38
                                                  SHA-256:83AC93E2B926EB0692CC1784C998177FD4C3648EFCAA81B03CEB3E2CBA80FC77
                                                  SHA-512:5736A7A2BF1EC80CB3450494CA7D8D3AAFA3246AA35A839AC4A380F8B0F541C931CDCBBAAF2EE0595D7B9A528A3953CF4C46E5EF8C97C44231C83FFDE1F46E1D
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:L..................F.@.. ...$+.,....s........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X.z....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.z....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X.z....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X.z...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.z...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............G.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2693
                                                  Entropy (8bit):4.021326654467336
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:7A75662A4BA9A0FE3E6CA61A70377A3E
                                                  SHA1:CCC46F4261F4F8B93C5B526DF1D7D3516A8C0427
                                                  SHA-256:454AC955937A348E88CF40C4F7D09D1CAE4EA11305BB86188D191FD7B994014D
                                                  SHA-512:9C6C023FD1072AC54A1F7C1599E5F61FF622716E7602EF2AE984C931348B095BE05E6D0D44B31B87A885CB66581E00EA7523FA3F61BCFEF8B99FA1426921C442
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X.z....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.z....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X.z....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X.z...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............G.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 8 14:23:30 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2681
                                                  Entropy (8bit):4.0132767891393355
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:F3237010DDA0F1AEB2F28C0E62D949F7
                                                  SHA1:6B41410FCE764DD0FC828309756B66C5CDAB3FAD
                                                  SHA-256:2EB40B755D9EDC37714FA77BFACFF91CAB75FE658A72D1D629F9DB2DBBE5A0A3
                                                  SHA-512:2E08461E1F978CC9E82D12D7CAB0D6752C758867200850BD7992FC2C659B095EABE640CD39C0CDD7C2585B4F3EB614896C8C4B0E53C77B507D82871A13A1EF40
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:L..................F.@.. ...$+.,....?j.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X.z....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.z....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X.z....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X.z...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.z...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............G.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 8 14:23:30 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2681
                                                  Entropy (8bit):4.003795341091703
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:6D81FA570A5B8EB761A4DC3BF99B8B8B
                                                  SHA1:2CCEA5D19F0C76EEA1392AE3CD539BBFDAC36FCE
                                                  SHA-256:C4EE15FEDD4118C09FA8DEBD1076BF41DB094826B07B8B95F7264905BE4FDB13
                                                  SHA-512:0FA4972377B82A6D6E46ECBD11DA32CB0F99AD0CBA8C4BDABF6B18EFFB09A20A8B410834CCB0D28E97A6BB71483B90DA9B89ECD2D87BE84C85634DC6C6D134DF
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:L..................F.@.. ...$+.,.....?.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X.z....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.z....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X.z....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X.z...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.z...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............G.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Apr 8 14:23:30 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                                  Category:dropped
                                                  Size (bytes):2683
                                                  Entropy (8bit):4.0133996066895765
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:6BD8C154A571A2D12FA2EBC8EAE35171
                                                  SHA1:229525B726A0882300C85BED149D7C01F22FA3F9
                                                  SHA-256:D259F8252F3D3A8B99F24B5C06DACEFAC06D53F84D4B6A05FDF08E6042D78F45
                                                  SHA-512:88F60840A0D021B5D0900B7C278D20BE3F4E481B1D7C95FAE44E149C41BF66E2EC186D6EE8DB7C1AF3F16CEDD13AC93C72FE17B123417023620A8D85C9201798
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:L..................F.@.. ...$+.,.....,x........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.I.X.z....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.z....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.V.X.z....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.V.X.z...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.z...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............G.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (2628)
                                                  Category:downloaded
                                                  Size (bytes):78816
                                                  Entropy (8bit):5.595037486398595
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:3533BD99BFC4AD3030663FACD6376377
                                                  SHA1:3C77B4D4F94FC7BBBBB999C20D94D0D50E07339F
                                                  SHA-256:E516C6C325BA1D0E6CD316981355202FCDEF8BEEDB9DBA1EBF36AFADF030CE7C
                                                  SHA-512:03F7C3AAAD1C386F0B92F913ADC2F4A57EF60AD5274D43AC931E5A8267F36E41727D6692EC07A356769D58A6ED24577F1D72890D467067396743D397B751E96A
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo8ivBPi_9I5G7qxoBeYV5pO1OVdmQ/cb=gapi.loaded_0?le=scs
                                                  Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x20000, ]);.var da,ma,na,sa,ta,ya,Ca,Ea;_.ca=function(a){return function(){return _.ba[a].apply(this,arguments)}};_.ba=[];da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ma="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.na=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.qa=na(this);sa=function(a,b){if(b)a:{var c=_.qa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (5955)
                                                  Category:downloaded
                                                  Size (bytes):273636
                                                  Entropy (8bit):5.575945312208943
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:31466880970932BD1E2E1728128825F9
                                                  SHA1:3F8D3A6E81C34DADBCF2B219FAA23EF85C4FBE4B
                                                  SHA-256:0A903BBF135ACD392A7D8551A9289584B8FFE42A53588B170AFE52D02231B07D
                                                  SHA-512:950FC0194902E74FEB846975426610F11FAC2A19A5AEBF5E1F828D681756E324C3A63FF449CC73B1A19C7BF89F3698F14E64110BA8E634D8EAE7DF6D024E3097
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.googletagmanager.com/gtag/js?id=G-S4FJY0X3VX
                                                  Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_dma","priority":10,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":111},{"function":"__ogt_1p_data_v2","priority":10,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabl
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1136)
                                                  Category:dropped
                                                  Size (bytes):1566
                                                  Entropy (8bit):5.263730433848033
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:90FBA15F85654BEB963D66CF6788FA46
                                                  SHA1:E062B36BAB3022A99FDF8AC13199A4E3490CC826
                                                  SHA-256:046F4A44111341FA57748B7A865F5B8E9220851578AED66EDF473D9464A0E72F
                                                  SHA-512:49763A4442E5B9FA8B2473D9ABAC0D0831E098A2213A14731EFC22334B6940D65346175E5DD470C29E930D51B9D4B82D5EE755F8D9159B7FBA4DF6683DBAFCAB
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (2054)
                                                  Category:downloaded
                                                  Size (bytes):15102
                                                  Entropy (8bit):5.466664852651145
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:D0C72A9D4115E4756C3D7514BC30A06D
                                                  SHA1:75D1AAB7585D067BDFC256DEA097A42E54E3853F
                                                  SHA-256:C69188CA47D8060DF01FCE238F0C6687170AB9B15B2CD4A3797822F46E3F5568
                                                  SHA-512:4D38644F63EB36B7A577759B914CB26B49DA355DF17674C13A614D11E3CFAF2B4F700629E515ACF352FFD91151CB5E394B3F8505227942C68CDC0F5036ED3E52
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://apis.google.com/js/client.js
                                                  Preview:(function(){var aa="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},ca=ba(this),g=function(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-.1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&aa(c,a,{configurable:!0,writable:!0,value:b})}},h=function(a,b,c){if(null==a)throw new TypeError("The 'this' value for String.prototype."+c+" must not be null or undefined");if(b instanceof RegExp)throw new TypeError("First argument to String.prototype."+c+" must not be a regular expression");return a+""};.g("String.prototype.endsWith",function(a){return a?a:function(b,c){var d=h(this
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (17534)
                                                  Category:downloaded
                                                  Size (bytes):18129
                                                  Entropy (8bit):5.648351833901144
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:CA9D6A8B869092CA24F9FFF88B495053
                                                  SHA1:8F8536A555534C1BEF514D1F16994D87792A5872
                                                  SHA-256:642CA6C074985C71696911766FDD17B4BA8E876D362E836B54615E0D828B2300
                                                  SHA-512:DF53FF9ABB88F2234B6DECC9F9E7B7ED45D8DFDA3976CF5174BD33F810B142B378525523EA6026B89DE9FAFF83BAAE72C0BF60DA0ADD4FD4540CAC5FAEF5B8C2
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.google.com/js/bg/ZCymwHSYXHFpaRF2b90XtLqOh202LoNrVGFeDYKLIwA.js
                                                  Preview:/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */ (function(){var u=this||self,K=function(H){return H},x=function(H,J){if(!(H=(J=u.trustedTypes,null),J)||!J.createPolicy)return H;try{H=J.createPolicy("bg",{createHTML:K,createScript:K,createScriptURL:K})}catch(p){u.console&&u.console.error(p.message)}return H};(0,eval)(function(H,J){return(J=x())&&1===H.eval(J.createScript("1"))?function(p){return J.createScript(p)}:function(p){return""+p}}(u)(Array(7824*Math.random()|0).join("\n")+['(function(){/*',.'',.' SPDX-License-Identifier: Apache-2.0',.'*/',.'var y=function(J,H,K,x,u,e){if(H.N==H)for(u=b(H,J),509==J||510==J||82==J?(J=function(F,p,X,L){if((L=(p=u.length,(p|0)-4>>3),u.HC)!=L){L=(L<<3)-(X=[0,0,(u.HC=L,e[1]),e[2]],4);try{u.MX=HN(JL((L|0)+4,u),JL(L,u),X)}catch(t){throw t;}}u.push(u.MX[p&7]^F)},e=b(H,44)):J=function(F){u.push(F)},x&&J(x&255),H=0,x=K.length;H<x;H++)J(K[H])},u2=function(J,H,K,x,u,e){function F(){if(J.N==J){if(J.O){var p=[G,x,K,voi
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:JSON data
                                                  Category:downloaded
                                                  Size (bytes):32097
                                                  Entropy (8bit):4.926666731375466
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:3A49150CEAC87504AEE5154D59233C2D
                                                  SHA1:3A2FC4E47B3D963F1060AC630C532D73E58E8C77
                                                  SHA-256:4747330CE595C53A2229FB7AEDC5B589DD136D7FED56A1B718F32C8433AADF1D
                                                  SHA-512:41528A7D6075B14418864F68B7E8904956EF8977F0868F1C21CEA3C2BC186AEECA69CE2D1FE210652607185EA6F9CA1902865C295479D50E00A14F75CEA567FF
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://content-sheets.googleapis.com/$discovery/rest?version=v4&pp=0&fields=fields%5B%22kind%22%5D%2Cfields%5B%22name%22%5D%2Cfields%5B%22version%22%5D%2Cfields%5B%22rootUrl%22%5D%2Cfields%5B%22servicePath%22%5D%2Cfields%5B%22resources%22%5D%2Cfields%5B%22parameters%22%5D%2Cfields%5B%22methods%22%5D%2Cfields%5B%22batchPath%22%5D%2Cfields%5B%22id%22%5D&key=AIzaSyAng4TaCSbwmEwKIdn9M0m9ZHpzjAkbMw8
                                                  Preview:{"batchPath":"batch","servicePath":"","resources":{"spreadsheets":{"methods":{"create":{"id":"sheets.spreadsheets.create","path":"v4/spreadsheets","flatPath":"v4/spreadsheets","httpMethod":"POST","parameters":{},"parameterOrder":[],"request":{"$ref":"Spreadsheet"},"response":{"$ref":"Spreadsheet"},"scopes":["https://www.googleapis.com/auth/drive","https://www.googleapis.com/auth/drive.file","https://www.googleapis.com/auth/spreadsheets"],"description":"Creates a spreadsheet, returning the newly created spreadsheet."},"get":{"id":"sheets.spreadsheets.get","path":"v4/spreadsheets/{spreadsheetId}","flatPath":"v4/spreadsheets/{spreadsheetId}","httpMethod":"GET","parameters":{"spreadsheetId":{"description":"The spreadsheet to request.","location":"path","required":true,"type":"string"},"ranges":{"description":"The ranges to retrieve from the spreadsheet.","location":"query","repeated":true,"type":"string"},"includeGridData":{"description":"True if grid data should be returned. This paramete
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
                                                  Category:downloaded
                                                  Size (bytes):2347
                                                  Entropy (8bit):5.290031538794594
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:E86EF8B6111E5FB1D1665BCDC90888C9
                                                  SHA1:994BF7651CB967CD9053056AF2D69ACB74DB7F29
                                                  SHA-256:3410242720DE50B090D07A23AEE2DAD879B31D36F2615732962EC4CFA8A9D458
                                                  SHA-512:2486B491681EE91A9CD1ECC9AA011A3FB34B48358C5D7A4D503A5357BC5CE4CA22999F918D40AC60A3063940D5F326FC7E4E5713D89D5C102DE68824E371B3AB
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://login.live.com/Me.htm?v=3
                                                  Preview:<script type="text/javascript">!function(n,t){for(var e in t)n[e]=t[e]}(this,function(n){function t(i){if(e[i])return e[i].exports;var s=e[i]={exports:{},id:i,loaded:!1};return n[i].call(s.exports,s,s.exports,t),s.loaded=!0,s.exports}var e={};return t.m=n,t.c=e,t.p="",t(0)}([function(n,t){function e(n){for(var t=g[c],e=0,i=t.length;e<i;++e)if(t[e]===n)return!0;return!1}function i(n){if(!n)return null;for(var t=n+"=",e=document.cookie.split(";"),i=0,s=e.length;i<s;i++){var o=e[i].replace(/^\s*(\w+)\s*=\s*/,"$1=").replace(/(\s+$)/,"");if(0===o.indexOf(t))return o.substring(t.length)}return null}function s(n,t,e){if(n)for(var i=n.split(":"),s=null,o=0,a=i.length;o<a;++o){var l=null,c=i[o].split("$");if(0===o&&(s=parseInt(c.shift()),!s))return;var p=c.length;if(p>=1){var f=r(s,c[0]);if(!f||e[f])continue;l={signInName:f,idp:"msa",isSignedIn:!0}}if(p>=3&&(l.firstName=r(s,c[1]),l.lastName=r(s,c[2])),p>=4){var g=c[3],m=g.split("|");l.otherHashedAliases=m}if(p>=5){var h=parseInt(c[4],16);h&&(l.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:downloaded
                                                  Size (bytes):284
                                                  Entropy (8bit):4.804020988763619
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:F6E063941521CD8808A2F8AA5B6CEBA7
                                                  SHA1:3DF1B9A549C6F90ADF0217465436CDA8B8B175C9
                                                  SHA-256:00F190C275BEAFBABB14D0ADC6127DBB136B8A050517210F865CC1D4D3D95E35
                                                  SHA-512:2760FD17A9C7FC97399F6768957D2178852AFC516E183B438EB876CE1EE824B2F656754D77469A03B83A988640C2C2B6BE8E3DFFA7B12D70C0C7E65AF65577C0
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/images/icons/material/system_gm/svg/link_24px.svg
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M17 7h-4v2h4c1.65 0 3 1.35 3 3s-1.35 3-3 3h-4v2h4c2.76 0 5-2.24 5-5s-2.24-5-5-5zm-6 8H7c-1.65 0-3-1.35-3-3s1.35-3 3-3h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-2z"/><path d="M8 11h8v2H8z"/></svg>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):455
                                                  Entropy (8bit):4.709400572497533
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:B21F00E6B5E1347DDA0A6501DF5A40EC
                                                  SHA1:B52D34662199B297653C3646BAFD46A034D9ABBA
                                                  SHA-256:EEDD8AC77239A6E5EC69DAB3E8D98BA7429384B1CD069D4DF5FFC369A1A3238A
                                                  SHA-512:5C60FF71133986CC6B85CF1EFA96023AF92F0A06B088879994358C77092F916D0D22202F639A402BB61366F91606EA359BB30F66C4DE664B50E17D12CEEF478E
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:{. "error": {. "code": 403,. "message": "Requests from referer \u003cempty\u003e are blocked.",. "status": "PERMISSION_DENIED",. "details": [. {. "@type": "type.googleapis.com/google.rpc.ErrorInfo",. "reason": "API_KEY_HTTP_REFERRER_BLOCKED",. "domain": "googleapis.com",. "metadata": {. "service": "sheets.googleapis.com",. "consumer": "projects/371237729773". }. }. ]. }.}.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:dropped
                                                  Size (bytes):339
                                                  Entropy (8bit):4.689999737907317
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:4DE8C3652F285AA52639648C01E57BE7
                                                  SHA1:449C913AA5290201B20A97695A74B8DBEBA149EB
                                                  SHA-256:92121D0499048670A707DDD136C4340964B1050A346FAF113905E0EE84FB222D
                                                  SHA-512:A895F3EAA9D9E8B5EDF82AB99DE92FA362408F195D23779D8D3161637D4805DCD0908B0054652BAB0B8912072038A61CAC94F44F877BA8384B7154600F66A01B
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M9 12c2.21 0 4-1.79 4-4s-1.79-4-4-4-4 1.79-4 4 1.79 4 4 4zm0-6c1.1 0 2 .9 2 2s-.9 2-2 2-2-.9-2-2 .9-2 2-2zm0 7c-2.67 0-8 1.34-8 4v3h16v-3c0-2.66-5.33-4-8-4zm6 5H3v-.99C3.2 16.29 6.3 15 9 15s5.8 1.29 6 2v1zm3-4v-3h-3V9h3V6h2v3h3v2h-3v3h-2z"/></svg>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, components 3
                                                  Category:dropped
                                                  Size (bytes):987
                                                  Entropy (8bit):6.922003634904799
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:E58AAFC980614A9CD7796BEA7B5EA8F0
                                                  SHA1:D4CAC92DCDE0CAF7C571E6D791101DA94FDBD2CA
                                                  SHA-256:8B34A475187302935336BF43A2BF2A4E0ADB9A1E87953EA51F6FCF0EF52A4A1D
                                                  SHA-512:2DAC06596A11263DF1CFAB03EDA26D0A67B9A4C3BAA6FB6129CDBF0A157C648F5B0F5859B5CA689EFDF80F946BF4D854BA2B2C66877C5CE3897D72148741FCC9
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:......JFIF.....H.H.....fExif..MM.*.................>...........F.(...........1.........N.......H.......H....paint.net 4.2.9....C....................................................................C.........................................................................2..!............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?......[.4..lz.....K.S..p.>.9.r9j..'.\.qrW..mo...X9ZV<./x...EX...m.Prj..A.EtG...K..mr....Lc.T.*8...nlY.V.{6...*R...]..(.y...)^.5V.IVO.W.B.19.R\...f.U.....'..S:..k.6..*).f.n._3*....}.y.8.EusH..y.`.mA...W.}...bL..:..b.<f..(lH#R....v._...........9N~S..
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):588992
                                                  Entropy (8bit):5.177552835425008
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:2782F96C8A10BB79D5CD26E5DD8D24BE
                                                  SHA1:B59F4CAD19FA36C03EB6E9C158D5EA67E3EB0B17
                                                  SHA-256:3ED0A4AA72EF3E455C5EEA1EFB60E24454E8D8EC2D0A546B05B75D3D96A9AC0F
                                                  SHA-512:183AC1DF0DA458F358E6ECB7F176E13E8BD0149158CAC26ABACA10B9DB198CDE12180D3CD522DDA6346A6FB19F607BF6813B9952DB6D0C1E1CB39155C84BAA06
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://content-people-pa.googleapis.com/$discovery/rest?pp=0&fields=fields%5B%22kind%22%5D%2Cfields%5B%22name%22%5D%2Cfields%5B%22version%22%5D%2Cfields%5B%22rootUrl%22%5D%2Cfields%5B%22servicePath%22%5D%2Cfields%5B%22resources%22%5D%2Cfields%5B%22parameters%22%5D%2Cfields%5B%22methods%22%5D%2Cfields%5B%22batchPath%22%5D%2Cfields%5B%22id%22%5D&key=AIzaSyAng4TaCSbwmEwKIdn9M0m9ZHpzjAkbMw8
                                                  Preview:{"version":"v2","id":"people_pa:v2","kind":"discovery#restDescription","parameters":{"access_token":{"type":"string","description":"OAuth access token.","location":"query"},"alt":{"type":"string","description":"Data format for response.","default":"json","enum":["json","media","proto"],"enumDescriptions":["Responses with Content-Type of application/json","Media download with context-dependent Content-Type","Responses with Content-Type of application/x-protobuf"],"location":"query"},"callback":{"type":"string","description":"JSONP","location":"query"},"fields":{"type":"string","description":"Selector specifying which fields to include in a partial response.","location":"query"},"key":{"type":"string","description":"API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.","location":"query"},"oauth_token":{"type":"string","description":"OAuth 2.0 token for the current user.","location":"query"},"p
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (2054)
                                                  Category:downloaded
                                                  Size (bytes):15118
                                                  Entropy (8bit):5.466749905796788
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:BA46414875BF2144AE0B87EA416B343E
                                                  SHA1:D9DF053E9F36C823779F1D998EF9418F43E8F442
                                                  SHA-256:C1EF85631D3600F9983D8C582AA5704FEA9140C2A183B6BA1FB35D5E954EA047
                                                  SHA-512:3CAD633A1A970A3283E7421B67BF5C5D88E446832F5138F5108D178A12ECFA49540B6FC6B0FAC311772AE280E46ECBE1156006517CCD2316308B5AD6B40CB1A5
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://apis.google.com/js/googleapis.proxy.js?onload=startup
                                                  Preview:(function(){var aa="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},ca=ba(this),g=function(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-.1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&aa(c,a,{configurable:!0,writable:!0,value:b})}},h=function(a,b,c){if(null==a)throw new TypeError("The 'this' value for String.prototype."+c+" must not be null or undefined");if(b instanceof RegExp)throw new TypeError("First argument to String.prototype."+c+" must not be a regular expression");return a+""};.g("String.prototype.endsWith",function(a){return a?a:function(b,c){var d=h(this
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):56
                                                  Entropy (8bit):4.860577243331642
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:F220004BD2C441EC576F73CBEA83D539
                                                  SHA1:127484ECE51FCB705C8FA91681CBE71AFBC06876
                                                  SHA-256:F4014D5129917EE668E2AF3A51054CBF8C6B92DC35741328C643E6CE21B102D3
                                                  SHA-512:5526E094B6DC023E7733B8A77A020BD52BB2D1342DAC93DEB473714E34734F2FB93824403518702DE53F02CDCD201A5B81CCA6FDFCE731D7921A1824A8062AE5
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSFwkhpih4V3GqRhIFDdFbUVISBQ1Xevf9EhcJ0CNt94G-1IISBQ3RW1FSEgUNV3r3_Q==?alt=proto
                                                  Preview:ChIKBw3RW1FSGgAKBw1Xevf9GgAKEgoHDdFbUVIaAAoHDVd69/0aAA==
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:downloaded
                                                  Size (bytes):316
                                                  Entropy (8bit):5.002900785531891
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:579E5AE9E692AC8183A2B8315A6C0507
                                                  SHA1:4F109B651D50246A23C3DF2E91D6B5AA2FDCE9EA
                                                  SHA-256:297C8CEE8619573FB8711CA1D6E064C70D8FFE8CE641F71A60D0315A4539391B
                                                  SHA-512:1517C93B6C0A8D8E5936DC9C282CEC494BB5C23C394A0118DB5657ABFBF3A415455EF01BA173A50AA6B75922DE9F1A08597ACA9362B8FA7B75830C617D1B2512
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://ssl.gstatic.com/datastudio%2Fcloud-lego-fe.fe-server_20240327.07_p1%2Fstatic/icon/reset.svg
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="24px" height="24px" viewBox="0 0 24 24" fill="currentColor">. <path d="M0 0h24v24H0z" fill="none"/>. <path d="M12.5 8c-2.65 0-5.05.99-6.9 2.6L2 7v9h9l-3.62-3.62c1.39-1.16 3.16-1.88 5.12-1.88 3.54 0 6.55 2.31 7.6 5.5l2.37-.78C21.08 11.03 17.15 8 12.5 8z"/>.</svg>.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:GIF image data, version 89a, 352 x 3
                                                  Category:dropped
                                                  Size (bytes):2672
                                                  Entropy (8bit):6.640973516071413
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:166DE53471265253AB3A456DEFE6DA23
                                                  SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                  SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                  SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, ASCII text, with very long lines (3255), with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):3255
                                                  Entropy (8bit):5.230335741251938
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:62233C1353E3F3871417D40DBC5C21FD
                                                  SHA1:494C2F06D693246DD0794E574EC84F6E8F055DCA
                                                  SHA-256:AF6BE68CA62A3D6DACEF846B0F8ED53A17CF29FDA5451475F9477046DF6B4D6D
                                                  SHA-512:E2633E1DC63C60A97CE59C8F8BD0CE16578A6ECF3218474C252B5EA7C42F6A20F75C64C72D2E902A69DE692E6EBAE9E2988A21221A5BC9FF84852F185788F682
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://5c7092bf.1342a94e0d1a953a2049ebc5.workers.dev/favicon.ico
                                                  Preview:<!doctype html><html lang=en-US><head> <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script> <title>Just a moment...</title> <meta content="width=device-width,initial-scale=1" name=viewport> <script>var verifyCallback_CF=function (response){var cfForm=document.querySelector("#cfForm"); if (response && response.length > 10){cfForm.submit(); return;}}; window.onloadTurnstileCallback=function (){turnstile.render("#turnstileCaptcha",{sitekey: "0x4AAAAAAAWQL1lev_HR6Kzv", callback: verifyCallback_CF,});};</script></head><style>.h1,.h2{font-weight:500}*{box-sizing:border-box;margin:0;padding:0}html{line-height:1.15;-webkit-text-size-adjust:100%;color:#313131;font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;min-height:100vh}a{transition:color .15s;background-co
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:downloaded
                                                  Size (bytes):217
                                                  Entropy (8bit):4.859841943923714
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:5687C66C1B440611982A7836A6CB7B3A
                                                  SHA1:AA2AE264F9502D713202FB81A2A12097DAFBF9C6
                                                  SHA-256:A8DFD68C9BC8E1CEA1B1C1C13F18AE82229A1845471EACB05C1E3A25F7D8D83D
                                                  SHA-512:F802B83966C8E809F7CBBE571B5F6B928271D7914691C7A7B79CDF36FC727CB69407855CE4C0F7CE3E13A0AB06477A937FC21EB5CD3834CDE00D650A91AB3AC7
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/images/icons/material/system_gm/svg/file_download_24px.svg
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M4 15h2v3h12v-3h2v3c0 1.1-.9 2-2 2H6c-1.1 0-2-.9-2-2m11.59-8.41L13 12.17V4h-2v8.17L8.41 9.59 7 11l5 5 5-5-1.41-1.41z"/></svg>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, ASCII text
                                                  Category:downloaded
                                                  Size (bytes):432
                                                  Entropy (8bit):5.279310126214622
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:0148FDE6920E8486A9E140ED6EF70909
                                                  SHA1:BA5E1BB6D7055B1BB17A60FDD66F45E9F5FA74A8
                                                  SHA-256:94C62E616A93DB1E8BBA8A988876661944FB685AEF04AEA674E3CFB6FD3C059B
                                                  SHA-512:FBA2600C73196DDC19C1F18650346434CA8B761DE55A0139491E86345762CDBBB5C89BF5490ECE31BE18D133A1421F52603F4F7D22FBC145338265CB6529B686
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://content-people-pa.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oh6mNxd5OYM.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo8ivBPi_9I5G7qxoBeYV5pO1OVdmQ%2Fm%3D__features__
                                                  Preview:<!DOCTYPE html>.<html>.<head>.<title></title>.<meta http-equiv="X-UA-Compatible" content="IE=edge" />.<script type="text/javascript" nonce="Zv2Oc0Pt22hKwE0n-HBxlA">. window['startup'] = function() {. googleapis.server.init();. };.</script>.<script type="text/javascript". src="https://apis.google.com/js/googleapis.proxy.js?onload=startup" async. defer nonce="Zv2Oc0Pt22hKwE0n-HBxlA"></script>.</head>.<body>.</body>.</html>.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1136)
                                                  Category:dropped
                                                  Size (bytes):1623
                                                  Entropy (8bit):5.3277524463064365
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:A16DA40C9E1B5EC46C102E7CEF69051A
                                                  SHA1:C4402BFF0387FDEE5D4AE00364DD7E3A986D7206
                                                  SHA-256:02037C89AC0173E3681C52495A25F3BD1800A013340F69A8AD6B2EF873D86E22
                                                  SHA-512:2ADD0F7A3A882023AE16687E7CF23D251C246D3CF1EC8590009CE2238BFCCA192D6F45292E6B063FFA0BDD17BC81F59FD102EBAD0B9B452FE2E39C5452FA9BC6
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 404 (Not Found)!!1</title>. <style>. *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (36329)
                                                  Category:downloaded
                                                  Size (bytes):505686
                                                  Entropy (8bit):5.2802625733438875
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:10717921209A8A80FFA254129D2992F3
                                                  SHA1:53D1BB6D3A83EBEB921AF57F855A7F8F1A90EED4
                                                  SHA-256:8C6F50DFEBC31BA3E2D0001F4F4601DD94109B3DB75B22A96AE65A9BFC49DA12
                                                  SHA-512:EF210A2361228DC0705AE17CFF5FCD55D8A65E702C68B32710ED6CD12922E255A8573B7F850000CE0090315587CB2E39B23E01A0E75BD7CADEF2F754EDDA5A50
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/_/datastudio/_/js/k=datastudio.datastudio.en_US.ULwCES_EI1M.2018.O/am=gA/d=0/rs=AHAPuoOiFZM-71NpQX81kp6cXTwDoDl0Xw/m=pm_firebase
                                                  Preview:"use strict";this.default_datastudio=this.default_datastudio||{};(function(_){var window=this;.try{._.lg_pj("pm_firebase");._.lg_Za('/**\n * @license\n * Copyright 2023 Google LLC.\n * SPDX-License-Identifier: Apache-2.0\n */\n\n!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).firebase=t()}(this,function(){"use strict";const r=function(t){const r=[];let n=0;for(let a=0;a<t.length;a++){let e=t.charCodeAt(a);e<128?r[n++]=e:(e<2048?r[n++]=e>>6|192:(55296==(64512&e)&&a+1<t.length&&56320==(64512&t.charCodeAt(a+1))?(e=65536+((1023&e)<<10)+(1023&t.charCodeAt(++a)),r[n++]=e>>18|240,r[n++]=e>>12&63|128):r[n++]=e>>12|224,r[n++]=e>>6&63|128),r[n++]=63&e|128)}return r},n={byteToCharMap_:null,charToByteMap_:null,byteToCharMapWebSafe_:null,charToByteMapWebSafe_:null,ENCODED_VALS_BASE:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",get ENCODED_VA
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:dropped
                                                  Size (bytes):860
                                                  Entropy (8bit):4.502894700554068
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:6704BBEFA76BDF69B64C16C3A2A1F2E4
                                                  SHA1:CA757E0A54278DDB54B811F4A172B88704AAA1A9
                                                  SHA-256:39616960B30EE8A39369FC9C5D91504E73FAED8D013CCC47F809E4A8A4072412
                                                  SHA-512:E3C990EE5D6E7C3F868E4EB18B1C1B83AF59D5C4754F386A40BA3D19015109AA6079C41EC3D192C61499070E29AA93127C09D140CE503E422EFDA64864DD3E08
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" height="24" viewBox="0 96 960 960" width="24" fill="#5f6368">. <path d="M480 976q-82 0-155-31.5t-127.5-86Q143 804 111.5 731T80 576q0-83 31.5-155.5t86-127Q252 239 325 207.5T480 176v82q-26 36-45 75t-31 83h76v80h-94q-3 20-4.5 39.5T380 576q0 21 1.5 40.5T386 656h188q3-20 4.5-39.5T580 576h80q0 21-1.5 40.5T654 656h136q5-20 7.5-39.5T800 576h80q0 82-31.5 155t-86 127.5q-54.5 54.5-127 86T480 976ZM170 656h136q-3-20-4.5-39.5T300 576q0-21 1.5-40.5T306 496H170q-5 20-7.5 39.5T160 576q0 21 2.5 40.5T170 656Zm206 222q-18-33-31.5-68.5T322 736H204q29 50 72.5 87t99.5 55ZM204 416h118q9-38 22.5-73.5T376 274q-56 18-99.5 55T204 416Zm276 478q26-36 45-75t31-83H404q12 44 31 83t45 75Zm104-16q56-18 99.5-55t72.5-87H638q-9 38-22.5 73.5T584 878Zm116-302q0-92-64-156t-156-64q92 0 156-64t64-156q0 92 64 156t156 64q-92 0-156 64t-64 156Z"/>.</svg>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:JPEG image data, baseline, precision 8, 1920x1080, components 3
                                                  Category:dropped
                                                  Size (bytes):17453
                                                  Entropy (8bit):3.890509953257612
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:7916A894EBDE7D29C2CC29B267F1299F
                                                  SHA1:78345CA08F9E2C3C2CC9B318950791B349211296
                                                  SHA-256:D8F5AB3E00202FD3B45BE1ACD95D677B137064001E171BC79B06826D98F1E1D3
                                                  SHA-512:2180ABE47FBF76E2E0608AB3A4659C1B7AB027004298D81960DC575CC2E912ECCA8C131C6413EBBF46D2AAA90E392EB00E37AED7A79CDC0AC71BA78D828A84C7
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:.....Phttp://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about=""/> </rdf:RDF> </x:xmpmeta>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
                                                  Category:downloaded
                                                  Size (bytes):660449
                                                  Entropy (8bit):5.4121922690110535
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:D9E3D2CE0228D2A5079478AAE5759698
                                                  SHA1:412F45951C6AEDA5F3DF2C52533171FC7BDD5961
                                                  SHA-256:7041D585609800051E4F451792AEC2B8BD06A4F2D29ED6F5AD8841AAE5107502
                                                  SHA-512:06700C65BEF4002EBFBFF9D856C12E8D71F408BACA2D2103DDE1C28319B6BD3859FA9D289D8AEB6DD484E802040F6EE537F31F97B4B60A6B120A6882C992207A
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://r4.res.office365.com/owa/prem/15.20.7409.46/scripts/boot.worldwide.3.mouse.js
                                                  Preview:.window.scriptsLoaded = window.scriptsLoaded || {}; window.scriptProcessStart = window.scriptProcessStart || {}; window.scriptProcessStart['boot.worldwide.3.mouse.js'] = (new Date()).getTime();..;_n.a.jR=function(n){return n.dS()};_n.a.jZ=function(n){return n.eh()};_n.a.jP=function(n){return n.cC()};_n.a.jQ=function(n){return n.ca()};_n.a.hZ=function(n){return n.dO};_n.a.jU=function(n){return n.ed()};_n.a.jT=function(n){return n.ea()};_n.a.kb=function(n){return n.ej()};_n.a.hM=function(n){return 300};_n.a.fh=function(n){return n.V};_n.a.jV=function(n){return n.bI()};_n.a.ie=function(n){return n.mh()};_n.a.km=function(n){return n.bl()};_n.a.ka=function(n){return n.ei()};_n.a.ko=function(n){return n.cV()};_n.a.eX=function(n){return _y.E.isInstanceOfType(n)?n.y:null};_n.a.jN=function(n){return n.c()};_n.a.gm=function(n){return n.b()};_n.a.jM=function(n){return n.b()};_n.a.ib=function(n){return n.jM()};_n.a.iq=function(n){return n.bG};_n.a.iX=function(n){return _n.V.isInstanceOfType(n)?n
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1136)
                                                  Category:dropped
                                                  Size (bytes):1638
                                                  Entropy (8bit):5.335980304615512
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:7AB8057A728638F282C51E9065465A80
                                                  SHA1:D479A4D4C280EA2845940C2CBC5AD82D25E02757
                                                  SHA-256:1ADF3775EDA464A3E32C7AD91B5BEDC212C004C56B847D44BECA907E407B3634
                                                  SHA-512:59896B64075CE9B61390A21F573B168BE3D92155C3905A3E054B310381F8B8A5EF6E8A4C78F175561B9CDADEA15930D21F6A5C9E42484F144EAF71EABB3BCB35
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 404 (Not Found)!!1</title>. <style>. *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:dropped
                                                  Size (bytes):191
                                                  Entropy (8bit):4.894795601063779
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:7B63AB37B219E049A305CDA95997F549
                                                  SHA1:7806C84A1FCD5DDBC68A716EC8E4931AA376D066
                                                  SHA-256:AA0BA36755A6EC0B985740A02F9D085AEDBDD1ADAE3023137FD0BB2EAC695626
                                                  SHA-512:0F8459FDAB83B6E97CC59126E62C58B989F47645CF245D5DD2ADA15AB675A8621944DB1F8403245D3A2E0B25C7167347EAAEF0870ECF7468196DDF9D882B6768
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M16 6l-1.41 1.41L19.17 12l-4.58 4.59L16 18l6-6zM8 18l1.41-1.41L4.83 12l4.58-4.59L8 6l-6 6z"/></svg>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:downloaded
                                                  Size (bytes):736
                                                  Entropy (8bit):5.1651771883922795
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:4796D40FB5B4A306A024C6BDA7511FD6
                                                  SHA1:A2E09EF16D96A1D7B68C38A5330A26174F23B7C4
                                                  SHA-256:A731909EF87A24CBED00B0856627A4A3FBE368424FDFCE5235D3D404773FC48A
                                                  SHA-512:0ACBF94541A22E567BF21043264B2B9E74A8AE08D725360D91230B002437E545D917AD12C1C853AC5F9C2930B3CFF0C49CA5372C277D6C1A31CE70CF87FFB84F
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/analytics-suite/header/suite/v2/ic_account_circle_dark.svg
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>.<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px".. viewBox="-1475 1477 48 48" style="enable-background:new -1475 1477 48 48;" xml:space="preserve">.<style type="text/css">...st0{fill:rgba(0,0,0,0.54);}...st1{fill:none;}.</style>.<path class="st0" d="M-1451,1477c-13.3,0-24,10.7-24,24s10.7,24,24,24s24-10.7,24-24S-1437.7,1477-1451,1477z M-1451,1484.2c4,0,7.2,3.2,7.2,7.2..c0,4-3.2,7.2-7.2,7.2s-7.2-3.2-7.2-7.2C-1458.2,1487.4-1455,1484.2-1451,1484.2z M-1451,1518.3c-6,0-11.3-3.1-14.4-7.7..c0.1-4.8,9.6-7.4,14.4-7.4s14.3,2.6,14.4,7.4C-1439.7,1515.2-1445,1518.3-1451,1518.3z"/>.<path class="st1" d="M-1475,1477h48v48h-48V1477z"/>.</svg>.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text
                                                  Category:downloaded
                                                  Size (bytes):689017
                                                  Entropy (8bit):4.210697599646938
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:3E89AE909C6A8D8C56396830471F3373
                                                  SHA1:2632F95A5BE7E4C589402BF76E800A8151CD036B
                                                  SHA-256:6665CA6A09F770C6679556EB86CF4234C8BDB0271049620E03199B34B4A16099
                                                  SHA-512:E7DBE4E95D58F48A0C8E3ED1F489DCF8FBF39C3DB27889813B43EE95454DECA2816AC1E195E61A844CC9351E04F97AFA271B37CAB3FC522809CE2BE85CC1B8F0
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_xtPRDEy3EhlAdpju-Ah7qw2.js
                                                  Preview:.!(function (e) {. function n(n) {. for (var t, i, o = n[0], r = n[1], s = 0, c = []; s < o.length; s++). (i = o[s]),. Object.prototype.hasOwnProperty.call(a, i) && a[i] && c.push(a[i][0]),. (a[i] = 0);. for (t in r) Object.prototype.hasOwnProperty.call(r, t) && (e[t] = r[t]);. for (d && d(n); c.length; ) c.shift()();. }. var t,. i = {},. a = { 22: 0 };. function o(n) {. if (i[n]) return i[n].exports;. var t = (i[n] = { i: n, l: !1, exports: {} });. return e[n].call(t.exports, t, t.exports, o), (t.l = !0), t.exports;. }. Function.prototype.bind ||. ((t = Array.prototype.slice),. (Function.prototype.bind = function (e) {. if ("function" != typeof this). throw new TypeError(. "Function.prototype.bind - what is trying to be bound is not callable". );. var n = t.call(arguments, 1),. i = n.length,. a = this,. o = function () {},. r = function () {. return (.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
                                                  Category:downloaded
                                                  Size (bytes):662286
                                                  Entropy (8bit):5.315860951951661
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:12204899D75FC019689A92ED57559B94
                                                  SHA1:CCF6271C6565495B18C1CED2F7273D5875DBFB1F
                                                  SHA-256:39DAFD5ACA286717D9515F24CF9BE0C594DFD1DDF746E6973B1CE5DE8B2DD21B
                                                  SHA-512:AA397E6ABD4C54538E42CCEDA8E3AA64ACE76E50B231499C20E88CF09270AECD704565BC9BD3B27D90429965A0233F99F27697F66829734FF02511BD096CF030
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://r4.res.office365.com/owa/prem/15.20.7409.46/scripts/boot.worldwide.2.mouse.js
                                                  Preview:.window.scriptsLoaded = window.scriptsLoaded || {}; window.scriptProcessStart = window.scriptProcessStart || {}; window.scriptProcessStart['boot.worldwide.2.mouse.js'] = (new Date()).getTime();.._y.lC=function(){};_y.lC.registerInterface("_y.lC");_y.jw=function(){};_y.jw.registerInterface("_y.jw");_y.lA=function(){};_y.lA.registerInterface("_y.lA");var IDelayedSendEvent=function(){};IDelayedSendEvent.registerInterface("IDelayedSendEvent");var IIsShowingComposeInReadingPaneEvent=function(){};IIsShowingComposeInReadingPaneEvent.registerInterface("IIsShowingComposeInReadingPaneEvent");var ISendFailedO365Event=function(){};ISendFailedO365Event.registerInterface("ISendFailedO365Event");var ISendFailureRemoveO365Event=function(){};ISendFailureRemoveO365Event.registerInterface("ISendFailureRemoveO365Event");_y.gw=function(){};_y.gw.registerInterface("_y.gw");_y.iB=function(){};_y.iB.registerInterface("_y.iB");_y.ih=function(){};_y.ih.registerInterface("_y.ih");_y.jy=function(){};_y.jy.regis
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                                  Category:downloaded
                                                  Size (bytes):621
                                                  Entropy (8bit):7.673946009263606
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:4761405717E938D7E7400BB15715DB1E
                                                  SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                                  SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                                  SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/aadcdn.msauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
                                                  Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:dropped
                                                  Size (bytes):208
                                                  Entropy (8bit):4.842603365022462
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:24F52E64BD023C875DA4494489744F94
                                                  SHA1:30A099CF87FE18074B557208BE35D7448614A004
                                                  SHA-256:A910A1F071E7D288803F9516FD5A312EB9FE1037BC9C4A8575CEDA66F26E5136
                                                  SHA-512:EEE11B4D31C5C7A7DCCFC91FF49F905910EFAF05D092DB74E4E4D9648B500621B0CE7959B6C1D5D6A4A6EEDBD94593C25FFBDA1CF531CCF05E7CD0DA43F72D4B
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M10 8v8l5-4-5-4zm9-5H5c-1.1 0-2 .9-2 2v14c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V5c0-1.1-.9-2-2-2zm0 16H5V5h14v14z"/></svg>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (573)
                                                  Category:downloaded
                                                  Size (bytes):5618732
                                                  Entropy (8bit):5.506391290330091
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:F6D47F742C6166A61DD0087EA914579B
                                                  SHA1:11F20065BBCEBB3A68D9E9A17CF1FA814245B01F
                                                  SHA-256:EF8B5A1982D50B703C78EBCDBE24D1AEB3478457B4C1A59B03B0B1E2BF7C7307
                                                  SHA-512:162079FDB5DC185691DF3D42D00AF009A7325500D3BAC31B73B47097DFCF1337936966FBDCCE92106648B474252CB3A4BC5D617C417AAA5CDEA76D6747854C58
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/_/datastudio/_/js/k=datastudio.datastudio.en_US.ULwCES_EI1M.2018.O/am=gA/d=1/rs=AHAPuoOiFZM-71NpQX81kp6cXTwDoDl0Xw/m=pm_base
                                                  Preview:"use strict";this.default_datastudio=this.default_datastudio||{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x80, ]);./*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. SPDX-License-Identifier: Apache-2.0.*/./*... Copyright (c) 2015-2018 Google, Inc., Netflix, Inc., Microsoft Corp. and contributors. Licensed under the Apache License, Version 2.0 (the "License");. you may not use this file except in compliance with the License.. You may obtain a copy of the License at. http://www.apache.org/licenses/LICENSE-2.0. Unless required by applicable law or agreed to in writing, software. distributed under the License is distributed on an "AS IS" BASIS,. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.. See the License for the specific language governing permissions and. limita
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1378
                                                  Category:dropped
                                                  Size (bytes):628
                                                  Entropy (8bit):7.6610853322771
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:6F68E9881DF18F8E251AB57D5786239B
                                                  SHA1:C0F7A01A288752833390FC330995F25488BCE8EC
                                                  SHA-256:B33E30351B2F4EF67D53D2C6DBE189A4D572425037E4F1264A0190DC4A820845
                                                  SHA-512:B33DFF67480DF940FA0565B231E02F26840DCB5135A4A2FF3C310AA062D3D4B456FA9C8C6E2BC59EC76B515EA1B36D574A5701771BCEE7CEE97B99EF60A803C6
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:..........m.Mo.0.....]%F..6...rX.;..&i..].&HZ...#%...B..4.W$.....>....v8...f....g.O/.3k....ms.o....m...a8.......u..4>.]....r~8...%.....x.m.y].....u.>..7....l.]....i..fC.[O..z.)..r..........g!(.+....4.P9.0@.......R.......^q.I[..7.....Q;...6.N....a.d.%....:...6FE.}.......}s.`LV..Q.U. 8..}..y.&..I..a.\.8%..kgoo.Q6...>.5.8..!.....".t9].v.B) `.G6.V.E\..AJQU.7...J.oS.*........*.*@......l.....{.r..KP@......9YD..U......&..:..d......+/...(..:.S_...S......n..z.a...,.,&VB......eJR)...R.H3])>....9O.........KDi.O..#...-?D.1*..N.p....h.#.Z.[/..!.h..$..S..Phdqd....}.....E>g..q5..J.T......u.....i.b...
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (22198)
                                                  Category:dropped
                                                  Size (bytes):22203
                                                  Entropy (8bit):5.998265369859213
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:7DD3EE4509E437CED896B2DFD0A09D33
                                                  SHA1:7AED168350EA84385EB5717725FB86935FE82853
                                                  SHA-256:D101FAC6912ACB554FBCC77C94A7A43D76C5BE81859E729B2AC95BD7E6AFD3D4
                                                  SHA-512:203070ACEF820FA08DF284349D63FC04D9935F7F953A3690A60B6B2A958CBC68DF62A5BFDBEA203FD7E10842CAD7E137DA8672D1A9BF7A50820C8BC553AF6564
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:)]}'.{"payload":"UklGRvZAAABXRUJQVlA4WAoAAAAQAAAA_wIA_wIAQUxQSK4SAAABFEZu20aSm_7_0zOTxbNdI2IC9IgAy5ekCUUDymM0DnG5DnE-QlKSuPQoPgePwZCKIxpc0anhBo2XZOinnD6B_Mguz8iakPXgVnwxirLjeXaJ_QdXf1s_dpPRa6eR3SDt6YocU1ueEXp1S9r_OJKm6ArxnWDUN5jsuUBVPFygC7PPJxuzz8KtcxKzzsJcIMYvv8Ju6wk8y8Z7iMB7qMAJbyX9Ax8RE0DJ_j_FcfM7Q9UJovIJBg_gqXnqC0jPT7tgd2CbMTOp2rxiDmtauzAzqycMUphZTy2Hk__CbA_9fwFFxARQjrY9buQwBTADKAT2JIDSRNBLAip2JzCiOwHYlu_s8XZ1sZe72d6u8NY9Z07ZAQjelxN6NqTwf2_1ISJCjm1by9vM4bMmoPfNwDSCYE8jsD9haYY2smAlrdktYxWmipmZOsn2v8z8jyD33uU0ERGyatt23WZT8B0BcC4FNwBPEDJCwOOaQPLCQCUAEoWBCoB0Ai7_HcCrACQ3CtnrLyImAAP_D_w_8P_A___pGfjPRzzwbjwuKV0eSpG_6n6_pHmKcROCZ5l345IuRf7O92keh9DRy-OSHpr8Yy9pHIIDNsRjKqLokuKh53Q4piIqP6QYHJ0hbrmJ7svUeypD3LIYmadDjyMfcxNblzFwGOJWxOSHufcAhjE1sTwNHr0w5ib2L4OnLqYmXky95y1uTXyZetTCmsWheeooi-cmXs295yusnxLXPkyerWFr4t_UcxWzODn3HqlDFkfnydMUjlW8PXmSwtrE45OnKKxNvD55hI5NPD95fA5VvD95dGIWBKPHhrOAmHtmwkmAzEfAHJtgOXlYYhY8IynhJJDmHpOpCaqTR4SzAJt7QI5NsE0eDs6Cb0Tj2ATh7LHgLCCXAYpDE5wnD0Q4CdT5EIehCtoRhmMTvLMHISS
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 22376, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):22376
                                                  Entropy (8bit):7.989001042817935
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:E6AF16165F9BFDA6AAFD0088B8C01DAA
                                                  SHA1:C9C0EE8309619643E65BA1B22BFFFCD1A7CA1E51
                                                  SHA-256:E803CD8C5031AC6B0D099A2D96BA1C3EE44782649A7F7C6F0D09B6410D93E216
                                                  SHA-512:CE15CA89C3511F0B912185BAFF9BD1DD7FA746A261D43ED919A43030560A93AA47AA4027A775626553206AF052D148FC1C373F791EFD1E634E087AB62882F473
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
                                                  Preview:wOF2......Wh..........W.............................@...`.................G..(..6.$..L. ..T..g..b...5...v.......(.2;.{.........r.....bU.HKd....=.D'.[...\.!.M..r........!..E..t..T..I..Q.UD...n]......_.z...0#P....RH......dZ.....{t^..Z+X-....!F*....;..L..?..=I..b.p............dB..H..9.S..l....o..d[...7C...'.6.8..lk...3...3..r[.+sLPq"*"...\ k..LAED.s5.lY_9....f..[..o.o..{.h-.z.gw.B..mXE..J<.9 .`#..\_Nu..._};Ku......"...L:.t.~Mp.o....6.V..^....o3..{..1`...C..l..L-..My..'5.'.....3...s..m+.L.....!..dB(p...._:?.[.@> .V.....,.....g....v.a..*e.<...E.I.bI.u.....Og.4.l4R.....=..v69.;j.m...._..S8pJ...I ...)j.\..;D.[L'.L...*....#vPb......7Uk._.2('.t$/R.q...../T)L.............Ba..g`.@P.....@J..x!'..u......M9R..L.R..W.MJ]..............q.... '#....M.T.Pu....`..{T...H.~kP.0*R}.....2.k.....=5.n;....@@.h......E..S.XUQQ1bDuYKGH....A..H}...f.\.Un.)*....P..... ...c...|.7.E..S..X2.L...e..!.@V....I..g......7...v..&...Om\.1h..*6...m.....[{y.pMLL.F.`..u]~//.G...Y
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):15860
                                                  Entropy (8bit):7.988022700476719
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:E9F5AAF547F165386CD313B995DDDD8E
                                                  SHA1:ACDEF5603C2387B0E5BFFD744B679A24A8BC1968
                                                  SHA-256:F5AEBDFEA35D1E7656EF4ACC5DB1F243209755AE3300943EF8FC6280F363C860
                                                  SHA-512:2A71EDB5490F286642A874D52A1969F54282BC43CB24E8D5A297E13B320321FB7B7AF5524EAC609CF5F95EE08D5E4EC5803E2A3C8D13C09F6CC38713C665D0CE
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
                                                  Preview:wOF2......=...........=..........................d.....^.`.. .H..<........8........6.$.... ..~. ..)..~E......6..J..`.. :.....8.;..5......!.l.j.%SX.SDm...RXh...&.X......5..._...............@...8...Gi..g.;9..'.Q......1..5.U.....w.+.hn..........c.....5.#{..%.#.JP*..i.J..U(.6.D5V.<"Ex6"...k..[..{.?.d2....{.........*W.......S...hT,.l..'.9.;[@..._.L..|+...)......S...9F......T..t...-=X.:FtZ..uZ.[.?..f<.....@.....'...I...e..........8.?..-R.3,%X...I2|.Wk{i...V2C....H$.H.LH.{.........(...6U..%W[t.R....j.........iS..%..L....rf.=..7..9i.I...1.Mj..C..u.B.........vJ.....+.u$.=..3..T..R.._.gs...6).$.-.PUH..Hl....WDd.......fK.(B.F1>..5.._[..]}VA#X...c.....%.(s50...m...^...1...'.$U*H.t...H...s.AZu...'...8.p...@.@.....q..Y.#.....#.....G.....G@..o8. A........:.........S.:..N.S.j.....tav.}.9h..s.....he.......{,~k...,eK.z}.......5%G...l.uCK.....V..............m.....U}.Sz..Z.c.{.....:..g......>h..'|Z........a....^.b...o.>...g........f../w'....Ja.o(
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (28450)
                                                  Category:dropped
                                                  Size (bytes):28455
                                                  Entropy (8bit):5.9399425062565845
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:DBDE134003EF26112E6C5DAF6266B73E
                                                  SHA1:9BBE601DBC1AFE91434C18BAD9E5D6B3EFC92F4C
                                                  SHA-256:2C09846AE51FEEE7181A08E40BD2A27D4A4DFACAF72622E215E62194BF9DF32A
                                                  SHA-512:23031233A540CF6311E312C4351D1D380096A8D91AEF2CC1A69D5326C703E6FB2650C1C7F6A31FC472DAC54487DE0BA734232C1EC00C4E016A11DB28B82BBA7C
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:)]}'.{"payload":"iVBORw0KGgoAAAANSUhEUgAAB08AAAE0CAYAAABEnXuzAAAACXBIWXMAAC4jAAAuIwF4pT92AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAUtxJREFUeNrs3UtyG0naIFqvshw31Ssg6m6ArBUQOekekjVvMyJXIKZxAYIWQEvmChQy63lRw76TBFdQ5Aa6wBWUeDfw33DQkYIoPkASCHePOMcsDFlZKSHgjwh3__wRAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAN3956v_8_47-n_P2Y18y8VL_7eL_jl_z5z78v2HSfkykIK_QfPwfoZEMAAAAAADAa_30zP8fA6cHkokOjZQ5XmkmCQAAAAAAgLf4qyQAAAAAAAAAEDwFAAAAAAAAWBA8BQAAAAAAAAiCpwAAAAAAAAALgqcAAAAAAAAAQfAUAAAAAAAAYEHwFAAAAAAAACAIngIAAAAAAAAsCJ4CAAAAAAAABMFTAAAAAAAAgAXBUwAAAAAAAIAgeAoAAAAAAACwIHgKAAAAAAAAEARPAQAAAAAAABYETwEAAAAAAACC4CkAAAAAAADAguApAAAAAAAAQBA8BQAAAAAAAFgQPAUAAAAAAAAIgqcAAAAAAAAAC4KnAAAAAAAAAEHwFAAAAAAAAGBB8BQAAAAAAAAgCJ4CAAAAAAAALAieAgAAAAAAAATBUwAAAAAAAIAFwVMAAAAAAACAIHgKAAAAAAAAsCB4CgAAAAAAABAETwEAAAAAAAAWBE8BAAAAAAAAguApAAAAAAAAwILgKQAAAAAAAEAQPAUAAAAAAABYEDwFAAAAAAAACIKnAAAAAAAAAAuCpwAAAAAAAABB8BQAAAAAAABgQfAUAAAAAAAAIAieAgAAAAAAACwIngIAAAAAAAAEwVMAAAAAAACABcFTAAAAAAAAgCB4CgAAAAAAALAgeAoAAAAAAADQ-kk
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 379
                                                  Category:downloaded
                                                  Size (bytes):254
                                                  Entropy (8bit):7.066074991728423
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:847A4212B99B9076EE39328B24CD30AF
                                                  SHA1:73F15078CF1D396485F644A79B6E25EF0637685D
                                                  SHA-256:29DC0C26C372805325EB7EB926769E832A60B47BEF96A66436EC3EC05CD6128E
                                                  SHA-512:9AF77E9ED8BD9A39A47F36AAC2D01B5AF5D56C04CD933427DF95CC80904D7EE7AC3F7F9443D8AEF236CC84FB4DC4CC335AF0BF8F9BC0C13D720187096D149220
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/aadcdn.msauth.net/~/shared/1.0/content/images/picker_account_msa_2d8f86059be176833897099ee6ddedeb.svg
                                                  Preview:..........mP.n. ...D.xY0.\..{. 7...y.F!.....T..Y.Y..n...q^.[O}..w.SJ.j..3.....%)....x.f.K}..}\.=E.D....!.n.......Ma..G.=+.%.w..WX...9.A...........X...V...bOB&2.H....15{.fT...V-.#..m..f...V2<...~....l%4.....Ie.TL69.....vW.....v.3.v.O..}..{...
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, ASCII text
                                                  Category:downloaded
                                                  Size (bytes):432
                                                  Entropy (8bit):5.223137755305604
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:1F4244D3454B4DF6489DBCB6A3828049
                                                  SHA1:8005C01F1DA4E7783650B3504F1386B6CA2B8F65
                                                  SHA-256:4767AD1079BC974917A58E13AE648D71E3721BCC1CF164E22BE5ADE88FA611BC
                                                  SHA-512:034732952F21DF672FFF13CBAD8325191F106F625D40A5BA825E9D38FB3103ADB6DEC16E51B289A5DB352586B5C371D5F668EC59F8FE754CE6FA4CC9C1132B76
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://content-sheets.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oh6mNxd5OYM.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo8ivBPi_9I5G7qxoBeYV5pO1OVdmQ%2Fm%3D__features__
                                                  Preview:<!DOCTYPE html>.<html>.<head>.<title></title>.<meta http-equiv="X-UA-Compatible" content="IE=edge" />.<script type="text/javascript" nonce="uMQnfibm2iphn1raxPPzuA">. window['startup'] = function() {. googleapis.server.init();. };.</script>.<script type="text/javascript". src="https://apis.google.com/js/googleapis.proxy.js?onload=startup" async. defer nonce="uMQnfibm2iphn1raxPPzuA"></script>.</head>.<body>.</body>.</html>.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:downloaded
                                                  Size (bytes):1814
                                                  Entropy (8bit):4.191702540548222
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:8030C81BBB9B80E55E54B1FC4CE1EBA8
                                                  SHA1:BAD358C2A4734DB79A99A5C7F9665F2276366D4A
                                                  SHA-256:355995015D94F26EFF134F7C53A942F1B6D2837A805BEA8B8691F3B6620B6ECF
                                                  SHA-512:EFDCE2D895FFDB9F26BAB8BF0F1CB1009EF94213D626358AAAED221F3F53767F37CB2F37C2F0095D257431B7D05FF1453F54556D180838111326469F56F08119
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/analytics-lego/svg/ic_looker_studio.svg
                                                  Preview:<svg width="40" height="40" viewBox="0 0 40 40" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M19.9088 3.95834C18.3013 3.95834 17.0969 5.1627 17.0969 6.77021C17.0969 7.30604 17.2313 7.84188 17.6328 8.37771L18.8371 7.17336V6.77191C18.8371 6.10169 19.3729 5.56755 20.0415 5.56755C20.71 5.56755 21.2458 6.10339 21.2458 6.77191C21.2458 7.44042 20.71 7.97626 20.0415 7.97626H19.64L18.4357 9.04793C19.7744 9.85083 21.5163 9.58377 22.3192 8.24503C23.1221 6.90629 22.855 5.1644 21.5163 4.3615C21.1148 4.09443 20.579 3.96004 19.9088 3.96004V3.95834Z" fill="#AECBFA"/>.<path d="M18.837 12.1269C18.837 11.1896 18.5699 10.2523 18.0341 9.4494L16.4266 11.0569C16.561 11.4584 16.6937 11.7271 16.6937 12.1286C16.6937 12.7988 16.4266 13.3329 16.0234 13.7361L16.8263 15.8794C18.1651 15.0765 18.8353 13.6034 18.8353 12.1303L18.837 12.1269Z" fill="#5E97F6"/>.<path d="M14.5521 14.4029C13.3477 14.4029 12.276 13.4656 12.276 12.2595C12.276 11.0535 13.2133 9.98351 14.4194 9.98351C14.8208 9.98351 15.3567 10.1179
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):15920
                                                  Entropy (8bit):7.987786667472439
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:3A44E06EB954B96AA043227F3534189D
                                                  SHA1:23CEF6993DDB2B2979E8E7647FC3763694E2BA7D
                                                  SHA-256:B019538234514166EC7665359D097403358F8A4C991901983922FB4D56989F1E
                                                  SHA-512:FAB970B250DD88064730BD2603C530F3503ABB0AF4E4095786877F9660A159BF4AD98C5ABEA2E95EB39AE8C13417736B5772FCB9F87941FF5E0F383CB172997F
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
                                                  Preview:wOF2......>0.......T..=..........................d.....^.`.. .\..<.................6.$.... .... ..S.!.%c.......|y...6..;.s#.....x_<..o..........l...J.`p.m..6...h....U.pD...R.J.$...W..`7w...[..qD....<P......J.x.+J-^....va...:.KW..Ph...."....{.W4C....p..1..........CH.....P.............Q%.=.F.....1.%J....d..X..J.<AU..b.N...<l...d...f..^Y..]..&...VQ.<.....F..{.....&{.+J;.... .2P.:.*5..?.o.|....V[t..M..#..d.fv...........4..`.).h..h......@u........4......~.....r.B...p1.P.T..<....r....Y..8...GQ1.t.....%..-Wh..:W.....1l-...@..hL}...lN.._.j...D`..sn.=(...W..?.Z..p.52..H...X...)..CJ...V..*7.....<|..i...{...R.M+[..|..x-..M3...~!\.l6}.T.o.R'$.)..-.W.T....A...5?.{.2.bR.../....*l..;...{..I>.n..MJ.2........U&. ..(L]].%P.$..p59.LD.f.........V.....z.5~.2\......#.4....9_....%wp.OU.0.....CK..../.x. ..A2e...@...(.i..f./.....`1.......!......@....0 vbt.e v./!...N=>:..A...(...f....?.....iH.F..!k.6.O6S..54.^c..2.G.?6....)b......lv.,h....Y.}.?..uk....L.4d.g..6.\.1u..
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):128352
                                                  Entropy (8bit):7.998349465466699
                                                  Encrypted:true
                                                  SSDEEP:
                                                  MD5:53436ACA8627A49F4DEAAA44DC9E3C05
                                                  SHA1:0BC0C675480D94EC7E8609DDA6227F88C5D08D2C
                                                  SHA-256:8265F64786397D6B832D1CA0AAFDF149AD84E72759FFFA9F7272E91A0FB015D1
                                                  SHA-512:6655E0426EB0C78A7CB4D4216A3AF7A6EDD50ABA8C92316608B1F79B8FC15F895CBA9314BEB7A35400228786E2A78A33E8C03322DA04E0DA94C2F109241547E8
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
                                                  Preview:wOF2.......`......~....................................D.`..........,..t..X..6.$..p. ..z. [.\.M.B.....-..VT .&"..Qc.=.U..XwD...7Q.v.a.*.; (...I........+.I..%...._.v.:..N.Y....;J.V...+..S..9Z...X.J........_0)c`[vb?.".P.E..Q......."p.v..........3.Zm`k":8..Kk........UR%U2...<....'a.L.4.&....P.X...,z5.j<++....ff..X1I.......%.Z<.UT.G.)L........;.A....O~ev...-z....^.|.....pE..@.t.7...4..>...}.U[y...O8....|m.L04....t...g...../...&.E...."...q.1.(..g.&?;...Vx..|.-p=......;...a..Q|*L8..}..$.*I*.2.tI8...O..Q...k+;..N.hf.M...t..(..\...O.......:n.... v..}H...|B<..'..r...1..B, .....6.&...6.x.i.=...r......Os.._...g.{W$VD..A1........B[.<un...t......k..n0........ ..O&.....%.@..c..Tv...pT.Np...U...%j+ZP....@.....b..........~...f..D..... ...O$....|......$W842...S.....2.pIL.....Z.[.xo.r.{.d)I.P.-)0..K.`.~,.8..[...m..3d....A..v.s.d..KW..j.4.Ic.m..,.P........../W.j...>B..BJ.........[?.....$."...-...K.P.R..K.....Dz(..7_...=.....b.C...2..4F.+....P...f.#.q.G.G8.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (40613)
                                                  Category:downloaded
                                                  Size (bytes):40614
                                                  Entropy (8bit):5.377450345917815
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:D1048A66FC11EA28C3CB1488FAC82C62
                                                  SHA1:F055707CF91F637EC19BF5E65BF378857E798469
                                                  SHA-256:8F1AD19042C2F9EE60C2DE21F37F788AF7B1ECCCDA8EEC1D877F9B9C0E994370
                                                  SHA-512:B7860E6DDE1626B7BABD4E2B2D61DF0F027F2193B8432B9D13D8EABAF0E0C58CA1BB51CF8DFF1D55ADE43BFF688497D03E0C9923BF3427D9828266C5A236A3E1
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback
                                                  Preview:"use strict";(function(){function gt(e,r,t,i,u,s,m){try{var y=e[s](m),b=y.value}catch(d){t(d);return}y.done?r(b):Promise.resolve(b).then(i,u)}function yt(e){return function(){var r=this,t=arguments;return new Promise(function(i,u){var s=e.apply(r,t);function m(b){gt(s,i,u,m,y,"next",b)}function y(b){gt(s,i,u,m,y,"throw",b)}m(void 0)})}}function C(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):C(e,r)}function Ee(e,r,t){return r in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e}function ze(e){for(var r=1;r<arguments.length;r++){var t=arguments[r]!=null?arguments[r]:{},i=Object.keys(t);typeof Object.getOwnPropertySymbols=="function"&&(i=i.concat(Object.getOwnPropertySymbols(t).filter(function(u){return Object.getOwnPropertyDescriptor(t,u).enumerable}))),i.forEach(function(u){Ee(e,u,t[u])})}return e}function ir(e,r){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertyS
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (1572)
                                                  Category:downloaded
                                                  Size (bytes):198880
                                                  Entropy (8bit):5.5495559534892775
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:F12280E3EA301BDB75D2024894F70E7F
                                                  SHA1:ECB79A4085B8CC9961A807DAD6B86BD85D35EF2F
                                                  SHA-256:494A930BD03874315B1C36FC636C1B603E4FDE764660BC418452EDA969AD0298
                                                  SHA-512:35FB2DD813F555E626A632783BCC52FAB4E009ADCE215ACEB4875AC5ECB79A36F722E9A485D19E7536E000E239F9752803E89ADC7D5E4EFB62A581E13CE85DF8
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:"https://fonts.googleapis.com/css?family=Droid+Sans:400italic,700italic,400,700,500|Syncopate:400italic,700italic,400,700,500|Impact:400italic,700italic,400,700|Ubuntu:400italic,700italic,400,700|Ubuntu+Mono:400italic,700italic,400,700|Open+Sans:400italic,700italic,300,400,600,700|Lato:400italic,700italic,400,700|Oswald:400italic,700italic,400,700|Lora:400italic,700italic,400,700,500|Roboto:400italic,700italic,500italic,400,700,300,500|Roboto+Condensed:400italic,700italic,400,700,500|Roboto2:400,300|Montserrat:400italic,700italic,400,700,500|Quicksand:400italic,700italic,400,700,500|Chewy:400italic,700italic,400,700,500|Indie+Flower:400italic,700italic,400,700,500|Orbitron:400italic,700italic,400,700,500|Cambria:400italic,700italic,400,700,500|Consolas:400italic,700italic,400,700,500|Calibri:400italic,700italic,400,700|Corsiva:400italic,700italic,400,700,500|Tahoma:400italic,700italic,400,700,500|Trebuchet+MS:400italic,700italic,400,700,500|Boogaloo|Bubblegum+Sans|Coming+Soon|Cormorant+Unicase:400,700|Oleo+Script:400,700|Permanent+Marker|Raleway:400,400i,700,700i|Reenie+Beanie|Eater|Great+Vibes|Google+Sans:400italic,700italic,400,700,500|Product+Sans:400|Google+Material+Icons:400,500,700"
                                                  Preview:/*. * See: https://fonts.google.com/license/googlerestricted. */./* latin */.@font-face {. font-family: 'Boogaloo';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/boogaloo/v23/kmK-Zq45GAvOdnaW6y1C9ys.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}./* latin-ext */.@font-face {. font-family: 'Bubblegum Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/bubblegumsans/v20/AYCSpXb_Z9EORv1M5QTjEzMEteaOxIL_bw.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./* latin */.@font-face {. font-family: 'Bubblegum Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/bubblegumsans/v20/AYCSpXb_Z9EORv1
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (1406), with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):1406
                                                  Entropy (8bit):5.810990700305303
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:13A5501C8FD62F9F925104CB9CF1EF60
                                                  SHA1:81BB6AA4DD01AFC5F441B63851A5D4CB4274278F
                                                  SHA-256:6B2B70105E3E2FF9A639E5F614AC5A4564ACB7FD6135269B35FA8956770548B0
                                                  SHA-512:CF420C42642569D537893BFFC311C51C18932A058AB1E9E98D61E3B10D84CDECFC983780D6FF192D87CA676111189BBEDE064B1C87E14635BD70282B9F4B58E9
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcE_6MUAAAAACM2aL4qbFG8PNDIIl4krUNCLmXE
                                                  Preview:/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]||{},N='grecaptcha';var gr=w[N]=w[N]||{};gr.ready=gr.ready||function(f){(cfg['fns']=cfg['fns']||[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']||[]).push('6LcE_6MUAAAAACM2aL4qbFG8PNDIIl4krUNCLmXE');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true;var m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='Az520Inasey3TAyqLyojQa8MnmCALSEU29yQFW8dePZ7xQTvSt73pHazLFTK5f7SyLUJSo2uKLesEtEa9aUYcgMAAACPeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcyNTQwNzk5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=';d.head.prepend(m);var s='https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js',tt=w.trustedTypes,cp=tt&&tt.createPolicy,cp=cp&&cp.bind
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                                  Category:dropped
                                                  Size (bytes):2228
                                                  Entropy (8bit):7.82817506159911
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:EF9941290C50CD3866E2BA6B793F010D
                                                  SHA1:4736508C795667DCEA21F8D864233031223B7832
                                                  SHA-256:1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
                                                  SHA-512:A0C69C70117C5713CAF8B12F3B6E8BBB9CDAF72768E5DB9DB5831A3C37541B87613C6B020DD2F9B8760064A8C7337F175E7234BFE776EEE5E3588DC5662419D9
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:.PNG........IHDR...0...0.....W.......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.......C......pHYs.................IDATh...P....=..8.....Nx. ..PlP8..;.C.1iL#6...*.Z..!......3.po .o.L.i.I..1fl..4..ujL&6$...............w...........,Z..z. ~.....\.._.C.eK...g..%..P..L7...96..q....L.....k6...*..,xz.._......B."#...L(n..f..Yb...*.8.;....K)N...H).%.F"Ic.LB.........jG.uD..B....Tm....T..).A.}D.f..3.V.....O.....t_..].x.{o......*....x?!W...j..@..G=Ed.XF.........J..E?../]..?p..W..H..d5% WA+.....)2r..+..'qk8.../HS.[...u..z.P.*....-.A.}.......I .P.....S....|...)..KS4....I.....W...@....S.s..s..$`.X9.....E.x.=.u.*iJ...........k......'...!.a....*+.....(...S..\h....@............I.$..%.2....l......a.|.....U....y.....t..8....TF.o.p.+.@<.g........-.M.....:.@..(.......@......>..=.ofm.WM{...e..,..D.r.......w....T.L.os..T@Rv..;.....9....56<.x...........2.k.1....dd.V.....m..y5../4|...G.p.V.......6...}.....B........5...&..v..yTd.6...../m.K...(.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (562)
                                                  Category:downloaded
                                                  Size (bytes):185127
                                                  Entropy (8bit):5.61072303330007
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:782F7162CF27C5599269436CFCA43E18
                                                  SHA1:4838BDB9CD5A35D82712AA1C5F183068C04F34FE
                                                  SHA-256:9D9D8028F36453616E3EF0FF9190B678B8BC5DFB2B5DA1156B415CB013C1C3D8
                                                  SHA-512:25F5DF1C387ED52F82430AAB1589ABC8CBBE23CC09A40BB4F075A5FF05BD29376B0690275849858EFCCEE870363BB4DA2768AF203F9B57541839750CB2B0E201
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://maps.googleapis.com/maps-api-v3/api/js/55/11a/util.js
                                                  Preview:google.maps.__gjsload__('util', function(_){/*.. Copyright 2013 Google LLC.. SPDX-License-Identifier: Apache-2.0.*/.var Oma,Qma,Sma,Uma,Vma,SD,UD,VD,Xma,cE,dE,hE,Yma,jE,Zma,mE,oE,pE,qE,wE,xE,yE,bna,cna,dna,fna,gna,ena,GE,DE,hna,KE,ina,jna,JE,kna,OE,mna,PE,ona,QE,qna,pna,rna,sna,tna,una,vna,wna,xna,yna,zna,Ana,Bna,Cna,Dna,Ena,Fna,Gna,Hna,Ina,UE,Lna,WE,Nna,Ona,Pna,Qna,Rna,Sna,Tna,Una,Vna,Wna,Yna,$na,boa,doa,foa,hoa,joa,loa,noa,ooa,poa,qoa,roa,soa,toa,uoa,XE,voa,woa,xoa,yoa,zoa,Aoa,Coa,ZE,$E,Doa,Eoa,Foa,Goa,Hoa,Ioa,Joa,Koa,Loa,aF,Moa,bF,Noa,Ooa,Poa,Qoa,Roa,Soa,Toa,cF,Uoa,dF,Voa,Woa,Xoa,Yoa,Zoa,$oa,apa,bpa,cpa,dpa,.epa,fpa,gpa,hpa,ipa,jpa,kpa,lpa,npa,opa,ppa,rpa,spa,tpa,upa,vpa,wpa,xpa,jF,zpa,Apa,Epa,Fpa,Hpa,rF,sF,Kpa,Lpa,Mpa,vF,wF,xF,yF,zF,Rpa,DF,FF,GF,MF,Upa,Vpa,NF,OF,aqa,fG,eqa,iqa,jG,kG,lqa,mqa,nqa,oqa,qqa,rqa,sqa,tqa,oG,vqa,Bqa,uG,Eqa,Dqa,vG,Fqa,BG,GG,Iqa,Jqa,Kqa,Mqa,Nqa,XG,Pqa,YG,Qqa,Rqa,Sqa,Zqa,ZG,Uqa,$qa,bra,dra,hra,fra,ira,gra,$G,aH,lra,mra,bH,cH,nra,pra,eH,fH,ora,rra,hH,iH,sra,jH
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
                                                  Category:downloaded
                                                  Size (bytes):659798
                                                  Entropy (8bit):5.352921769071548
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:9786D38346567E5E93C7D03B06E3EA2D
                                                  SHA1:23EF8C59C5C9AA5290865933B29C9C56AB62E3B0
                                                  SHA-256:263307E3FE285C85CB77CF5BA69092531CE07B7641BF316EF496DCB5733AF76C
                                                  SHA-512:4962CDF483281AB39D339A7DA105A88ADDB9C210C9E36EA5E36611D7135D19FEC8B3C9DBA3E97ABB36D580F194F1860813071FD6CBEDE85D3E88952D099D6805
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://r4.res.office365.com/owa/prem/15.20.7409.46/scripts/boot.worldwide.1.mouse.js
                                                  Preview:.window.scriptsLoaded = window.scriptsLoaded || {}; window.scriptProcessStart = window.scriptProcessStart || {}; window.scriptProcessStart['boot.worldwide.1.mouse.js'] = (new Date()).getTime();..;_a.d.G=function(n,t){this.b=n;this.a=t};_a.d.G.prototype={b:0,a:0};_a.fo=function(n){this.s=n};_a.fo.prototype={s:null,t:null,i:function(){return this.s.currentTarget},e:function(){return this.t?this.t.x:this.s.pageX},f:function(){return this.t?this.t.y:this.s.pageY},o:function(){return this.s.relatedTarget},b:function(){return this.s.target},n:function(){return this.s.timeStamp||+new Date},a:function(){var n=this.s.which;!n&&_a.o.a().K&&this.s.type==="keypress"&&(n=this.u());return n},u:function(){return this.s.keyCode},m:function(){return this.s.originalEvent},j:function(){return this.s.type},k:function(){return this.s.originalEvent.touches},q:function(){return this.s.isDefaultPrevented()},g:function(){return this.s.shiftKey},h:function(){return _j.G.a().P?this.s.metaKey:this.s.ctrlKey},l:
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):16
                                                  Entropy (8bit):3.75
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:AFB69DF47958EB78B4E941270772BD6A
                                                  SHA1:D9FE9A625E906FF25C1F165E7872B1D9C731E78E
                                                  SHA-256:874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
                                                  SHA-512:FD92B98859FFCCFD12AD57830887259F03C7396DA6569C0629B64604CD964E0DF15D695F1A770D2E7F8DF238140F0E6DA7E7D176B54E31C3BB75DDE9B9127C45
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAknYz0AMK3iOhIFDVNaR8U=?alt=proto
                                                  Preview:CgkKBw1TWkfFGgA=
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):102
                                                  Entropy (8bit):4.87377555746297
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:701C50FE2F9D8CFCA61542DEE7684552
                                                  SHA1:952A04F81A291E11F5D4ECD7364A3840412BA65E
                                                  SHA-256:9FC5DFC54DE18E9C98733BBEA6EBDCBC1F01C0B23F985556F24684EE96DC0582
                                                  SHA-512:5CA3C342F4BE563EE68235F32BCB8B25B62215A961B903B3568C496FCAD4508B9408FBDE00C6592085A819826630462863630F888FE73348F13FC037A9AB2C99
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-
                                                  Preview:importScripts('https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js');
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (6677)
                                                  Category:downloaded
                                                  Size (bytes):260628
                                                  Entropy (8bit):5.418166723032892
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:0AC90C644D29FBA8C994FE94048D8F0F
                                                  SHA1:61397B721BAF4D7ECCF7C9EE031049AB0C120632
                                                  SHA-256:634485B4948D43183D2A03442B71174F94B8175557FEA54CBC5F12C269CAFE9D
                                                  SHA-512:2E16901F19E1E96B649699483947C99A81681EA995806352A9132D3A127108475311D8C0268394590A143BC0D008E81D13C878BDFC3E8E1EE6FE637A3A6FF8B6
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://maps.googleapis.com/maps-api-v3/api/js/55/11a/common.js
                                                  Preview:google.maps.__gjsload__('common', function(_){var Cda,Dda,Fda,Hda,Ida,Jda,ns,As,Es,Nda,Oda,at,dt,bt,Pda,et,Qda,ft,it,kt,mt,qt,Sda,Tda,Vda,Xda,zt,Uda,Zda,$da,aea,bea,St,Yt,$t,du,gu,pu,dea,Yu,hv,jv,iv,iea,Cv,jea,Fv,Gv,Hv,Kv,Qv,Tv,Rv,Vv,lea,Wv,mea,Zv,ew,qea,gw,hw,rea,jw,kw,lw,pw,rw,qw,tw,sw,mw,uw,Cw,vea,Ew,Gw,Jw,Nw,oy,Wea,Yea,Zea,gz,Cz,ufa,xfa,vfa,Vz,Afa,iA,Efa,Ffa,kA,sA,tA,uA,Gfa,vA,wA,xA,Eda,Gda,Ky,Ly,Hfa,Xea,Jy,Ny,Kda,Lda,$ea,Mda,Ifa,Et,Wda,Mfa,Nfa,DA,Ofa,GA,Ay,yv,Pfa,Qfa,Rfa,tt,ut,Sfa,gfa,tfa,rfa,Qt,Tfa,cea,hu;._.Ur=function(a,b){return _.aa[a]=b};Cda=function(a,b){return _.Jd(b)};.Dda=function(a){return JSON.stringify(a,function(b,c){switch(typeof c){case "boolean":case "string":case "undefined":return c;case "number":return isNaN(c)||Infinity===c||-Infinity===c?String(c):c;case "object":if(Array.isArray(c)){b=c.length;var d=c[b-1];if(_.Pg(d)){b--;const e=!_.ah(c);let f=0;for(const [g,h]of Object.entries(d)){d=g;const l=h;if(null!=l){f++;if(e)break;l instanceof _.fh&&l.Fg(c,+d)}}if(f
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (65437)
                                                  Category:downloaded
                                                  Size (bytes):1071559
                                                  Entropy (8bit):5.058673692273837
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:2F650353A38735F44C83132331BCD001
                                                  SHA1:DFBD80EA92E59CDE2B69E68012EC7443EEEEC168
                                                  SHA-256:47E01C0EF04C1E30088465B4C146598891CF97A8EE19AE98213EB89FAC89B354
                                                  SHA-512:45BA012884C1C41605BF135ADF5F493D59F36513279F1750AE87026BBA79DB3D316CB3B10DB41935F6A4A365CCA17E658D481345B0985540907ABAA89A6523B3
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://ssl.gstatic.com/datastudio/cloud-lego-fe.fe-server_20240327.07_p1/css/css.css?cb=620329499
                                                  Preview:/*!. * AngularJS Material Design. * https://github.com/angular/material. * @license MIT. * v1.1.20. */body,html{height:100%;position:relative}body{margin:0;padding:0}[tabindex="-1"]:focus{outline:none}.inset{padding:10px}a.md-no-style,button.md-no-style{font-weight:400;background-color:inherit;text-align:left;border:none;padding:0;margin:0}button,input,select,textarea{vertical-align:baseline}button,html input[type=button],input[type=reset],input[type=submit]{cursor:pointer;-webkit-appearance:button}button[disabled],html input[type=button][disabled],input[type=reset][disabled],input[type=submit][disabled]{cursor:default}textarea{vertical-align:top;overflow:auto}input[type=search]{-webkit-appearance:textfield;box-sizing:content-box;-webkit-box-sizing:content-box}input[type=search]::-webkit-search-cancel-button,input[type=search]::-webkit-search-decoration{-webkit-appearance:none}input:-webkit-autofill{text-shadow:none}.md-visually-hidden{border:0;clip:rect(0 0 0 0);height:1px;margin:-1px
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (3383)
                                                  Category:downloaded
                                                  Size (bytes):108699
                                                  Entropy (8bit):5.485760062928967
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:026095982A96F69C5F9017C2017B5295
                                                  SHA1:430A96BAE98305EB96987174F8E2C750647B6259
                                                  SHA-256:6EBB3D87EFC9C9F9A500A3FE94234C0F6B6FAEE8F21A3A7F105D76A87A2319E0
                                                  SHA-512:C02950B886011227BECDFB47B291B36D40E27B80C62DA740BB21FE576D8975B856B3E765E3CEDB616B4DEEB2A72E3DF3146FAE0967AA5FAE59EE41538F19B180
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
                                                  Preview:(function(){var m,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},da=ca(this),r=function(a,b){if(b)a:{var c=da;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}};.r("Symbol",function(a){if(a)return a;var b=function(g,f){this.vc=g;ba(this,"description",{configurable:!0,writable:!0,value:f})};b.prototype.toString=function(){return this.vc};var c="jscomp_symbol_"+(1E9*Math.random()>>>0)+"_",d=0,e=function
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):3
                                                  Entropy (8bit):1.584962500721156
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:8A80554C91D9FCA8ACB82F023DE02F11
                                                  SHA1:5F36B2EA290645EE34D943220A14B54EE5EA5BE5
                                                  SHA-256:CA3D163BAB055381827226140568F3BEF7EAAC187CEBD76878E0B63E9E442356
                                                  SHA-512:CA4B6DEFB8ADCC010050BC8B1BB8F8092C4928B8A0FBA32146ABCFB256E4D91672F88CA2CDF6210E754E5B8AC5E23FB023806CCD749AC8B701F79A691F03C87A
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:{}.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:PNG image data, 600 x 1, 8-bit/color RGBA, non-interlaced
                                                  Category:downloaded
                                                  Size (bytes):132
                                                  Entropy (8bit):4.945787382366693
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:3EDA15637AFEAC6078F56C9DCC9BBDB8
                                                  SHA1:97B900884183CB8CF99BA069EEDC280C599C1B74
                                                  SHA-256:68C66D144855BA2BC8B8BEE88BB266047367708C1E281A21B9D729B1FBD23429
                                                  SHA-512:06B21827589FCAF63B085DB2D662737B24A39A697FF9138BDF188408647C3E90784B355F2B8390160CA487992C033CE735599271EE35873E1941812AB6C34B52
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://r4.res.office365.com/owa/prem/15.20.7409.46/resources/images/0/sprite1.mouse.png
                                                  Preview:.PNG........IHDR...X..........x......sRGB.........gAMA......a.....pHYs..........o.d....IDATHK..1......Om.O ...j.a...\BW....IEND.B`.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):72
                                                  Entropy (8bit):4.241202481433726
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:9E576E34B18E986347909C29AE6A82C6
                                                  SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                  SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                  SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:{"Message":"The requested resource does not support http method 'GET'."}
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:downloaded
                                                  Size (bytes):246
                                                  Entropy (8bit):4.316931158950511
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:8B6C7812BA9EFAB131F916BDF12566F6
                                                  SHA1:D355101604837D05D76D41CBE225E785728E190A
                                                  SHA-256:6C7113DA4BF372FEB6C320A461F0C510FA8B92626A52B08CDEDA3063070B3570
                                                  SHA-512:705AE0C16E7AC9F245A28E6BF72586E8092B0146F09B06732E5F93F95708F6FEE1532857AF628ACB1810715E6BB94FFD5173C9606736BEC3BFF2FAAD46F9CA7F
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/images/icons/material/system_gm/svg/more_vert_24px.svg
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M12 8c1.1 0 2-.9 2-2s-.9-2-2-2-2 .9-2 2 .9 2 2 2zm0 2c-1.1 0-2 .9-2 2s.9 2 2 2 2-.9 2-2-.9-2-2-2zm0 6c-1.1 0-2 .9-2 2s.9 2 2 2 2-.9 2-2-.9-2-2-2z"/></svg>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text
                                                  Category:downloaded
                                                  Size (bytes):1185
                                                  Entropy (8bit):4.984425372159389
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:D2056E8B68BF4628D74F464C133B298A
                                                  SHA1:A087499413278A007A9D4809A513A18B4DC58918
                                                  SHA-256:886170FB1C7FFE28859C88B3CEBFA317267CE0A94470DBECF095A8C260B22CB3
                                                  SHA-512:6045FF3379A9DBE14166234308654F52F6CEF44701497EAF2E16A5EEA71148F22972D2309D106D3548B7B61BC869D3060F75AD3506BE5122AC24D7CD359952DD
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Extended
                                                  Preview:/* fallback */.@font-face {. font-family: 'Material Icons';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2) format('woff2');.}./* fallback */.@font-face {. font-family: 'Material Icons Extended';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/materialiconsextended/v150/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2) format('woff2');.}...material-icons {. font-family: 'Material Icons';. font-weight: normal;. font-style: normal;. font-size: 24px;. line-height: 1;. letter-spacing: normal;. text-transform: none;. display: inline-block;. white-space: nowrap;. word-wrap: normal;. direction: ltr;. -webkit-font-feature-settings: 'liga';. -webkit-font-smoothing: antialiased;.}...material-icons-extended {. font-family: 'Material Icons Extended';. font-weight: normal;. font-style: normal;. font-size: 24px;. line-height: 1;. letter-spacing: normal;. text-t
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (10190)
                                                  Category:downloaded
                                                  Size (bytes):196279
                                                  Entropy (8bit):5.657362946913881
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:B435C96FEFF6EB13DC6ED13071E80E67
                                                  SHA1:4D64C69202E103F800D5EEF88DE4B51F500262DB
                                                  SHA-256:DAC5F340485347E41C7F4D70DF2C55627879B30C988F0A040E2ECD4B3C979956
                                                  SHA-512:7B01786CEBD771F59FA7E51D6AC1E4D7EF0FDDBB50634A621DF28CCAC315B4B7CF45E2DA94124F14CA3AB974B039ACE56F6919EA231D310BF43D20B872228596
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://maps.googleapis.com/maps/api/js?key=AIzaSyAng4TaCSbwmEwKIdn9M0m9ZHpzjAkbMw8&v=3&callback=loadMapsApiCallback&language=en-US&region=US&libraries=visualization
                                                  Preview:..window.google = window.google || {};.google.maps = google.maps || {};.(function() {. . var modules = google.maps.modules = {};. google.maps.__gjsload__ = function(name, text) {. modules[name] = text;. };. . google.maps.Load = function(apiLoad) {. delete google.maps.Load;. apiLoad([0.009999999776482582,[null,[["https://khms0.googleapis.com/kh?v=969\u0026hl=en-US\u0026","https://khms1.googleapis.com/kh?v=969\u0026hl=en-US\u0026"],null,null,null,1,"969",["https://khms0.google.com/kh?v=969\u0026hl=en-US\u0026","https://khms1.google.com/kh?v=969\u0026hl=en-US\u0026"]],null,null,null,null,[["https://cbks0.googleapis.com/cbk?","https://cbks1.googleapis.com/cbk?"]],[["https://khms0.googleapis.com/kh?v=162\u0026hl=en-US\u0026","https://khms1.googleapis.com/kh?v=162\u0026hl=en-US\u0026"],null,null,null,null,"162",["https://khms0.google.com/kh?v=162\u0026hl=en-US\u0026","https://khms1.google.com/kh?v=162\u0026hl=en-US\u0026"]],null,null,null,null,null,null,null,[["https://streetv
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 21224, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):21224
                                                  Entropy (8bit):7.9899918447771325
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:13BDFB843F942CCD9F485EB6C0BC1934
                                                  SHA1:2BAD44362FF7569F24F2A3DF2521B27A97EC1297
                                                  SHA-256:7A291479495FBB281655D5E870C6D118DC6B7ED18E8C235AEF5974C1E9DE4E6C
                                                  SHA-512:754E323505975A2E9E64FCC5BB37BE5E68AF0E7973404093AA3E3505B00834E1814179BEC405E18E39BC0A474CDF57D30EDB7389FDF1894B38EFB73088670487
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
                                                  Preview:wOF2......R........`..R.............................@...`.....|........(..]..(..6.$..L. ..l..g..l.H.%...<....K...6....{.pc...PT.7...s..c..v.jV.p.P..tt....@e.e....BMF....2j...t..Tw..[KSw..+Ao...RF...}~....d?;C...T..a..vU."..;....C$k..j.\..knm...s.o.c>..l\.HVN^..o........w;..@...l.........A..'..{?......df..!.D.PF..I^.^..`yX..E.U.C....ic.t!.E..^U.C.'9...l..>c.(.A.X..HI..R&...5k:.p.f...s.t.l.\....................A3...)H...a`I...q..2..&..0o......7.qv...7.....s.$@...4..;.-....4..5.I..Z...}.~...N......:..7.>K..KX..+;..O.."vI...U....v.ZB..J!T.P.(....v.+ge7.......d..a.[k#y.N.>...3....Tk.)z...A...../..eF..|.Ku3^B*...x..Q..........}f..."..7....j........I.T...G.zwS/K.QZJ.o.2Qq.=..C!\$.k..`...M.....+...$^&..7...;.......w........Z.AZG.:...9...Ay@P.3/*\.a.dQp..L9..R.B.C,.k.+.*S.|ES\._Q....&..e.C!=<....V...W*....6..-d...X.....b..3.{Z..:{...b....0.N%.?..4~.:U...8q...'.&.R.Z.i....N{...k:.G..).= .h..<..!&.#DM$.=.G.....<K...<..... .xU?.5..V......y.'|.+s.O.~./.:...W.5...
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                                  Category:dropped
                                                  Size (bytes):1435
                                                  Entropy (8bit):7.8613342322590265
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:9F368BC4580FED907775F31C6B26D6CF
                                                  SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                                  SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                                  SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):458
                                                  Entropy (8bit):4.716134924899601
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:FB21D93D4D394B1E34B322941E7530C3
                                                  SHA1:B883CE76C6AAA40B7A7E9C0251C419D669097393
                                                  SHA-256:09D348D89DC5212E525FF17A53305233FD9638E5D26E6A7B03BAC5FC84DA4AA0
                                                  SHA-512:AFE8684A8B0E8B1E15A85D502EF992488103005A897A67C98514ED87ED388016E86A8A86E6D5CD9A5C658E26B57095D7BB1F8CD3DE61F36FD52ED290B084CA95
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:{. "error": {. "code": 403,. "message": "Requests from referer \u003cempty\u003e are blocked.",. "status": "PERMISSION_DENIED",. "details": [. {. "@type": "type.googleapis.com/google.rpc.ErrorInfo",. "reason": "API_KEY_HTTP_REFERRER_BLOCKED",. "domain": "googleapis.com",. "metadata": {. "consumer": "projects/371237729773",. "service": "people-pa.googleapis.com". }. }. ]. }.}.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:HTML document, ASCII text, with very long lines (1263), with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):1263
                                                  Entropy (8bit):5.633782632037888
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:99A43FCDB199BD81DC3BAF28279BDB0E
                                                  SHA1:4467D97BDC9B305CDD6575A8CBF823559DF8A7A4
                                                  SHA-256:47E20C889553C1879913C3B8042C960FA0B307139F64DFDF1E4FD3A4F57E9294
                                                  SHA-512:F9D85A61EB60E72A10772246C93E4A95E40E7E7013DCECF4716B4A2D3BB09593F2241C9AF75D61497B8FC169158505370A16A189CDED0736FF2C078DBB59AEF3
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://5c7092bf.1342a94e0d1a953a2049ebc5.workers.dev/
                                                  Preview:<!doctype html><html><head><meta http-equiv="Content-Security-Policy" content="default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';"></head><body><iframe id="iframe" sandbox="allow-modals allow-same-origin allow-same-origin allow-scripts allow-popups allow-forms" name="iframe" width="100%" height="100%" src="https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovLzhlY29jMDNudmliLjU0MzI1NnIyNTI3NjIwMjkyMDIwMzI5ODMyOTJlOThoOWUueHl6IiwiZG9tYWluIjoiOGVjb2MwM252aWIuNTQzMjU2cjI1Mjc2MjAyOTIwMjAzMjk4MzI5MmU5OGg5ZS54eXoiLCJrZXkiOiIyc0JsTEV5QVFzUmMiLCJxcmMiOm51bGwsImlhdCI6MTcxM
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (2121)
                                                  Category:downloaded
                                                  Size (bytes):322211
                                                  Entropy (8bit):5.522177100532246
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:79D4BD9775FF102A821FA1BC8A37E818
                                                  SHA1:2913B972B8D47A13F406B907FF982FF7C78E51B1
                                                  SHA-256:6D3606F0DC83F347C1865622B8ADD883AD2136C55F823956013227DB56C3D8CE
                                                  SHA-512:DCB969F7B1977081B6B7A8C590BCEA012676ACC5328508F7C6F7BB1DD9125D065932519FEEB03F07D397C01272CD98C14E3E034CB12EF0BCC94AE38A1EE18D2A
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo8ivBPi_9I5G7qxoBeYV5pO1OVdmQ/cb=gapi.loaded_0?le=scs
                                                  Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x20000, ]);.var da,ma,na,sa,ta,ya,Ca,Ea;_.ca=function(a){return function(){return _.ba[a].apply(this,arguments)}};_.ba=[];da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ma="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.na=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.qa=na(this);sa=function(a,b){if(b)a:{var c=_.qa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (994), with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):994
                                                  Entropy (8bit):4.934955158256183
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:E2110B813F02736A4726197271108119
                                                  SHA1:D7AC10CC425A7B67BF16DDA0AAEF1FEB00A79857
                                                  SHA-256:6D1BE7ED96DD494447F348986317FAF64728CCF788BE551F2A621B31DDC929AC
                                                  SHA-512:E79CF6DB777D62690DB9C975B5494085C82E771936DB614AF9C75DB7CE4B6CA0A224B7DFB858437EF1E33C6026D772BE9DBBB064828DB382A4703CB34ECEF1CF
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://r4.res.office365.com/owa/prem/15.20.7409.46/resources/images/0/sprite1.mouse.css
                                                  Preview:.image-loading_blackbg-gif{background:url('loading_blackbg.gif');width:16px;height:16px}.image-loading_whitebg-gif{background:url('loading_whitebg.gif');width:16px;height:16px}.image-thinking16_blue-gif{background:url('thinking16_blue.gif');width:16px;height:16px}.image-thinking16_grey-gif{background:url('thinking16_grey.gif');width:16px;height:16px}.image-thinking16_white-gif{background:url('thinking16_white.gif');width:16px;height:16px}.image-thinking24-gif{background:url('thinking24.gif');width:24px;height:24px}.image-thinking32_blue-gif{background:url('thinking32_blue.gif');width:32px;height:32px}.image-thinking32_grey-gif{background:url('thinking32_grey.gif');width:32px;height:32px}.image-thinking32_white-gif{background:url('thinking32_white.gif');width:32px;height:32px}.image-clear1x1-gif{width:1px;height:1px;background:url('sprite1.mouse.png') -0 -0}.csimg{padding:0;border:none;background-repeat:no-repeat;-webkit-touch-callout:none}span.csimg{-ms-high-contrast-adjust:none}
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 34108, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):34108
                                                  Entropy (8bit):7.993096562158293
                                                  Encrypted:true
                                                  SSDEEP:
                                                  MD5:C15D33A9508923BE839D315A999AB9C7
                                                  SHA1:D17F6E786A1464E13D4EC8E842F4EB121B103842
                                                  SHA-256:65C99D3B9F1A1B905046E30D00A97F2D4D605E565C32917E7A89A35926E04B98
                                                  SHA-512:959490E7AE26D4821170482D302E8772DD641FFBBE08CFEE47F3AA2D7B1126DCCD6DEC5F1448CA71A4A8602981966EF8790AE0077429857367A33718B5097D06
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
                                                  Preview:wOF2.......<..........................................\..4?HVAR.t.`?STAT..'...J/<.....`..(..Z.0..,.6.$.... ..B..K..[.h...c.....nC .../.V.v..6>nT.*R...b.8.@.......ON.ch.......k..."..".9..\D...JBJ."T%5...Z2..Q.)wJ...sA.h..m....n..F.....t..ig.=..y.s@............t..j.*....n.h(...........N..)9.....v`|z....8.7..kTq....^.......[.K.O..1ZP.....;.HP.......>..+..j:.V.......A......[.f.l..v`x....F_..vo...e....n...H..X.2.v}...(.1J...x.....}.....5.3.....?..?..7...S..0.9..C.0.M..M9..e.b....bc..b4.0"e.G.....XT....z............E'c.(."...x`].]..e.rQ..ye.z........kFh;....Y.yPt.._Q.._-q..mi.Og.W.-qUI*...m5..r.mvA~o....S.f........s..ql.aXD...H..wy.P..k...f$.V^.2...8U{...f.....]]..G..cf.......D.c&B'S.2~..N..........R;..).5...../... 6....b....]d6."C..T..........OI\+V'...E.[.g.u.E....,*!F.....*U.q. :x.s..1..C....H..S%..)....h......K..........pw.f...f.......an3....9....@......%.2.c.+........cXD..F...B.....0'...O.z8.B....4...\..&c...H....;..p....@.l...:........L..`...5..xo&.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:SVG Scalable Vector Graphics image
                                                  Category:downloaded
                                                  Size (bytes):334
                                                  Entropy (8bit):5.085703756761443
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:41FB3F6666DB2C18DE8B5DED8796195C
                                                  SHA1:ADFEADAC45E9BC6B5C112EB6D51AAE9C2020BD46
                                                  SHA-256:BBB5ED0D166D1EF2DBF5F980BD320FEE22AE9B18FC4866E2425A50699246B5D7
                                                  SHA-512:5FD2A7F57A30668A669CFD295734346E1787179A55F40DFC1FD9A5EA140E9C0324B4516A20350E5A6171E90FC18EF41C8C8B66109DC2018232C4EBC147BED3D7
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/images/icons/material/system_gm/svg/content_copy_24px.svg
                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24" viewBox="0 0 24 24" width="24"><g><rect fill="none" height="24" width="24"/></g><g><path d="M16,20H5V6H3v14c0,1.1,0.9,2,2,2h11V20z M20,16V4c0-1.1-0.9-2-2-2H9C7.9,2,7,2.9,7,4v12c0,1.1,0.9,2,2,2h9 C19.1,18,20,17.1,20,16z M18,16H9V4h9V16z"/></g></svg>
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):232394
                                                  Entropy (8bit):5.54543362321178
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:AF8D946B64D139A380CF3A1C27BDBEB0
                                                  SHA1:C76845B6FFEAF14450795C550260EB618ABD60AB
                                                  SHA-256:37619B16288166CC76403F0B7DF6586349B2D5628DE00D5850C815D019B17904
                                                  SHA-512:C5CFB514F993310676E834C8A5477576BD57C82A8665387F9909BA0D4C3C2DE693E738ACAA74E7B4CA20894EA2FEEA5CF9A2428767D03FE1DE9C84538FDC3EE9
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://r4.res.office365.com/owa/prem/15.20.7409.46/resources/styles/0/boot.worldwide.mouse.css
                                                  Preview:.feedbackList{-webkit-animation-duration:.17s;-moz-animation-duration:.17s;animation-duration:.17s;-webkit-animation-name:feedbackListFrames;-moz-animation-name:feedbackListFrames;animation-name:feedbackListFrames;-webkit-animation-fill-mode:both;-moz-animation-fill-mode:both;animation-fill-mode:both}@-webkit-keyframes feedbackListFrames{from{-webkit-transform:scale(1,1);transform:scale(1,1);-webkit-animation-timing-function:cubic-bezier(.33,0,.67,1);animation-timing-function:cubic-bezier(.33,0,.67,1)}to{-webkit-transform:scale(1.03,1.03);transform:scale(1.03,1.03)}}@-moz-keyframes feedbackListFrames{from{-moz-transform:scale(1,1);transform:scale(1,1);-moz-animation-timing-function:cubic-bezier(.33,0,.67,1);animation-timing-function:cubic-bezier(.33,0,.67,1)}to{-moz-transform:scale(1.03,1.03);transform:scale(1.03,1.03)}}@keyframes feedbackListFrames{from{-webkit-transform:scale(1,1);-moz-transform:scale(1,1);transform:scale(1,1);-webkit-animation-timing-function:cubic-bezier(.33,0,.67,
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (2343)
                                                  Category:downloaded
                                                  Size (bytes):52916
                                                  Entropy (8bit):5.51283890397623
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:575B5480531DA4D14E7453E2016FE0BC
                                                  SHA1:E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
                                                  SHA-256:DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
                                                  SHA-512:174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.google-analytics.com/analytics.js
                                                  Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self,p=function(a,b){a=a.split(".");var c=n;a[0]in c||"undefined"==typeof c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r||u();v=v||q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING||[];w.TAGGING[a]=!0};var ba=Array.isArray,c
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):15552
                                                  Entropy (8bit):7.983966851275127
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:285467176F7FE6BB6A9C6873B3DAD2CC
                                                  SHA1:EA04E4FF5142DDD69307C183DEF721A160E0A64E
                                                  SHA-256:5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
                                                  SHA-512:5F9BB763406EA8CE978EC675BD51A0263E9547021EA71188DBD62F0212EB00C1421B750D3B94550B50425BEBFF5F881C41299F6A33BBFA12FB1FF18C12BC7FF1
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
                                                  Preview:wOF2......<...........<Z.........................d..z..J.`..L.\..<.....<.....^...x.6.$..6. .... ..S..}%.......|....x..[j.E...d..-A...]=sjf$X.o.5......V....i?}.\...;...V......5..mO=,[.B..d'..=..M...q...8..U'..N..G...[..8....Jp..xP...'.?....}.-.1F.C.....%z..#...Q...~.~..3.............r.Xk..v.*.7t.+bw...f..b...q.W..'E.....O..a..HI.....Y.B..i.K.0.:.d.E.Lw....Q..~.6.}B...bT.F.,<./....Qu....|...H....Fk.*-..H..p4.$......{.2.....".T'..........Va.6+.9uv....RW..U$8...p...........H5...B..N..V...{.1....5}p.q6..T...U.P.N...U...!.w..?..mI..8q.}.... >.Z.K.....tq..}.><Ok..w.. ..v....W...{....o...."+#+,..vdt...p.WKK:.p1...3`. 3.......Q.].V.$}.......:.S..bb!I...c.of.2uq.n.MaJ..Cf.......w.$.9C...sj.=...=.Z7...h.w M.D..A.t.....]..GVpL...U(.+.)m..e)..H.}i.o.L...S.r..m..Ko....i..M..J..84.=............S..@......Z.V.E..b...0.....@h>...."$.?....../..?.....?.J.a,..|..d...|`.m5..b..LWc...L...?.G.].i...Q..1.:..LJV.J...bU.2.:\.kt.......t.....k....B..i.z+...........A.....
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):15344
                                                  Entropy (8bit):7.984625225844861
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:5D4AEB4E5F5EF754E307D7FFAEF688BD
                                                  SHA1:06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
                                                  SHA-256:3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
                                                  SHA-512:7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
                                                  Preview:wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h|.l....A....b6........(......@e.]...*:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#*e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.*UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...*$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf*.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed.*.'..qP....M..j....../.z&.=...q<....-..?.A.%..K..
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
                                                  Category:downloaded
                                                  Size (bytes):15744
                                                  Entropy (8bit):7.986588355476176
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:15D9F621C3BD1599F0169DCF0BD5E63E
                                                  SHA1:7CA9C5967F3BB8BFFEAB24B639B49C1E7D03FA52
                                                  SHA-256:F6734F8177112C0839B961F96D813FCB189D81B60E96C33278C1983B6F419615
                                                  SHA-512:D35A47162FC160CD5F806C3BB7FEB50EC96FDFC81753660EAD22EF33F89BE6B1BFD63D1135F6B479D35C2E9D30F2360FFC8819EFCA672270E230635BCB206C82
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
                                                  Preview:wOF2......=........t..=..........................d..d..^.`.. .T..<.....|..{........6.$.... ..t. ..I.3.%.....8..&....4Z.|t .8.........D...$.uNE.P.E.Ak...=.x.9Xz.`.I..R....#F+B`..}.RP|E...Z\.W[.............C...QB....m...cm.?.F.g.......Q....3......p...L2.[......!+@U..^~.......D.?.......j...U...c..U.l.6{...m.CD].h.t.....Q8.....@P...L.c.....+...ZD..2.K...:..4{g..:..~....v......<..H^.R.'....8....?.;...uy.VW..8=.".F..*.....@E....c....=..Ib.....y8$.a){.......KiIW.&..~.}..1..w.M..{.4......!..{..F.H.5#K...t..5.w...ve;. '......NJ......'(%;...?...D...M.Cq,<.=?.f......._...V..bA.(..37..v....+.uY.C.b.w8AF..3.n.-..'..U%.2....o.l."...^bj..aoF.!`....A....j...'.:Z.u...[..p.GW:U%.Ejq...:I...C........S.C...sJe.6D...<.UM,..&h..z}.y|..9...D..j...n..B.$..T....?../.Q..=B...C._.f.#.:Bo.@]T.(..v..F..+d...". ......R..R..R....!..~A....X............>!`p..,08. 9.../.....r..Q.......Qpg.\ko...C..3..Y.y..t'.d9..>#|..3..?.#..$....i........g5.z....S....{3..Sp..S2..w.6........
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:GIF image data, version 89a, 352 x 3
                                                  Category:downloaded
                                                  Size (bytes):3620
                                                  Entropy (8bit):6.867828878374734
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                  SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                  SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                  SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/aadcdn.msauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
                                                  Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113084
                                                  Category:downloaded
                                                  Size (bytes):20314
                                                  Entropy (8bit):7.979540464295058
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:92A840DC3D177339DAE03FEDF22A22B5
                                                  SHA1:C1C9A6E6442388D07A9D9D72C12DA25094D6920F
                                                  SHA-256:4A986BA8875F22A0EABC356112A6790F90E114ADB72EAEC4632E03812EC1EDE4
                                                  SHA-512:98C705395DD249501D8069A03E0068BC9CCF4F2D139BEC63A00564C69CD21C05CB25CF56BA7B40822963737989D5048AD310E20D6022E84346C982CFCEF79E11
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://8ecoc03nvib.543256r252762029202032983292e98h9e.xyz/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
                                                  Preview:...........}ks.6.....\.R;.J.H=-WR;..&>g^53.G.R[.DY<C..$e.WG..... )...{+'g...l............bw_f7.:x..<x.-.*V5)/wE..Y...gy.0.*(.*-o.e.|..._..I.....?<{.!x...W..._..^..p..E..'..Y...<.....*]..6(. ..D..*...Y.......:.ve.?..!..|t...].+.......a.......|.P...u.H.d.d.r.c[..~.L..n.-.}e.H3...r..^..iP.u.*.z.....)..Z.jx..C'......u..{.C...N.o.m~..F(b..f.....h..O.....6....kr.......n2m M$.R..R..i{.~...*..n.dKY..#.Kn.4..G...O..l.#.a=..iU..].S.2.wY..O.|...Z.A....].uU.._%U.<...pp..u=.....C.R..S.....0...A<......&...W..'o.T.."..jO..^+.....DiW.b..7i..7..........lKe.0.~B0.....zQu#...YB.,.{*.&.6..G.6..._...J.i.?.LS$( .^.{..u.-.0....K....M&j..s.yB..+....^.)...7e.....]..eFI_.kRX.B......D[.4......+.u=>....R.`QEK...R..d...*S.. ,c5RKBK(......][..eF{T.....6...".....Uk:..S.0Ro.}B.dwJZ}U..S.F.....&.&.~|......{..Ep.>x..._....}p..=.}...v...7?}...g..1&.......}...^...o.x.>x...../.^....._.........w.v./.........BA...{J..w..$?.}w....?zO.r..5...7.gl..z...g.?.{....R.......yGj
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (59783), with CRLF line terminators
                                                  Category:downloaded
                                                  Size (bytes):663451
                                                  Entropy (8bit):5.3635307555313165
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:761CE9E68C8D14F49B8BF1A0257B69D6
                                                  SHA1:8CF5D714D35EFFA54F3686065CB62CCE028E2C77
                                                  SHA-256:BEAA65AD34340E61E9E701458E2CCFF8F9073FDEBBC3593A2C7EC8AFEACB69C1
                                                  SHA-512:CEC948666FBA0F56D3DA27A931033C3A581C9C00FEC4D3DDCF41324525B5B5321AE3AB89581ECC7F497DE85EF684AB277C8A2DB393D526416CEB76C91A1B9263
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://r4.res.office365.com/owa/prem/15.20.7409.46/scripts/boot.worldwide.0.mouse.js
                                                  Preview:.window.scriptsLoaded = window.scriptsLoaded || {}; window.scriptProcessStart = window.scriptProcessStart || {}; window.scriptProcessStart['boot.worldwide.0.mouse.js'] = (new Date()).getTime();../* Empty file */;Function.__typeName="Function";Function.__class=!0;Function.createCallback=function(n,t){return function(){var r=arguments.length;if(r>0){for(var u=[],i=0;i<r;i++)u[i]=arguments[i];u[r]=t;return n.apply(this,u)}return n.call(this,t)}};Function.prototype.bind=Function.prototype.bind||function(n){if(typeof this!="function")throw new TypeError("bind(): we can only bind to functions");var u=Array.prototype.slice.call(arguments,1),r=this,t=function(){},i=function(){return r.apply(this instanceof t?this:n,u.concat(Array.prototype.slice.call(arguments)))};this.prototype&&(t.prototype=this.prototype);i.prototype=new t;return i};Function.createDelegate=function(n,t){return function(){return t.apply(n,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Error.__typeNam
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
                                                  Category:downloaded
                                                  Size (bytes):4811
                                                  Entropy (8bit):7.9323475501953675
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:CB13B37D9CEB24A98DDA6AFD6EDA0C39
                                                  SHA1:A42E3AFB3223A2892FA9483B2F4CCD3596EF6EB0
                                                  SHA-256:A3941E483EF88CF0299266CDB18200770144A15C836C9B40E7052AE0F2E0DC44
                                                  SHA-512:E3ADE17BA828ABAF67CFDDA89E194E40B53087F67B44A7FBAC3B3B37B322DE576AA260147B1FF8DA74A5A6D15CE957EDFACC477286F199686CCB31CED52CFB25
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://ssl.gstatic.com/datastudio/latest/static_images/pngs/favicon_looker_studio.png
                                                  Preview:.PNG........IHDR...............g-....pHYs..,K..,K..=......sRGB.........gAMA......a....`IDATx...o..q.^.h...&..``e.r.......S..K-.[$...H>H.-.]s.Y.K`I.ve_...":..gsI....AN>.e/..a..(Q.t...59....._w..@. {H..w...W.`...V.Z*.3........_v.C}.1z.|.Ti.,#A.....pU....a....eqw..........[qJ.5.&.~....{....+..t...... `..'..`..+.!.._.....G.%..p..[4..M.,........&X@....G.f...A.k`....]/ ].d.<~......V.}.......+w.{..{'J.\$...`{.C.x.,v.....m......J.g..=...u..Bm`p...K......<............xj.^{i.%....(8V...C.....%..,B.tw.7.@...<....w..5..DJ.1.{9.[Pp...A.qWx...!a+.fCRd..-.b.x..j.x7.v.C.:.....+.. .......6q..:..X*mB...<./`..Y|.O....NFE......N...{.W9.I...........D|.*iT>.u..........//...+.......9.p._.l..{.._-I...z.....I...o,W..mnQ.T...c8.;:..dK. .....tN.>zE).Z......K........R,Q.79.6N|..;.U]S..p*...).dG.....@!n..SV.....C....B...L&..V:.F..BY...{.....0...koM=....Ry..\.K......W..`..s.$.......b...x..#.......)......]..{d...Z1..~..o..A.pF..{.Y+.........@..,M.Z..@.(D.........Q.8E.H.x..
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (56398), with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):56398
                                                  Entropy (8bit):5.907604034780877
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:EB4BC511F79F7A1573B45F5775B3A99B
                                                  SHA1:D910FB51AD7316AA54F055079374574698E74B35
                                                  SHA-256:7859A62E04B0ACB06516EB12454DE6673883ECFAEAED6C254659BCA7CD59C050
                                                  SHA-512:EC9BDF1C91B6262B183FD23F640EAC22016D1F42DB631380676ED34B962E01BADDA91F9CBDFA189B42FE3182A992F1B95A7353AF41E41B2D6E1DAB17E87637A0
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/styles__ltr.css
                                                  Preview:.goog-inline-block{position:relative;display:-moz-inline-box;display:inline-block}* html .goog-inline-block{display:inline}*:first-child+html .goog-inline-block{display:inline}.recaptcha-checkbox{border:none;font-size:1px;height:28px;margin:4px;width:28px;overflow:visible;outline:0;vertical-align:text-bottom}.recaptcha-checkbox-border{-webkit-border-radius:2px;-moz-border-radius:2px;border-radius:2px;background-color:#fff;border:2px solid #c1c1c1;font-size:1px;height:24px;position:absolute;width:24px;z-index:1}.recaptcha-checkbox-borderAnimation{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAANICAYAAABZl8i8AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAABIAAAASABGyWs+AAAACXZwQWcAAABUAAADSAC4K4y8AAA4oElEQVR42u2dCZRV1ZX3q5iE4IQIiKQQCKBt0JLEIUZwCCk7pBNFiRMajZrIl9aOLZ8sY4CWdkDbT2McooaAEmNixFhpaYE2dCiLScWiQHCgoGQoGQuhGArKKl7V+c5/n33fO/V4w733nVuheXuv9V/rrnvP2Xud3zvTPee+ewsKxMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExP4OdtlT6ztAbRWvvLy8A3QkwxzH6tBGMMexI
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced
                                                  Category:dropped
                                                  Size (bytes):5139
                                                  Entropy (8bit):7.865234009830226
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:8B36337037CFF88C3DF203BB73D58E41
                                                  SHA1:1ADA36FA207B8B96B2A5F55078BFE2A97ACEAD0E
                                                  SHA-256:E4E1E65871749D18AEA150643C07E0AAB2057DA057C6C57EC1C3C43580E1C898
                                                  SHA-512:97D8CC97C4577631D8D58C0D9276EE55E4B80128080220F77E01E45385C20FE55D208122A8DFA5DADCB87543B1BC291B98DBBA44E8A2BA90D17C638C15D48793
                                                  Malicious:false
                                                  Reputation:unknown
                                                  Preview:.PNG........IHDR...V...H.............tEXtSoftware.Adobe ImageReadyq.e<...%iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Macintosh)" xmpMM:InstanceID="xmp.iid:DB120779422011EA9888910153D3A5E6" xmpMM:DocumentID="xmp.did:DB12077A422011EA9888910153D3A5E6"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DB120777422011EA9888910153D3A5E6" stRef:documentID="xmp.did:DB120778422011EA9888910153D3A5E6"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>P.WI....IDATx..]]l.......(.5.K0P..0...E.qT..J X)F.(5X....J.}(m.R5.Q...RUEUPU~.....qp@.b......L...k.m"0......"c.3
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (1279)
                                                  Category:downloaded
                                                  Size (bytes):8267531
                                                  Entropy (8bit):5.584258178342238
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:B0372C96DC5282698E383DE38A073CCE
                                                  SHA1:87151B75735285824CC8BD6DDED6BD2AC88E42F9
                                                  SHA-256:AE99ECFC6BA7F19818D912F24AF729217D3548EA499A4E95EA2D6EFBDF8602EE
                                                  SHA-512:6F6C5BB1C974EEFF23099D4FF25758B608309D17D78A72E82A2771F7CF48B9F17A9487FE92012EDF9DB421F551E2671E83D36F347B3429B92D6A732EC8435A27
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:"https://www.gstatic.com/_/datastudio/_/js/k=datastudio.datastudio.en_US.ULwCES_EI1M.2018.O/am=gA/d=0/rs=AHAPuoOiFZM-71NpQX81kp6cXTwDoDl0Xw/m=syd,sy8,sym,syk,syc,sy17,sy6,sy9,syj,syl,syb,syq,syy,sy10,sy11,sy7,syx,sya,sy12,sy13,sy14,syv,sy1o,sy1m,sy2,sy4,syg,syz,sy18,sy19,sy16,syf,syp,sy1,sy1b,sy1f,syh,syu,sy1e,sy15,sy1n,sy1l,sy1r,sy3,sy5,sye,syn,syo,syr,sys,syt,syw,sy1a,sy1c,sy1g,sy1h,sy1u,sy26,sy1x,sy1q,sy1j,sy1y,sy0,sy1v,sy2a,sy29,sy27,sy1p,sy1s,sy1t,sy1i,sy23,sy24,sy2h,sy1z,sy2b,syi,sy1d,sy1k,sy20,sy21,sy2f,sy2j,sy2r,sy2w,sy2x,sy2y,sy2z,sy30,pm_ng2report"
                                                  Preview:"use strict";this.default_datastudio=this.default_datastudio||{};(function(_){var window=this;.try{.var lg_YSb,lg_WSb;_.lg_gI=function(a,b,c){return Math.abs(a-b)<=(c||1E-6)};._.lg_hI=function(a,b){if(a instanceof _.lg_hI)this.H=a.toArray();else{var c;if(c=_.lg_ia(a))a:{for(var d=c=0;d<a.length;d++){if(!_.lg_ia(a[d])||0<c&&a[d].length!=c){c=!1;break a}for(var e=0;e<a[d].length;e++)if("number"!==typeof a[d][e]){c=!1;break a}0==c&&(c=a[d].length)}c=0!=c}if(c)this.H=_.lg_ha(a);else if(a instanceof _.lg_nm)this.H=lg_WSb(a.height,a.width);else if("number"===typeof a&&"number"===typeof b&&0<a&&0<b)this.H=lg_WSb(a,b);else throw Error("Invalid argument(s) for Matrix contructor");.}this.D=new _.lg_nm(this.H[0].length,this.H.length)};_.lg_XSb=function(a,b,c){for(var d=0;d<a.getSize().height;d++)for(var e=0;e<a.getSize().width;e++)b.call(c,a.H[d][e],d,e,a)};lg_YSb=function(a,b){var c=new _.lg_hI(a.getSize());_.lg_XSb(a,function(d,e,f){c.H[e][f]=b.call(void 0,d,e,f,a)});return c};lg_WSb=function(a
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (554)
                                                  Category:downloaded
                                                  Size (bytes):510578
                                                  Entropy (8bit):5.695280300193632
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:E9CCB3DBDE79BA5FFDF9CAD4B32D59FD
                                                  SHA1:3A8CD67ADC7C885BDF683F1E7F491E6A4A50679F
                                                  SHA-256:8F2C6777C7CCC01AB67290FA8ACD5A4C4866BE64129F39DFAEB9197DFA15E137
                                                  SHA-512:5CA7C8439030C9B4B966760C660640A094B0D6E30E10DF85D7B900C6F9108B0E309298ED93C006634BB3F437BAB3CFF1B83A5D1B18C666C04346F0856294C461
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js
                                                  Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT.*/./*. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. SPDX-License-Identifier: Apache-2.0.*/.var y=function(){return[function(E,X,B,M,c,v,Y,I,h,J,F,a,C,R,P){return E+4>>3==(E-8<<2>=(R=[1,"F",22],E)&&(E+2&12)<E&&(M=u[32](4,B[R[1]]),P=A[16](32,0,X,B[R[1]],M)),R[0])&&(M=void 0===M?null:M,Y=[3,341,278],c=d[46](16,21,X,u[31](32,B)),J=e[48](7,Y[0],X,u[31](35,X),u[31](28,Y[R[0]])),I=g[27](77,15,u[31](29,X),X,u[31](33,438)),v=u[31](38,Y[2]),a=A[32](R[2],l[13](2,d[9](48,36),X),[u[7](24,v),u[31](34,X)]),C=[c,J,I,a],null!=M&&(h=A[8](73),F=A[8](72),C=[W[30](8,h,u[31](28,B),u[31](37,0))].concat(C,[W[30](8,.F,R[0],R[0]),h,e[39](12,M,X),F])),P=C),P}]}(),g=function(){return[function(E,X,B,M,c,v){return 3<=((((E^(v=[7,"W",2],19))&v[0]||(this[v
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:PNG image data, 33 x 52, 8-bit/color RGB, non-interlaced
                                                  Category:downloaded
                                                  Size (bytes):61
                                                  Entropy (8bit):4.035372245524404
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:2DB63AD3192E29D93964C0619D57A6F7
                                                  SHA1:51A1568ACC1C523BEF3F10342883D809F3507226
                                                  SHA-256:42EF27AADE5EAC643E22618DF39AD60DE44CBA99F05EEE23382EB23515986A58
                                                  SHA-512:1066FE9DA37AF7F99E5B77192A1731B469E4A0D7F46E2AAAACBA8D7D6581202FFA147E2E3DA0E9657DDDB47E003749227666AE9A933BC15B76D8524F76B6C3D1
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/871342d32da7225d/1712589833834/R0jOu94Cn8andXL
                                                  Preview:.PNG........IHDR...!...4.............IDAT.....$.....IEND.B`.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                  Category:downloaded
                                                  Size (bytes):61
                                                  Entropy (8bit):3.990210155325004
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                  SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                  SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                  SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D
                                                  Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.
                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                  Category:downloaded
                                                  Size (bytes):452698
                                                  Entropy (8bit):4.808823554650581
                                                  Encrypted:false
                                                  SSDEEP:
                                                  MD5:397E99E0EB055FF77B7127F603820A30
                                                  SHA1:90DFEBC6FA30097E3CFFFCF4E9FF7CE00AFB4553
                                                  SHA-256:747D4D99C40A2E8FBCF35A2BB78EED0D39EC4ECC7C97C81D79F25D1E60FA9007
                                                  SHA-512:CEEDA564D413F9831FB56FA0E2B54299119553E3C22C39C0904DD9FD6D34E5CAFF1A7E715222B11F5DA2BD5454A1E077545104CD0130D57E359F2BBB116ACDBC
                                                  Malicious:false
                                                  Reputation:unknown
                                                  URL:https://ssl.gstatic.com/datastudio/cloud-lego-fe.fe-server_20240327.07_p1/css/material_theme.css?cb=620329499
                                                  Preview:.reach-panel-layout-content-wrapper{overflow:hidden}.xap-avatar-button.xap-avatar-button{-webkit-box-align:center;-webkit-align-items:center;-moz-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-webkit-flex;display:-moz-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-webkit-justify-content:center;-moz-box-pack:center;-ms-flex-pack:center;justify-content:center}.xap-avatar{border-radius:50%}.xap-avatar-monogram{border-radius:50%;font-size:14px;font-weight:500;line-height:18px;font-family:Google Sans,Helvetica Neue,sans-serif;letter-spacing:.25px;-webkit-box-align:center;-webkit-align-items:center;-moz-box-align:center;-ms-flex-align:center;align-items:center;background-color:#1a73e8;color:#fff;display:-webkit-box;display:-webkit-flex;display:-moz-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-webkit-justify-content:center;-moz-box-pack:center;-ms-flex-pack:center;justify-content:center}.xap-account-menu-layout{width:352p
                                                  No static file info