Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://google.com

Overview

General Information

Sample URL:http://google.com
Analysis ID:1541412

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
HTML page contains obfuscated javascript
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 3948 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6848 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1964,i,5401208169558041759,7712602589421320872,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6496 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5736 --field-trial-handle=1964,i,5401208169558041759,7712602589421320872,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6452 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: http://google.comURL Reputation: detection malicious, Label: malware

Phishing

barindex
HTML page contains obfuscated javascript
Source: https://www.google.com/HTTP Parser: (function()
Source: https://www.google.com/HTTP Parser: No favicon
Source: https://www.google.com/HTTP Parser: No favicon
Source: https://www.google.com/HTTP Parser: No favicon
Source: https://www.google.com/HTTP Parser: No favicon
Source: https://www.google.com/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49793 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: csp.withgoogle.com
Source: global trafficDNS traffic detected: DNS query: apis.google.com
Source: global trafficDNS traffic detected: DNS query: play.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49793 version: TLS 1.2
Source: classification engineClassification label: mal52.phis.win@20/41@20/238
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1964,i,5401208169558041759,7712602589421320872,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5736 --field-trial-handle=1964,i,5401208169558041759,7712602589421320872,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1964,i,5401208169558041759,7712602589421320872,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5736 --field-trial-handle=1964,i,5401208169558041759,7712602589421320872,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://google.com100%URL Reputationmalware

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
google.com
172.217.16.206
truefalse
    		unknown
    csp.withgoogle.com
    		142.250.185.145
    		truefalse
      		unknown
      plus.l.google.com
      		172.217.16.206
      		truefalse
        		unknown
        play.google.com
        		142.250.185.142
        		truefalse
          		unknown
          www.google.com
          		142.250.185.100
          		truefalse
            		unknown
            apis.google.com
            		unknown
            		unknownfalse
              		unknown

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              https://www.google.com/true
                		unknown

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                142.250.185.67
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.186.78
                		unknownUnited States
                		15169GOOGLEUSfalse
                1.1.1.1
                		unknownAustralia
                		13335CLOUDFLARENETUSfalse
                172.217.16.206
                		google.comUnited States
                		15169GOOGLEUSfalse
                172.217.18.14
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.186.163
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.185.145
                		csp.withgoogle.comUnited States
                		15169GOOGLEUSfalse
                142.250.185.100
                		www.google.comUnited States
                		15169GOOGLEUSfalse
                142.250.181.234
                		unknownUnited States
                		15169GOOGLEUSfalse
                216.58.206.46
                		unknownUnited States
                		15169GOOGLEUSfalse
                74.125.206.84
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.185.170
                		unknownUnited States
                		15169GOOGLEUSfalse
                239.255.255.250
                		unknownReserved
                		unknownunknownfalse
                142.250.185.142
                		play.google.comUnited States
                		15169GOOGLEUSfalse
                142.250.186.164
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.186.110
                		unknownUnited States
                		15169GOOGLEUSfalse
                216.58.212.163
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.184.206
                		unknownUnited States
                		15169GOOGLEUSfalse
                172.217.16.195
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.184.234
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.184.202
                		unknownUnited States
                		15169GOOGLEUSfalse

                Private

                IP
                192.168.2.16
                192.168.2.4

                General Information

                Joe Sandbox version:41.0.0 Charoite
                Analysis ID:1541412
                Start date and time:2024-10-24 19:59:11 +02:00
                Joe Sandbox product:CloudBasic
                Overall analysis duration:
                Hypervisor based Inspection enabled:false
                Report type:full
                Cookbook file name:defaultwindowsinteractivecookbook.jbs
                Sample URL:http://google.com
                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                Number of analysed new started processes analysed:15
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • EGA enabled
                Analysis Mode:stream
                Analysis stop reason:Timeout
                Detection:MAL
                Classification:mal52.phis.win@20/41@20/238

                Warnings

                • Exclude process from analysis (whitelisted): svchost.exe
                • Excluded IPs from analysis (whitelisted): 142.250.185.67, 74.125.206.84, 142.250.186.78, 34.104.35.123, 172.217.16.195, 216.58.212.163, 142.250.184.234, 142.250.185.74, 142.250.181.234, 172.217.18.106, 142.250.186.138, 172.217.16.202, 142.250.186.74, 142.250.184.202, 216.58.206.74, 142.250.186.106, 142.250.74.202, 216.58.212.170, 142.250.186.170, 142.250.186.42, 172.217.16.138, 172.217.18.10, 142.250.185.234, 172.217.23.106, 216.58.206.42, 93.184.221.240, 142.250.185.138, 142.250.185.106, 142.250.185.202, 142.250.185.170
                • Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, ajax.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, ogads-pa.googleapis.com, clients.l.google.com, www.gstatic.com
                • Not all processes where analyzed, report is missing behavior information
                • VT rate limit hit for: google.com

                LLM Input / Output

                InputOutput
                URL: https://www.google.com/ Model: claude-3-haiku-20240307
                ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Our third decade of climate action: join us",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                URL: https://www.google.com/ Model: claude-3-haiku-20240307
                ```json
{
  "brands": [
    "Google"
  ]
}
                URL: https://www.google.com/ Model: claude-3-haiku-20240307
                ```json
{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                URL: https://www.google.com/ Model: claude-3-haiku-20240307
                ```json
{
  "brands": [
    "Google"
  ]
}

                Created / dropped Files

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:59:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2673
                Entropy (8bit):3.9816626479620707
                Encrypted:false
                SSDEEP:
                MD5:6102B4FAEE60FD3E7510C705EB89C7F2
                SHA1:B9E4212FE5C28B6DE723FD27E7D37C5CFF94A9A5
                SHA-256:38CE991C92F7E85AA6B2CF271DC3F21A7152FF5B34723D88E3D943028DE07B0D
                SHA-512:E23B94ED6CB602ED33FE5626E14D7949B4C383FD6075588F2FA28353E2263F2F8EF466BE85E60EEF7B9ADAD09C68FB1E4A7D8CE5989019245EECCF5DA18A86F2
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,....^.'.>&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXYj.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYs.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYs.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYs............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXYt............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........eOy].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:59:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2675
                Entropy (8bit):3.995997860132012
                Encrypted:false
                SSDEEP:
                MD5:42C8FFC18F21D18FA461A5CE8F7CC803
                SHA1:8E1C552AEA4E3AC75C3FFEA94384E07EF7E6B050
                SHA-256:1CA2F24A0ACA8E958A2A918D35DBCD45C4668EE05751D599B1EE209F32D348DA
                SHA-512:04F9C5C5447B2CDB3327DF8E2636E274FF768B4639120F79B3D14F8EFBC5AA95521E40805AC5CEF8F09D97486F5F8A4AB1C9BFEDD8543398DD2FB698F0CED977
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,.....r..>&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXYj.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYs.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYs.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYs............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXYt............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........eOy].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2689
                Entropy (8bit):4.005401969213727
                Encrypted:false
                SSDEEP:
                MD5:F5F7FA0050032280B2B56C7385783FF4
                SHA1:0C222EC7A1771CC1E307F587189A90F03D4867BA
                SHA-256:707DD11F99C592EFE4D09F1374F76DE87A162D2974B50F1F9706C2F982A3207E
                SHA-512:55CA75DFD1E7E1ED4AEDD0D86454545AFC0BE1E8935504A2CCE075DF314DCF147204995E3D33E190FFE6E4C282319BD298CBC7BC0D87448CA9C6F026C78C0385
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXYj.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYs.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYs.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYs............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........eOy].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:59:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):3.9948286660913577
                Encrypted:false
                SSDEEP:
                MD5:78C9924B87D2175E306FB90B3FE49154
                SHA1:97F79901EB9AC0BDCC64F3D3E2C523BADE810EA4
                SHA-256:8E2F52FFAFFF39B4EB71F6D04868C8FB92BEFAF4B3034A52B250BE3DA0AEFCA0
                SHA-512:CCBF4ECC2535F97FF9EE4E8807E2A4B30AB21EEF4DB5C19477D99AC296F748791CAFFE8907E1A0A122D2440CB238F36C3E3F65BC92FB2A776CFDBA5117A0311B
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,........>&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXYj.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYs.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYs.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYs............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXYt............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........eOy].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:59:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):3.983212978775989
                Encrypted:false
                SSDEEP:
                MD5:167B522D709568BC0A7314CD565DF453
                SHA1:1CA6BC8031291557EABCEC26D32A837FAF97A337
                SHA-256:DCD6BE6860511A209F6ED07A597213EF7018590FA9D9E71298C4CAFDB6BCF4C2
                SHA-512:AFA5B8722C85523ADB70CFE4FD50883F35044A2A2A78E8DD9D7CC82D80BA2C09889364EE41193FB27D2AA51A2173BB4E1447A0E0C1EC5CA5C20CCE04C745E9F1
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,....].".>&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXYj.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYs.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYs.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYs............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXYt............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........eOy].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 16:59:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2679
                Entropy (8bit):3.9923519635380806
                Encrypted:false
                SSDEEP:
                MD5:386470B1954B8ED78166108BBC8212D0
                SHA1:D00B39252225211DAEBE52B941B3387BAB0B7CBE
                SHA-256:01E1D393D288CDB5C7785BDF4843FFEF19E0C446595FAA40F0B768DD3E3494A1
                SHA-512:D8E86C40140CAE97CCB6F905C083E20CCDF4E0A2A4E04F689ECBBAEC2CA05B6FC7511764AF8D36272BAA35F10E41D1FDF9E5D064A900FD4947C66C85DEA35EAF
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,.....W..>&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXYj.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXYs.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXYs.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXYs............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXYt............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........eOy].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                Chrome Cache Entry: 101

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 15996, version 1.0
                Category:downloaded
                Size (bytes):15996
                Entropy (8bit):7.989012096227512
                Encrypted:false
                SSDEEP:
                MD5:CC536892EABDE0EAEB81493BDA8E189A
                SHA1:15C0180AD7BDF9D0F963747447BC9446FC42D2DC
                SHA-256:97399A2914C593DA2895D9729AA0170A1956E91EE54CF7550696691949558A37
                SHA-512:94F605C4C4FE76EBDB2D5428C6BA69F83B75C65B6932251C0C3E90F92CC1F421FD9F15E81D5985693DC564B8644D90A26DA3E9C63976CF5862ED54D5ED0C4320
                Malicious:false
                Reputation:unknown
                URL:https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
                Preview:wOF2......>|..........>...........................<..:..:.`..:.....p..~.....6.$..(. ..>..N.....5xn.u..b.....c..<..Rw.H..q.(.....9A...^.=h.%J...4.\.\.[....[....h.j..AP.....a..]N.o....6.a..uO..R.|o...wO..t....s....^F...Oy....IN^..X...9sg...(;..L.....5.s~...?....%.0.f....b.. ..;.. "k+.v`.....1kq.\mqLp.]|..Z\..O......=.......h..,u.................y.h.o.Z..%.....g#..B......V...3.r....J..>g.-rU?+.3A.....C...... .21..f...Z.......P..o..g\.b... v...6..0...b.....?..-WL...Z2...1..Q./....... ..C..G.^r....O......io;.o..4.<....7.Pm..!.Nu.=..Oc............e.w.g.....,...c...0V.P...R.){..u...>*.fi..S.w.G...-..... $.8......w..hp...T@..Go....).......;.....B.)..p.\.?.-KC.S.5..pX9...'.!.-....R.Sg.>x.o.yP......S....a...m<.+".t%..3x.?3M;....k.....I&I.3g.26...p...}~....X.x..G.<)..k..U....AZ..A@....Cu..Tv{...|v.04H.$Xc..E.)<...!........^..~.7P.u...xH..rX..8O....y.k(...0.p 0.%.U...*Z...%...|LlUJ.]L_...9..AX.$E.$.sa.(v8L!...rc.-....I..W..........^U...@.....3P............M..

                Chrome Cache Entry: 102

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (589)
                Category:downloaded
                Size (bytes):1667
                Entropy (8bit):5.327971157920257
                Encrypted:false
                SSDEEP:
                MD5:EDEF1B2AC7D924D90EE0D55E7C15F951
                SHA1:0B68DCB70AA8F00B4EC77632E1C48D0116F6525C
                SHA-256:6C4D9E2663C65C599A56E5801AD43A5B5035590BDB2245EED904CB34C30592C9
                SHA-512:7B0692A0B9F033054AE88FA78500408AAC44BDA6688D0904C08C818229DF9B437E30767B914A65C3476DE85BA6789AACD8C88C0DBEE6B8B89525226944A6C914
                Malicious:false
                Reputation:unknown
                URL:"https://www.google.com/xjs/_/js/k=xjs.hd.en.jGNuXe7AXuY.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAgIEACAAAAAKAAAAAAAAAAAAAAAAAAAAAECAQAIBIAAAQAAADAAgAAgQAACAAAABAIAAAESAB4lAkAABEAJAAAAAAACAAAAqAgAAAAAgAAMAAAAHgAAAAAAKAAAAAAAAAAAAAAAAAAAAAggAABAAAAAAAAAAAAAAQAAAAA6AEAAAAAAAAAAAQAACAIAAAskAcIAAAAAAAA0AcAwQNgSGEBAAAAAAAAAAAAAAACkCCYCwkoCEAAAAAAAAAAAAAAAAAASEkTFzY/d=0/dg=0/br=1/rs=ACT90oGFOUSdTOJyBUg5zKcRXIfVzpjPIg/m=lOO0Vd,sy8s,P6sQOc?xjs=s4"
                Preview:this._hd=this._hd||{};(function(_){var window=this;.try{._.x("lOO0Vd");._.lcb=new _.Rd(_.ZLa);._.y();.}catch(e){_._DumpException(e)}.try{.var wcb;_.xcb=function(a,b,c,d,e){this.gFa=a;this.Qnd=b;this.nmb=c;this.Std=d;this.EGd=e;this.idb=0;this.mmb=wcb(this)};wcb=function(a){return Math.random()*Math.min(a.Qnd*Math.pow(a.nmb,a.idb),a.Std)};_.xcb.prototype.S4b=function(){return this.idb};_.xcb.prototype.Zja=function(a){return this.idb>=this.gFa?!1:a!=null?!!this.EGd[a]:!0};_.ycb=function(a){if(!a.Zja())throw Error("Ae`"+a.gFa);++a.idb;a.mmb=wcb(a)};.}catch(e){_._DumpException(e)}.try{._.x("P6sQOc");.var zcb=function(a){var b={};_.Ga(a.Etb(),function(e){b[e]=!0});var c=a.zsb(),d=a.Lsb();return new _.xcb(a.Ksb(),c.ka()*1E3,a.qjb(),d.ka()*1E3,b)},Acb=!!(_.$g[33]&2);var Bcb=function(a){_.En.call(this,a.La);this.logger=null;this.ka=a.service.MEb;this.ta=a.service.metadata;a=a.service.wdd;this.fetch=a.fetch.bind(a)};_.C(Bcb,_.En);Bcb.Ga=function(){return{service:{MEb:_.rcb,metadata:_.lcb,wdd:_.

                Chrome Cache Entry: 104

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (615)
                Category:downloaded
                Size (bytes):15590
                Entropy (8bit):5.266812883793039
                Encrypted:false
                SSDEEP:
                MD5:54A5CC740E2326E1C534CD651D2F5A22
                SHA1:1D167ACED57C8A4CEC6F18CB0564AD110484F8EC
                SHA-256:6C000BDD1E10E126F0FE2EB7472B4E7146244297F45494C958EE15D8830C00D4
                SHA-512:3CA9A622AA7697E331C362EF96C6445A799793416D13A385916AFD37E38ED4AFEA00741B3EBDD1DEDFEE21B465C3823482E2405F66B21A67741A9C32AC9219E6
                Malicious:false
                Reputation:unknown
                URL:"https://www.google.com/xjs/_/js/k=xjs.hd.en.jGNuXe7AXuY.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAgIEACAAAAAKAAAAAAAAAAAAAAAAAAAAAECAQAIBIAAAQAAADAAgAAgQAACAAAABAIAAAESAB4lAkAABEAJAAAAAAACAAAAqAgAAAAAgAAMAAAAHgAAAAAAKAAAAAAAAAAAAAAAAAAAAAggAABAAAAAAAAAAAAAAQAAAAA6AEAAAAAAAAAAAQAACAIAAAskAcIAAAAAAAA0AcAwQNgSGEBAAAAAAAAAAAAAAACkCCYCwkoCEAAAAAAAAAAAAAAAAAASEkTFzY/d=0/dg=0/br=1/rs=ACT90oGFOUSdTOJyBUg5zKcRXIfVzpjPIg/m=xUdipf,NwH0H?xjs=s4"
                Preview:this._hd=this._hd||{};(function(_){var window=this;.try{._.x("xUdipf");.var v9a,w9a,x9a,y9a,z9a,A9a,D9a;_.r9a=function(a){return a instanceof _.Lb?{nP:a}:a};_.s9a=function(a){var b=_.n9a(a.ka());return _.p9a(a.Qk(),b)};_.u9a=function(a){a=_.t9a(_.r9a(a));return _.s9a(a)};v9a=function(){this.wa=new _.Jn;this.Ja=new _.Jn;this.ka=new _.Jn;this.Da=new _.Jn;this.ta=new _.Jn;this.Ia=[];this.oa=new _.Kd;this.zg=null};w9a={};x9a={};y9a=function(a,b){if(a=a[b])return Object.values(a)[0]};.z9a=function(a){var b=a?_.Yya:_.$ya;a=a?w9a:x9a;for(var c in b){var d=y9a(b,parseInt(c,10)),e=d.Bb.prototype.Za;e&&(a[e]=d.Mv)}};A9a=function(a,b){var c=b?w9a:x9a,d=c[a.toString()];d||(z9a(b),d=c[a.toString()]);return d};_.B9a=function(a){var b=A9a(a.Za,!0);return{nP:y9a(_.Zya,b),X4:y9a(_.Yya,b),request:a}};_.C9a=function(a){var b=A9a(a.Za,!1);return{nP:y9a(_.aza,b),Pua:y9a(_.$ya,b),iBb:a}};.D9a=function(a){var b=a.Za;var c=w9a[b.toString()];c||(z9a(!0),c=w9a[b.toString()]);c?b=!0:(c=x9a[b.toString()],c||(z9a(

                Chrome Cache Entry: 105

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (621)
                Category:dropped
                Size (bytes):1077152
                Entropy (8bit):5.717484341083124
                Encrypted:false
                SSDEEP:
                MD5:DBEEAC1C2BCF0D98FF97E652F4F9EBB6
                SHA1:AC7F6B0F95BDC9451BA6AB2708B558F1F8B7F951
                SHA-256:15DAD08F6813620B3633B73E47E596B027098698CB3E83D42D61CF3E65534686
                SHA-512:C6FB41447BCCD11E6D77BB30090B6FA00C040C0B13B88B5FA60816336032B444289E67CAC57DE2A089D1E9C74B2A8845C5F9023D6DE5020D2B932B4412319A4B
                Malicious:false
                Reputation:unknown
                Preview:this._hd=this._hd||{};(function(_){var window=this;.try{./*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT.*/./*. SPDX-License-Identifier: Apache-2.0.*/./*. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var baa,caa,naa,Aaa,Caa,Iaa,Taa,$aa,iba,kba,mba,nba,rba,sba,xba,Cba,Dba,Fba,Hba,Iba,Jba,Mba,Lba,Oba,Eba,Ta,Pba,Tba,Uba,Vba,Zba,bca,cca,eca,fca,gca,ica,jca,lca,mca,pca,rca,tca,uca,Eca,Fca,Gca,Hca,Ica,Bca,Jca,yca,Kca,xca,zca,Aca,Sca,Tca,Uca,Wca,eda,gda,hda,lda,mda,qda,tda,nda,sda,rda,pda,oda,uda,vda,zda,Bda,Ada,Eda,Fda,Gda,Ida,Kda,Jda,Mda,Nda,Oda,Qda,Rda,Sda,Tda,Uda,Xda,Yda,Zda,cea,bea,fea,gea,lea,mea,nea,pea,oea,rea,qea,uea,tea,wea,yea,Bea,Cea,Fea,Gea,Kea,Lea,Qea,Sea,cfa,dfa,ffa,Jea,Nea,xb,ifa,mfa,.rfa,tfa,xfa,Afa,Efa,Gfa,zfa,Hfa,Jfa,Kfa,Nfa,Pfa,Qfa,Sfa,Tfa,Vfa,Yfa,$fa,aga,bga,gga,jga,oga,qga,Aga

                Chrome Cache Entry: 106

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (2502)
                Category:dropped
                Size (bytes):507512
                Entropy (8bit):5.806464350643557
                Encrypted:false
                SSDEEP:
                MD5:66D64078D784FABB13A66463E1289402
                SHA1:F49D29FD1342949AEC5AFF3824A2A9578977C5AB
                SHA-256:8601C5A2EF4A8275AFF4E32265DCBB4138CF761A7CC019A3CAFAC5BCB4D36EE6
                SHA-512:E8C5630C078A5BF28192A792DC8B64219B0E81A942708A916946C01DADB51DB7A3A7DD32A61DE51664AB2927DF1D21B23324A6D62FED8393FEBEBB3050E8446E
                Malicious:false
                Reputation:unknown
                Preview:(function(){'use strict';var k,aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");}var ca=ba(this);.function da(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}}var ea;if(typeof Object.setPrototypeOf=="function")ea=Object.setPrototypeOf;else{var fa;a:{var ha={a:!0},ia={};try{ia.__proto__=ha;fa=ia.a;break a}catch(a){}fa=!1}ea=fa?function(a,b){a.__proto__=b;if(a.__proto__!==b)throw new TypeError("b`"+a);return a}:null}var ja=ea;.function ka(a){function b(d){return a.next(d)}function c(d){return a.throw(

                Chrome Cache Entry: 107

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 500 x 200, 8-bit colormap, non-interlaced
                Category:downloaded
                Size (bytes):24955
                Entropy (8bit):7.95556162865146
                Encrypted:false
                SSDEEP:
                MD5:509EA0B17A5519D37E247DF206641D71
                SHA1:DF3F982BB674B06C2917CCAB0E0BB8FD641AE620
                SHA-256:BA4232FEB68B1C302B07FE42204FBCD945770BCAC0ADF1A3990CDF6045459E91
                SHA-512:793746CF871B67B236BE950476C2D765EB17CCC95DBBBD0B3EBDE9AD4C36C073BFB51666313982F8EFCFDC0B1B6C896D1D6CC382B56A865ACAFBD71FE2FDA351
                Malicious:false
                Reputation:unknown
                URL:https://www.google.com/logos/2024/moon/r3/cta.png
                Preview:.PNG........IHDR.............).......PLTEGpLm{.n{.o|.n{.n{.mz.p}.n{.n{.p~.q..n{.p~.n{.q..r..n{.o|.n{.n{.n{.n{.n{.o|.n{....ix.ds.s..{..`m.......[g.Yc.x..[j.<M.=N.=O.=O.=It.....6Gz0@p>P.>O.=P.>P.AR.AS.BT.EV.FW.HY.K[.M].O_.Qb.Ue...............................................................................................}..x..r..m~.gx.bs.^o.Ve.N].LZ.FT.DP}@Lz7Bk2=f0:a/9[,5V'1S%/O$-L!*I )D.$@."=. :..6..1..5..-..*..&.."..................................../@g#0S.)I.'F*8` ,N".Qmv.1Al,<c.+KEMm4Dz...Ra.+;h9J.=O.Zj............&3V<N.-;j2Ar..............'4Ew...2Ds.>m9Ba..2..*..#'4Y:K.3Bp...>P.@Q......B..;...;L.>S..&D.#N)6]-=j=R.8Dr.'[4Bt?M.%1W:L.IV.*9f;Iz.....7I})8d@P.DR.8I.AO.<Q.#-`LY.S`.,1G8Fw...;O....u..=Io?U....DT.......3G.{.....R\x...#.m...+7{?L...............x..x..x..x..x..x..x..x..x..........tRNS..`..s"8..L..Af*..3.....Z.............................................................................................................................................................

                Chrome Cache Entry: 108

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, ASCII text, with very long lines (13630)
                Category:downloaded
                Size (bytes):217373
                Entropy (8bit):5.883167472620124
                Encrypted:false
                SSDEEP:
                MD5:5A3486B6ACFF1A3CA2E75368995FCAEA
                SHA1:A87829D787952BF3992456DA3B880964DCEFF611
                SHA-256:60F328ECB0429219425C4292D1286E83E8201853B54153B6E2826B2472C7C4F9
                SHA-512:B4125302935AF2383127025FF53CFC4770A31B85C6EDBA7C8F59710363CD0BD09CE61FC9811BDBAA2FAFAC5EE689F7A9D9C3B8D884E521080DD44CA708FED956
                Malicious:false
                Reputation:unknown
                URL:https://www.google.com/
                Preview:<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta charset="UTF-8"><meta content="origin" name="referrer"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="esns3stbUawGvUKRixIRFg">window._hst=Date.now();performance&&performance.mark&&performance.mark("SearchHeadStart");</script><script nonce="esns3stbUawGvUKRixIRFg">(function(){var _g={kEI:'DYsaZ6GkDeKPxc8P_7WVkA0',kEXPI:'31',kBL:'mwtV',kOPI:89978449};(function(){var a;((a=window.google)==null?0:a.stvsc)?google.kEI=_g.kEI:window.google=_g;}).call(this);})();(function(){google.sn='webhp';google.kHL='en';})();(function(){.var h=this||self;function l(){return window.google!==void 0&&window.google.kOPI!==void 0&&window.google.kOPI!==0?window.google.kOPI:null};var m,n=[];function p(a){for(var b;a&&(!a.getAttribute||!(b=a.getAttribute("eid")));)a=a.parentNode;return b||m}function q(a){for(var b=null;a&&(!a.getAttribute||!

                Chrome Cache Entry: 109

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                Category:dropped
                Size (bytes):5430
                Entropy (8bit):3.6534652184263736
                Encrypted:false
                SSDEEP:
                MD5:F3418A443E7D841097C714D69EC4BCB8
                SHA1:49263695F6B0CDD72F45CF1B775E660FDC36C606
                SHA-256:6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
                SHA-512:82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
                Malicious:false
                Reputation:unknown
                Preview:............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

                Chrome Cache Entry: 110

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 12432, version 1.0
                Category:downloaded
                Size (bytes):12432
                Entropy (8bit):7.98109486933615
                Encrypted:false
                SSDEEP:
                MD5:4C8B1466F2CF09339316E024710516D1
                SHA1:98EFCD433361434E1E6F4D873EA844A0B220D62E
                SHA-256:F45AC58611FEF3DB513D7ED2BE6B0456CA117DE6A5F06CF2612CE0E31EDBDDFB
                SHA-512:4C4A4038B871558A544A68CB5CBB44964026226ADA242487CEF9A6E5AE100FE19E3D016E2FBE5F948F03F9046D2B4CE0B8A3A4BB214C6193266CD3F74A700317
                Malicious:false
                Reputation:unknown
                URL:https://fonts.gstatic.com/s/josefinsans/v32/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_LjQbMZhLw.woff2
                Preview:wOF2......0.......l...0-..........................j.......`?STATD.......l.f..n..6.$..X. ..:..|....\..:l..oxy.Q.....<DQ>9[e...:DFQS.}W@.8..v.[......h..<=...v....cg.3.Y;.. ..w.~D..q..?$..@...GoQ.9Bc..Z@s6{.\. .EC..../}........HU......R.....`...A...>...#t...0Q.L.m.Z]..E........\....?.}.{.......Z}..:.i.8.<......}.xp..[Y......J.......(....!.......Wi}J... ...;.A`.5pM;.v...u#...n.P......P.y.9.S3.P."kP....c..^...Y.......!...f"...A1._L'...|..+!HF......n.L.3...:_W=].FvH..V.)..0u...K..[.../............,;.. n..g....y%.;.[......n.j..N.U.p%Y.*.7.w..}[..MX....J..AU.Uh`."U.V.ZYS..1v..[(.B...t...h....H~.#...kT..T..........E...T...`A.!.....@X.....&H...V../q...+.;$..H.#F.1c........!..dH.p$.LH.X.D.Bb. q.d.HO}.\....)V...@.T#...A.!..GZ. .]D.i.z......b&|$e@..KW...........GS..0..?.....e3.~...w.....8m.mURC.t..E%A..&Z*R.l$....D.Gr.<C.n6..'....i..}!r.(..^J.5/j.....)../...k.....F..,tE..N.C...].O.H...-..L'<..Oj..`*...Q.t.......:...}...B.a~..>....a|1.............5

                Chrome Cache Entry: 111

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (1302)
                Category:downloaded
                Size (bytes):117949
                Entropy (8bit):5.4843553913091005
                Encrypted:false
                SSDEEP:
                MD5:A5D33473ED0997C008D1C053E0773EBE
                SHA1:FEB4CB89145601A0141CC5869BEDF9AE7CD5CB80
                SHA-256:14C27BB0224FCF89A43B444B427DABE3D0AF184CAA7B6B4990CE228C51AE01C1
                SHA-512:3C0A48F9FA05469F950D9A268F1B3E9285A783A555EE597A2E203B688EB0FBCAEA3F4DE9BC8F5381C661007D0C6C4AFA70C19B7826D69A0E2A914A55973D14BD
                Malicious:false
                Reputation:unknown
                URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0"
                Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x800000, ]);.var da,ea,ha,na,oa,sa,ta,wa;da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);na=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

                Chrome Cache Entry: 112

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):104
                Entropy (8bit):5.238061810549828
                Encrypted:false
                SSDEEP:
                MD5:E2CD40B48E8B0936E90B44D344D2FD08
                SHA1:E8F74B917504D7AE212ECC7606880DDFA4118208
                SHA-256:9CE38D5C899C3E651A0CB28F8AD1514A26F3BFCED1A0A19167EAC552F8148D16
                SHA-512:1344BF01210BF1A142E258930C8A4C26EBC2B2EE628EC16815C4F14CC679B096E8004436CDD2F38ADA9A2871881EE31C03667BCD3DB614EB30875F425FECCBE9
                Malicious:false
                Reputation:unknown
                URL:"https://www.google.com/async/hpba?yv=3&cs=0&ei=DYsaZ6GkDeKPxc8P_7WVkA0&async=_basejs:/xjs/_/js/k%3Dxjs.hd.en.jGNuXe7AXuY.es5.O/am%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAgIEACAAAAAKAAAAAAAAAAAAAAAAAAAAAECAQAIBIAAAQAAADAAgAAgQAACAAAABAIAAAESAB4lAkAABEAJAAAAAAACAAAAqAgAAAAAgAAMAAAAHgAAAAAAKAAAAAAAAAAAAAAAAAAAAAggAABAAAAAAAAAAAAAAQAAAAA6AEAAAAAAAAAAAQAACAIAAAskAcIAAAAAAAA0AcAwQNgSGEBAAAAAAAAAAAAAAACkCCYCwkoCEAAAAAAAAAAAAAAAAAASEkTFzY/dg%3D0/br%3D1/rs%3DACT90oGFOUSdTOJyBUg5zKcRXIfVzpjPIg,_basecss:/xjs/_/ss/k%3Dxjs.hd.hR6H1vt53-8.L.B1.O/am%3DJFUAAAAAAAAAAIABAAAAAAAAAAAAAAAAAAAAAACAAAAAEAAAAAAAAAAAKADsJAAAACMAABsAEAAAAAAAAgAAAwAAAAAAABIAAAAAAAGACgAAAAAAIAAABAAJAgAARQAAAAAggBAgAIAACuD9CEACAqAgiEchAAAAMAAAQHgAAxgGIKgAYBQgAAAAAAAAAAEIAQAAgAgABAgA0CMQAAYAIA0EAEAQ6AGAAAAAAAABABAAAgDAAgAskAcIAAAAAAAAQAYAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAE/br%3D1/rs%3DACT90oF1qqIS2swPuelS8_fiBM4Ilsbmsw,_basecomb:/xjs/_/js/k%3Dxjs.hd.en.jGNuXe7AXuY.es5.O/ck%3Dxjs.hd.hR6H1vt53-8.L.B1.O/am%3DJFUAAAAAAAAAAIABAAAAAAAAAAAAAAAAAAAAAACAAAAAEAAAAAAAAAAgKEDuJAAAAKMAABsAEAAAAAAAAgAAAwAECAQAIBIAAAQAAAHACgAAgQAAKAAABBAJAgAETQB4lAkggBEgJIAACuD9CEACAqAgiEchAgAAMAAAQHgAAxgGIKgAYBQgAAAAAAAAAAEIAQAggAgBBAgA0CMQAAYAIA0EAEAQ6AGAAAAAAAABABQAAiDIAgAskAcIAAAAAAAA0AcAwQNgSGEBAAAAAAAAAAAAAAACkCCYCwkoCEAAAAAAAAAAAAAAAAAASEkTFzY/d%3D1/ed%3D1/dg%3D0/br%3D1/ujg%3D1/rs%3DACT90oEvLfQqVSm31xnNZO4A6qnISLa5cw,_fmt:prog,_id:_DYsaZ6GkDeKPxc8P_7WVkA0_8&sp_imghp=false&sp_hpep=2&sp_hpte=0&vet=10ahUKEwjh3omizKeJAxXiR_EDHf9aBdIQj-0KCBY..i"
                Preview:)]}'.24;["D4saZ-zwHbGCi-gPnML88AQ","2103",1]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

                Chrome Cache Entry: 113

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (2134)
                Category:dropped
                Size (bytes):13188
                Entropy (8bit):5.4223896155104025
                Encrypted:false
                SSDEEP:
                MD5:7C96A5F11D9741541D5E3C42FF6380D7
                SHA1:D3FA2564C021CF730E58FFDDB138CF6B57ED126E
                SHA-256:81016AC6BE850B72DF5D4FAA0C3CEC8E2C1B0BA0045712144A6766ADFAD40BEE
                SHA-512:23C162A2E268951729B580E5035AD6CA9969CFCC5CE58A220817B912E76B38BE6C29C3CA7680CB4E8198863D95A72EA65BD06FF7189B5C8475E4C1CE501AEAB1
                Malicious:false
                Reputation:unknown
                Preview:/*. * Copyright 2016 Small Batch, Inc.. *. * Licensed under the Apache License, Version 2.0 (the "License"); you may not. * use this file except in compliance with the License. You may obtain a copy of. * the License at. *. * http://www.apache.org/licenses/LICENSE-2.0. *. * Unless required by applicable law or agreed to in writing, software. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the. * License for the specific language governing permissions and limitations under. * the License.. */./* Web Font Loader v1.6.26 - (c) Adobe Systems, Google. License: Apache 2.0 */(function(){function aa(a,b,c){return a.call.apply(a.bind,arguments)}function ba(a,b,c){if(!a)throw Error();if(2<arguments.length){var d=Array.prototype.slice.call(arguments,2);return function(){var c=Array.prototype.slice.call(arguments);Array.prototype.unshift.apply(c,d);return a.apply(b,c)}}return function(){return a.app

                Chrome Cache Entry: 119

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (4220), with no line terminators
                Category:downloaded
                Size (bytes):4220
                Entropy (8bit):5.530385650733612
                Encrypted:false
                SSDEEP:
                MD5:DAADC2A06999107C295A659D0E7B54B1
                SHA1:F263999D0006A83F09AA2B67843BA8B61BE7B79F
                SHA-256:92A547C00A9CA9F6A7202D8A4BD23259E31F9D316C4D30DE8DB1E26C3DADAF2C
                SHA-512:6E3EBB677BF179840415545EF145AD061ED18612600692623FAA118615AC98A6CF7762911DC686146A2EA6DB504699FD4DFE1D70FFE8C770C7B8548E026A75ED
                Malicious:false
                Reputation:unknown
                URL:"https://www.google.com/xjs/_/ss/k=xjs.hd.hR6H1vt53-8.L.B1.O/am=JFUAAAAAAAAAAIABAAAAAAAAAAAAAAAAAAAAAACAAAAAEAAAAAAAAAAAKADsJAAAACMAABsAEAAAAAAAAgAAAwAAAAAAABIAAAAAAAGACgAAAAAAIAAABAAJAgAARQAAAAAggBAgAIAACuD9CEACAqAgiEchAAAAMAAAQHgAAxgGIKgAYBQgAAAAAAAAAAEIAQAAgAgABAgA0CMQAAYAIA0EAEAQ6AGAAAAAAAABABAAAgDAAgAskAcIAAAAAAAAQAYAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAE/d=1/ed=1/br=1/rs=ACT90oF1qqIS2swPuelS8_fiBM4Ilsbmsw/m=cdos,hsm,jsa,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,d,csi"
                Preview::root{--COEmY:#1f1f1f;--xhUGwc:#fff}:root{--vZe0jb:#a8c7fa;--nwXobb:#638ed4;--VuZXBd:#001d35;--uLz37c:#545d7e;--jINu6c:#001d35;--TyVYld:#0b57d0;--ZEpPmd:#c3d9fb;--QWaaaf:#638ed4;--DEeStf:#f5f8ff;--TSWZIb:#e5edff;--BRLwE:#d3e3fd;--gS5jXb:#dadce0;--Aqn7xd:#d2d2d2;--EpFNW:#fff;--IXoxUe:#5e5e5e;--bbQxAb:#474747;--YLNNHc:#1f1f1f;--TMYS9:#0b57d0;--JKqx2:#1a0dab;--rrJJUc:#0b57d0;--mXZkqc:#d2d2d2;--Nsm0ce:#0b57d0;--XKMDxc:#f3f5f6;--aYn2S:#f3f5f6;--Lm570b:#dee1e3}.zJUuqf{margin-bottom:4px}.AB4Wff{margin-left:16px}.OhScic{margin:0px}.v0rrvd{padding-bottom:16px}.zsYMMe{padding:0px}.wHYlTd{font-family:Roboto,sans-serif;font-size:14px;line-height:22px}.yUTMj{font-family:Roboto,sans-serif;font-weight:400}.VDgVie{text-align:center}.TUOsUe{text-align:left}@keyframes g-snackbar-show{from{pointer-events:none;transform:translateY(0)}to{transform:translateY(-100%)}}@keyframes g-snackbar-hide{from{transform:translateY(-100%)}to{transform:translateY(0)}}@keyframes g-snackbar-show-content{from{opacity:0}}@ke

                Chrome Cache Entry: 120

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (550)
                Category:dropped
                Size (bytes):1521
                Entropy (8bit):5.046838202831309
                Encrypted:false
                SSDEEP:
                MD5:BE91E632AC68627F9FE0D28722E7ED2F
                SHA1:A579AE1722AFFDEB9B1EED7984BA20661C8A26EA
                SHA-256:1CD9601383E9E43DF90D06659846480CCD46C832C8C7516AF2F2B21F17A07430
                SHA-512:67CFD93D79BC38C4CFC84991F32766F05E164E02A660CAB430AD08C02AE06B3E1A23DD1AB3A719DC5996A582E04C08827DE5F670A1800AEF6847479006C46763
                Malicious:false
                Reputation:unknown
                Preview:this._hd=this._hd||{};(function(_){var window=this;.try{._.x("aLUfP");.var nrb=function(a){this.Vp=a};var orb=function(a){_.En.call(this,a.La);var b=this;this.window=a.service.window.get();this.ta=this.Vp();this.oa=window.orientation;this.ka=function(){var c=b.Vp(),d=b.EYa()&&Math.abs(window.orientation)===90&&b.oa===-1*window.orientation;b.oa=window.orientation;if(c!==b.ta||d){b.ta=c;d=_.Sa(b.Ld);for(var e=d.next();!e.done;e=d.next()){e=e.value;var f=new nrb(c);try{e(f)}catch(g){_.ca(g)}}}};this.Ld=new Set;this.window.addEventListener("resize",this.ka);this.EYa()&&this.window.addEventListener("orientationchange",.this.ka)};_.C(orb,_.En);orb.Ga=function(){return{service:{window:_.Fn}}};_.m=orb.prototype;_.m.addListener=function(a){this.Ld.add(a)};_.m.removeListener=function(a){this.Ld.delete(a)};._.m.Vp=function(){if(_.na()&&_.ma()&&!navigator.userAgent.includes("GSA")){var a=_.wl(this.window);a=new _.pl(a.width,Math.round(a.width*this.window.innerHeight/this.window.innerWidth))}else a

                Chrome Cache Entry: 121

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):104
                Entropy (8bit):5.188588281437072
                Encrypted:false
                SSDEEP:
                MD5:EA7A92E2E8A33B3A3FABA684A17E18C2
                SHA1:EA4D04C8A708A45694B51043C08DB2E2E3BBD8B1
                SHA-256:95A64621391C4071CD952929D0D81DA509B5AF73444648D57B397F4AF260CC60
                SHA-512:D64142EF0F32D961F1A22278C8FED7494B0A6AB4A5C81D316B45D78CD84FE4FA52DFF56702FBDB7D5374E6264AE3FD891F0D309948944C11E1223FCA2686E0B8
                Malicious:false
                Reputation:unknown
                URL:"https://www.google.com/async/hpba?vet=10ahUKEwjh3omizKeJAxXiR_EDHf9aBdIQj-0KCBc..i&ei=DYsaZ6GkDeKPxc8P_7WVkA0&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.jGNuXe7AXuY.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAgIEACAAAAAKAAAAAAAAAAAAAAAAAAAAAECAQAIBIAAAQAAADAAgAAgQAACAAAABAIAAAESAB4lAkAABEAJAAAAAAACAAAAqAgAAAAAgAAMAAAAHgAAAAAAKAAAAAAAAAAAAAAAAAAAAAggAABAAAAAAAAAAAAAAQAAAAA6AEAAAAAAAAAAAQAACAIAAAskAcIAAAAAAAA0AcAwQNgSGEBAAAAAAAAAAAAAAACkCCYCwkoCEAAAAAAAAAAAAAAAAAASEkTFzY%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oGFOUSdTOJyBUg5zKcRXIfVzpjPIg,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.hR6H1vt53-8.L.B1.O%2Fam%3DJFUAAAAAAAAAAIABAAAAAAAAAAAAAAAAAAAAAACAAAAAEAAAAAAAAAAAKADsJAAAACMAABsAEAAAAAAAAgAAAwAAAAAAABIAAAAAAAGACgAAAAAAIAAABAAJAgAARQAAAAAggBAgAIAACuD9CEACAqAgiEchAAAAMAAAQHgAAxgGIKgAYBQgAAAAAAAAAAEIAQAAgAgABAgA0CMQAAYAIA0EAEAQ6AGAAAAAAAABABAAAgDAAgAskAcIAAAAAAAAQAYAAAAAAAAAAAAAAAAAAAAAAAAAACAACAAoAAAAAAAAAAAAAAAAAAAAAAE%2Fbr%3D1%2Frs%3DACT90oF1qqIS2swPuelS8_fiBM4Ilsbmsw,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.jGNuXe7AXuY.es5.O%2Fck%3Dxjs.hd.hR6H1vt53-8.L.B1.O%2Fam%3DJFUAAAAAAAAAAIABAAAAAAAAAAAAAAAAAAAAAACAAAAAEAAAAAAAAAAgKEDuJAAAAKMAABsAEAAAAAAAAgAAAwAECAQAIBIAAAQAAAHACgAAgQAAKAAABBAJAgAETQB4lAkggBEgJIAACuD9CEACAqAgiEchAgAAMAAAQHgAAxgGIKgAYBQgAAAAAAAAAAEIAQAggAgBBAgA0CMQAAYAIA0EAEAQ6AGAAAAAAAABABQAAiDIAgAskAcIAAAAAAAA0AcAwQNgSGEBAAAAAAAAAAAAAAACkCCYCwkoCEAAAAAAAAAAAAAAAAAASEkTFzY%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oEvLfQqVSm31xnNZO4A6qnISLa5cw,_fmt:prog,_id:_DYsaZ6GkDeKPxc8P_7WVkA0_9"
                Preview:)]}'.24;["F4saZ-HjJ96ii-gP-o_awAU","2103",1]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

                Chrome Cache Entry: 122

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with no line terminators
                Category:downloaded
                Size (bytes):16
                Entropy (8bit):3.875
                Encrypted:false
                SSDEEP:
                MD5:BEEDCB4EB0A559E6CE2D1E20D38CB330
                SHA1:A04EE9801770C0E81B170D7992EC3735E878AA58
                SHA-256:6E9D99B87595B07B10676B68EBE9AA8B63DF7D9A74F59CC91EED60EA1FBDC6EF
                SHA-512:BD101CDF7FDF1210127D83CE76E3F6F6F1378259F0A55C112E39C49A9131B8636FB020E07E985B8427A35B62A544F2F7C5F75B11AD69EF2C4AE67A41BD5898B2
                Malicious:false
                Reputation:unknown
                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAn11VQ7sgCk8RIFDWlIR0c=?alt=proto
                Preview:CgkKBw1pSEdHGgA=

                Chrome Cache Entry: 127

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 1986 x 456, 8-bit colormap, non-interlaced
                Category:downloaded
                Size (bytes):147715
                Entropy (8bit):7.992098416066037
                Encrypted:true
                SSDEEP:
                MD5:D29115BCECDCE6D1F39643A02AE047FE
                SHA1:EB6F26CAB25904B94FC0118B5DEA74332F405073
                SHA-256:A76F440C8D9C6B652F76019EE4820A33C3A37380FF9B661CF7C01FE65DB903C5
                SHA-512:BBDA458B0EFFC088F1D905878DEED7A533F7CBD9FCDAEB8056B749F2EB894D7D87A2F3702A8CCD41B0A7D42707B8E4717707351ABF81AA86986BA90D51BD9C3D
                Malicious:false
                Reputation:unknown
                URL:https://www.google.com/logos/2024/moon/r3/spinner-sprite.png
                Preview:.PNG........IHDR................R....PLTEGpL.x.~.v.{......Wa......~..a{...qy.H[.m..........................v..........~....nt.z....}..ib.xw.|b.sq..n.......o..s.n\..k.}.j..u.t.lm....u..ol.v`.g_.le.gX.~d..f.i.n..l.x...Nf.j...................o.n.z..a[.^T...e|.i......dk.ov.\d.U].QP....[z.is.7H.&?..'u.0."8.?V...\..R.!g..Wdu.Yq.D].`r...oNg.m..3Q.1G.Le....E^.'G.Ys.Oj.]y.>U.B[.l{..:.To..4.@`.b~.h..Xt.BZ.2FvYn.@W.:T.;T.:T.Ga.0Bq>U.>U.:S.-L.?V.;Q.5J{:S.7M.:P.>U....|..^p.b..=T.$4]&5_*:f4HxMg.,>j%5^'8b.@n1DsC\.7U.Rl.>U....?W.Fa.:`.Ed.>U.;T....8Y.Tm.#3[F_.=^.;a..@....5^.%J.8b.Em.-R.7a.=f.2[..V.?V.Mt.co.............(N..........>U.......CQv.......F.Q_.Yv..6.Ng..<.(H.Lf.Ha.............................V..:..H..2....}..&b.S..5m.m..]....T..}..m..Ax.H..`..........tRNS.&X<.........w.....................................................c...........v.................................................|.......)T=.....................................

                Chrome Cache Entry: 128

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1136)
                Category:dropped
                Size (bytes):1555
                Entropy (8bit):5.249530958699059
                Encrypted:false
                SSDEEP:
                MD5:FBE36EB2EECF1B90451A3A72701E49D2
                SHA1:AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
                SHA-256:E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
                SHA-512:7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
                Malicious:false
                Reputation:unknown
                Preview:<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

                Chrome Cache Entry: 130

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (11136)
                Category:downloaded
                Size (bytes):11141
                Entropy (8bit):4.815911402215328
                Encrypted:false
                SSDEEP:
                MD5:AF0667641E69AA4D43FDF2F68632E1E9
                SHA1:2D3117B44CE3D64A32EB22E88EE7D499B80D9F17
                SHA-256:686BB326257EDA7329C3143EB28E2394F9317562FE1A6A43C495524F0A9484DD
                SHA-512:5BC12A94DD6E5C822FBE1AB32EA6DEA9E6F0FE172EC021FDC63F79FA7835ADD5DE0AF4C15DBBA31C0563CD7F69942BD6D099404B6DA283669331C5755A48C57D
                Malicious:false
                Reputation:unknown
                URL:https://www.google.com/logos/2024/moon/r3/messages.en.nocache.json
                Preview:)]}'.{"april":"April","august":"August","back":"Back","bonus_instruction":"1 point for each player's claimed cards at end of game.","bonus_title":"Bonus Points","cancel":"Cancel","choose_carddestroy":"Choose a card to destroy.","choose_connectionline":"Choose a connection line between slots to destroy.","choose_twocardsdestroy":"Choose 2 cards to destroy.","choose_verticalline":"Choose a vertical line of cards to take control of.","continue":"Continue","december":"December","deckbuilding_clickselect":"Click card to select/deselect","deckbuilding_cofirm":"Ready","deckbuilding_count":"{NUMBER} / 4 cards chosen","deckbuilding_tapselect":"Tap card to select/deselect","deckbuilding_title":"Build your Deck","deckbulding-subtitle":"Choose up to 4 Wildcards to add to your deck for this game.","difficulty_increase":"The darkness has grown stronger...","february":"February","first_quarter":"First Quarter","full_moon":"Full Moon","gameplay_bonuspoints":"End Bonus Points","gameplay_fullmoonpair":"

                Chrome Cache Entry: 131

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (1689), with no line terminators
                Category:dropped
                Size (bytes):1689
                Entropy (8bit):5.640520027557763
                Encrypted:false
                SSDEEP:
                MD5:45DD7BD58C9F085DA52FA16A2A150066
                SHA1:9B5CF4B288EDE14AE8834F3EF2A58145B8EC8CBC
                SHA-256:0D5C53FCC37C7A2CE26367BBE6197FCD9272DD7EBC81823D088A4DFFF5AE599B
                SHA-512:520B8DF68524C2CEF393B837D7EAD0168028C94697E1DA0AC4BDDAFAB849D1B26D7E7933082146AE6A220A449F066CBBBA2EBFC6CC30D3F756FBD98EE061C8DF
                Malicious:false
                Reputation:unknown
                Preview:.MTIaKb,.LwDUdc,.FAoEle,.RlTCPd,.wPNfjb,.caNvfd,.Vnob4b,.bbxTBb,.DpgmK,.YKUhfb,.uNnvb,.aVsZpf,.RoOVmf,.dIfvQd,.V3Ezn,.Enb9pe,.mYuoaf,.kJSB8,.tUr4Kc,.iQMtqe{--Yi4Nb:var(--mXZkqc);--pEa0Bc:var(--bbQxAb);--kloG3:var(--mXZkqc);--YaIeMb:var(--XKMDxc);--Pa8Wlb:var(--Nsm0ce);--izGsqb:var(--Nsm0ce);--todMNcl:var(--EpFNW);--p9J9c:var(--Nsm0ce)}:root{--KIZPne:#a3c9ff;--xPpiM:#001d35;--Ehh4mf:var(--Nsm0ce)}:root{--Yi4Nb:#d2d2d2;--pEa0Bc:#474747;--kloG3:#d2d2d2;--YaIeMb:#f7f8f9;--Pa8Wlb:#0b57d0;--izGsqb:#0b57d0;--todMNcl:#fff;--p9J9c:#0b57d0}.EpPYLd{display:block;position:relative}.YpcDnf{padding:0 16px;vertical-align:middle}.YpcDnf.HG1dvd{padding:0}.HG1dvd>*{padding:0 16px}.WtV5nd .YpcDnf{padding-left:28px}.Zt0a5e .YpcDnf{line-height:48px}.GZnQqe .YpcDnf{line-height:23px}.EpPYLd:hover{cursor:pointer}.EpPYLd,.CB8nDe:hover{cursor:default}.LGiluc,.EpPYLd[disabled]{pointer-events:none;cursor:default}@media (forced-colors:active){.EpPYLd[disabled]{color:GrayText}}.LGiluc{border-top:1px solid;height:0;

                Chrome Cache Entry: 132

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (1572)
                Category:downloaded
                Size (bytes):12776
                Entropy (8bit):5.609908113039745
                Encrypted:false
                SSDEEP:
                MD5:4D0F700FFB3360EB9DD44E1A71FCDD71
                SHA1:5FC615360D4F59B51C5FF3E71B5B6739B8D773B9
                SHA-256:DFB6AD9E2AA69BF803BA501928A23A18344F8AA17BFB8999324FFD726CDD91C9
                SHA-512:5B150B2BA4A0F2732D8C9FD848B54062E1B6711963ACD1DEFDC09E2DFB48C74735567E6B5AD7365B742CBD09B982FC5FD63C4F85E589845ACDBC2B8122CC4072
                Malicious:false
                Reputation:unknown
                URL:https://fonts.googleapis.com/css?family=Josefin+Sans:200%7CGoogle+Sans%7CGoogle+Sans+Text
                Preview:/*. * See: https://fonts.google.com/license/googlerestricted. */./* armenian */.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJl1pynSEg.woff2) format('woff2');. unicode-range: U+0308, U+0530-058F, U+2010, U+2024, U+25CC, U+FB13-FB17;.}./* bengali */.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJl3pynSEg.woff2) format('woff2');. unicode-range: U+0951-0952, U+0964-0965, U+0980-09FE, U+1CD0, U+1CD2, U+1CD5-1CD6, U+1CD8, U+1CE1, U+1CEA, U+1CED, U+1CF2, U+1CF5-1CF7, U+200C-200D, U+20B9, U+25CC, U+A8F1;.}./* cyrillic-ext */.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v61/4U

                Chrome Cache Entry: 134

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 140 x 140, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):16917
                Entropy (8bit):7.958217245759984
                Encrypted:false
                SSDEEP:
                MD5:4FE7B1920BA4C61EC07EC2A42343A733
                SHA1:D370BAE06B54A30F834A6851BFCA06210BD7B540
                SHA-256:27CAD07BEB957F0FB88AF00F05A7E89303A2B7F4B62B1248443872DD5D2DDB0C
                SHA-512:B23DE06B7B1959DED6AA9F07FA972A9210CFF53B0CE3570A02433F36197D57649AC0ACDC0AAA998C496968524960B86F42918B0601C0DDB208B354E312AB16B0
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR.....................PLTEGpLdf.Zp.Rj.LQ.K>.-'.A+.W/.i8.y5..7.{F..I.u.Rd.He.:S.3B.FZ.CP.AI.<D.9=.47.'&.21.;9.=..>5.4..55.0&.+$.3(.+../..) .>&.#.w9".G'.P..W(.h$.3!._/.m9.M..w#..,..,.-...h..f'.|..q%.|5..C..a..7K.,/. ..++...yNC.]a.\N.....~.ot.m^..^.zm......l.;R.#9.04.em.w.............................................-<..............&6.OQ...q..\...M].U_.. y..t$)...bn|....#+.|..]l.du..&.."~....3./B.Sf....*>.6M.(6.'3.-8...R..~...29.)..54.-0./6.-/....@U. -....+5.7J...r.)..'.23..-..".2E...."2./1......&,....r....{.(.......{..(B............o.(..%.................;.....$...................................[.4.......,B.......m.....y... ....U.......x......u......................y#0....%5...g{..}..d..p..\..L..=~.c..j....m..z..n..s..H..k.+..+u..=KU.0:|..T=H.../....(e.5.+?..._..M.C....tRNS.`............0.......................................................................................................................................................................

                Chrome Cache Entry: 135

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 1336 x 203, 8-bit colormap, non-interlaced
                Category:downloaded
                Size (bytes):104676
                Entropy (8bit):7.978401351587329
                Encrypted:false
                SSDEEP:
                MD5:5DBA69CBDF8D831B14EBE6CE5DD9F042
                SHA1:DE02552A2DEF39FCDD443A87A8EBF8BC1870E3C4
                SHA-256:0F7E013542DD20CE7825D93C287350F2670A887B3C2A11405B1BCBBC7F3DAA8E
                SHA-512:BBAA3DDACB42C36E9B46C7713EBC0CE7BA8C05BFCB46668A66CA71AD7EE322AB8BC16920C2B2985AFAF4A0415DA9A2BB2BD8B8E21FAEA2D7C1BA82749E993A31
                Malicious:false
                Reputation:unknown
                URL:https://www.google.com/logos/2024/moon/r3/play-sprite.png
                Preview:.PNG........IHDR...8.........}.......PLTEGpLPb.Va.6D....wv.@..E./<.Ch.Gd.\4.e7.g8.kF.f1.G(.y......R..0.8,..7.E....A].?X../.Jb.Q^.D^.GT.D`.;S.(D.?=.H-.3,.<&.4$.W+.E7.9:.y..\..f..Ka.S..Sg.PL.]Y.S;.Y..as.s..t..~...uo.u[..c.g.K.fw.q...................v.w.....|..DK.=B.JW../.."y33.-'.) .UL.ia.....hr.^i.1-..+...............v..l..St.]n.K`.;P.<G.6<.23.13....|..j..x..Hq.Dc.`~.s|.|......j.._..v......CY.;U.Zb....-"............................................Lz......\..]..2I.%.zQ..j..N..58.Am.O..Jr.Hd.8A....<F.EY.>U.BN.-1./>.4C.4I.-6.)/.(4.-:.\..,C.Q...........!1.5l....$,....!'.(<.<.................!9.5c..8.<~.1W.!G...................-Y..3.1m..6.C..)V....%=....'H.*X.!H.*X..%..+.....(......t.%...o..i."z&I..,..2.?L..)..7.. }$C..#...v.'.(6|.*..0.5A...d.*n..\..T..K..`..R........tRNS...&+AY};Xrz........_...]..M......................................................................................................................................................

                Chrome Cache Entry: 138

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:RIFF (little-endian) data, Web/P image
                Category:dropped
                Size (bytes):660
                Entropy (8bit):7.7436458678149815
                Encrypted:false
                SSDEEP:
                MD5:C3DFF0D9F30EC0BCF4DEC9524505916B
                SHA1:4B378403ACBEBC3747E08C69B5FD7770A850C9EB
                SHA-256:73D788F86BE22112BB53762545989C0F1BBDB7343161130952C9BA3834FF81E3
                SHA-512:677EA304D00D176ACF61FF68BF23BD5F77AD2928D7DE9F4B842292BC9D3FB7029FE9F578B62F142DCE689230F392E828098EED3484FE2DBEE6E1A7AA5378E2C6
                Malicious:false
                Reputation:unknown
                Preview:RIFF....WEBPVP8L..../'....Hv.=n.......Q...a..(Rv.o..U.....l..m........0l.6l..f.......A?B.C.A...2h..Ag0....G8.n#)R.j.x..P.F..I;.Ox......7-...bX./..]...3..T....5...x...G.C....%.u.....u/._.=....<!q.\...9.....\....p:..P.4.aS.N).>.>.."..9..Vh ....no....l.1..#6p\c..2..>..=8...........FP.^....+/.~......hs..D.Jm..9...r....t*.H..~T^|.....l..l......he..}f....d.."....K...&1..................pl.Pf.%6...2X..I...eXQ(.K..1%c..w.s._..._K`K.1}..D.E=...<..ytM..>.q'.e.L.~$...b..;k.M.....t\O..m.I._..F....'........z.]..u?~..P.zJM.. k...p~9..D....".Zl$?f..+...\.Pg..%...;.[R>N.#.W.e..@q...(....]&......K.......?.|.z..(...:&m.V.C.'...D^.R....

                Chrome Cache Entry: 140

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (524)
                Category:downloaded
                Size (bytes):24995
                Entropy (8bit):5.4037746634312995
                Encrypted:false
                SSDEEP:
                MD5:DE138B5EA0B170FA01133F4E1E15FA7F
                SHA1:1D558333E838DA3C9C4B466730B6CE9F4EE8535D
                SHA-256:8E0874E2653D081135CFD172A64C5D71BB31535081279109CE573D6B12CAB132
                SHA-512:576E4851123E99703E9B6524DD6BE5E1C90012E462D5EBBCEEA5A376223C5F207C88CD8FA70A7AC6F56E5BE4F5313615316D99C194AF02CABEBFDBC1E2A09435
                Malicious:false
                Reputation:unknown
                URL:"https://www.google.com/xjs/_/js/k=xjs.hd.en.jGNuXe7AXuY.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAgIEACAAAAAKAAAAAAAAAAAAAAAAAAAAAECAQAIBIAAAQAAADAAgAAgQAACAAAABAIAAAESAB4lAkAABEAJAAAAAAACAAAAqAgAAAAAgAAMAAAAHgAAAAAAKAAAAAAAAAAAAAAAAAAAAAggAABAAAAAAAAAAAAAAQAAAAA6AEAAAAAAAAAAAQAACAIAAAskAcIAAAAAAAA0AcAwQNgSGEBAAAAAAAAAAAAAAACkCCYCwkoCEAAAAAAAAAAAAAAAAAASEkTFzY/d=0/dg=0/br=1/rs=ACT90oGFOUSdTOJyBUg5zKcRXIfVzpjPIg/m=sy1dk,P10Owf,sy1cd,sy1cb,syqc,gSZvdb,syzp,syzo,WlNQGd,syqh,syqe,syqd,syqb,DPreE,sy101,syzz,nabPbb,syzj,syzh,syj6,syne,CnSW2d,kQvlef,sy100,fXO0xe?xjs=s4"
                Preview:this._hd=this._hd||{};(function(_){var window=this;.try{._.A$c=_.Gd("P10Owf",[_.hq]);.}catch(e){_._DumpException(e)}.try{._.x("P10Owf");.var LD=function(a){_.A.call(this,a.La);this.ka=this.getData("cmep").Kb();this.Ob=a.service.Ob;this.data=a.Sd.Bda};_.C(LD,_.A);LD.Ga=function(){return{service:{Ob:_.Et},Sd:{Bda:_.jD}}};LD.prototype.wa=function(){this.Ob.ka().oa(this.getRoot().el(),1).log(!0)};LD.prototype.ta=function(a){var b;a.data?b=_.Tb(_.jD,a.data):b=new _.jD;B$c(this,b)};LD.prototype.oa=function(a){B$c(this,a.data)};.var B$c=function(a,b){var c;(b==null?0:b.Nu())&&((c=a.data)==null?0:c.Nu())&&(b==null?void 0:b.Nu())!==a.data.Nu()||a.Ob.ka().oa(a.getRoot().el(),2).log(!0)};LD.prototype.Ia=function(a){this.Ob.ka().ka(a.ob.el()).log(!0);_.Pe(document,_.jGc)};LD.prototype.Da=function(a){this.Ob.ka().ka(a.ob.el()).log(!0);if(this.ka){var b;_.Pe(document,_.iGc,(b=this.data)==null?void 0:b.Fc())}else _.Pe(document,_.hGc,this.data)};_.K(LD.prototype,"kEOk4d",function(){return this.Da});_.

                Chrome Cache Entry: 141

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (3558)
                Category:dropped
                Size (bytes):3563
                Entropy (8bit):6.06532647204453
                Encrypted:false
                SSDEEP:
                MD5:B130B9A58B236B6F851324105CD89221
                SHA1:36E0D7F462D82D252770C408DAA6A5C5EADA6E13
                SHA-256:6B7CF2D194552F591387627212D01D3150F107A8F1E47F8D9183720876309D3C
                SHA-512:EE85261BCC8F78989DEAD7100EF13904C32DE614FD555748133266D938E97AF6C5068DEACDBE9940B9BA97DED40744F4B0B6C8BBF6E9204A89517F2E75736077
                Malicious:false
                Reputation:unknown
                Preview:)]}'.[[["hulu tell me lies season 3",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["seattle seahawks trade",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["cleveland cavaliers toronto raptors",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["john force",46,[3,357,362,396,143],{"lm":[],"zf":33,"zh":"John Force","zi":"American racer","zl":8,"zp":{"gs_ssp":"eJzj4tTP1TcwMSqvTDFg9OLKys_IU0jLL0pOBQBPqwcs"},"zs":"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBwgHBgkIBwgKCgkLDRYPDQwMDRsUFRAWIB0iIiAdHx8kKDQsJCYxJx8fLT0tMTU3Ojo6Iys/RD84QzQ5OjcBCgoKDQwNGg8PGjclHyU3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3N//AABEIAFAAUAMBIgACEQEDEQH/xAAcAAACAwADAQAAAAAAAAAAAAAFBgMEBwECCAD/xAA1EAACAQMCAwYEBQMFAAAAAAABAgMABBEFIRIxQQYTIlFxkRRhgcEHQqGx8DLh8SMzNHLR/8QAGQEAAwEBAQAAAAAAAAAAAAAAAgMEAQAF/8QAIREAAgMBAAIBBQAAAAAAAAAAAAECAxExEiGhEyJBUXH/2gAMAwEAAhEDEQA/AC/azs2/aQ2ctrexRiEOBleINnHUH5Uu672W1ZLO2ae6tpVtYe7B4ypAyTtt5Ee1MnZ+3jmtbpbkYWBEt4+n

                Chrome Cache Entry: 142

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 1980 x 1936, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):93916
                Entropy (8bit):7.928146659526518
                Encrypted:false
                SSDEEP:
                MD5:86DD2ACB851DD4E6B05F191DC69A2DCE
                SHA1:AC70AA54F0E309EF142DACE6945851ABBFDACE0C
                SHA-256:A41A157BE1F6C956DCABCA544FC18D4BD664A49B6811CE2025B744C08678CA60
                SHA-512:854567FE77588074D3296AE7B45142C06A9481816A30D33CF704D9A2DB3FCCEAB4C665C5C1792356704179B41584726B6C0FDD639479931573E3FFAA0D094A5B
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR.............ie......PLTEGpLn{............................................................................................................................................{}.bdpRVgX^y....................................................................................................kw.fr.\g.Wa.Q[}LUuKMT<=E ")13>.......................................................x..s..n{.al.GPo28N.3H+0C(,>$(8..$....................................................................DLi?Gc:AZ6<T #1..+..&.. .....................................................................}.............................................................................................................................................................................................................~.#....tRNS........................ "#%')+.0257:<[x...........i=Lbw..........G>..............................{.........B@..................C............wp...............W-.....ib\WP....m.

                Chrome Cache Entry: 144

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Web Open Font Format (Version 2), TrueType, length 21324, version 1.0
                Category:downloaded
                Size (bytes):21324
                Entropy (8bit):7.991052983575686
                Encrypted:true
                SSDEEP:
                MD5:1435F3CFD01BF0F3C24B8983E6780DB0
                SHA1:439AB7FFA6F9D5B654710691D8736EEDF2B6E892
                SHA-256:8CD3F9F312E86BADE2E77EB25C28EBA805707909441D49E29288944677CE6D47
                SHA-512:DDED0517B2C8F6C6EA045BA87F3AE870DF63843291C3E2219E7BDEB4E33BAF360B5FDB6065F0566FD1C79253105574EE4CA8CB13A11F7E6A51BF20EACF03155B
                Malicious:false
                Reputation:unknown
                URL:https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
                Preview:wOF2......SL.......$..R...........................6.....4.`?STATx..J.....`..(..Z..6.$.... ..4..K.......s..t. ....T.v..v...]g.b.8.1..d..'$'2....W..VU...,.:.PE.Jx qh..:'..q.d.n..".N.D.-....U<.w........u-n.....F._Q-.... {.{.a.V..S....W...:....xn)eX........-...1....(...#.gwN...G..._[..}o^M23.....Fr."..V...Q............*Fa!.E...YJD`.....}....<[.uT..J..R*.5.C+(.D..q.....c][X)....$.......&T..*:.......mg.m;...o'.!l.q..K..........Lm....>E.8.+7.-\.I.. _`...F.:.@..P86r.......Y.P#..Ji{.O3...I.5y....v[..z.........>..b;C..."...}ke.....IX...6...a.v..m...w.....H.{a!.L...,?..I=.....\ ....z..w.....n...:......>.........j.......G....U...i......!U.[..`.....L...L..c...H.o......r*#78..T..+7}g...5....h.'.=...nY.f.I..R.!$E.<E.J..X.9.....i.t.C.....1..G..fg...9]..........~...j.7g..&...#L O<!..u..}.....0..vH.^z.../)(;.,...Xa%9..p|9B.}...)....N0...a"..N.+Zx......O..R.[.9.%J.(.k0.r..k.O.g5..M..A.)..BD..w...wb...../-.....*"""..q\.m.V......Av..%+p....w../G...?r...f.n..

                Chrome Cache Entry: 88

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 1080 x 318, 8-bit colormap, non-interlaced
                Category:downloaded
                Size (bytes):9871
                Entropy (8bit):7.87245746862366
                Encrypted:false
                SSDEEP:
                MD5:4ACE7604006D0865C7211A640C656233
                SHA1:73440EA62F9D8E73A98DFF09407F6DAE20CBA1D7
                SHA-256:4652DA8FD00106E2B759A294E60077BB7A7F46B5A69AE3E9F32EAD23B682922F
                SHA-512:32946B16D7192D887E11894519C16AADB3A18E82AAD2AAE21B8FEA751C634F323355D5EE07532666FEBCDAAB3ACFF147260D5E8B34D1A6C043139F0B07FFDEB7
                Malicious:false
                Reputation:unknown
                URL:https://www.google.com/logos/2024/moon/r3/GoogleFrame.png
                Preview:.PNG........IHDR...8...>....._.P.....PLTEGpLn{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.......n{.n{.n{.|..n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.z..n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.n{....n{.n{.n{.n{.n{.n{.n{.n{.n{.n{.o|.p~.r..s..t..u..v..w..y..z..z..|..}..~................................................................................................................................................................................................................................................................................................................*....tRNS.A.<}........j..t.z..G..."U..f^..\4....D1q....w3>...m...v6..d.....a..T..,.X.i..:*.....R....M..........................................}8HJ0...X.......Z......*..#.A.@M....

                Chrome Cache Entry: 91

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):104
                Entropy (8bit):5.176616045880949
                Encrypted:false
                SSDEEP:
                MD5:9EA1CFE58028A47E8193E627081C2BBE
                SHA1:54A5077B7C787A80D5E5908209CA6C73534C729D
                SHA-256:9B7C11E7A454855A614FD61A492C298846516F4C39D308430B8F04F2334D1041
                SHA-512:F95CB0B310176C90A0C1F80E913F66273B48D86B306B6E8715353C1884CB64B78EA80B7443BC922FEA8AC940E8C5A2CA5DDB288F0EBA9AF1979624907C9647ED
                Malicious:false
                Reputation:unknown
                Preview:)]}'.24;["GIsaZ5GWNPWBi-gPtemb2AE","2103",1]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

                Chrome Cache Entry: 92

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):104
                Entropy (8bit):5.215077584342487
                Encrypted:false
                SSDEEP:
                MD5:B3BCF4B0B0AD819A8DA3795014494F51
                SHA1:09ACF0E5AED1C784727DD52162E6812080712E6C
                SHA-256:13BD9B2A10498ECB28749FC352F3EF04B4BF2FED73333FCA05FB56C485CBDA9A
                SHA-512:B4A7C0F5A281246BA401F0EAA75E40E175C9A6BFF6246ABA48680A7F801CD403E3523D99B892648731B06F908A5269909BCF9629792905368204C8B3F2DE0343
                Malicious:false
                Reputation:unknown
                Preview:)]}'.24;["EIsaZ8v6LIzri-gPyv6L8QM","2103",1]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

                Chrome Cache Entry: 93

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (10109), with no line terminators
                Category:downloaded
                Size (bytes):10109
                Entropy (8bit):5.301925163267041
                Encrypted:false
                SSDEEP:
                MD5:E67394A50AD30DD0A4FC371B2F9F2A36
                SHA1:3167C010A7C76D0F9054980C819815BB0E291F2D
                SHA-256:487FBC096FEB40C5D01414F5FE41A2A175411C1712E761A97BFD69A57C4FE664
                SHA-512:707E6F2BCA60585FAEA6841A3B5F19BF1543F84939D6A4A59830C496852C21357D17B61D3B987B096579BC6DE697B6FABD4AB12DF2CE780FA4528E05206968F9
                Malicious:false
                Reputation:unknown
                URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.GZmhE2vV14w.L.W.O/m=qcwid,d_b_gm3,d_wi_gm3,d_lo_gm3/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTuKvZ-nsYNivRzfGpm8QSi6tMFrvg"
                Preview:.gb_P{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ja{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_Ka{fill:#f9ab00}.gb_F .gb_Ka{fill:#fdd663}.gb_La>.gb_Ka{fill:#d93025}.gb_F .gb_La>.gb_Ka{fill:#f28b82}.gb_La>.gb_Ma{fill:white}.gb_Ma,.gb_F .gb_La>.gb_Ma{fill:#202124}.gb_Na{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                Chrome Cache Entry: 94

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:JSON data
                Category:downloaded
                Size (bytes):12207
                Entropy (8bit):1.4050236716336104
                Encrypted:false
                SSDEEP:
                MD5:46C26FB164281C5E24900A8402EFE93A
                SHA1:5134DFD26D64FE187C136D189789AEBCC11CC0E0
                SHA-256:2F24DD691ADBE62B9AF79B270D29D2A17D0BA75AB70073208F9AA8D887C550E9
                SHA-512:9CD8153D6E1E5EAB4E0AF197AA6C24112C955C4EF889DCB3FD2537B2F6E6CBF7ECDA84E7A90959F7D738215B309F067815F3BD1F29CCA8AC8F1E34322698D535
                Malicious:false
                Reputation:unknown
                URL:https://www.google.com/xjs/_/js/md=2/k=xjs.hd.en.jGNuXe7AXuY.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAgIEACAAAAAKAAAAAAAAAAAAAAAAAAAAAECAQAIBIAAAQAAADAAgAAgQAACAAAABAIAAAESAB4lAkAABEAJAAAAAAACAAAAqAgAAAAAgAAMAAAAHgAAAAAAKAAAAAAAAAAAAAAAAAAAAAggAABAAAAAAAAAAAAAAQAAAAA6AEAAAAAAAAAAAQAACAIAAAskAcIAAAAAAAA0AcAwQNgSGEBAAAAAAAAAAAAAAACkCCYCwkoCEAAAAAAAAAAAAAAAAAASEkTFzY/rs=ACT90oGFOUSdTOJyBUg5zKcRXIfVzpjPIg
                Preview:{"chunkTypes":"1000011111110011110001000010110100000011111111111111111111111111111110110111111111110101111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111101110111111111310110111111111111011111111111111011111111111111110001101111111111111111111111010100222222221221221212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212221212121212121212221222222212212121212121212122212121212121221212121212121212121212121212121222121212121212121212121212121212121212121212122221221221222122122122122122122122122122122122122122122122122122122122122122122122122122122122122122121212121222122222222221212212112122121212121212121212122121212212112121212121212122222222121112112222112121212122121212121212122121222222212122122122122121121212212121

                Chrome Cache Entry: 95

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (2287)
                Category:downloaded
                Size (bytes):222084
                Entropy (8bit):5.526058708190933
                Encrypted:false
                SSDEEP:
                MD5:484184FA115B901608813FF9AD662D66
                SHA1:03940204713774B0333168624F38E1C8F38CD9A7
                SHA-256:3705D85A13B50B2C1A500E16A40EF349D62D3F06A847A903C31A2444F6063D03
                SHA-512:7CD0D549F01EB3DBFDCCB0BDCEFC8FDE98B5D96AF1BBAEF70AD085DA576F9485D34315BD68A93A38E33E29724477E0C5172B0E25AEB46843E38BF51F7DFA52E4
                Malicious:false
                Reputation:unknown
                URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.JsvYdB1VlTQ.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTt6VjuqvFHGTQ7vz8QgRv0QbbEJTQ"
                Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.Ke=function(a){return _.Qb(a)&&a.nodeType==1};_.Le=function(a,b){if("textContent"in a)a.textContent=b;else if(a.nodeType==3)a.data=String(b);else if(a.firstChild&&a.firstChild.nodeType==3){for(;a.lastChild!=a.firstChild;)a.removeChild(a.lastChild);a.firstChild.data=String(b)}else _.He(a),a.appendChild(_.we(a).createTextNode(String(b)))};var Me;_.Ne=function(a,b,c){Array.isArray(c)&&(c=c.join(" "));var d="aria-"+b;c===""||c==void 0?(Me||(Me={atomic:!1,autocomplete:"none",dropeffect:"none",haspopup:!1,live:"off",multiline:!1,multiselectable:!1,orientation:"vertical",readonly:!1,relevant:"additions text",required:!1,sort:"none",busy:!1,disabled:!1,hidden:!1,invalid:"false"}),c=Me,b in c?a.setAttribute(d,c[b]):a.removeAttribute(d)):a.setAttribute(d,c)};var Re;_.Qe=function(a,b,c,d,e,f){if(_.tc&&e)return _.Oe(a);if(e&&!d)return!1;if(!_.rc){typeof b==="number"&&(b=_.Pe(b));var g=b==17||b==18||_.tc&&b==91;if((!c||_.tc)&&g||_.tc&&b

                Chrome Cache Entry: 99

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (7408)
                Category:dropped
                Size (bytes):558298
                Entropy (8bit):5.632952169507026
                Encrypted:false
                SSDEEP:
                MD5:7136F1E4179F73FBE8B30F5F6591ADD6
                SHA1:B146908C0139151DFFA8C19F85C0D009962F4E38
                SHA-256:1D235402474E0C1058D173AC585A316237351D0665EBC4F8C75BB167B0E724A4
                SHA-512:57FEF600F89F74DD335FBF07C027C8FFEF3F33DCAC9D83670CC4A978794670591B021AFF816E49BEE5C9A9609776E83A8B7F527AAC7F321EAAB73AE17CE3A413
                Malicious:false
                Reputation:unknown
                Preview:_F_installCss("c-wiz{contain:style}c-wiz>c-data{display:none}c-wiz.rETSD{contain:none}c-wiz.Ubi8Z{contain:layout style}.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:relative}.nNMuOd{animation:qli-container-rotate 1568.2352941176ms linear infinite}@keyframes qli-container-rotate{from{transform:rotate(0)}to{transform:rotate(1turn)}}.RoKmhb{height:100%;opacity:0;position:absolute;width:100%}.nNMuOd .VQdeab{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-blue-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .IEqiAf{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-red-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .smocse{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-yellow-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .FlKbCe{animation:qli

                Static File Info

                No static file info