Edit tour

Windows Analysis Report
https://fywiei.com

Overview

General Information

Sample URL:	https://fywiei.com
Analysis ID:	1541416

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 1060 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6808 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1884,i,9561563789436283719,513232654156646100,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6424 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fywiei.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: chrome://newtab/	HTTP Parser: No favicon
Source: chrome://newtab/	HTTP Parser: No favicon
Source: chrome://newtab/	HTTP Parser: No favicon
Source: https://red.securiguard.cc/	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49716 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	DNS traffic detected: DNS query: fywiei.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: ogs.google.com
Source: global traffic	DNS traffic detected: DNS query: cint.securiguard.cc
Source: global traffic	DNS traffic detected: DNS query: cdn.mxpnl.com
Source: global traffic	DNS traffic detected: DNS query: api-js.mixpanel.com
Source: global traffic	DNS traffic detected: DNS query: red.securiguard.cc

Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49716 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@33/59@24/170

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1884,i,9561563789436283719,513232654156646100,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fywiei.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1884,i,9561563789436283719,513232654156646100,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
fywiei.com	103.224.182.206	true	false	unknown
plus.l.google.com	172.217.18.110	true	false	unknown
play.google.com	172.217.18.110	true	false	unknown
www3.l.google.com	142.250.186.174	true	false	unknown
api-js.mixpanel.com	35.190.25.25	true	false	unknown
fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com	3.220.57.224	true	false	unknown
www.google.com	142.250.185.228	true	false	unknown
cdn.mxpnl.com	130.211.5.208	true	false	unknown
cint.securiguard.cc	206.189.225.178	true	false	unknown
red.securiguard.cc	unknown	unknown	false	unknown
ogs.google.com	unknown	unknown	false	unknown
apis.google.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://fywiei.com/	false	unknown
https://red.securiguard.cc/	false	unknown
chrome://newtab/	false	unknown
https://cint.securiguard.cc/oops	false	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.228	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.174	www3.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.227	unknown	United States	15169	GOOGLEUS	false
130.211.5.208	cdn.mxpnl.com	United States	15169	GOOGLEUS	false
107.178.240.159	unknown	United States	15169	GOOGLEUS	false
142.250.185.163	unknown	United States	15169	GOOGLEUS	false
3.220.57.224	fitted-chickpea-93d5aunl151c7yze17jzeqxz.herokudns.com	United States	14618	AMAZON-AESUS	false
142.250.186.131	unknown	United States	15169	GOOGLEUS	false
142.250.184.227	unknown	United States	15169	GOOGLEUS	false
172.217.18.110	plus.l.google.com	United States	15169	GOOGLEUS	false
142.250.74.195	unknown	United States	15169	GOOGLEUS	false
142.250.186.99	unknown	United States	15169	GOOGLEUS	false
35.186.235.23	unknown	United States	15169	GOOGLEUS	false
142.250.184.202	unknown	United States	15169	GOOGLEUS	false
216.58.212.170	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
142.250.185.238	unknown	United States	15169	GOOGLEUS	false
103.224.182.206	fywiei.com	Australia	133618	TRELLIAN-AS-APTrellianPtyLimitedAU	false
64.233.167.84	unknown	United States	15169	GOOGLEUS	false
35.190.25.25	api-js.mixpanel.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
206.189.225.178	cint.securiguard.cc	United States	14061	DIGITALOCEAN-ASNUS	false
142.250.185.174	unknown	United States	15169	GOOGLEUS	false
172.217.16.195	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1541416
Start date and time:	2024-10-24 20:13:46 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://fywiei.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@33/59@24/170

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.238, 64.233.167.84, 142.250.185.163, 34.104.35.123, 199.232.210.172
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://fywiei.com

LLM Input / Output

Input	Output
URL: chrome://newtab/ Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: chrome://newtab/ Model: claude-3-haiku-20240307	```json { "brands": [ "Google" ] }
	```json { "brands": [ "Google" ] }
URL: https://cint.securiguard.cc/oops Model: claude-3-haiku-20240307	```json { "contains_trigger_text": true, "trigger_text": "Seems like the link you followed is broken or the page has moved.", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://cint.securiguard.cc/oops Model: claude-3-haiku-20240307	```json { "brands": [] }
	```json { "brands": [] }

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 17:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9884296182169683
Encrypted:	false
SSDEEP:
MD5:	1C9D9DD748C2C3DFFDDEC2C1221A0F47
SHA1:	354623C2285B27E5AAB7022086E9052A93988631
SHA-256:	2907CB30C85A0FEF6B2C11713DE4703BD90CE8136DB9A7A1C8C11965A5CC61A7
SHA-512:	F9073FEBAC91B2DBD0E94860063C2E73E90124F8B38BBC878CD9C461151912A232C8F27B7A5FDECCF44FA0F18835B1198822416D52B812BF332EC4A7EEF1B428
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....%u..@&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............(W].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 17:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.004883418953579
Encrypted:	false
SSDEEP:
MD5:	481354122B615E0F3F1484EE3B22C4FE
SHA1:	94212D9C91D23837DF07A126801D4BC9148C8FB0
SHA-256:	D23502167D1CCF5077919BB53374501EA8A7157145D132A2BBDC3C2D3876CCF7
SHA-512:	9D347CBE227BDCAC6C7A14B6B6AB94991A4571595C7A68136F746DF8293DF0799E0E7E9D27B332218229E9959E62F07F2689E7A0733B19220DB0B245B76EB575
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......@&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............(W].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.012866977231985
Encrypted:	false
SSDEEP:
MD5:	18F520BFE8E65FEE7D1D432B55D20948
SHA1:	ACE2EF43A57C8E57174AC92E3D957C95B54393C5
SHA-256:	B20BF4B790AF6E8DB2AB85F5868E262316A3AA843C1A0FACA079C1F9D5EC7900
SHA-512:	DF1B79977F7667BC754DBB0473B2D9687C9ECD64DFF6434382E3CADA3BC70F528E0E88CE8F71FFBC8025ACA0B09F4F7A8F47867231F62F90AD9FFFD160452027
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............(W].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 17:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.002981847409739
Encrypted:	false
SSDEEP:
MD5:	102209EBB62D8B31EB6B9AD222815517
SHA1:	BC0CC7DC4891FE6D36DE87BE945970831F8F2ACB
SHA-256:	95157B884FD6266482C614A7EA27A3AF04D0BC4916652342C00731140DEBD848
SHA-512:	14929FCC228D560A27B429DBA8FCE04A763CF4AB6B8BEE1203B924A588668222912B6298ED43C9D73F57B6CAC96C67E1089331E4D5CB4E7FC4EE99C966CD5E8A
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,........@&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............(W].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 17:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.991701256659917
Encrypted:	false
SSDEEP:
MD5:	721A574643EA4CCCF3AD4216A4D84634
SHA1:	DA67BE0D7785ECD96253AEFE038E630033EDB02B
SHA-256:	72388223CC4A4D4959CB9B29E372FE98B96C7C25FF7E3DB2C7B182048A709D39
SHA-512:	67046CCE126578FE282EDBA8B796FC0BEC90FFD0C9128B715F097D83FFFF3ECE9863D723EBDE823CB8D8BCEA52C8518C69FBB79D1705887C03857E025E29B65B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....t.@&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............(W].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 17:14:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.999199758374585
Encrypted:	false
SSDEEP:
MD5:	3DEA0A3BE9A3C6DEAC15DC11185784E6
SHA1:	DC325071BE450975436C790F48CC76C2CD8C7B4E
SHA-256:	BD1076D870979707CE6C00C96387FA3D0531D95368CAC0FED3756636414E4031
SHA-512:	C6C9747D72D3F0902E973964FC9C8A2B3E0AA034BA4FB2D640416AAC098E199D3882A2F9E5E52AFD989890FF160DFE12F2161C59B2D8B38FFA94A100C6417EF0
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....P6..@&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IXY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............(W].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3
Category:	downloaded
Size (bytes):	2337
Entropy (8bit):	7.797256174344057
Encrypted:	false
SSDEEP:
MD5:	23FEE2F7D4408F29C4B4BE8B8902F58A
SHA1:	F0CE4C8FDDFCAEDA829B319849348AC651B2B34D
SHA-256:	1BD85FD1178AFD0548D2D5773D8EBFAA36228832F3D74EFA1519CE73C4295AC3
SHA-512:	DBE47253A94A2F851A53B56EB94BEC0F6F5F5F25CE9A7FFB626A6434683C48E0D2CB50E952184459D67F5431E1E7BD20CC19A11DB2465592EB6BF2D079B6EAC3
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQTRZC6b-gSWahs6svuNYzt-fFvRoJ1tdL8G43XNAc&s=10
Preview:	......JFIF......................................... ."" ...$(4,$&1'..-=-157:::#+?D?8C49:7...........7%.%77777777777777777777777777777777777777777777777777......@.@..........................................1........................!..1AQ.2......"#ab.3q...........................................................!1A2aQq...........#............?...Y...Y.C.j..~6CR?.....1...e...n.cNO.On.kv.D..Hl....%....lJg...]6.M...c.oo......_}.W....@.G...4dQ...y....u.....l.}.6G...g......G.[kv.B/..........h.q)..J.pJiE.2..{\|YP.W.W.T.........?t.9.v.Z....i....+D ....d...D'..i......5....e.......>.H&.>S.e..<..}..T...G.8.. d...,..k..F[..n..H..>.:....7W8\/\u.E..A.\.k....sK]`m{\_.{a.=.K.8b.r....~YJ..2g4...\v...m..q...4^`.....T..?T..._q.....S.W.....^Z..BH".......\|sJ.....(*.7RLc;p\|B...._M.%Vb'f).{./......<.x...........>.n.'.VY}.#$.L...:..M........./..+\|y........{.w......i.(y..r...[q.[.....V..UV..]R.A.I.2.W:....~...r....Fd.d.D..W..........`....Po.......'..+.0.f.6^.O..........D.S."S..

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	139
Entropy (8bit):	4.717826995152233
Encrypted:	false
SSDEEP:
MD5:	DA7DA7D630292E7A2A7DDA8CA87B3D39
SHA1:	A4CB76424DC44433A2DF01FE8B0BBD836D15E970
SHA-256:	52C1E7A2C36BE28C42455FE1572D7D7918C3180CAD99A2B82DAA2A38A7E7BB23
SHA-512:	9E717F9C6699B280436CA9BE7107BA6301430D4DEF8311B963A266A5B3B91B2719687B04860509B6142FA24D629A3217BD450696559FE6D9DC8C60BCCFD740AD
Malicious:	false
Reputation:	unknown
URL:	https://red.securiguard.cc/
Preview:	<!DOCTYPE html>.<html lang="en">.<head>.<meta charset="utf-8">.<title>Error</title>.</head>.<body>.<pre>Cannot GET /</pre>.</body>.</html>.

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (2013)
Category:	downloaded
Size (bytes):	4330
Entropy (8bit):	5.0386227849475
Encrypted:	false
SSDEEP:
MD5:	6C3A5DD8C1466F19590C8E5B3F352511
SHA1:	15E37C32877986BE7FCA2FB9F75FC834A42EB0B8
SHA-256:	DCA9764B260A707D4294E90273215B08F9603E4A5EB84DFE0BE7E8D97887BBF7
SHA-512:	EF5C830658E6F3408FE74C26F7CA88E4AB9BD11A1F0685674F162BF9CE7C6467B48FF06EA6A8EF8D738C9EB3F27283950C1C27F0A63407DAD9483717B37EF901
Malicious:	false
Reputation:	unknown
URL:	https://cint.securiguard.cc/oops
Preview:	<!DOCTYPE html>.<html lang="en">.<head>. Meta Data -->. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1">. <title>SecuriGuard - Oops!</title>. <link rel="shortcut icon" href="/private-search/favicons/securi-guard.ico" type="image/x-icon">. <link rel="icon" href="/private-search/favicons/securi-guard.ico" type="image/x-icon">.. <meta name="msapplication-TileColor" content="#d2d9f4">. <meta name="theme-color" content="#d2d9f4">. Google Web Fonts -->. <link rel="preconnect" href="https://fonts.googleapis.com">. <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>. <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900&display=swap" rel="stylesheet">.. <link rel="stylesheet" href="/content-pages/assets/dependencies/bootstrap/css/bootstrap.min.css" type="tex

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 30, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1100
Entropy (8bit):	7.745106196547536
Encrypted:	false
SSDEEP:
MD5:	37B63ED4CBEE3717C00CF6962931C94D
SHA1:	F4983B48CCB763B2BDEE5DE7B43D7A3946C00AA4
SHA-256:	34A075A2FFF6259DF0E70D18A44BF2CB74037D7E955CDB167ECFC98FEEBA38AA
SHA-512:	F52C6CC2B4362C2A8DDA0C5BA07749047837C22EBC1448C6FD21A2842F216AA517B5D03EFEDF54AA27B6284811CEDA2CEAAEAA27C0EB9A6BAC53A77187DA34FC
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQhX16IOxFr-vJmU73rIgiSKA-Rcq3RveU1CH2Nazw&s=10
Preview:	.PNG........IHDR...@..........3.k....PLTE..............................................TX............06.jm.ps....9>.....................l......vw.bd....)0.^b..AE.vy.HL..........a..U.......RS...@B.../2.....=..w...+p.A...MIDAT8..Tis.8...l.........6G..N...[.R25$Ev3..Ke...{...7..\| [........4...=...(.}4..UXQ.....@g.~...t0.......0-.I.9..n`&^+...O.o......./...../.g....U[{.z...O.#+.}z6.odG1c..{C...e.....o........D..`.ie^..',.G.0..........hLh.@a..n.#.........G.i..~4..hx....]......t[.FG..405.......Q..B=D..........T`.N.=.....C...N.V..yrU..>...............bHY..Z.r...).5x.LDQ.....d..ak..5T...k...X....G.6.e...2.5..w&3..=.L.-..T}\|.\. ...`......'."h..2..T...:.\9'...4G.ND.. W..H..h.\|C"...(.\u.&.G.s.)C.n..d...9..Z(1.#t..'&Z.;.]5.!.)......V,.....Q.XK...qG..o.....2k..5........B...u.Z.c;......E0f;..#Ah.$...j..;."..,.kE.`.>.....<.V....H.4.?....\|.:..v..W...\|......7....rC)..r..K.]..K.OP.j]N.E...d'e....K7/.<...V.<.....Ox...p..!w..[f...}.v.Z..B*YT.<.:.."...e

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3847)
Category:	downloaded
Size (bytes):	3852
Entropy (8bit):	5.837737310993665
Encrypted:	false
SSDEEP:
MD5:	9EBF56E4938C723091B4A309D616500E
SHA1:	ECD1CA3F0BF799DAFBA6100EC4C44D47CC2F845C
SHA-256:	140808F5BCA821081A262FB37EE76A2C77053EC6C29018C119F622D68E4EE6BB
SHA-512:	25FB45DE091F782BFFE44BAF4EB86F295DD0B4E648C4F705D7105F638642321F708894D4A60E968B65047E0886FC8E718E24337FDE7A6526C9E30D08CE6D7B57
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["",["netflix cobra kai season 6","james wiseman injury update","top gun maverick plane crash","warhammer 40k space marine 2 patch notes","frisch big boy","vans warped tour lineup 2025","playstation stars rewards store credit","goldfish crackers chilean sea bass"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"google:entityinfo":"CgovbS8wM3AyNjF6EhBSZXN0YXVyYW50IGNoYWluMsMQZGF0YTppbWFnZS9qcGVnO2Jhc2U2NCwvOWovNEFBUVNrWkpSZ0FCQVFBQUFRQUJBQUQvMndDRUFBa0dCd2dIQmdrSUJ3Z0tDZ2tMRFJZUERRd01EUnNVRlJBV0lCMGlJaUFkSHg4a0tEUXNKQ1l4Sng4ZkxUMHRNVFUzT2pvNkl5cy9SRDg0UXpRNU9qY0JDZ29LRFF3TkdnOFBHamNsSHlVM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOLy9BQUJFSUFFQUFRQU1CSWdBQ0VRRURFUUgveEFBYkFBQUNBd0VCQVFBQUFBQUFBQUFBQUFBQUJ3UUZCZ01DQWYvRUFERVFBQUlCQXdNQ0JBUUVCd0FBQUFBQUFBRUNBd1FGRVFBU0lRWVRC

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	assembler source, ASCII text
Category:	downloaded
Size (bytes):	8156
Entropy (8bit):	4.322513861511581
Encrypted:	false
SSDEEP:
MD5:	74A54C7117A4C7222A1C835213DB5ADD
SHA1:	588D06D133B1D402397DADCC8B8125EE510ED856
SHA-256:	E543F8C658F07183FBFC70D5A3D6964A42BE25ADD3FEF8D20A0404CEFE5E2920
SHA-512:	BE1934608BE88C99030FCCF332EC5851C9410D43C7DAFD8576D042279FBBB29B4F83B2A57B528B79C053102EF42108238320D919A3B5DF1F661B59F1295202ED
Malicious:	false
Reputation:	unknown
URL:	https://cint.securiguard.cc/content-pages/assets/css/responsive.css?v1
Preview:	@media (max-width: 991px) {. html {. font-size: 8px;. }.. .site-header .header-inner .site-nav .menu-wrapper {. -webkit-box-orient: vertical;. -webkit-box-direction: normal;. -ms-flex-direction: column;. flex-direction: column;. }.. .toggle-menu {. position: absolute;. right: 0;. width: 26px;. top: 50%;. -webkit-transform: translateY(-50%);. transform: translateY(-50%);. display: block;. height: 24px;. cursor: pointer;. }.. .toggle-menu .bar {. width: 27px;. height: 2px;. display: block;. float: left;. margin: 3px auto;. -webkit-transition: all 0.3s ease-in-out;. -o-transition: all 0.3s ease-in-out;. transition: all 0.3s ease-in-out;. background: #ffffff;. }.. .site-header .header-inner {. text-align: center;. padding: 15px 0;. }.. .site-header .header-inner .site-nav .nav-right {.

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Category:	dropped
Size (bytes):	150913
Entropy (8bit):	6.432734470554999
Encrypted:	false
SSDEEP:
MD5:	AEDECED2A0A3ED0DAB79AFFC83C21D9F
SHA1:	D3B1951DE8C8F664057555411A304776E2434772
SHA-256:	78C11493A1D8441890E0960C2585A8D0E99C8ECD07400C86195A5D7BCC61A821
SHA-512:	C1F16AD382FA155019E76045D3A9EE3AFDEABE56535CAF52476A4ADDDBDA082C4B55BD1BB756CFC9E122F3F430D475FB834EF50CD526369B0E9DB6D16808D7AC
Malicious:	false
Reputation:	unknown
Preview:	............ .....f......... .(...y...@@.... .(B......00.... ..%...... .... .....q8........ .h....I...PNG........IHDR.............\r.f....IDATx...i.%Yv.......r.%k.....4.....H..7.P..I#.Fc2}...L.Fc2.......e$..r.1.C.3X.$...F7..UW/U]]{...{...=.p....ED....m.+#.....{....x.....a{............................<l..=..?@....B.........~f.R.>-....^..b.o....~..a{w.C.......,.F.U...4./...o....;...._._.~...H........7.w...w.=....._....L&.e.......tnf?.^.O..z\|.J-....q.`Xm.V.....W...........v._.a;..P....?.+O..~8......M...'..Y7... (mp.}...-O...2..Z...W'.........Q.....m......i.......O..Z.5......o./V3...y\|...c3. ......-O..`x.Z..k..^..wf...l\}............K..U..Sl...{...?....uC....u1..k........>P...C nt_p.q..B....@.Z....oU...A............z..C..}.....p..?.tY4..j...Q...Z.?.....9......G.0...iK.]....@pQ..... L.W8...j.+-....?<P..tX..w..}...a...P....?..(..;..n...L.?;l.O...cc....Y.L.....j..P...5?......@....jQ.Q.#.~.........=....r.......+.....P.<.....O m.hg*..3

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1281)
Category:	downloaded
Size (bytes):	205740
Entropy (8bit):	5.474096482517275
Encrypted:	false
SSDEEP:
MD5:	AF2B61C14E81AED046BD457370689B3E
SHA1:	BC9B2DC5798AD22FD9DD4B3E3D1FB7F2B5E29085
SHA-256:	C6C7767D9C19E031954167DF691194A7B560C10CE31F3EE507CF1FBC50BA76C6
SHA-512:	64D71474EFF9FE74101CB23837C6BF40BE10DFDEA2DCDF90377C1695EDAE5E00037A62A5C7C61C8B31EE9D83161319F04AFEC74C83D9EBA52E5CD36E9F07CFAF
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.HyLTZ-VVzwQ.es5.O/am=gDAYMGw/d=1/excm=_b,_tp,appwidgetnoauthview/ed=1/dg=0/wt=2/ujg=1/rs=AM-SdHvSgJS6Vv5-haMbcF00HnBfcxhopw/m=_b,_tp"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x30183080, 0x1b0, ]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT./.var ha,aaa,Ga,baa,Ja,bb,sb,eaa,Lb,Qb,Rb,Sb,Tb,Ub,Vb,Wb,Zb,faa,gaa,bc,dc,kc,nc,pc,haa,uc,vc,Dc,Lc,Oc,Qc,Sc,Uc,Pc,Wc,Xc,maa,md,nd,od,naa,oaa,yd,xd,paa,Bd,qaa,Dd,raa,Ed,saa,Ld,taa,Qd,Wd,Xd,Zd,ce,de,be,fe,Fe,Ie,Qe,Oe,Re,z,Ve,Ye,bf,jf,of,zaa,Aaa,Baa,Caa,Daa,Eaa,Faa,Gaa,Haa,Iaa,Jaa,Kaa,Laa,Maa,kg,og,Saa,Qaa,zg,Waa,Gg,Jg,Yaa,Zaa,Lg,Zg,cba,dba,dh,eba,fba,sh,gba,hba,Hh,Ih,Jh,iba,jba,Mh,lba,mba,Qh,Rh,qba,sba,tba,uba,vba,wba,xba,yba,Aba,Bba,Cba,Eba

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	assembler source, ASCII text
Category:	downloaded
Size (bytes):	38328
Entropy (8bit):	4.83190888702332
Encrypted:	false
SSDEEP:
MD5:	BB21D6144B8CE60FB6974D3DEE7F1149
SHA1:	0CC5AEA57BF6A0879BFCE142F6B22811E4C3D98D
SHA-256:	074DC517C0C4A90CC73C66FF67BE8F1F965471E3F6D8D218A43C890F8254870A
SHA-512:	F6D88454E2FC4E4D877933761DD0D0CE584D7A56BA4BD417C151559716CB62B03710DE9231C67917622150F0F9AD8755A24E5590AC8690BD3CC1C4418EFD74ED
Malicious:	false
Reputation:	unknown
URL:	https://cint.securiguard.cc/content-pages/assets/css/app.css?v2
Preview:	/* Front */.html {. font-size: 10px;.}..body {. font-family: 'Inter', sans-serif;. font-size: 1.6rem;. line-height: 1.6;. color: #404247;. background: #fff;. -webkit-text-size-adjust: 100%;. min-height: 100vh;. overflow-x: hidden;.}...table {. color: #777e8f;.}..svg {. display: block;.}..a,.button,.input,.textarea,.button,.select {. -webkit-transition: all 0.3s ease-in-out;. -o-transition: all 0.3s ease-in-out;. transition: all 0.3s ease-in-out;.}..button {. cursor: pointer;. outline: 0;.}..input,.textarea,.select {. width: 100%;. padding: 10px 12px;. outline: 0;.}..a {. text-decoration: none;. color: #666;.}..@media (hover: hover) {. a:hover {. color: #8EC6FF;. text-decoration: none;. outline: none;. }.}..h1,.h2,.h3,.h4,.h5,.h6 {. margin-top: 0;.}..img {. max-width: 100%;. height: auto;.}..strong {. font-weight: 700;.}...container {. width: 100%;. max-width: 1340px;. padding:

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (960)
Category:	dropped
Size (bytes):	3314
Entropy (8bit):	5.4988895503589506
Encrypted:	false
SSDEEP:
MD5:	3AD81844EDFBFE7698ECC0E114A0F680
SHA1:	494710FF611ED4C997F3DE7B46D12050C84C9314
SHA-256:	954DD56F9F4399D43A1BBA4D69E901F47EFBCB66650A02C60D630E16089A0E3A
SHA-512:	FB69AA92874FD68B2EA9F43EB805B3CAB846A91A03B00917C451CE854A5B41D5730A4C587F06F7DC16980B6D3FB2C20EDFCC2549AD4646D9659AB63D2759A52E
Malicious:	false
Reputation:	unknown
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.p("Wt6vjf");.var rA=function(a){this.wa=_.x(a,0,rA.ob)};_.E(rA,_.C);rA.prototype.Xa=function(){return _.Ll(this,1)};rA.prototype.rc=function(a){_.Xl(this,1,a)};rA.ob="f.bo";var sA=function(){_.op.call(this)};_.E(sA,_.op);sA.prototype.nb=function(){this.Es=!1;tA(this);_.op.prototype.nb.call(this)};sA.prototype.j=function(){uA(this);if(this.hl)return vA(this),!1;if(!this.Lt)return wA(this),!0;this.dispatchEvent("p");if(!this.Oq)return wA(this),!0;this.yp?(this.dispatchEvent("r"),wA(this)):vA(this);return!1};.var xA=function(a){var b=new _.Vu(a.Az);a.Cr!=null&&b.l.set("authuser",a.Cr);return b},vA=function(a){a.hl=!0;var b=xA(a),c="rt=r&f_uid="+_.lm(a.Oq);_.Sq(b,(0,_.rh)(a.l,a),"POST",c)};.sA.prototype.l=function(a){a=a.target;uA(this);if(_.$q(a)){this.vo=0;if(this.yp)this.hl=!1,this.dispatchEvent("r");else if(this.Lt)this.dispatchEvent("s");else{try{var b=_.ar(a),c=JSON.par

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	29
Entropy (8bit):	3.9353986674667634
Encrypted:	false
SSDEEP:
MD5:	6FED308183D5DFC421602548615204AF
SHA1:	0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
SHA-256:	4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
SHA-512:	A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/async/newtab_promos
Preview:	)]}'.{"update":{"promos":{}}}

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (766)
Category:	downloaded
Size (bytes):	1423
Entropy (8bit):	5.340155215497175
Encrypted:	false
SSDEEP:
MD5:	601F70E857A6953CBDA4B9CE9BC98A18
SHA1:	F560E43C98CFE8641EE7DC773E5152910EFC8C9F
SHA-256:	F61D46987F8A646B3FB3356F84E69831FB269C8426D6971924E7154CEC957759
SHA-512:	49CFAC8659AD0B51EBA1D61D86C8D5E5618AAA4350BB6F64D28D1DBB0705868FD504A99081471208EB86DCA90705BBBA12B5DCFBBBC1ECF2DC6F6DF2841242F5
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.HyLTZ-VVzwQ.es5.O/ck=boq-one-google.OneGoogleWidgetUi.GggoXlw0wTY.L.B1.O/am=gDAYMGw/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aDfbSd,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pw70Gc,s39S4,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,appwidgetnoauthview/ed=1/wt=2/ujg=1/rs=AM-SdHvnaX27gCDIp4WyJbtluL3aRIPNSw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.p("P6sQOc");.var Hqa=!!(_.Pi[0]>>25&1);var Iqa=function(a,b,c,d,e){this.o=a;this.N=b;this.v=c;this.O=d;this.T=e;this.j=0;this.l=Y_(this)},Jqa=function(a){var b={};_.Ea(a.rs(),function(e){b[e]=!0});var c=a.hs(),d=a.ks();return new Iqa(a.js(),c.j()1E3,a.bs(),d.j()1E3,b)},Y_=function(a){return Math.random()Math.min(a.NMath.pow(a.v,a.j),a.O)},Z_=function(a,b){return a.j>=a.o?!1:b!=null?!!a.T[b]:!0};var $_=function(a){_.N.call(this,a.oa);this.l=a.service.Dt;this.o=a.service.metadata;a=a.service.nH;this.fetch=a.fetch.bind(a)};_.E($_,_.N);$_.V=function(){return{service:{Dt:_.W_,metadata:_.S_,nH:_.PY}}};$_.prototype.j=function(a,b){if(this.o.getType(a.Db())!==1)return _.Pp(a);var c=this.l.jt;(c=c?Jqa(c):null)&&Z_(c)?(b=a0(this,a,b,c),a=new _.Op(a,b,2)):a=_.Pp(a);return a};.var a0=function(a,b,c,d){return c.then(function(e){return e},function(e){if(Hqa)if(e instanceof _.Hf){if

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (688)
Category:	downloaded
Size (bytes):	693
Entropy (8bit):	4.895294765833226
Encrypted:	false
SSDEEP:
MD5:	436FEA6284EF432D07D91CB0E9138026
SHA1:	96E0DE1A31B4217A2C31046194B46378CEE2784A
SHA-256:	F5EF10778E97EED49E25595F166D1D0F776265AE929A3F61CE3350F1778697B5
SHA-512:	47714ED79D9126774E912A1945E4A3926FAB676122C5DCD1A4AC4E0487449B21821C73C026993A9CEE6C886EE276E531533CBF6E022A86463CE62AA4E4A71AB8
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcint.securig&oit=3&cp=20&pgcl=7&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https://cint.securig",["https //cint.securiguy.com","https //cint.securigo.com","https //cint.securigo.com login","https //cint.securigard.com","https //cint.securigia.com"],["","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"mp":"\u2026 ","t":"//cint.securiguy.com"},{"mp":"\u2026 ","t":"//cint.securigo.com"},{"mp":"\u2026 ","t":"//cint.securigo.com login"},{"mp":"\u2026 ","t":"//cint.securigard.com"},{"mp":"\u2026 ","t":"//cint.securigia.com"}],"google:suggestrelevance":[601,600,552,551,550],"google:suggestsubtypes":[[160],[160],[160],[160],[160]],"google:suggesttype":["TAIL","TAIL","TAIL","TAIL","TAIL"],"google:verbatimrelevance":851}]

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 15, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	498
Entropy (8bit):	7.425263620332123
Encrypted:	false
SSDEEP:
MD5:	AD6D7C2216EE7A714E417F69921DA3BB
SHA1:	73CF7EFDBF4C2860313B431F12ABA6F5CBEBD955
SHA-256:	BDACE5CE08B9AE624D48603074804EF3097778C3580A53B7C4EB3F00E8F0B1DF
SHA-512:	0C71637BD9F3C535D2A68A11506D607EDD71CC3F2BCE7D6D5931906BCD1691E4E5D1EB7AD5D40B7BDBFEED11AFABFD05B375E189C09E7DDB859099CC692C22F1
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSmoUWqZKQOMfbdrBUjQmggZdkfXEMO507jwi0jqiI&s=10
Preview:	.PNG........IHDR...@.........c.9U...iPLTE............................70.nk.2+.#....D?........'..LG.ZV.xu.~{...>8...a].sp.SO.jf.................DIDAT(...Q.. ...V...Q..87...#..-....\. ).b...h...n...y.D.@.....y.>S<.0..= ..`Fj.%q.a\&.......M#D.x{Cd>..'..r..f(.5....mCJ..5.p.V3..1 q...k.....#h..L........\|.-.q..^.......q.KEt{...h../...v-~.^...2r_.J.........L..T..p3.....-....G@.....3...........%.(..a......p.^.b@-}0.}...K..3L.....)../.N....!..r...8.4......o...6...H.s....IEND.B`.

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (704)
Category:	downloaded
Size (bytes):	709
Entropy (8bit):	5.069432259340777
Encrypted:	false
SSDEEP:
MD5:	E3F79F7299DA6CBC6F5B5BEA5745903E
SHA1:	209D993F831336446284344BCBA62C4202D41F1F
SHA-256:	D81DFE659BD50F482EA58563AC9823E194A0F17E78E245743212AF924A2E2BF4
SHA-512:	62B5A2B06A7BC53A84353A92BE521CAEA18E96475D062CC05E0C3CF17E43881B9F7AA6456D2023E81133C5BDA2883BDD47E22C99F20E03D9519E4D7066204E5A
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcin&oit=3&cp=11&pgcl=7&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https://cin",["https://cincwebaxis.com","https //cinezone","https //cincsystems.com login","https //cinezone.to reddit","https //cincinnati.citation portal.com","https //cinezone.to alternatives","https //cinezone reddit","https //cinepacks.store free","https //cine-med.com login","http //cinehome.net/androidtv sign up"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestrelevance":[800,602,601,600,555,554,553,552,551,550],"google:suggestsubtypes":[[44],[512],[512],[512],[512],[512],[512],[512],[512],[512,10]],"google:suggesttype":["NAVIGATION","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"],"google:verbatimrelevance":851}]

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (793)
Category:	downloaded
Size (bytes):	798
Entropy (8bit):	5.1812882494346555
Encrypted:	false
SSDEEP:
MD5:	52C1916E532F716154B14626E8C7EAB5
SHA1:	99313BD4FA52BD5DDFF20E5FDB10B2549A489BFD
SHA-256:	03F8F633424A20408D567F7D3C7DB1563F88AA7846D78CAC39C0BB99D3DDEA00
SHA-512:	A1DA11642F88AE62E1FADECFCDF16EC557516CDD60684E93C44621D7DBF54047987BE7E2D0750B2D443190D249DFA84476853E96D4D750C8604C66385E265CBA
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["",["airbnb beetlejuice house","bowman gray bobby allison","birmingham airport evacuated","apple ios 18.2 beta","top gun maverick plane crash","netflix cobra kai season 6","james wiseman injury update","playstation stars rewards store credit"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (649)
Category:	downloaded
Size (bytes):	654
Entropy (8bit):	5.190320618665789
Encrypted:	false
SSDEEP:
MD5:	A47CF575A78E4544A57EAE49081874B0
SHA1:	24A96CCFD3DC572E5D09667F221B2F963E3F8B75
SHA-256:	8B8623D2CA2B17F055F0DB08BBF00EB23F411681EC655EC8683003E8B6D7FF42
SHA-512:	292AD3639A29363C64BBAE58F5FC2EE7663613F2D87405F5E7D6B8B547C5AE4C26936C302A089FB1C05F72BED777A901A0C46A3B8873AE8E6ED6F7CFC25328C9
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=htt&oit=1&cp=3&pgcl=7&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["htt",["https","https //kahoot.com join","https //quizlet.com live","http status codes","https //www.gimkit.com join","https //kahoot.it login","https://www.google.com","https://www.facebook.com","https://www.youtube.com/","https://www.yahoo.com"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestrelevance":[601,600,553,552,551,550,403,402,401,400],"google:suggestsubtypes":[[512,433,131],[512],[512],[512,433],[512],[512],[44],[44],[44],[44]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","NAVIGATION","NAVIGATION","NAVIGATION","NAVIGATION"],"google:verbatimrelevance":851}]

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65531)
Category:	downloaded
Size (bytes):	134372
Entropy (8bit):	5.437201818898206
Encrypted:	false
SSDEEP:
MD5:	1C859B45621A0C1CB797617FB6D9480A
SHA1:	0C903322C59FB864725380895C248B9083FC5152
SHA-256:	ECE65A2CACC7EE8B0DE1CE9BA5B0D0942B7524D7E7D73489703A7974AA72AE8F
SHA-512:	BCAE99C7FB9ABA8FF51242179CAB76E18F1F57A2BE65028F6B169D0EDEF815C092E1D3221014904CC68BC930E8FE460EA13159B6F33BAD30E530944EF2D8AD37
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
Preview:	)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_1d gb_Pe gb_pd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Od\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_jd gb_nd gb_Ed gb_kd\"\u003e\u003cdiv class\u003d\"gb_vd gb_qd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Jc gb_Mc gb_Q\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1302)
Category:	downloaded
Size (bytes):	117949
Entropy (8bit):	5.4843553913091005
Encrypted:	false
SSDEEP:
MD5:	A5D33473ED0997C008D1C053E0773EBE
SHA1:	FEB4CB89145601A0141CC5869BEDF9AE7CD5CB80
SHA-256:	14C27BB0224FCF89A43B444B427DABE3D0AF184CAA7B6B4990CE228C51AE01C1
SHA-512:	3C0A48F9FA05469F950D9A268F1B3E9285A783A555EE597A2E203B688EB0FBCAEA3F4DE9BC8F5381C661007D0C6C4AFA70C19B7826D69A0E2A914A55973D14BD
Malicious:	false
Reputation:	unknown
URL:	"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0"
Preview:	gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x800000, ]);.var da,ea,ha,na,oa,sa,ta,wa;da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);na=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2287)
Category:	downloaded
Size (bytes):	173904
Entropy (8bit):	5.557015392120516
Encrypted:	false
SSDEEP:
MD5:	07A6DC0B4F6E097C1D0A15202E2529F9
SHA1:	3F90C96ABF30EE11E87D944BDA7B46F97C105B6C
SHA-256:	68C28B4DAA8F9DB9762ACB567C6787DA7EBE34F2012BA76239482DC980422C34
SHA-512:	C8C7FE5696DC1258889D03F988B1A534DE50B0059A243769E258F6A7991ADB3BA2F9079F47E48F453FFD03A3CC3169D5A12F6458A7F04958D17A27D7D5CC3DD3
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.JsvYdB1VlTQ.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTt6VjuqvFHGTQ7vz8QgRv0QbbEJTQ"
Preview:	this.gbar_=this.gbar_\|\|{};(function(_){var window=this;.try{._.lj=class extends _.Q{constructor(){super()}};.}catch(e){_._DumpException(e)}.try{.var mj,nj,pj,sj,vj,uj,oj,tj;mj=function(a){try{return a.toString().indexOf("[native code]")!==-1?a:null}catch(b){return null}};nj=function(){_.Ka()};pj=function(){oj===void 0&&(oj=typeof WeakMap==="function"?mj(WeakMap):null);return oj};sj=function(a,b){(_.qj\|\|(_.qj=new oj)).set(a,b);(_.rj\|\|(_.rj=new oj)).set(b,a)};.vj=function(a){if(tj===void 0){const b=new uj([],{});tj=Array.prototype.concat.call([],b).length===1}tj&&typeof Symbol==="function"&&Symbol.isConcatSpreadable&&(a[Symbol.isConcatSpreadable]=!0)};_.wj=function(a,b,c,d){a=_.zb(a,b,c,d);return Array.isArray(a)?a:_.Qc};_.xj=function(a,b){a=(2&b?a\|2:a&-3)\|32;return a&=-2049};_.yj=function(a,b){a===0&&(a=_.xj(a,b));return a\|1};_.zj=function(a){return!!(2&a)&&!!(4&a)\|\|!!(2048&a)};_.Aj=function(a,b,c){32&b&&c\|\|(a&=-33);return a};._.Ej=function(a,b,c,d,e,f,g){const h=a.fa;var k=!!(2&b);e=k?

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 43x64, components 3
Category:	downloaded
Size (bytes):	1376
Entropy (8bit):	7.572413179764594
Encrypted:	false
SSDEEP:
MD5:	25535717BAAD2302FE256708C0639284
SHA1:	003C123EB8D45990C5642815C63977B6595551B0
SHA-256:	22819D27B03113D9EE3BFF412FCBA5BC13BF91CC9E725EE3BBC5B079E6081DCD
SHA-512:	1B73F55130AB14EAF2B8F0B98A7C88094AD9B28B84A651D14356A8B0E506244F8AACF34DC3C2EDDE3C9CA263D6CD5309DEEC0E8DE743223CABBA23A35C4D5FB2
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ-MLAllISftS0nfUPm37TIe5o-9cxPmJfLVsseVR8&s=10
Preview:	......JFIF......................................... ."" ...$(4,$&1'..-=-157:::#+?D?8C49:7...........7%.%77777777777777777777777777777777777777777777777777......@.+..".....................................1.........................!1.Q."Aaq....2....$3B..............................).......................!.1..Q."2Aa...q.............?...FM-:.....Z..K.7;...... ...4..MeKUZ..........l...V\..:.J.f.....-.Un.%...4...7.=..}...t.....\.P..S.;........K..r.y..........l&.g.....Eqk.\.[{....g..-i+...W.pO&......I.b......@..j.....^d.....E.............L........i....jii\|.'P.{j....c..z..'...m.l.S.DyEV.i..9.&0".PfMH.V.IA....{\|q.....uh.r.$7....E....k...../.Jy..Du4@3D....~....LF....S.n..S......E4.P.-@F....5.;...s..3<...2.... ..w....q...\.w.>.g...d.OL.$.....U...B.Ba@d.R............2_..2hik.Z.....Pn.n....i8E.E._L1...k_k..;.h......{.M......#;r...3.Ty.....SgJ..H.P..c!.....o.cI3Z..^Md..l..R~..T.T..a.^r...rA..v..`.e....W.)^:.......LqBB\|Ua....6.#.H..)..F.$...qn=..R.y..t1....u.(..

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1073
Entropy (8bit):	7.718402158883527
Encrypted:	false
SSDEEP:
MD5:	E20F3040AF6E46DDF52E672FEE59BFF7
SHA1:	345A3B0332D3C6B6039E61C629BD29A5765B4C27
SHA-256:	6738B0AF349A2DB9D6D7AF00FCC4D1AF8CC898EDAA453D21858139C977A8043A
SHA-512:	8AEA819282F8673F2BE01D1D66DF3266C48436B653C10C80BD62FC8A7A8C513DC3382EBDCCA342D5DCD4F7959185B1486C6B0F8D6994210D93D212EDC537F7A1
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT_x9l0oI_aZK7HXcSLOZMMLy07HzC5DLCxrNg2uSayvHDarwZEdjh5eCc&s=10
Preview:	.PNG........IHDR...@...@............iPLTE.... 3.....1...........-...........).........4C..$.............s{.[e.:H..T_.&8........KW.fo.DP.m......IDATX..W..0.t..\..j....%...$&3W....eW....?.WU...O.q.SD.'e....s.).xT.G..?..6.".j.hJ....1.].%.......F$L:..$cq.?.O..":....q..C.\...A..........ey,..J...;.......u...rGI.m....@..eT.7...(..B....I.6.D....(..@.)...}E..&..e./.L.[.B..&.Z5..29...@....fEU../.....7.T.v....F.....F..#.N.....H.c...._....@...x..jL.;].L"k].&..UAN......_..s.;..]...........e\|..eP...5....+&..k..c^....;.X`8..~ok..*Ni1..7...\|~Nl..........hup....TR....c.-.Z.O..V.....j!.Y.]y....\|t..9i.....=K.k..4.......t.t,.....u.... ..olj(...i..Z..^.S....TH..wd...'....[!3....C3...H.i.....%Z8....s.{.....'.p~.Bk.8.<&K..w.n.v.S..p.-^r.............G.Iu.]...D..9.....8..OC..z...+C....R.....T..H,y.).=.....\|...Ygs.r.Q.B"w9k{I.y.W>.......>[t.@...vU.O.\2.c.Y..i..cCN.....8.!2........I.i-..4.Rui/]P.{...t.!;..R)-t.DQr..p........'.?...e...2..V....+q@&....YI..r!B.....[.

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (721)
Category:	downloaded
Size (bytes):	726
Entropy (8bit):	4.857837423344741
Encrypted:	false
SSDEEP:
MD5:	70EE3FE011076473FD0A2E292E732AF5
SHA1:	287A2BF70E781EF2DB736D95A10FC9BFF5BE3DA1
SHA-256:	7205C3C529FF1FDD75E6AB57DFC9EBED37916D9B7C7C37C0AB183B0C4FBCF1E5
SHA-512:	C3F9444FDA7CA522671A9E8A5B2AA4BE82D9694EF55C7FD1BADD3DC9C7F70D8CA7CA3F4BFA3854C3B3837CCA0AC46827FB0573BC4D3336C06258960118E52FA4
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcint.securi&oit=3&cp=19&pgcl=7&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https://cint.securi",["https //cint.securitasinc.com","https //cint.securitasinc.com login","https //cint.securustech.net","https //cint.securitas.com","https //cint.securustech.net login"],["","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"mp":"\u2026 ","t":"//cint.securitasinc.com"},{"mp":"\u2026 ","t":"//cint.securitasinc.com login"},{"mp":"\u2026 ","t":"//cint.securustech.net"},{"mp":"\u2026 ","t":"//cint.securitas.com"},{"mp":"\u2026 ","t":"//cint.securustech.net login"}],"google:suggestrelevance":[601,600,552,551,550],"google:suggestsubtypes":[[160],[160],[160],[160],[160]],"google:suggesttype":["TAIL","TAIL","TAIL","TAIL","TAIL"],"google:verbatimrelevance":851}]

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:
MD5:	444BCB3A3FCF8389296C49467F27E1D6
SHA1:	7A85F4764BBD6DAF1C3545EFBBF0F279A6DC0BEB
SHA-256:	2689367B205C16CE32ED4200942B8B8B1E262DFC70D9BC9FBC77C49699A4F1DF
SHA-512:	9FBBBB5A0F329F9782E2356FA41D89CF9B3694327C1A934D6AF2A9DF2D7F936CE83717FB513196A4CE5548471708CD7134C2AE99B3C357BCABB2EAFC7B9B7570
Malicious:	false
Reputation:	unknown
Preview:	ok

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	17297
Entropy (8bit):	5.477195387164124
Encrypted:	false
SSDEEP:
MD5:	5C72B136245EAAD6F7D7E13E9AEA7285
SHA1:	7FBEA1B9AC1296990397A1F91378E4170304A0EF
SHA-256:	B76D27982936D60E4B452CDD391B7B1D2D2A9CC17BF27A6C91ADDAA8F868B58E
SHA-512:	D7173FE2F5C758131C2E1E9A4F4B15408AAED1364D9863ACD687E40372EBB41984B88087E2E554DFBF7CFE14D935E34F0F25802FB25E5B27B5E0A9305AE0E103
Malicious:	false
Reputation:	unknown
URL:	https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900&display=swap
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2JL7SUc.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2ZL7SUc.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. font-display: swa

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1183)
Category:	downloaded
Size (bytes):	1188
Entropy (8bit):	5.677492199114257
Encrypted:	false
SSDEEP:
MD5:	D46CFE1065E83AF36C699C681CA64CBC
SHA1:	31012C9FC8FBB4179703C094BCF40D75CD81F69C
SHA-256:	026F86829A4131FE6A546A05E5FC18B941E879731A931BC032D604BE35ABFED9
SHA-512:	AB056F2F085E206934C279A4280246110D48B65BCF47D9DB7737398F7FE24CB526290BB82198ECB0FF38CF0B2BFBD57DB4E7E0611695E6496DA4496FC850B485
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fcint&oit=3&cp=12&pgcl=7&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https://cint",["https://cintas.savings.beneplace.com","https://cintexwireless.com/check-status","https://cintexwireless.com/","https://cintas.primowater.com/","https://cintas.sharepoint.com/sites/intranet/","https //cintra.co.uk login","https //cinta setandan pisang","cintanya aku","https //cinta tak harus memiliki","cintas https //account.cintas.com/online/login"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"pre":0,"tlw":false},"google:suggestdetail":[{},{},{},{},{},{},{},{"google:entityinfo":"Cg0vZy8xMW42MV83eDJmEiZTb25nIGJ5IEFyc3kgV2lkaWFudG8gYW5kIFRpYXJhIEFuZGluaTJkaHR0cHM6Ly9lbmNyeXB0ZWQtdGJuMC5nc3RhdGljLmNvbS9pbWFnZXM/cT10Ym46QU5kOUdjVFNSZHBCV01PV3JYUkppazJzRUdMQm9DV3V4SnQwMEg0R0psSlBqeDgmcz0xMDoMQ2ludGFueWEgQWt1SgcjNDI0MjQyUjtnc19zc3A9ZUp6ajR0VlAxemMwekRNempEZXZNRW96WVBUaVNjN01LMG5NcTB4VVNNd3VCUUI3eEFqNXAC"},{},{}],"google:suggestrelevance":[852,803,802,801,800,601,600,552,551,550],"google:suggestsubtypes":[[44],[44],[44],[44],[44],[512],[22,30],[

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1657)
Category:	downloaded
Size (bytes):	269745
Entropy (8bit):	5.487162485118682
Encrypted:	false
SSDEEP:
MD5:	7BA1D0469C7EA6CF400D41826CBBAFEA
SHA1:	0E5D82AB6CD9E3A02E19F181A4D042823FE3DA1E
SHA-256:	F0C5D30EC2637CF1B0E689AA43F425FAEFA0E996375126CE8FE37087BBD6ABF9
SHA-512:	70F59A661EC1A7CB624E76812613F17631132C9999BEF6A3F68ED407D6F05C3E18CB25AEF2B6880F21916F9E6EADBFB5CAB504C193425D95915CCA12059E8512
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.HyLTZ-VVzwQ.es5.O/ck=boq-one-google.OneGoogleWidgetUi.GggoXlw0wTY.L.B1.O/am=gDAYMGw/d=1/exm=_b,_tp/excm=_b,_tp,appwidgetnoauthview/ed=1/wt=2/ujg=1/rs=AM-SdHvnaX27gCDIp4WyJbtluL3aRIPNSw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,aDfbSd,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,s39S4,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,QIhFr,ovKuLd,hKSk3e,yDVVkb,hc6Ubd,SpsfSb,ebZ3mb,Z5uLle,MdUzUe,ZDZcre,zbML3c,A7fCU,zr1jrb,Uas9Hd,pjICDe"
Preview:	"use strict";_F_installCss(".KL4X6e{background:#eee;bottom:0;left:0;opacity:0;position:absolute;right:0;top:0}.TuA45b{opacity:.8}sentinel{}");.this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.zA=function(a,b,c,d,e,f,g){var h=(0,_.Pd)(a.wa);_.Ec(h);a=_.se(a,h,c,b,2,f,!0);if(g){if(typeof e!=="number"\|\|e<0\|\|e>a.length)throw Error();}else d=d!=null?d:new c;e!=void 0?a.splice(e,g,d):a.push(d);(0,_.Cc)(d.wa)&2?(0,_.wl)(a,8):(0,_.wl)(a,16)};_.BA=function(a){if(a instanceof _.AA)return a.j;throw Error("x");};_.CA=function(a){return new _.AA(_.La,a[0].toLowerCase())};._.DA=function(a,b,c,d){if(a.length===0)throw Error("x");a=a.map(function(f){return _.BA(f)});var e=c.toLowerCase();if(a.every(function(f){return e.indexOf(f)!==0}))throw Error("ia`"+c);b.setAttribute(c,d)};_.Et.prototype.jc=_.ca(28,function(){return this.j.length==0?null:new _.H(this.j[0])});_.H.prototype.jc=_.ca(27,function(){return this});_.Et.prototype.Ja=_.ca(26,function(){

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x24, components 3
Category:	downloaded
Size (bytes):	943
Entropy (8bit):	7.291763066403196
Encrypted:	false
SSDEEP:
MD5:	E3E248F5A1282D5BD96DDBF30D2B01C1
SHA1:	C097B11C9CC0FF6BACDD4F61F6E8CDC53AA78C47
SHA-256:	3E81B304C3294DF2BE820F7DEA1DD6FBBD498ECC94D84A2D3851644FFC909FB4
SHA-512:	0F899A25D3F08AFD2B9FBD75150F7B8DAC864C95D385BB61A0EE58D0678DB3123C3443B7FDE48E3181D979143C052A11C39758BD8D6627406B00DB9B8CBF0709
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRpP7YAcV0kuxUfxWcFihy_UbQH_qwJcDYJjhcKy3g&s=10
Preview:	......JFIF......................................... ."" ...$(4,$&1'..-=-157:::#+?D?8C49:7...........7%.%77777777777777777777777777777777777777777777777777........@..".......................................,..........................!1"Qa..2#AB.b......................................................."1Aq..............?....-....,.1gwl.'.'ZgM6m....e..u.,.ORL.......F...n...Q....'..2.......9.dt`[68H..)bG..Q..@c.r.....u..[.~.I. .a.X.w$..[.......I.{..h}C..m..lKbK...p..$...\|.d......'.\W...4!..,..p...........^...r.:.%.Lp.43.lVH.Guo...9....G...`.fk5.;.S_...n rU .{..dg.E>J..L....>u%y.<s..6.....x ...z..k..(%h\...T.Q.2p..#U..v...]..}-.X.J.2....q..Vc..=...NM.....5X.A...z..+...$.@:.M......=...,.I(.EE...5X..}.4..\|.=.3.r-.Q.:A...wNg.8Uf8....N...M4.u.[l.."+j.....>.9P.{v.A....4....V...\...z.5q..>...n.~tEb:PS....:S...k7.K..B.0...b3........X.a..u..4....&Y....0.U.s.{.;....TMV.6.....0.y.9..........P....G..

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (345)
Category:	downloaded
Size (bytes):	350
Entropy (8bit):	5.100618961869237
Encrypted:	false
SSDEEP:
MD5:	6F2C3E965BFAB33A525E89F0217B7ED3
SHA1:	EF7D8721F6151FB7E10AA34B220C61F333C93C86
SHA-256:	B930D1B02D1EA00B342D90C81659370B3D5A5F88A0356F6421A8D4F74788DEF7
SHA-512:	46DA85043FDADA1CDEFF2A0E7B0110E3DC81C836DEEEF481649710FB2DD55F9CD829DED6D9BB38283A1BFB869A7DADC86C62B1FBB3BDA9C318A3F561D31B4AA6
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2F.securiguard.cc&oit=3&cp=8&pgcl=4&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https://.securiguard.cc",["http://securiguard.com","http://securiguard.staffr.com","securiguard.com jobs"],["","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestrelevance":[852,800,600],"google:suggestsubtypes":[[44],[44],[512,13]],"google:suggesttype":["NAVIGATION","NAVIGATION","QUERY"],"google:verbatimrelevance":851}]

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3
Category:	downloaded
Size (bytes):	2242
Entropy (8bit):	7.780089748921312
Encrypted:	false
SSDEEP:
MD5:	B71582F45A9786B9C2BCACE3467F6278
SHA1:	830DC779F1C1975C4DE283D1073590C3F0FE514E
SHA-256:	793A73DF45EFF86AB24FD91A217F913DA9820C5DAA9F2BF979345D635CF0F691
SHA-512:	95B6926853BEB8DC9D2E1A7FCE979C8A929C045B3044FB2762A5D4BE0FD3C81C1E8B0F0359C172B6C9A0A716B29398ED0C32432DD9B019D29A72CC126768D946
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ4CdKol0pfMynVCH9mza4oldSXMfy7TM0uLY1MwV_-EDqvlVX4VKzB1v8&s=10
Preview:	......JFIF......................................... ."" ...$(4,$&1'..-=-157:::#+?D?8C49:7...........7%.%77777777777777777777777777777777777777777777777777......@.@..........................................1.........................!"1A..Qaq...2B....%3.................................1........................!1.."Aa.2Qq....b....3B.............?......E..E..Z...m....o..]..Kx6".O.`V<..X..C\x....8.c...c.....3...U%,u..,21X...s......64W..jip.&=..f....mH......!..@m..2.U..p...R..<.....5....54.Z&S.......u.'.A.%]d:...g@..j.....K.~.....q.....!.....\..bx.n9..`.I#Zb[d7c.m...Z...%..Y.s.t........u.....o.].Z5...W.i;..~....-.h.X..M.~c...w.4...P....Dz.(.4.i(..p...\|T.....W....T....Vj..X".@%......Qq.!...AQ{UM..yZ`....Z...k.... .45..xcM.P.L..R.(.6%......[RN....&gy.....}Q..L...:I$..3.&..x..@m..LRX..V..u....... ...i....O$r...?.1.W...E.AMO...C~",p..s.i.*>...l.q..A.U..J.....`...g.l..s.`n......1....sJZ.....D.(.&F..`,.....w..E.q.B:c4x\.?........N.E.T..ljc@ce;.....i.'..gK.v.j.-.Ds,O..

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	147
Entropy (8bit):	4.746302271534817
Encrypted:	false
SSDEEP:
MD5:	583140AA2FC83366DF81A3CA84B518DE
SHA1:	59D86D4DE7E435AE0EF72A4931C664E94B76F9DC
SHA-256:	6B6BBF51343B8ECE4BB800253400F2A64C597C08BE6FAA215D72EA676AFDB644
SHA-512:	1E0A36939D1F13909BFE62D0BDF0DE6C1ACF08FB06D119DA3D16820861465EDF85820BE6CCD179113AF9307F049AD9B9FFEA75EAA99AB640E1E3ABD2C30AA085
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fimp.securiguard.cc&oit=3&cp=11&pgcl=4&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https://imp.securiguard.cc",[],[],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggesttype":[],"google:verbatimrelevance":851}]

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	148
Entropy (8bit):	4.748270654481893
Encrypted:	false
SSDEEP:
MD5:	752424188A3E741C60296DFAE810BCD1
SHA1:	D4DEB23022433CD04A5DA7FC125FA9C343C95D6A
SHA-256:	5ED87B27FA16CCD44C7F4684148B5BE57C607BDECC4C44C14DF1E81FEEF58657
SHA-512:	C1EFC6C10EE24A75F206DDB1444F213B19965B99AEBCE5CC80206CBCE07087C9F3EC70475778A5BBAEEA9E829ACC4497EDF94B51A047039494CE5356D7476B88
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fimpr.securiguard.cc&oit=3&cp=12&pgcl=4&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https://impr.securiguard.cc",[],[],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggesttype":[],"google:verbatimrelevance":851}]

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Category:	downloaded
Size (bytes):	48444
Entropy (8bit):	7.995593685409469
Encrypted:	true
SSDEEP:
MD5:	8E433C0592F77BEB6DC527D7B90BE120
SHA1:	D7402416753AE1BB4CBD4B10D33A0C10517838BD
SHA-256:	F052EE44C3728DFD23ABA8A4567150BC314D23903026FBB6AD089422C2DF56AF
SHA-512:	5E90F48B923BB95AEB49691D03DADE8825C119B2FA28977EA170C41548900F4E0165E2869F97C7A9380D7FF8FF331A1DA855500E5F7B0DFD2B9ABD77A386BBF3
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Preview:	wOF2.......<.......l..............................`...\..p?HVAR.m?MVAR^.`?STAT.N'&..>/l........>....0....6.$.... ........[..A.2v.6......$..e...w"../.L.p:......Tpc..8@.[5......d#d.xw..o.O3-.....%..>...%..)~p.K.J.H..S...s..z..Wa.. 0\..J.....BL;V..-.L...j....^.9..HO l..,..6.v....?....x.....m..;....a![zif...Ur...Q..P.&.I1..:n.p...j~..h...9.!....@.<.bl\|.Y?h..B.j/..rH.S%/~.^D...6..D.4G...y....Y.....=/o..W..5ryo.d?.gA]..?...1V..S......7ZJ...f....mBG[0eW....y..%B}..]? ...,sR<.y~.~.}.%.!..,X.....`...R..^....S.....u.?k.v.k..U.u..M..`!...b!..X)P...y{.........n..T+6...R......L...x}...g...].g"WT.b..h ....X...=;{w...QO.s..w..@.(,..........{.........1..@...(...\.......9..2.h9P.G........K.Dp...F..4W..ui.u...G...s..x7.?..tg..D..O.sA..t.t.4..~..e\...X.....T..kf.qfX..=^_....g"....De...x[J..A..).G.YUhR.....0.l..#&3.'.K.............$I.Pp.../.s.<@...r=..S......d..P.S.B.w.~X..ZK....h J.`A.bv,=.....>1.Ev.^..U.A. ....EU..].........dw..!$.A`..B.._.....Z~..!..J..l]r.m}m..

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 106 x 5326, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	140703
Entropy (8bit):	7.983127067940613
Encrypted:	false
SSDEEP:
MD5:	EB7895BA582FA7CBA9531AB42D9ED8C2
SHA1:	740B43A2997F24D6859896BB46541BA2CE208F8A
SHA-256:	4966326CB66EBA65E26B589887981530EEB795373529563244F4F29F18CAB78F
SHA-512:	B405FE99FFF3F9FBBC2849F4DEAC45CB3CD252A66E7F11FB20ED16E93AA0D63C752569BF42961910ADEBF0915388725FDBA531283C9FC963B7B4221E066A357F
Malicious:	false
Reputation:	unknown
URL:	https://ssl.gstatic.com/gb/images/sprites/p_2x_eb7895ba582f.png
Preview:	.PNG........IHDR...j.........E=/...%fIDATx......... ..6.T1.............=.Ir....fn.....Cl.b..Bl.m.f!..[.N....M...}......^..E.AF.U@.}P.@..;y\|.......m.\f....c2@;."+e.7=0....}.V..5s..>,..........Y..5....:5\|...Z.%2..'L..>.S1I.....`1..%1?f..t ....C..c..`...Gx...V.P%.....G?].d\|.Gq9~FV.P%...X.=%.g.x.Y...X..I^.x.P.....6R.....y..`]l.3.FX..<B..6.3I?l..y....]^......F4t.....t..jh.&..Y.P..h..I.#P....9$.....EOI.zb..fGU.f..j>t..J..=5../f..(...Ks.),..&TB....DU.f......9.....\.$..3f.!..C.Q.2b.'......f..@.....3T&_!J...:W\.E.....~e1C....4..v..9.8..+..Yc..C.-..G..UW..<.(.9b..n...u.\w.[mE...&.........e......B.R.......n...:.j5.l.y....5.p..,.`.U..k.pN8.k.e.]..5...f.Wx.u..!..iF%..jEM3.>..^.k........+.......v...R$i.W...w.u......DJ3..<.G...K..n.TE.BM......>...&)....#....[....{..?+./.....{.m1#..sF.F..E0~<.?.u...k..(..F..U..,.....%...L...^l.....6.J%....[o..B.z].al.P?..=.6rd...+..O4.v...`.....L:.f...Zc.o.&..Z.hNm.6...vI..12f..."iT.......%......jx..;M.

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1660
Entropy (8bit):	4.301517070642596
Encrypted:	false
SSDEEP:
MD5:	554640F465EB3ED903B543DAE0A1BCAC
SHA1:	E0E6E2C8939008217EB76A3B3282CA75F3DC401A
SHA-256:	99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
SHA-512:	462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	94
Entropy (8bit):	4.648751656165808
Encrypted:	false
SSDEEP:
MD5:	E96DDCEB1C305B9AD21EAAE42522C26F
SHA1:	AD08AE39A71ED5BA992B8B5DABC450D046354696
SHA-256:	9221CFEDFC5E03790F46C7890BCA21FCC47C5788D89DAB0AA0799C492B6AE78A
SHA-512:	1CC850F76467645447E9935F4DE13EDE698727B4FB598C7BD36DE2779596D8B5A85CB94B0CF1FB2259AD1D988F1F199E3F4C310DFDC22FCDD378B8E773F0DBD5
Malicious:	false
Reputation:	unknown
URL:	https://fywiei.com/favicon.ico
Preview:	<html><body><h1>403 Forbidden</h1>.Request forbidden by administrative rules..</body></html>..

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (748)
Category:	downloaded
Size (bytes):	194426
Entropy (8bit):	4.948731855873592
Encrypted:	false
SSDEEP:
MD5:	6D14D2AD3C8086CD0993722D6705C292
SHA1:	CA28C5CA094B503749C9CE4BE657DFAA5F419CBE
SHA-256:	3FCEAE04919BE31542D01D7AF1E528F332DDDC6F6186FF44B32CE7B70CFD0BCE
SHA-512:	CCE14CCBFBB01DE3D68129642F491EC89DBFC986BDCF7304D78D74DDA9A4293323391762A4F46708EA249C015C27037243EE66849C9E69BC695B834A649E1086
Malicious:	false
Reputation:	unknown
URL:	https://cint.securiguard.cc/content-pages/assets/dependencies/bootstrap/css/bootstrap.min.css
Preview:	/!. Bootstrap v4.4.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors. * Copyright 2011-2019 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.:root {. --blue: #007bff;. --indigo: #6610f2;. --purple: #6f42c1;. --pink: #e83e8c;. --red: #dc3545;. --orange: #fd7e14;. --yellow: #ffc107;. --green: #28a745;. --teal: #20c997;. --cyan: #17a2b8;. --white: #fff;. --gray: #6c757d;. --gray-dark: #343a40;. --primary: #007bff;. --secondary: #6c757d;. --success: #28a745;. --info: #17a2b8;. --warning: #ffc107;. --danger: #dc3545;. --light: #f8f9fa;. --dark: #343a40;. --breakpoint-xs: 0;. --breakpoint-sm: 576px;. --breakpoint-md: 768px;. --breakpoint-lg: 992px;. --breakpoint-xl: 1200px;. --font-family-sans-serif: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";. --font-fa

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (579)
Category:	downloaded
Size (bytes):	56376
Entropy (8bit):	5.352424072003548
Encrypted:	false
SSDEEP:
MD5:	958D3F4DC6DF6A1DC69CAFF538D597DA
SHA1:	72E9D0ED070570D12E16F2616DBED4E55319A6F1
SHA-256:	5357D3283DDF27FC4156D8C48F95DADF544139B198C43DB3162C8CF18B3DE996
SHA-512:	D07203AF8E11CA401DE2B661DDBFADD3D401E03C277AADCA2E335E56348D674783AAD80AFBD738195B27B0962DE4EFF92A967D68E37A2202B6AA3B327D5D5692
Malicious:	false
Reputation:	unknown
URL:	https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Preview:	(function() {.var l=void 0,m=!0,r=null,D=!1;.(function(){function Ba(){function a(){if(!a.Gc)la=a.Gc=m,ma=D,c.a(F,function(a){a.tc()})}function b(){try{v.documentElement.doScroll("left")}catch(d){setTimeout(b,1);return}a()}if(v.addEventListener)"complete"===v.readyState?a():v.addEventListener("DOMContentLoaded",a,D);else if(v.attachEvent){v.attachEvent("onreadystatechange",a);var d=D;try{d=n.frameElement===r}catch(f){}v.documentElement.doScroll&&d&&b()}c.Vb(n,"load",a,m)}function Ca(){x.init=function(a,b,d){if(d)return x[d]\|\|(x[d]=F[d]=S(a,.b,d),x[d].la()),x[d];d=x;if(F.mixpanel)d=F.mixpanel;else if(a)d=S(a,b,"mixpanel"),d.la(),F.mixpanel=d;x=d;1===ca&&(n.mixpanel=x);Da()}}function Da(){c.a(F,function(a,b){"mixpanel"!==b&&(x[b]=a)});x._=c}function da(a){a=c.g(a)?a:c.e(a)?{}:{days:a};return c.extend({},Ea,a)}function S(a,b,d){var f,h="mixpanel"===d?x:x[d];if(h&&0===ca)f=h;else{if(h&&!c.isArray(h)){o.error("You have already initialized "+d);return}f=new e}f.lb={};f.Y(a,b,d);f.people=new

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3091)
Category:	downloaded
Size (bytes):	3096
Entropy (8bit):	5.9122228063775815
Encrypted:	false
SSDEEP:
MD5:	6C710B97B66A1FADA999ACECD43DD634
SHA1:	8CD8C02B44958D7957275E6D062EEE3722784B9C
SHA-256:	D6AF2D6FB35CAD08EBB51E007E00E78FCB3C9304A5DEAC7C824589F01D2140A9
SHA-512:	84BCD23C0234DBF4D9099F8895F04E84DDE08926344079EF4A4B1F9AE401BD920A2B5B2FFD665DB1D3DF645EFE6EB60141E568218A715D5F4A25E917D812F557
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=red&oit=1&cp=3&pgcl=7&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["red",["red","reddit","reddit","red","redfin","red ribbon week","redbubble","red robin","red lobster","red sox"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"google:entityinfo":"CgovbS8wOXY2anloEgkyMDEwIGZpbG0ydGh0dHBzOi8vZW5jcnlwdGVkLXRibjAuZ3N0YXRpYy5jb20vaW1hZ2VzP3E9dGJuOkFOZDlHY1E0Q2RLb2wwcGZNeW5WQ0g5bXphNG9sZFNYTWZ5N1RNMHVMWTFNd1ZfLUVEcXZsVlg0Vkt6QjF2OCZzPTEwOgNSZWRKByM0MjQyNDJSK2dzX3NzcD1lSnpqNHRMUDFUZXdMRFBMcXN3d1lQUmlMa3BOQVFBc2tRVDVwFA\u003d\u003d"},{},{"google:entityinfo":"CgovbS8wYng3Y3lfEgdXZWJzaXRlMmRodHRwczovL2VuY3J5cHRlZC10Ym4wLmdzdGF0aWMuY29tL2ltYWdlcz9xPXRibjpBTmQ5R2NRVFJaQzZiLWdTV2FoczZzdnVOWXp0LWZGdlJvSjF0ZEw4RzQzWE5BYyZzPTEwOgZSZWRkaXRKByNhMzJkMDFSNWdzX3NzcD1lSnpqNHRMUDFUZElxakJQcm94WFlEUmdkR0R3WWl0S1RVbkpMQUVBVWlBR3VncBc\u003d"},{"google:entityinfo":"CgovbS8wd190OHRmEgtGaWxtIHNlcmllczJkaHR0cHM6Ly9lbmNyeXB0ZWQtdGJuMC5nc3RhdGljLmNvbS9pbWFnZXM/cT10Ym46QU5kOUdjUS1NTEFsbElTZnRTMG5mVVBtMzdUSWU1by05Y3hQb

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (20800)
Category:	downloaded
Size (bytes):	51576
Entropy (8bit):	5.683827935195254
Encrypted:	false
SSDEEP:
MD5:	B80ADEF0341DFED473845298D722710A
SHA1:	C12195C253DCD5892A88F5FDE351AB9BB9D4B661
SHA-256:	AA3D9DAC80EF107CB957A3E58ACA0E253268AB97E1030341376AF87B49E8C264
SHA-512:	3774BC9C09B3A8E0E70B0C87D5D6CDF53E8A5E1361510150C750F2DFE3041737B1B49571B7A858D9343B48EA85AE93F590B769DDB4E280A3A787EC858987DBCB
Malicious:	false
Reputation:	unknown
URL:	https://ogs.google.com/widget/app/so?eom=1&awwd=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en
Preview:	<!doctype html><html lang="en" dir="ltr"><head><base href="https://ogs.google.com/"><link rel="preconnect" href="//www.gstatic.com"><meta name="referrer" content="origin"><link rel="canonical" href="https://ogs.google.com/widget/app/so"><link rel="preconnect" href="https://www.gstatic.com"><link rel="preconnect" href="https://ssl.gstatic.com"><script data-id="_gd" nonce="pIrCZprP0Ll0QpyFaJxKMQ">window.WIZ_global_data = {"DpimGf":false,"EP1ykd":["/_/*"],"FdrFJe":"1390853802646273301","Im6cmf":"/_/OneGoogleWidgetUi","LVIXXb":1,"LoQv7e":true,"MT7f9b":[],"MUE6Ne":"OneGoogleWidgetUi","NrSucd":false,"OwAJ6e":false,"QrtxK":"","Rf2tsb":0,"S06Grb":"","S6lZl":128566913,"TSDtV":"%.@.[[null,[[45459555,null,false,null,null,null,\"Imeoqb\"]],\"CAMSEh0X2eicEJbkAfaumhAKs5wNCg\\u003d\\u003d\"]]]","UUFaWc":"%.@.null,1000,2]","Vvafkd":false,"Yllh3e":"%.@.1729793717729409,146725674,2369508763]","ZwjLXe":243,"cfb2h":"boq_onegooglehttpserver_20241020.00_p0","eptZe":"/_/OneGoogleWidgetUi/","fPDxwd":[48691166

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	138
Entropy (8bit):	4.650339853182424
Encrypted:	false
SSDEEP:
MD5:	785642A39063479ED201F074A1BC3423
SHA1:	BE6D92AFF06B6E99B3A6946CAE6C407AF9CCF5DA
SHA-256:	9C57BD230BC430FDDB99BF649D1FED0B5A92360AC4204B6F48AA959AEDF5FC91
SHA-512:	4C67ACA229539928C144C1AFC2BF1162910AE49AF49E673B5F198D26DAAAFC364CE823BE0BAEB03007ABCA679695557CF85DC6AF7009DF883E73501A8DEFADEE
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=red.securiguard.cc&oit=3&cp=18&pgcl=7&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["red.securiguard.cc",[],[],[],{"google:clientdata":{"bpc":false,"tlw":true},"google:suggesttype":[],"google:verbatimrelevance":851}]

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3
Category:	downloaded
Size (bytes):	1092
Entropy (8bit):	7.403362894257278
Encrypted:	false
SSDEEP:
MD5:	07E6F4FA888A57D88090CA7C9E8384D9
SHA1:	2FCC14A34FCB5FDF5070CF0F3469BD2A6BB013A8
SHA-256:	777264E808FC9D57AE94196C95C6F10CBDE4AA97A8CDF65486F2AF748C0C95E9
SHA-512:	A13DA58320D32CD071D06BA1E51D8F0C666DCE53BCBF113E2BE91A74CD52D1E38011456A38A85B1F10E9DB104419AC411C796BE2F69C12711839349F261DAB05
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTSRdpBWMOWrXRJik2sEGLBoCWuxJt00H4GJlJPjx8&s=10
Preview:	......JFIF......................................... ."" ...$(4,$&1'..-=-157:::#+?D?8C49:7...........7%.%77777777777777777777777777777777777777777777777777......@.@.."........................................3.........................!1..Qq."Aa.....r....#24B...................................................!1.Q.2A............?..ri....H..7.....f...&.....Nsb^_.....JQ...+Y...-.G.+..\.2..@..m.....L/U....}~....]S.M,....c]............R..cU.dJ...g,..P................s:E...jl.2..G.....~.......q...P<=.!........Y....'`..I.M.<.....n..u]..8.JR.H.Q..T..W.v.:.....[g?..T.b....ZNQ[5.JZ6..L...Fr.k.M..t8.Ny...XN2.N..l.L.$-..IQO...NPw.......&..T...n..XF..D...^....R....8^.^..a.....-6..>..G..Y`R..R1.n...m.j.......$.>.u;t.npb.Xu.X...P...-.....H.t$..EP8n.8o..W.VT[...D..~SD.[.$..9..\(......U..9'.VJ-/............./..C..l....{..J.6.. .L@2..Z'.A..v..3.............J.......CG.ha.+. ...A.nmT.m.......A>....z..O6.Q..N5.2....G......aD..l.H}.>...X.%;. ..iA..:.Z..[.Z..............

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65531)
Category:	downloaded
Size (bytes):	93935
Entropy (8bit):	6.0836286479280215
Encrypted:	false
SSDEEP:
MD5:	88FCA997F5D42B1557E6006DCE83AA55
SHA1:	5A967F6C877D36723CE3E2A6BE8813E96C85BECB
SHA-256:	25746A3D0B5D6B34E157A1CD701A55EF44A957D7E3F80356E4DE81AF91F33A64
SHA-512:	2292B15E3A0229CB40630E64096A9091970AFAFF2EA934102A42950F9A53A8C21B99D099AC22542BE6D6CCDA5450F6EB51C945C368BAE23EE4481028ACDD8182
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/async/ddljson?async=ntp:2
Preview:	)]}'.{"ddljson":{"accessibility_description":"","alt_text":"Rise of the Half Moon","cta_data_uri":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAfQAAADICAMAAAApx+PaAAADAFBMVEVHcExwfqtsea9teq5ue65te61teq5ufa5wf6xxha5teq5teq5qd6x1gbFueq5wfK52iZ56grNue65teq5wgbhteq5ue65ue69ue65oeax4iap3iKt3iKp4iapcbKVlcqVfbqIvQKSttf3a4PZcaJSHkbyYobuIlbh3iLtXZZI1SIQ6S4M7TYY9Tog+UIsuQ4EqOmfHzN27yfk3SHsfLl49T4k9T4o+UIo9T4dCVI9GWJJMXZo3SpL+///19vf3+Pnx8vbt7fDp6/Hn6Ozk5uzi5O3e4ezW3O/R2O/b3+/f4/Dv7/Pi5/bK0+7BzO61xPiwwPWrvPOnt/Gise+arOmTp+aNn+GEl9h8jtB0hcprfMBjdbVdbq1WZqJRYZ9PX5VMWoxHVYg/T4A+Sno5RnAzQmowPmUuO2AqN1omM1YjMFIgLU8fK0scJ0YaJEIbIzsVHkAYHjQUGi4HDSwMESAKDRsQFioJDBYHChIFCA4EBgsDBAkCAwYBAgMAAAEAAAA5TH0eKUiAiJxveZQuPmwzRHNCS2qBkMoXJljm+f9BUoxEVo9JWpX8/f35+vq2xeuuvebU3ffP2fjL1vjH0vrCzvlAUYUlL00PGTkGETk1R3bY4PeTpdYOGlIrPGk/T56eseektufd4/URFiI+U4gmNWGjrMVgaYQlKjw/VYs7TYO9wc01RXgOERkyQXMCBR05SYEoOGQwQHCyt8TW8v/G7P9OWHbo///T1dwWKXS/xt8LHXclOXssPZZLV6k1MHk9QpxKYLIxMpJkcb9Sa7owKI0lFHwqIIMMEYQEB25NFZt1KLNfP6xWL51

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	145
Entropy (8bit):	4.726358633090166
Encrypted:	false
SSDEEP:
MD5:	8564D173F751C0119CB8173804A02B0E
SHA1:	2DCB646BC22C17CF6D83027D9F444EFFF4C5754C
SHA-256:	AA09714FF7C07702E1DF9AB63C31747C8D5B38607C28ADC1777DD4128730AD32
SHA-512:	7099D8ADEBC759EB41BD78CD19E89B80395BF3918AFD0DDA91761976E1BEF0283C16F95A4B0A0AED64FFC05DE1F1AFC0F5F2BD1679C6B1EDEF869DABF53AB9C0
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fr.securiguard.cc&oit=3&cp=9&pgcl=4&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https://r.securiguard.cc",[],[],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggesttype":[],"google:verbatimrelevance":851}]

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (786)
Category:	downloaded
Size (bytes):	791
Entropy (8bit):	5.129119241064812
Encrypted:	false
SSDEEP:
MD5:	1144977100147B7D44084D425EAB756C
SHA1:	28FAFEA2E7705A5AB8AE773555D0D7B5C6DCB194
SHA-256:	909DBBFE70CA34772AF396C40F4673A9B769F8C03953DD8076DC21BBCD52AAA6
SHA-512:	4586AA94FA3FBEE5BA3F4CC843B94D9620EA440A1E7DE027E8A4DBA98E3164AC7EBF09A28D8961BC8A32FB94F4A231D65C242AF365B81C0926449A90FCA1B66D
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=7&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["",["boeing strike contract","tell me lies season two episodes","ufc 308","the comet tsuchinshan atlas","frank sinito cleveland","warhammer 40k space marine 2 patch notes","venom movie spider man","american airlines boarding gate lice"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	755
Entropy (8bit):	6.600618306353217
Encrypted:	false
SSDEEP:
MD5:	8A71D9EEE38EF2B668AD94C87D507AC7
SHA1:	2C0E62D1F9957ACEBA17EA4899B78E4C1F3C7D1F
SHA-256:	1790340B482133805E34BEB1BD98087A837412EDCF4E924E54430F1C3E5360E6
SHA-512:	F9B78D995605C672BF123B46FA0EAC64AF4AA009FA337B789F500ECBF69050DC59997624913A28BCCD97FF4C8DBEAD814A94A38381AFB490208129D28E3C8289
Malicious:	false
Reputation:	unknown
URL:	https://cdn.mxpnl.com/marketing-site/static/favicons/favicon-16x16.png
Preview:	.PNG........IHDR.............(-.S....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE...xW.xV.wV.yS.yW.xV.xV.UU..@.xV.xW.xV.xV.ff.xW.wV.xV.yW.yX.zW.xU..`.xV.xV.wW.yV.xV.qU.xV.mI..U.yV.xV.xV.wW.wX.zU.xV.xV.xV.......xV.xV.xV.wS.wV.xV....e......0tRNS....(&.........R7,W.............O:0S.....+..C.Z....bKGD1...r....pHYs...\...\..<.7....tIME........)Af....IDAT......@.D...*........Ur#.N:I.#. Z&h+v.&.4.Y.....IH.c...1LD2.zb6_,EV.7..[v.S5b.8........"..z..2..I\]<.._...2e....h...^..;[..t...%tEXtdate:create.2023-03-29T20:26:04+00:00..:...%tEXtdate:modify.2023-03-29T20:26:04+00:00..B.....tEXtSoftware.www.inkscape.org..<....WzTXtRaw profile type iptc..x.....qV((.O..I.R..#..c..#.K.... D.4.d.#.T ...........H.J.....t.B5.....IEND.B`.

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5162), with no line terminators
Category:	downloaded
Size (bytes):	5162
Entropy (8bit):	5.3503139230837595
Encrypted:	false
SSDEEP:
MD5:	7977D5A9F0D7D67DE08DECF635B4B519
SHA1:	4A66E5FC1143241897F407CEB5C08C36767726C1
SHA-256:	FE8B69B644EDDE569DD7D7BC194434C57BCDF60280078E9F96EEAA5489C01F9D
SHA-512:	8547AE6ACA1A9D74A70BF27E048AD4B26B2DC74525F8B70D631DA3940232227B596D56AB9807E2DCE96B0F5984E7993F480A35449F66EEFCF791A7428C5D0567
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/og/_/ss/k=og.qtm.GZmhE2vV14w.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTuKvZ-nsYNivRzfGpm8QSi6tMFrvg"
Preview:	.gb_P{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ja{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_Ka{fill:#f9ab00}.gb_F .gb_Ka{fill:#fdd663}.gb_La>.gb_Ka{fill:#d93025}.gb_F .gb_La>.gb_Ka{fill:#f28b82}.gb_La>.gb_Ma{fill:white}.gb_Ma,.gb_F .gb_La>.gb_Ma{fill:#202124}.gb_Na{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3521)
Category:	downloaded
Size (bytes):	22053
Entropy (8bit):	5.41304679760341
Encrypted:	false
SSDEEP:
MD5:	08D44C8857573C459C2098F02BC251F8
SHA1:	D4BD0C4B428EBD184C5C1EA6C331BA1C87EC8B92
SHA-256:	9830BAE24B5950DAED52A956FFB1D0F170C1E8ABADCC7EA3458C4DE893ACB3CA
SHA-512:	EE893D1E634F4BE09DDA72CB9109C5FB65044E9FB0087E35EBFC0DAEC959280B2C777F935089ABB9984F77976FE8D98E69629132B11C5BD06CF43D7E43CD8233
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.HyLTZ-VVzwQ.es5.O/ck=boq-one-google.OneGoogleWidgetUi.GggoXlw0wTY.L.B1.O/am=gDAYMGw/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aDfbSd,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pw70Gc,s39S4,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,appwidgetnoauthview/ed=1/wt=2/ujg=1/rs=AM-SdHvnaX27gCDIp4WyJbtluL3aRIPNSw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{.var cG;._.eG=function(){var a=cG(_.Ne("xwAfE"),function(){return _.Ne("UUFaWc")}),b=cG(_.Ne("xnI9P"),function(){return _.Ne("u4g7r")}),c,d,e,f;return(f=dG)!=null?f:dG=Object.freeze({isEnabled:function(g){return g===-1\|\|_.xf(_.Ne("iCzhFc"),!1)?!1:a.enabled\|\|b.enabled},Eg:(c=_.um(_.Ne("y2FhP")))!=null?c:void 0,Ov:(d=_.um(_.Ne("MUE6Ne")))!=null?d:void 0,yg:(e=_.um(_.Ne("cfb2h")))!=null?e:void 0,xf:_.wm(_.Ne("yFnxrf"),-1),mw:_.Am(_.Ne("fPDxwd")).map(function(g){return _.wm(g,0)}).filter(function(g){return g>0}),.Ez:a,rV:b})};cG=function(a,b){a=_.xf(a,!1);return{enabled:a,Ht:a?_.Ud(_.xm(b(),_.fG)):Jia()}};_.fG=function(a){this.wa=_.x(a)};_.E(_.fG,_.C);var Jia=function(a){return function(){return _.qd(a)}}(_.fG);var dG;._.p("RqjULd");.var Via=function(a){if(_.n&&_.n.performance&&_.n.performance.memory){var b=_.n.performance.memory;if(b){var c=new XG;isNaN(b.jsHeapSizeLimit)\|\|_.Df

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (708)
Category:	downloaded
Size (bytes):	713
Entropy (8bit):	5.208455073909858
Encrypted:	false
SSDEEP:
MD5:	5A3DA460A7A607D97C78A825F9C01E05
SHA1:	F5BC4079B5A994C721C0206C11A8698174995A57
SHA-256:	DCEA8A075C713432DEE892C2E4EF0C64E057A03655627FA246824A752C267122
SHA-512:	5E02B87A5815E6C12AF4DC9581E456436451957C19EDBDCE873E972B9E9E0EDAB98BE3DD1D855AF2B6C1530119BBB350EFBF74A41670B7757BAD8742A5383DF6
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A&oit=4&cp=6&pgcl=7&gs_rn=42&psi=cxQK0eotZj9xW9M0&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["https:",["https //kahoot.com join","https //quizlet.com live","https //kahoot.it login","https //www.gimkit.com join","https //www.youtube music","https //www.blooket.com join","https //chatgpt.com login","https://www.facebook.com","https://www.youtube.com","https://aka.ms/remoteconnect"],["","","","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestrelevance":[601,600,554,553,552,551,550,402,401,400],"google:suggestsubtypes":[[512,433],[512],[512,433,131],[512],[512,650,433,131],[512],[512,650,433],[44],[44],[44]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","NAVIGATION","NAVIGATION","NAVIGATION"],"google:verbatimrelevance":851}]

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	9987
Entropy (8bit):	4.807023198509079
Encrypted:	false
SSDEEP:
MD5:	CDA4A480839DBD8F1E6BDDFF3B3FC86A
SHA1:	585D54D2EC069147D8952A8D6E2E091641D2EEF3
SHA-256:	1A1B1EB246FF332C17C63F552B688BB868C1B7AA27975C6EC85147A477335A81
SHA-512:	E1CBF2364711E0344BEE1C6CAD412CA82B69A38D0DA12A711B63CF4152B74A60B8FA1502CBEBCCB11D8AE2196B94CADE3A37C514CFEBD40C6AA492C140CAFAE9
Malicious:	false
Reputation:	unknown
URL:	https://cint.securiguard.cc/lp/js/main.js?v8
Preview:	function getCookie(name).{. let namePart = name + '=',. decodedCookie = decodeURIComponent(document.cookie),. cookies = decodedCookie.split(';');.. for(let index = 0; index < cookies.length; index++) {. let cookie = cookies[index];.. while (cookie.charAt(0) === ' ') {. cookie = cookie.substring(1);. }.. if (cookie.indexOf(namePart) === 0) {. return cookie.substring(namePart.length, cookie.length);. }. }.. return null;.}..function setCookie(name, value, expireDays = 0, domain = '').{. domain = domain ? domain : location.host;. let expires = '';.. if (expireDays) {. let date = new Date();. date.setTime(date.getTime() + (expireDays * 24 * 60 * 60 * 1000));.. expires = 'expires=' + date.toUTCString();. }.. document.cookie = name + '=' + value + ';domain=.' + domain + ';path=/;' + expires;.}..function getParameterByName(name, defaultValue = null).{. let parameter = getQu

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x64, components 3
Category:	downloaded
Size (bytes):	1561
Entropy (8bit):	7.629344016267851
Encrypted:	false
SSDEEP:
MD5:	C269301E524213AC6D5EB8F67BFB76F5
SHA1:	BF3D3D86DE6A03C3E58C6BCB3457F6F9ABA05859
SHA-256:	44B3F1EEEEF14224A204AC0B26B10A4E2C7BD4667CA8F04AE37D3BAB2DEF7920
SHA-512:	2E99A26FA8BC13E7CE54599941F0360321DC1757929518AD63984A3A7D473D3BDA8B0A1FED5D962E96BB4D3CC28C77A418AC630BDAE88867F0CF904072391172
Malicious:	false
Reputation:	unknown
URL:	https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcToDGuEujqBjAnMYzU-eQ0Xe2ElrwfZxjj90-UHHpQ&s=10
Preview:	......JFIF......................................... ."" ...$(4,$&1'..-=-157:::#+?D?8C49:7...........7%.%77777777777777777777777777777777777777777777777777......@.0..........................................5.........................!a.q...#1ABQ....$&r.6Us...................................0.......................1q..!AQa....3.."4..2S..............?....`.l~.!....F.F.Y.z.!...K...#....$.r..9..h.c.>"[..#B.../(.Ad..yD...FJ.v1k.t~6....=.f...vFWl..'.L.?.,\]........d,...R..+/.A....qn..........;9.Ku..k..PyyD#.!..C.{..H..A]...Sl<7.n.uw.......Bp;..... ...{....X.1.~.;...^d"..~...0;.....jd...]..!........MM..Xb)Zj.kD......8.~..a....B..}y..CS#.V`O....I.c..A..h.7.....6....)...j..Qt.0.... ,.W....2#q......b.... .n.._.N..3X.(.........x.SIc.V{H(C..-.F<..l.n.bW5.V.I.t..'.q.%_A..&.n.~.{....?s......{.?.}..~.w;gZ...j"...&BDs.......u..r>:..7.:.WG...}O.7.K#M........;..kL.%fn..\.U-.1........(..<W47.{.b..u.S.*. ..g...+.lA[i..D.....5..Z. AK..}..8X....H....U....?s......{.7.}..~.

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	exported SGML document, ASCII text
Category:	downloaded
Size (bytes):	17
Entropy (8bit):	3.381580488309164
Encrypted:	false
SSDEEP:
MD5:	E0C6313F282B643035C85AB687554428
SHA1:	054B8E0B2CB53C13117B4E0FDB03942E1F79A9E7
SHA-256:	A7F6EF0342F04548291519DAD262ECFB979369724FD8ACEE65D863918A76DFE1
SHA-512:	C8ADB20A7834BA9A7E23BE679B07FAC3750AD32CF0E50CA42B9AE50849D1BAD5EC89F0B77453F706D05C4226EBC49B3F563BDA9CCA0722F3BC9EAC248F936E0D
Malicious:	false
Reputation:	unknown
URL:	https://fywiei.com/
Preview:	inv_dis -->.

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://fywiei.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 134

Chrome Cache Entry: 135

Chrome Cache Entry: 136

Chrome Cache Entry: 137

Windows Analysis Report
https://fywiei.com