Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f

Overview

General Information

Sample URL:https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f
Analysis ID:1559388
Infos:

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Drops files with a non-matching file extension (content does not match file extension)
HTML page contains hidden javascript code
HTML page contains obfuscated script src

Classification

  • System is w10x64
  • chrome.exe (PID: 2256 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 796 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2000,i,3380293206825283762,15677942766615917640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6356 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • Acrobat.exe (PID: 6976 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\downloaded.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 3896 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 1168 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1560,i,3530712955350696723,17840097560420890255,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Base64 decoded: (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=!0;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.pare...
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,dmFyIHRlbXBsYXRlVXJsPSdodHRwczovL2tyZXNrYW1ha2kucGwvd3AtY29udGVudC90aGVtZXMva3Jlc2thbWFraSc=
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,dmFyIHRlbXBsYXRlVXJsPSdodHRwczovL2tyZXNrYW1ha2kucGwvd3AtY29udGVudC90aGVtZXMva3Jlc2thbWFraSc=
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,dmFyIHRlbXBsYXRlVXJsPSdodHRwczovL2tyZXNrYW1ha2kucGwvd3AtY29udGVudC90aGVtZXMva3Jlc2thbWFraSc=
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: Script src: data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheW
Source: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737fHTTP Parser: No favicon
Source: https://kreskamaki.pl/wp-content/uploads/KRESKA-MAKI-ULOTKA.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdfHTTP Parser: No favicon
Source: chromecache_289.2.drString found in binary or memory: <a href="https://www.facebook.com/kreskamaki/" title="facebook" target="_blank"> equals www.facebook.com (Facebook)
Source: chromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.drString found in binary or memory: return b}GD.F="internal.enableAutoEventOnTimer";var Zb=wa(["data-gtm-yt-inspected-"]),ID=["www.youtube.com","www.youtube-nocookie.com"],JD,KD=!1; equals www.youtube.com (Youtube)
Source: chromecache_258.2.dr, downloaded.pdf.crdownload.0.dr, 1e21a5de-4f15-479b-b540-93d56676e759.tmp.0.drString found in binary or memory: http://www.npes.org/pdfx/ns/id/
Source: 2D85F72862B55C4EADD9E66E06947F3D0.8.drString found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_291.2.drString found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_289.2.drString found in binary or memory: https://api.w.org/
Source: chromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.drString found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_289.2.drString found in binary or memory: https://fonts.gstatic.com
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbqmIE4Ygg.w
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbqnIE4Ygg.w
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbqoIE4.woff
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfG7qmIE4Ygg.w
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfG7qnIE4Ygg.w
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfG7qoIE4.woff
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf-62_B2sl.wof
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf-62_CGslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf-62_CWslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf06i_B2sl.wof
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf06i_CGslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf06i_CWslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf36y_B2sl.wof
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf36y_CGslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf36y_CWslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfi6m_B2sl.wof
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfi6m_CGslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfi6m_CWslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.wof
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_CGslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_CWslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRft6u_B2sl.wof
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRft6u_CGslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRft6u_CWslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_B2sl.wof
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_CGslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_CWslu50.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpjgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbLLEEIAhqSP
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpjgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbLLEEMAhqSP
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpjgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbLLEEwAhg.w
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIDAlsno5k.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIDAlsoo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIDAlspo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIPBlsno5k.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIPBlsoo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIPBlspo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbITBVsno5k.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbITBVsoo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbITBVspo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIrB1sno5k.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIrB1soo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbIrB1spo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJ3BFsno5k.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJ3BFsoo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJ3BFspo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJbA1sno5k.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJbA1soo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJbA1spo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJnAVsno5k.
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJnAVsoo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpkgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbJnAVspo5m2
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXd4qqOEo.woff
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXdoqqOEo.woff
Source: chromecache_268.2.drString found in binary or memory: https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2)
Source: chromecache_265.2.dr, chromecache_282.2.dr, chromecache_279.2.drString found in binary or memory: https://getbootstrap.com/)
Source: chromecache_280.2.dr, chromecache_292.2.drString found in binary or memory: https://github.com/georgekosmidis/jquery-hashchange
Source: chromecache_273.2.drString found in binary or memory: https://github.com/jonsuh/hamburgers
Source: chromecache_276.2.dr, chromecache_254.2.drString found in binary or memory: https://github.com/microsoft/clarity
Source: chromecache_265.2.dr, chromecache_282.2.dr, chromecache_279.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_282.2.dr, chromecache_279.2.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_291.2.drString found in binary or memory: https://google.com
Source: chromecache_291.2.drString found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_273.2.drString found in binary or memory: https://jonsuh.com/hamburgers
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/#lokale
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/#menu
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/#onas
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/promocje/
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/litespeed/css/337468f3ab634f283848c9874971e922.css?ver=1e922
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/litespeed/css/5249450f0b6dbec702c6eddfd93e86c2.css?ver=e86c2
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/litespeed/css/68cd2460d4d9f72fde436a1695d0cea3.css?ver=0cea3
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/themes/kreskamaki/fonts/Holtzman-Textured-PL.woff2
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/themes/kreskamaki/img/btn-arrow.svg
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/uploads/KRESKA-MAKI-ULOTKA.pdf
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/uploads/favicon.png
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/uploads/fb.svg
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/uploads/inst.svg
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/uploads/kreska-maki-polityka-prywatnosci.pdf
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-content/uploads/logo.svg
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/wp-json/
Source: chromecache_289.2.drString found in binary or memory: https://kreskamaki.pl/xmlrpc.php?rsd
Source: chromecache_291.2.dr, chromecache_271.2.drString found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_289.2.drString found in binary or memory: https://pomelomedia.pl/
Source: chromecache_272.2.dr, chromecache_281.2.dr, chromecache_259.2.dr, chromecache_251.2.dr, chromecache_275.2.dr, chromecache_277.2.drString found in binary or memory: https://sketchapp.com
Source: chromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.drString found in binary or memory: https://td.doubleclick.net
Source: chromecache_291.2.dr, chromecache_271.2.drString found in binary or memory: https://www.google.com
Source: chromecache_291.2.dr, chromecache_271.2.drString found in binary or memory: https://www.googleadservices.com
Source: chromecache_271.2.drString found in binary or memory: https://www.googletagmanager.com
Source: chromecache_252.2.dr, chromecache_291.2.drString found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_289.2.drString found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-5DJH2VX
Source: chromecache_289.2.drString found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-PQJK382V
Source: chromecache_252.2.dr, chromecache_291.2.drString found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_289.2.drString found in binary or memory: https://www.instagram.com/kreska.maki/
Source: classification engineClassification label: clean1.win@39/124@0/8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\1d451fe1-238f-4043-bb80-75a46b6ae060.tmpJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-11-20 07-26-55-558.logJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2000,i,3380293206825283762,15677942766615917640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f"
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\downloaded.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1560,i,3530712955350696723,17840097560420890255,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2000,i,3380293206825283762,15677942766615917640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1560,i,3530712955350696723,17840097560420890255,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeFile opened: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\crash_reporter.cfgJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: Chrome Cache Entry: 258
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: Chrome Cache Entry: 258Jump to dropped file
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
11
Masquerading
OS Credential Dumping1
System Information Discovery
Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1559388 URL: https://kreskamaki.pl/&ved=... Startdate: 20/11/2024 Architecture: WINDOWS Score: 1 6 Acrobat.exe 17 74 2->6         started        8 chrome.exe 14 2->8         started        11 chrome.exe 2->11         started        dnsIp3 13 AcroCEF.exe 106 6->13         started        25 239.255.255.250 unknown Reserved 8->25 15 chrome.exe 8->15         started        process4 dnsIp5 18 AcroCEF.exe 4 13->18         started        27 193.239.44.233 TARRCI-ASPL Poland 15->27 29 13.107.246.45 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 15->29 31 3 other IPs or domains 15->31 process6 dnsIp7 21 54.144.73.197 AMAZON-AESUS United States 18->21 23 23.47.168.24 AKAMAI-ASUS United States 18->23

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://kreskamaki.pl/wp-content/uploads/inst.svg0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/litespeed/css/5249450f0b6dbec702c6eddfd93e86c2.css?ver=e86c20%Avira URL Cloudsafe
https://kreskamaki.pl/0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/uploads/fb.svg0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/themes/kreskamaki/img/btn-arrow.svg0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/uploads/kreska-maki-polityka-prywatnosci.pdf0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/litespeed/css/68cd2460d4d9f72fde436a1695d0cea3.css?ver=0cea30%Avira URL Cloudsafe
https://kreskamaki.pl/#menu0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/uploads/favicon.png0%Avira URL Cloudsafe
https://kreskamaki.pl/#onas0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/litespeed/css/337468f3ab634f283848c9874971e922.css?ver=1e9220%Avira URL Cloudsafe
https://kreskamaki.pl/xmlrpc.php?rsd0%Avira URL Cloudsafe
https://kreskamaki.pl/promocje/0%Avira URL Cloudsafe
https://pomelomedia.pl/0%Avira URL Cloudsafe
https://kreskamaki.pl/#lokale0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/uploads/logo.svg0%Avira URL Cloudsafe
https://kreskamaki.pl/wp-content/themes/kreskamaki/fonts/Holtzman-Textured-PL.woff20%Avira URL Cloudsafe
https://kreskamaki.pl/wp-json/0%Avira URL Cloudsafe
No contacted domains info
NameMaliciousAntivirus DetectionReputation
https://kreskamaki.pl/wp-content/uploads/KRESKA-MAKI-ULOTKA.pdffalse
    unknown
    file:///C:/Users/user/Downloads/downloaded.pdffalse
      high
      NameSourceMaliciousAntivirus DetectionReputation
      https://kreskamaki.pl/wp-content/uploads/inst.svgchromecache_289.2.drfalse
      • Avira URL Cloud: safe
      unknown
      http://x1.i.lencr.org/2D85F72862B55C4EADD9E66E06947F3D0.8.drfalse
        high
        https://github.com/jonsuh/hamburgerschromecache_273.2.drfalse
          high
          https://kreskamaki.pl/#onaschromecache_289.2.drfalse
          • Avira URL Cloud: safe
          unknown
          https://kreskamaki.pl/wp-content/uploads/kreska-maki-polityka-prywatnosci.pdfchromecache_289.2.drfalse
          • Avira URL Cloud: safe
          unknown
          https://jonsuh.com/hamburgerschromecache_273.2.drfalse
            high
            https://kreskamaki.pl/wp-content/litespeed/css/5249450f0b6dbec702c6eddfd93e86c2.css?ver=e86c2chromecache_289.2.drfalse
            • Avira URL Cloud: safe
            unknown
            https://kreskamaki.pl/wp-content/uploads/fb.svgchromecache_289.2.drfalse
            • Avira URL Cloud: safe
            unknown
            https://api.w.org/chromecache_289.2.drfalse
              high
              https://googleads.g.doubleclick.netchromecache_291.2.drfalse
                high
                https://kreskamaki.pl/wp-content/themes/kreskamaki/img/btn-arrow.svgchromecache_289.2.drfalse
                • Avira URL Cloud: safe
                unknown
                https://kreskamaki.pl/#menuchromecache_289.2.drfalse
                • Avira URL Cloud: safe
                unknown
                https://www.instagram.com/kreska.maki/chromecache_289.2.drfalse
                  high
                  https://getbootstrap.com/)chromecache_265.2.dr, chromecache_282.2.dr, chromecache_279.2.drfalse
                    high
                    https://kreskamaki.pl/chromecache_289.2.drfalse
                    • Avira URL Cloud: safe
                    unknown
                    https://cct.google/taggy/agent.jschromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.drfalse
                      high
                      https://sketchapp.comchromecache_272.2.dr, chromecache_281.2.dr, chromecache_259.2.dr, chromecache_251.2.dr, chromecache_275.2.dr, chromecache_277.2.drfalse
                        high
                        https://kreskamaki.pl/wp-content/uploads/favicon.pngchromecache_289.2.drfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://www.google.comchromecache_291.2.dr, chromecache_271.2.drfalse
                          high
                          https://kreskamaki.pl/wp-content/litespeed/css/68cd2460d4d9f72fde436a1695d0cea3.css?ver=0cea3chromecache_289.2.drfalse
                          • Avira URL Cloud: safe
                          unknown
                          https://kreskamaki.pl/promocje/chromecache_289.2.drfalse
                          • Avira URL Cloud: safe
                          unknown
                          https://github.com/twbs/bootstrap/graphs/contributors)chromecache_282.2.dr, chromecache_279.2.drfalse
                            high
                            https://td.doubleclick.netchromecache_252.2.dr, chromecache_287.2.dr, chromecache_291.2.dr, chromecache_271.2.drfalse
                              high
                              https://kreskamaki.pl/wp-content/litespeed/css/337468f3ab634f283848c9874971e922.css?ver=1e922chromecache_289.2.drfalse
                              • Avira URL Cloud: safe
                              unknown
                              https://kreskamaki.pl/xmlrpc.php?rsdchromecache_289.2.drfalse
                              • Avira URL Cloud: safe
                              unknown
                              https://pomelomedia.pl/chromecache_289.2.drfalse
                              • Avira URL Cloud: safe
                              unknown
                              https://kreskamaki.pl/wp-content/uploads/logo.svgchromecache_289.2.drfalse
                              • Avira URL Cloud: safe
                              unknown
                              http://www.npes.org/pdfx/ns/id/chromecache_258.2.dr, downloaded.pdf.crdownload.0.dr, 1e21a5de-4f15-479b-b540-93d56676e759.tmp.0.drfalse
                                high
                                https://kreskamaki.pl/wp-json/chromecache_289.2.drfalse
                                • Avira URL Cloud: safe
                                unknown
                                https://github.com/twbs/bootstrap/blob/master/LICENSE)chromecache_265.2.dr, chromecache_282.2.dr, chromecache_279.2.drfalse
                                  high
                                  https://kreskamaki.pl/#lokalechromecache_289.2.drfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  https://github.com/georgekosmidis/jquery-hashchangechromecache_280.2.dr, chromecache_292.2.drfalse
                                    high
                                    https://google.comchromecache_291.2.drfalse
                                      high
                                      https://kreskamaki.pl/wp-content/themes/kreskamaki/fonts/Holtzman-Textured-PL.woff2chromecache_289.2.drfalse
                                      • Avira URL Cloud: safe
                                      unknown
                                      https://github.com/microsoft/claritychromecache_276.2.dr, chromecache_254.2.drfalse
                                        high
                                        https://adservice.google.com/pagead/regclk?chromecache_291.2.drfalse
                                          high
                                          • No. of IPs < 25%
                                          • 25% < No. of IPs < 50%
                                          • 50% < No. of IPs < 75%
                                          • 75% < No. of IPs
                                          IPDomainCountryFlagASNASN NameMalicious
                                          13.107.246.45
                                          unknownUnited States
                                          8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                          54.144.73.197
                                          unknownUnited States
                                          14618AMAZON-AESUSfalse
                                          1.1.1.1
                                          unknownAustralia
                                          13335CLOUDFLARENETUSfalse
                                          142.250.186.36
                                          unknownUnited States
                                          15169GOOGLEUSfalse
                                          23.47.168.24
                                          unknownUnited States
                                          16625AKAMAI-ASUSfalse
                                          239.255.255.250
                                          unknownReserved
                                          unknownunknownfalse
                                          142.250.186.164
                                          unknownUnited States
                                          15169GOOGLEUSfalse
                                          193.239.44.233
                                          unknownPoland
                                          60713TARRCI-ASPLfalse
                                          Joe Sandbox version:41.0.0 Charoite
                                          Analysis ID:1559388
                                          Start date and time:2024-11-20 13:24:41 +01:00
                                          Joe Sandbox product:CloudBasic
                                          Overall analysis duration:0h 4m 21s
                                          Hypervisor based Inspection enabled:false
                                          Report type:full
                                          Cookbook file name:browseurl.jbs
                                          Sample URL:https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f
                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                          Number of analysed new started processes analysed:13
                                          Number of new started drivers analysed:0
                                          Number of existing processes analysed:0
                                          Number of existing drivers analysed:0
                                          Number of injected processes analysed:0
                                          Technologies:
                                          • HCA enabled
                                          • EGA enabled
                                          • AMSI enabled
                                          Analysis Mode:default
                                          Analysis stop reason:Timeout
                                          Detection:CLEAN
                                          Classification:clean1.win@39/124@0/8
                                          EGA Information:Failed
                                          HCA Information:
                                          • Successful, ratio: 100%
                                          • Number of executed functions: 0
                                          • Number of non-executed functions: 0
                                          Cookbook Comments:
                                          • Found PDF document
                                          • Close Viewer
                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                          • Excluded IPs from analysis (whitelisted): 142.250.185.227, 142.250.184.238, 64.233.167.84, 34.104.35.123, 142.250.186.131, 142.250.181.234, 142.250.185.104, 199.232.210.172, 142.250.186.72, 172.217.16.200, 192.229.221.95, 13.74.129.1, 20.114.190.119, 204.79.197.237, 13.107.21.237, 142.250.184.195, 184.28.88.176, 2.19.126.149, 2.19.126.143, 162.159.61.3, 172.64.41.3, 52.202.204.11, 52.5.13.197, 54.227.187.23, 23.22.254.206, 23.219.161.139, 2.23.197.184, 192.168.2.4
                                          • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, c-msn-com-nsatc.trafficmanager.net, clientservices.googleapis.com, acroipm2.adobe.com, clients2.google.com, ocsp.digicert.com, www.googletagmanager.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, update.googleapis.com, azurefd-t-prod.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, otelrules.azureedge.net, fonts.gstatic.com, c-bing-com.dual-a-0034.a-msedge.net, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, c.bing.com, clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com, dual-a-0034.a-msedge.net, clients.l.google.com, geo2.adobe.com
                                          • Not all processes where analyzed, report is missing behavior information
                                          • Report size getting too big, too many NtCreateFile calls found.
                                          • VT rate limit hit for: https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f
                                          TimeTypeDescription
                                          07:27:00API Interceptor1x Sleep call for process: AcroCEF.exe modified
                                          No context
                                          No context
                                          No context
                                          No context
                                          No context
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:ASCII text
                                          Category:dropped
                                          Size (bytes):292
                                          Entropy (8bit):5.252433110034585
                                          Encrypted:false
                                          SSDEEP:6:HlgD3+q2Pwkn2nKuAl9OmbnIFUt8YlQZmw+YlLqtVkwOwkn2nKuAl9OmbjLJ:QOvYfHAahFUt8x/+e65JfHAaSJ
                                          MD5:1E8F5DAFE898406FA0364BAE9A82FB46
                                          SHA1:60F0A4DD764196DB7D8D42A31FD8DA9743FFFE38
                                          SHA-256:7D69D176FCAB2A7ECCF0510EA4807DC173E27C36FF62F6B4D5DEDFB137BE0E8D
                                          SHA-512:69EA89CC74532B63308E84E2075580C1556BB0F1D88BF7A450FAFDE3B141254234012E48F3015E1E4970DEEA091DCDE383AAEE7BC46622D8C82443A4238044DF
                                          Malicious:false
                                          Reputation:low
                                          Preview:2024/11/20-07:26:53.167 1a58 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/11/20-07:26:53.169 1a58 Recovering log #3.2024/11/20-07:26:53.170 1a58 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:ASCII text
                                          Category:dropped
                                          Size (bytes):292
                                          Entropy (8bit):5.252433110034585
                                          Encrypted:false
                                          SSDEEP:6:HlgD3+q2Pwkn2nKuAl9OmbnIFUt8YlQZmw+YlLqtVkwOwkn2nKuAl9OmbjLJ:QOvYfHAahFUt8x/+e65JfHAaSJ
                                          MD5:1E8F5DAFE898406FA0364BAE9A82FB46
                                          SHA1:60F0A4DD764196DB7D8D42A31FD8DA9743FFFE38
                                          SHA-256:7D69D176FCAB2A7ECCF0510EA4807DC173E27C36FF62F6B4D5DEDFB137BE0E8D
                                          SHA-512:69EA89CC74532B63308E84E2075580C1556BB0F1D88BF7A450FAFDE3B141254234012E48F3015E1E4970DEEA091DCDE383AAEE7BC46622D8C82443A4238044DF
                                          Malicious:false
                                          Reputation:low
                                          Preview:2024/11/20-07:26:53.167 1a58 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/11/20-07:26:53.169 1a58 Recovering log #3.2024/11/20-07:26:53.170 1a58 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:ASCII text
                                          Category:dropped
                                          Size (bytes):333
                                          Entropy (8bit):5.218509249796527
                                          Encrypted:false
                                          SSDEEP:6:HljOq2Pwkn2nKuAl9Ombzo2jMGIFUt8YlraZZmw+Yl5kwOwkn2nKuAl9Ombzo2jz:NOvYfHAa8uFUt8p/+g5JfHAa8RJ
                                          MD5:D4671588F7BD62C33C3DF2CC29BF8DD9
                                          SHA1:963A5235542A32DCA05F2764C2F6718A684EAF51
                                          SHA-256:D8F9CF5EB5EC9EB0747C2B1B9BB8490BF733B4DF60E3463BF1D3A8DB4F80470E
                                          SHA-512:142428CB4B3C7402286D4E48603FE50734A3F168D9F627CA1F91E64A689B5486EC49727A06A7CD9FFD0D1BC1C9795C6636ACAD1307A47CFDCB4BEF32962696F1
                                          Malicious:false
                                          Reputation:low
                                          Preview:2024/11/20-07:26:53.238 504 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/11/20-07:26:53.248 504 Recovering log #3.2024/11/20-07:26:53.249 504 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:ASCII text
                                          Category:dropped
                                          Size (bytes):333
                                          Entropy (8bit):5.218509249796527
                                          Encrypted:false
                                          SSDEEP:6:HljOq2Pwkn2nKuAl9Ombzo2jMGIFUt8YlraZZmw+Yl5kwOwkn2nKuAl9Ombzo2jz:NOvYfHAa8uFUt8p/+g5JfHAa8RJ
                                          MD5:D4671588F7BD62C33C3DF2CC29BF8DD9
                                          SHA1:963A5235542A32DCA05F2764C2F6718A684EAF51
                                          SHA-256:D8F9CF5EB5EC9EB0747C2B1B9BB8490BF733B4DF60E3463BF1D3A8DB4F80470E
                                          SHA-512:142428CB4B3C7402286D4E48603FE50734A3F168D9F627CA1F91E64A689B5486EC49727A06A7CD9FFD0D1BC1C9795C6636ACAD1307A47CFDCB4BEF32962696F1
                                          Malicious:false
                                          Reputation:low
                                          Preview:2024/11/20-07:26:53.238 504 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/11/20-07:26:53.248 504 Recovering log #3.2024/11/20-07:26:53.249 504 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:Unknown
                                          Category:modified
                                          Size (bytes):475
                                          Entropy (8bit):4.978235956891848
                                          Encrypted:false
                                          SSDEEP:12:YH/um3RA8sq3zsBdOg2HRHcaq3QYiubInP7E4TX:Y2sRdsSUdMHg3QYhbG7n7
                                          MD5:E3BCA6F730D231B275EC1FDECE69071E
                                          SHA1:206F7D3C9AAF32EA875BD1296796CAB123569872
                                          SHA-256:CF092788A21754ADFDB5F2A727B9105A6CF06B89836D36970D0072EE968D0899
                                          SHA-512:56107D862800EC7397BB462C09D0417208D93B4463AC5337FCEC397C11D478972D1C3F1B3E2FFDF43EECFD52E19599DDC58EDBF37BC8799FAB8802192E74AAB9
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13376665625000818","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":141979},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:Unknown
                                          Category:dropped
                                          Size (bytes):475
                                          Entropy (8bit):4.967403857886107
                                          Encrypted:false
                                          SSDEEP:12:YH/um3RA8sqLsBdOg2HHfcaq3QYiubInP7E4TX:Y2sRdsVdMHO3QYhbG7n7
                                          MD5:B7761633048D74E3C02F61AD04E00147
                                          SHA1:72A2D446DF757BAEA2C7A58C050925976E4C9372
                                          SHA-256:1A468796D744FCA806D1F828C07E0064AB6A1FA0E31DA3A403F12B9B89868B67
                                          SHA-512:397A10C510FAA048E4AAB08A11B2AE14A09EE47EC4F5A2B47CE1A9580C2874ADE0F9F8FC287B9358C0FFEA4C89F8AB9270B9CA00064EA90CD2EF0EAD0A59369F
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13340980889952523","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":146406},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:Unknown
                                          Category:dropped
                                          Size (bytes):475
                                          Entropy (8bit):4.967403857886107
                                          Encrypted:false
                                          SSDEEP:12:YH/um3RA8sqLsBdOg2HHfcaq3QYiubInP7E4TX:Y2sRdsVdMHO3QYhbG7n7
                                          MD5:B7761633048D74E3C02F61AD04E00147
                                          SHA1:72A2D446DF757BAEA2C7A58C050925976E4C9372
                                          SHA-256:1A468796D744FCA806D1F828C07E0064AB6A1FA0E31DA3A403F12B9B89868B67
                                          SHA-512:397A10C510FAA048E4AAB08A11B2AE14A09EE47EC4F5A2B47CE1A9580C2874ADE0F9F8FC287B9358C0FFEA4C89F8AB9270B9CA00064EA90CD2EF0EAD0A59369F
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13340980889952523","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":146406},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:Unknown
                                          Category:dropped
                                          Size (bytes):475
                                          Entropy (8bit):4.967403857886107
                                          Encrypted:false
                                          SSDEEP:12:YH/um3RA8sqLsBdOg2HHfcaq3QYiubInP7E4TX:Y2sRdsVdMHO3QYhbG7n7
                                          MD5:B7761633048D74E3C02F61AD04E00147
                                          SHA1:72A2D446DF757BAEA2C7A58C050925976E4C9372
                                          SHA-256:1A468796D744FCA806D1F828C07E0064AB6A1FA0E31DA3A403F12B9B89868B67
                                          SHA-512:397A10C510FAA048E4AAB08A11B2AE14A09EE47EC4F5A2B47CE1A9580C2874ADE0F9F8FC287B9358C0FFEA4C89F8AB9270B9CA00064EA90CD2EF0EAD0A59369F
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13340980889952523","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":146406},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:data
                                          Category:dropped
                                          Size (bytes):4730
                                          Entropy (8bit):5.266578092491048
                                          Encrypted:false
                                          SSDEEP:96:etJCV4FAsszrNamjTN/2rjYMta02fDtehgO7BtTgo7w5cBdcDpZ:etJCV4FiN/jTN/2r8Mta02fEhgO73goO
                                          MD5:04A08E837872A6D73482656B68B934E1
                                          SHA1:A60D5EAFAE53301A0214E0A250C7DA6289D14421
                                          SHA-256:5C69247F713D00E90503A421A600B4C425EED0C9E040AA9C1CF9B2BD6A4D5C6E
                                          SHA-512:CD1C9192E171F7F41827D0598C9412633A9431B4403295E9755224389C3DDCD42FAF6788EA01999C0452006C93E5931E5151362C30F62F0E8067B63D99E6F94D
                                          Malicious:false
                                          Reputation:low
                                          Preview:*...#................version.1..namespace-['O.o................next-map-id.1.Pnamespace-158f4913_074a_4bdf_b463_eb784cc805b4-https://rna-resource.acrobat.com/.0>...r................next-map-id.2.Snamespace-fd2db5bd_ef7e_4124_bfa7_f036ce1d74e5-https://rna-v2-resource.acrobat.com/.1O..r................next-map-id.3.Snamespace-cd5be8d1_42d2_481d_ac0e_f904ae470bda-https://rna-v2-resource.acrobat.com/.2.\.o................next-map-id.4.Pnamespace-6070ce43_6a74_4d0a_9cb8_0db6c3126811-https://rna-resource.acrobat.com/.3....^...............Pnamespace-158f4913_074a_4bdf_b463_eb784cc805b4-https://rna-resource.acrobat.com/..|.^...............Pnamespace-6070ce43_6a74_4d0a_9cb8_0db6c3126811-https://rna-resource.acrobat.com/n..Fa...............Snamespace-fd2db5bd_ef7e_4124_bfa7_f036ce1d74e5-https://rna-v2-resource.acrobat.com/DQ..a...............Snamespace-cd5be8d1_42d2_481d_ac0e_f904ae470bda-https://rna-v2-resource.acrobat.com/i.`do................next-map-id.5.Pnamespace-de635bf2_6773_4d83_ad16_
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:ASCII text
                                          Category:dropped
                                          Size (bytes):321
                                          Entropy (8bit):5.203910840044983
                                          Encrypted:false
                                          SSDEEP:6:HlRq2Pwkn2nKuAl9OmbzNMxIFUt8YlDFZZmw+YlCFkwOwkn2nKuAl9OmbzNMFLJ:LvYfHAa8jFUt8wX/+RF5JfHAa84J
                                          MD5:4EE30F5394F95CB96E065608CDF82400
                                          SHA1:F4CE9659A63050438D8CBCA077F5CC2B21A33285
                                          SHA-256:26A0E873E40E5AACB0B2D00FF42804E85F94E7889C4CDE838F883872E878A2E8
                                          SHA-512:C9B8337F9DF6A236DFFD55079C1A805CB19B7AD1A0B21FFB6A9FCECD1071102FD641E9B96AE256495CF31E4976D413F476D4D81B8932FC8A0B7FB546F225C692
                                          Malicious:false
                                          Reputation:low
                                          Preview:2024/11/20-07:26:53.475 504 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/11/20-07:26:53.476 504 Recovering log #3.2024/11/20-07:26:53.477 504 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:ASCII text
                                          Category:dropped
                                          Size (bytes):321
                                          Entropy (8bit):5.203910840044983
                                          Encrypted:false
                                          SSDEEP:6:HlRq2Pwkn2nKuAl9OmbzNMxIFUt8YlDFZZmw+YlCFkwOwkn2nKuAl9OmbzNMFLJ:LvYfHAa8jFUt8wX/+RF5JfHAa84J
                                          MD5:4EE30F5394F95CB96E065608CDF82400
                                          SHA1:F4CE9659A63050438D8CBCA077F5CC2B21A33285
                                          SHA-256:26A0E873E40E5AACB0B2D00FF42804E85F94E7889C4CDE838F883872E878A2E8
                                          SHA-512:C9B8337F9DF6A236DFFD55079C1A805CB19B7AD1A0B21FFB6A9FCECD1071102FD641E9B96AE256495CF31E4976D413F476D4D81B8932FC8A0B7FB546F225C692
                                          Malicious:false
                                          Reputation:low
                                          Preview:2024/11/20-07:26:53.475 504 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/11/20-07:26:53.476 504 Recovering log #3.2024/11/20-07:26:53.477 504 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:PC bitmap, Windows 3.x format, 109 x -152 x 32, cbSize 66326, bits offset 54
                                          Category:dropped
                                          Size (bytes):66326
                                          Entropy (8bit):3.003281885741875
                                          Encrypted:false
                                          SSDEEP:384:gs3+GJn9x2/AO2VPbhK1xYVwZqyVRwzFogKlg8npRWmyOnAN22KxnRqg9ML5CF04:gsBP2abME6o0XQ//xDm6Y
                                          MD5:A69498632E273C907E4AB805EDD9C6AC
                                          SHA1:3488EA5E6BC4B9B0069922BA1A18A9F7479586B0
                                          SHA-256:D7BF11692C0730BFB96A0DE85A8A03D5C224255BF7E81B9F98834B28CEFD8810
                                          SHA-512:3067DAB1E50B6448947860713513451A7B735B42FAA61B902F6F1191721A3649D45DA223208EDF1864391ABD2A6B28795E010394E764EED2AF9099CF8C1EC20C
                                          Malicious:false
                                          Reputation:low
                                          Preview:BM........6...(...m...h..... .................................J.......................................J.......J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...............J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...h...J...J...J...u.......u...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J...J.......................J.......................................u...J...J...J.
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 17, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 17
                                          Category:dropped
                                          Size (bytes):86016
                                          Entropy (8bit):4.444755682470602
                                          Encrypted:false
                                          SSDEEP:384:Seici5tAiBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:+Xs3OazzU89UTTgUL
                                          MD5:D6F556FF9E829112C7FFABFCCCC8526C
                                          SHA1:F9F24D2A0A5B6E18760E9CF67F4DAB38F95FA442
                                          SHA-256:E573AB6F05B0E35951313183FA41563E20630987F3CF3CC693EB53A2A41DC976
                                          SHA-512:EA888A48ED54CDA581A16C5EA781FB1E0F1455E752C8A4CEECBBAA5859E0ED65AF3A57C0B62F4A7DDE6FA9921B79AA0A5D3660B8C069A06363195F3C260B224A
                                          Malicious:false
                                          Reputation:low
                                          Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:SQLite Rollback Journal
                                          Category:dropped
                                          Size (bytes):8720
                                          Entropy (8bit):2.214483873840076
                                          Encrypted:false
                                          SSDEEP:24:7+tKZnuwKjqLrzkrFsgIFsxX3pALXmnHpkDGjmcxBSkomXk+2m9RFTsyg+wmf9MT:7M0nCjqvmFTIF3XmHjBoGGR+jMz+LhS
                                          MD5:57DF98BD8139A2D768D47267D6D29E20
                                          SHA1:370E71B71ED989095099C123A92C0AAB7E7E7BDE
                                          SHA-256:59621A696AE7D13F09EB19B840B536E23302C3900BA4699B582AD4F7320BAF85
                                          SHA-512:61B0F96C86E3A0B8A9038B4AEE46015F5D3B991C2D0A0F6D5DBC453990D598EBDA8C45D51E7447C0010BC5EA4E16C42A8A3EBB7122C89E3FF35C9AB8CDBE8678
                                          Malicious:false
                                          Reputation:low
                                          Preview:.... .c.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:Certificate, Version=3
                                          Category:dropped
                                          Size (bytes):1391
                                          Entropy (8bit):7.705940075877404
                                          Encrypted:false
                                          SSDEEP:24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1
                                          MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
                                          SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
                                          SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
                                          SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
                                          Malicious:false
                                          Reputation:low
                                          Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:data
                                          Category:dropped
                                          Size (bytes):192
                                          Entropy (8bit):2.7457468364538267
                                          Encrypted:false
                                          SSDEEP:3:kkFklTedn/XfllXlE/HT8kj+l7ttNNX8RolJuRdxLlGB9lQRYwpDdt:kKFVQT8q+htTNMa8RdWBwRd
                                          MD5:DADD6C0140DA99E104AD002813ACA768
                                          SHA1:E9BBD839F20DAA4B0904BBC42BF87E98A4D10AE7
                                          SHA-256:3182EEA66241E660D63A5EBA8023FF5BE3DB3315D3287D4444B3E421B497B626
                                          SHA-512:51C2FE08198F111FAC4B691A144DAD8C55E6EA2903C33285E5279C92B519CE145D2B91EFC2D155080FBCA54D8626CC74586633886F7C2298DAB36756890E54B4
                                          Malicious:false
                                          Reputation:low
                                          Preview:p...... ........`...G;..(....................................................... ..........W....F...............o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:data
                                          Category:dropped
                                          Size (bytes):244533
                                          Entropy (8bit):3.349719355811052
                                          Encrypted:false
                                          SSDEEP:1536:ZKPCPiyzDtrh1cK3XEivK7VK/3AYvYwgqErRo+RQn:YPClJ/3AYvYwghFo+RQn
                                          MD5:9716CB5647DF853DEE118D2B63941AD6
                                          SHA1:694F6157C10FA57DC58211460B695A4E44760EFD
                                          SHA-256:575A4D13744E8EF45E7D6FCE4E93BE2EF7923487216CE58B1BA68D54060DCBB6
                                          SHA-512:E82B0380530C58423D95B7C0DF7FC29DC4E2A2E14203C79FA9A60D66FA39E142CD5944258441D2AF80AD5BD5CAAADCE0B6C1E523D621A2B7A73D20782578EE2D
                                          Malicious:false
                                          Reputation:low
                                          Preview:Adobe Acrobat Reader (64-bit) 23.6.20320....?A12_AV2_Search_18px.............................................................................................................KKK KKK.KKK.KKK.KKK.KKK.KKK@........................................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.............................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.........................KKK.KKK.KKK.KKK0....................KKK.KKK.KKK.KKK`....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK.KKK.....................................KKK.KKK.....................KKK.KKK.KKK0................................KKK.KKK.....................KKK`KKK.KKK.............................KKK@KKK.KKK.....................KKK.KKK.KKK.KKK@....................KKK.KKK.KKK.KKK`........................KKKPKKK.KKK.KKK.KKK.........KKKPKKK.KKK.KKK.KKK.............................KKK`KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK.KKK
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):295
                                          Entropy (8bit):5.373208397581587
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJM3g98kUwPeUkwRe9:YvXKXBMwZc0vWGMbLUkee9
                                          MD5:67DA8D06B6BBD5C03832B862A21FD40C
                                          SHA1:2A6B610E82246A12609DD03DFFDF982E5C0273E4
                                          SHA-256:6AE13DD0DB44BC77180CF0B119B9E05A3DD28BA862A48492E7E9A2BD206B7F34
                                          SHA-512:DB92495E9C7348140265F6B626DB97D81F409D80EEDC745036178611120EA09208B7F91F57E63B85C6757FF62B93F12D06EBC83316F8CCCF37EB3670DF295932
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):294
                                          Entropy (8bit):5.324977098107577
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJfBoTfXpnrPeUkwRe9:YvXKXBMwZc0vWGWTfXcUkee9
                                          MD5:AF47C643588437C9521666CFE8FABA8F
                                          SHA1:16251D75A2E9AD007FF1AB10265D7C7E2319C974
                                          SHA-256:D016EADFE91F7A9489863A56539E1FFEE3C1010429DE3CAD5C060B089ACE1DE4
                                          SHA-512:D1BF32FBF2262DE316451CC6EFE944E3484A0DBF6C9193664907DB44DF7486C41965E5D81D1DDA11CE45C3D4A1CFCFDD3447433A5CF59EB9164973570D6AB369
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):294
                                          Entropy (8bit):5.302827191684647
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJfBD2G6UpnrPeUkwRe9:YvXKXBMwZc0vWGR22cUkee9
                                          MD5:BEEA8B2B24EC13D03E91681D2D76DDC4
                                          SHA1:6152E60F39713BB1CBA21E00CE4ED7F68B108B29
                                          SHA-256:83AE4674A13FC63C8B2371D7F484FAAA82AF59A29C92E48BE5C58F416AF94495
                                          SHA-512:932059C0FB6170D3FEB09D28C8522C733849A4056E6AE8555AA2294414C8FBE82A8AFA3CC0749A92B3F7A7EFA5368A765856DC1C59611AEAB47E615DAB0017D5
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):285
                                          Entropy (8bit):5.36056434276848
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJfPmwrPeUkwRe9:YvXKXBMwZc0vWGH56Ukee9
                                          MD5:DC270936B36D1972046DABA4E41EA278
                                          SHA1:C10AA0DAC04B7AAACF80DF1F7D133C29832C0AC8
                                          SHA-256:482504B705B7065F9176AC634FA2E9C16E500F499127684C894DE9EB6ACF96EB
                                          SHA-512:145B234D8265A2D6F008126E7A32BA4545FD309DA84609743A82BAC93A9EAF9A47CE83627D0152CD71C65828B4DA859DD23AC9626FC59C7A218DF05E4DAB6168
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):1123
                                          Entropy (8bit):5.691149507192656
                                          Encrypted:false
                                          SSDEEP:24:Yv6XBMwzvDpLgE9cQx8LennAvzBvkn0RCmK8czOCCSh:YvEMYrhgy6SAFv5Ah8cv/h
                                          MD5:EB9BFECF0E92D2313781787F8D30217E
                                          SHA1:D6DA81AD92EDBBA0AEC7F2EDE1FC5C6CF7879148
                                          SHA-256:0885633C04DD70D1A12D93E9E902754E4BA3B6F87426049E694FA9BFBB8C80B1
                                          SHA-512:4137BEE2911F0F5B86713CD20C39FFC98C0F27AF2948F97F60A838A2A395077CAF352AA69D0A783D66D45E13F7912578ACF39A75183A4F3EA1A1BCEDED7C042D
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_1","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"d5bba1ae-6009-4d23-8886-fd4a474b8ac9","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IkNvbnZlcnRQREZSZHJSSFBBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkV4cG9ydCBQREZzIHRvIE1pY3Jvc29mdCBXb3JkIGFuZCBFeGNlbC4ifSwidGNh
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):1122
                                          Entropy (8bit):5.683963662229572
                                          Encrypted:false
                                          SSDEEP:24:Yv6XBMwzvfVLgEwcp06ybnAvz7xHn0RCmK8czOCYHfl8zdBY:YvEMYHFgSNycJUAh8cvYHH
                                          MD5:5B518CEC401A7DDDB41DF95ECEB64F45
                                          SHA1:53A61243D6F07B874454554015F871955352BE9D
                                          SHA-256:5B937C00E70B6BE94F9B8599E57F8B3D0A7FB639B0B6E65EA56507F5DDEAC64F
                                          SHA-512:C738ECFC9F90AA87A6F4E3D35905A25DC3B8C69A6AD1F92BE8D15501D1456BD5A02412E09450526B1A8EF19A76201DABF92E5030AA48EAF4FBB41F12CAA44D6A
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Disc_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93181_288855ActionBlock_0","campaignId":93181,"containerId":"1","controlGroupId":"","treatmentId":"1aad653c-ef44-43f7-be1c-3a2ba2cf2cfc","variationId":"288855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Disc_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IlVwZ3JhZGVSSFBSZHJBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkNvbnZlcnQsIGVkaXQgYW5kIGUtc2lnblxuIFBERiBmb3JtcyAmIGFncmVlbWVudHMuIn0sInRjY
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):292
                                          Entropy (8bit):5.309845923530986
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJfQ1rPeUkwRe9:YvXKXBMwZc0vWGY16Ukee9
                                          MD5:B3028D99EDCC49EC2723823EB9052A16
                                          SHA1:250E2FC8E89400BEB1B0EF253071D93D5A2C6624
                                          SHA-256:B38351029EFC2B8C94BBB4187B2A5C2C18AFE83B8BF03226AF668E7BDE2C39BF
                                          SHA-512:D251335D02778085AA25D5E029AB35EA72124DE17F57E61F6CE162C0A5D7B819CD904CD2011ABB4D5B224C652F491A49035DFDE3A8130EE00DA4039C78A26B47
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):1102
                                          Entropy (8bit):5.673047449293836
                                          Encrypted:false
                                          SSDEEP:24:Yv6XBMwzvu2LgErcXWl7y0nAvzIBcSJCBViVY:YvEMY2ogH47yfkB5kVh
                                          MD5:AAC7A37AF6973625EF75FD6C02C5B371
                                          SHA1:8F4F04797EBEB4A4981835E19E25E2749024E444
                                          SHA-256:BCFEC7208BC1B1697F59F99647F3F890E455314392ACFCF5609F6023CDF1A1FF
                                          SHA-512:6EAC9A43B313759FC8BBE0BC409F393BA2EF2A1AB12DB45780347A5D90146B03600808BDD11C46E99F74C3AD91D092A5828FEAE69B19C1E128BD75880CA39598
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Edit_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93181_288855ActionBlock_1","campaignId":93181,"containerId":"1","controlGroupId":"","treatmentId":"533ab5eb-b236-4889-89a5-ac002261d71e","variationId":"288855"},"containerId":1,"containerLabel":"JSON for DC_Reader_Edit_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IkVkaXRQREZSZHJBcHBGdWxsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTRweCIsImZvbnRfc3R5bGUiOiIwIn0sImRlc2NyaXB0aW9uX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTJweCIsImZvbnRfc3R5bGUiOiItMSJ9LCJ0aXRsZSI6bnVsbCwiZGVzY3JpcHRpb24iOiJFZGl0IHRleHQsIGltYWdlcywgcGFnZXMsIGFuZCBtb3JlLiJ9LCJ0Y2F0SWQiOm51bGx9","da
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):1164
                                          Entropy (8bit):5.700280765681627
                                          Encrypted:false
                                          SSDEEP:24:Yv6XBMwzviKLgEfIcZVSkpsn264rS514ZjBrwloJTmcVIsrSK5Y:YvEMYaEgqprtrS5OZjSlwTmAfSKe
                                          MD5:89D07BC7A8C3FF6D4BAA07D3F273DB3E
                                          SHA1:AB179D7AC003467A02B16EA1502CC59752C5AA89
                                          SHA-256:B973B2E4B00E61075D873F5FE6C6D8E86B7ADBFFB61441570F420CC59326361D
                                          SHA-512:A17CEE8DB3764D4152B719D1EEE1EDFBEF3DEFEE31D296E1CBD2046C4E516AAD6321E65E052C9D31F33103B441B29CF3ACA11A687FC233692424FDBF487F790E
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Home_LHP_Trial_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"85531_264848ActionBlock_0","campaignId":85531,"containerId":"1","controlGroupId":"","treatmentId":"ee1a7497-76e7-43c2-bb63-9a0551e11d73","variationId":"264848"},"containerId":1,"containerLabel":"JSON for DC_Reader_Home_LHP_Trial_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IlRyeSBBY3JvYmF0IFBybyJ9LCJ1aSI6eyJ0aXRsZV9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE1cHgiLCJmb250X3N0eWxlIjoiMCJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEzcHgiLCJmb250X3N0eWxlIjoiLTEifSwidGl0bGUiOiJGcmVlIHRyaWFsIiwiZGVzY3JpcHRpb24iOiJHZXQgdW5saW1pdGVkIGFjY2VzcyB0b1xucHJlbWl1bSBQREYgYW5kIGUtc2lnbmluZ1xudG9vbHMuIn0sImJhbm5lcl9zdHlsaW5nIjo
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):289
                                          Entropy (8bit):5.312752132141167
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJfYdPeUkwRe9:YvXKXBMwZc0vWGg8Ukee9
                                          MD5:0FE1CE59D46F210A7079EE72F9B20CF3
                                          SHA1:4B28D4181D3483AF500A43E4BB544014FBF71B9B
                                          SHA-256:94B27C4E1FB2BFCFA5A23A616166647A7A14F9F7E34DF01388DEE4702B620019
                                          SHA-512:12EBCD659869C1DC76A6F79421B43B1B02303542C579B1F9BE4DF2BA0F786DBB903A0FC1D05F9329A665892E37D07DD594850A260AEBC78D83913E8CB33A6D19
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):284
                                          Entropy (8bit):5.299027014332722
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJf+dPeUkwRe9:YvXKXBMwZc0vWG28Ukee9
                                          MD5:DDE17E69CE2C4B7FD013CD31304E358E
                                          SHA1:3D862F992EA06884743156B64677205670DEE480
                                          SHA-256:C0FC2CFA93603844E684B4EED81EE979AD7C5B7A8F2E9E24DA3831AD9D35128B
                                          SHA-512:795F06C603F7F2A1117F230AAC3DA9EBD9B099838D58A8268F03C38A3E2971E30F32EC8C17B5BBB11C7BE8FB061556CB1F15AF688BB81FC0CFE5B55293E450F9
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):291
                                          Entropy (8bit):5.2962115862951595
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJfbPtdPeUkwRe9:YvXKXBMwZc0vWGDV8Ukee9
                                          MD5:304F78C1D4D51810BA9AACDDE9877C9D
                                          SHA1:C7F0457798E25FFA963B32A2C6740CDD923F625B
                                          SHA-256:A528004D1D00E96D2C02511175C3AA3619F934A79329402003A2B29F102B0DE9
                                          SHA-512:D998232A855B60C29ECE080EFEB70157E4D70D68C6D84EF60C371B02F4BECE3A98BDB2FFCF3F1787FA75A96069FBD2AC58E2A671AA300275EA613BE9007D24D5
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):287
                                          Entropy (8bit):5.301039547483597
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJf21rPeUkwRe9:YvXKXBMwZc0vWG+16Ukee9
                                          MD5:F18272898104D396DD090A5FB9E476FA
                                          SHA1:25312073567FA93B7A7F22B5A22E9C1E78830326
                                          SHA-256:2D4F387279769F8234BE1451DE63693D595E78027754D2926F10F7EE8F13A3ED
                                          SHA-512:D4A6BA283D6E4F96FCFCFAD6AC39D3228EF319F732B72D5E65AC28454117497F8DE48948105D6D0A56EEFD879184D20D87F5F59561671C98C981442585A72206
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):1090
                                          Entropy (8bit):5.667932446667125
                                          Encrypted:false
                                          SSDEEP:24:Yv6XBMwzvzamXayLgE+cNDxeNaqnAvz7xHn0RCmK8czOC/BSh:YvEMYbBgkDMUJUAh8cvMh
                                          MD5:ECDA6FB934B1B7CBCCD903F707F4FF59
                                          SHA1:3365018F64BD88BD730CF102A84B0334412E4E9B
                                          SHA-256:96320FA691379B727671BAD391F650CBDEC3CA558F59C6CEA75D68E7221C5501
                                          SHA-512:189C52646E2DE7857FBF8712788829B352946F9E56316DEA37D401CD644B65D537B2B630CA2414C6623B7D8D6E7083D7FA2B5C0736C51F4BCCA7DC3CA5C516A4
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_0","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"266234d2-130d-426e-8466-c7a061db101f","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IlVwZ3JhZGVSSFBSZHJBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkVhc2lseSBmaWxsIGFuZCBzaWduIFBERnMuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"app
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):286
                                          Entropy (8bit):5.275584224420546
                                          Encrypted:false
                                          SSDEEP:6:YEQXJ2HXBRWBVoZcg1vRcR0YLKoAvJfshHHrPeUkwRe9:YvXKXBMwZc0vWGUUUkee9
                                          MD5:3511B84075CCB85CB6C03CDC219DD5B2
                                          SHA1:A72B8FB42483958CA302DA93E91B516E224A08DC
                                          SHA-256:9555DF7BBC31877A174521621A37F379228ED608F2EBDD6D897AA99F0EF8C072
                                          SHA-512:FD7063FD0C4D69EE36AACA31390D15267EB66E2BB51EDB03057ABB923EF0D9CB2061CFF4CA8F4131DC4F86020C691426FFC627C8F30971703277062649920949
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):782
                                          Entropy (8bit):5.367977607189999
                                          Encrypted:false
                                          SSDEEP:12:YvXKXBMwZc0vWGTq16Ukee1+3CEJ1KXd15kcyKMQo7P70c0WM6ZB/uhWtm:Yv6XBMwzvw168CgEXX5kcIfANhh
                                          MD5:96485B3F5EC98BB04AC8AD401DF72AD7
                                          SHA1:09701D70753756883E4B56A646AEC822D9777518
                                          SHA-256:7A4F269F28B42AB6BBE2488FA05D12430DCBADDD8C12697D31270E484861DF79
                                          SHA-512:C4C05E308D4D7CF24E529783D76B808B0E7D1265E2419055B6521F84DD5324D044B76871DB840185929DC32530E13E4BD2145E7B3EFF1A97738454B753A8BFFC
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"analyticsData":{"responseGUID":"6ab88641-028a-48d7-9d31-ed84cc865c70","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1732281391879,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1732105621942}}}}
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:data
                                          Category:dropped
                                          Size (bytes):4
                                          Entropy (8bit):0.8112781244591328
                                          Encrypted:false
                                          SSDEEP:3:e:e
                                          MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                          SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                          SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                          SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                          Malicious:false
                                          Reputation:low
                                          Preview:....
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:JSON data
                                          Category:dropped
                                          Size (bytes):2817
                                          Entropy (8bit):5.127699190427316
                                          Encrypted:false
                                          SSDEEP:24:YHhfvS0DsagucIayc9xVCYBBclOggKMiBjMMhj0SrFAH2Z1S2LSVa+9WZ73kVQ56:YHFSNpVZclO/kfl8H/V6Lk6upy3h9kzd
                                          MD5:3A6300976B58B46DFA383072653C82CF
                                          SHA1:B14DCB22BB1F954BD008759DC00844C7313BABAD
                                          SHA-256:23BFBA595C7D9B3D98CB3F2EC9FAF6E0BFF7E074F8593AB5BFFD232DFA04D99F
                                          SHA-512:544DB7BAC85EE2AE0A6BC9F3C7242993C35F4C8DFED25B665F05E3523BF97F0EC73B2639E489485515D8F1BD241ADF824ECE8CF6F4656B0A7DB5D00576FA776B
                                          Malicious:false
                                          Reputation:low
                                          Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"b5f4eb7607e83778e5198dc44ea71ad3","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1122,"ts":1732105621000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"1cbe73f79ec6a60dc2402d1b7848661b","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":1164,"ts":1732105621000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"935b5046a08daf8ae44d667c5f48a136","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1090,"ts":1732105621000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"443cb40c38a17fc0280a89fd15de18a6","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1123,"ts":1732105621000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"45e5b22bf2cfc99f0f9142427410c93c","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":1102,"ts":1732105621000},{"id":"Edit_InApp_Aug2020","info":{"dg":"ccaba2a21d201714674d570f946c7715","sid":"Edit_InApp_Aug2020"},"mimeType":"file","size":782,"ts":17
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 25
                                          Category:dropped
                                          Size (bytes):12288
                                          Entropy (8bit):1.1884372361632018
                                          Encrypted:false
                                          SSDEEP:48:TGufl2GL7msEHUUUUUUUUZSvR9H9vxFGiDIAEkGVvph:lNVmswUUUUUUUUZ+FGSItd
                                          MD5:27CA2560ABE5BBC3D7A57C73667BB91E
                                          SHA1:4637C77C0FDA4C982503905E7D887A3AFEA53970
                                          SHA-256:7EE636D2CEA5CE9E87DD980722C6464358CEA61A54D797A258233AD5136AF7B6
                                          SHA-512:2122D1F1EAEF27F3543C13E029B2264E29C43D0A164A3216B1B5D11ADE2FF86EEE0ECCD3CE51D0B2D84F6DBA5060BF7F09E1A28FDA4BFF6A38DDBCD8C909FF28
                                          Malicious:false
                                          Reputation:low
                                          Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:SQLite Rollback Journal
                                          Category:dropped
                                          Size (bytes):8720
                                          Entropy (8bit):1.605777115132359
                                          Encrypted:false
                                          SSDEEP:48:7Ms4KUUUUUUUUUURvR9H9vxFGiDIAEkGVv8qFl2GL7msL:77UUUUUUUUUUVFGSItGKVmsL
                                          MD5:266B33662346D3BE6E149F149D4719CA
                                          SHA1:3424469208E8D12D9E4BE81ABC3EE1D9BDD487B9
                                          SHA-256:F523F5E16E479FBB80BA1E72609E232326DF63B95733CB83A5F5EA50273B0502
                                          SHA-512:4EB7A7AF578F0D183995EBBB120C7233F97E700BCEA3AA32AD1E0AEA4D1934305D8DF5521D3B5F09D527F490B646435EE55AFEFDED6375119419388331D8650C
                                          Malicious:false
                                          Reputation:low
                                          Preview:.... .c.....30Q{......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................f.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:data
                                          Category:dropped
                                          Size (bytes):66726
                                          Entropy (8bit):5.392739213842091
                                          Encrypted:false
                                          SSDEEP:768:RNOpblrU6TBH44ADKZEgQfycnE7ZpiJfO/DiuSzgmHgo4t1JDjYyu:6a6TZ44ADEQfRnE7ZIWjU4tTjK
                                          MD5:8131FDB9E763BDFC2B339F4510961E6A
                                          SHA1:8C0CE94C89689FCFD75560965E3F30CDBD76E019
                                          SHA-256:74CECA8DE393895FFD2776AA72A4CAAEC849CDE39B0D70A7D415846F48420AA3
                                          SHA-512:B88D8B33C71509E1CA59B664C4287DA2F48311B9E7A7512289D1610FB4ADD2186805897F55E81EC36B29E7FD0E8C80CD6FFB1ADFB0DAB6D5F1CF9C96CC359D39
                                          Malicious:false
                                          Reputation:low
                                          Preview:4.397.90.FID.2:o:..........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.96.FID.2:o:..........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.84.FID.2:o:..........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.95.FID.2:o:..........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.109.FID.2:o:..........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.105.FID.2:o:..........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.118.FID.2:o:..........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.77.FID.2:o:..........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.91.FID.2:o:..........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.87.FID.2:o:..........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.100.FID.2
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                          Category:dropped
                                          Size (bytes):246
                                          Entropy (8bit):3.4853349159267415
                                          Encrypted:false
                                          SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K8QOOlpuglYH:Qw946cPbiOxDlbYnuRKZOOTugYH
                                          MD5:F73FFE4CD1A43136023281723C7C1068
                                          SHA1:7845B4FBC925C0F3E57BCE6179CFAA0FB42CEE06
                                          SHA-256:993CEE55752E58AE431C7292FF1CAF97CABB2422360366C30FCC7FC9CF938ACA
                                          SHA-512:DEAC3F405AEAF149D6281BBA00913F3D101003BD361C7EAFCEA0ED0A872BEA04D4A0FD812BCBE0C6C17B5247197EAB7AA7139289D62EBBD25A31DD18659D0CE6
                                          Malicious:false
                                          Reputation:low
                                          Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .2.0./.1.1./.2.0.2.4. . .0.7.:.2.7.:.0.0. .=.=.=.....
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:Zip data (MIME type "application/vnd.adobe.air-ucf-package+zip"?)
                                          Category:dropped
                                          Size (bytes):144514
                                          Entropy (8bit):7.992637131260696
                                          Encrypted:true
                                          SSDEEP:3072:OvjeSq37BcXWpJ/PwBI4lsRMoZVaJctHtTx8EOyhnL:Cjc7BcePUsSSt38snL
                                          MD5:BA1716D4FB435DA6C47CE77E3667E6A8
                                          SHA1:AF6ADF9F1A53033CF28506F33975A3D1BC0C4ECF
                                          SHA-256:AD771EC5D244D9815762116D5C77BA53A1D06CEBA42D348160790DBBE4B6769D
                                          SHA-512:65249DB52791037E9CC0EEF2D07A9CB1895410623345F2646D7EA4ED7001F7273C799275C3342081097AF2D231282D6676F4DBC4D33C5E902993BE89B4A678FD
                                          Malicious:false
                                          Reputation:low
                                          Preview:PK.........D.Y...>)...).......mimetypeapplication/vnd.adobe.air-ucf-package+zipPK.........D.Y.+.`............message.xml.]is.8...[.....Oq.'...S...g.X+;....%X."U$.....}.P.%....8.tl. ...../..}......A.......,...a...r.....=..i{......0H..v.g.c0.3~....G.b....,.BvJ.'./.`xJ]..O./.!K...XG?.$.,=.Z...q.f~...,..:b.Pl..f..|....,.A.....Z..a<.C._..../G|....q.....~.?...G.............y+.. ...s.,.2...^uon..:....~....C....i.>.<hy..x..?....F.w..4e.|.'...#?..a......i...W.".+...'.......,..6..... ..}.........llj.>.3v.."..CdA.".....v...4H..C]>........4..$.O........9._..C{(....A~.k...f.x8.<... l!..}...ol.q.......2.s.Y..&:....>...l.S..w.t^D.C....]0......L...z[`J<.....L.1t-.Z.n..7.)...aj;.0.r|.._.V......JWT.>.p.?s....boN.....X.jkN.9..3jN.9..t...o..c.nX4......0.D.....Cv .....!k..........d.1B....=3.Bq.E.bo.....6..r..6@.b...T......Ig...(..(K].:...#..k..q2G."o.Tz...qJ.......;?|~..1...J...RA...'..*C...T...dNMZ.3.z-..LCI..I..-.,.Y.J.....m.KY}.Lw......G........-.(E....b..^..}..
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:Zip data (MIME type "application/vnd.adobe.air-ucf-package+zip"?)
                                          Category:dropped
                                          Size (bytes):144514
                                          Entropy (8bit):7.992637131260696
                                          Encrypted:true
                                          SSDEEP:3072:OvjeSq37BcXWpJ/PwBI4lsRMoZVaJctHtTx8EOyhnL:Cjc7BcePUsSSt38snL
                                          MD5:BA1716D4FB435DA6C47CE77E3667E6A8
                                          SHA1:AF6ADF9F1A53033CF28506F33975A3D1BC0C4ECF
                                          SHA-256:AD771EC5D244D9815762116D5C77BA53A1D06CEBA42D348160790DBBE4B6769D
                                          SHA-512:65249DB52791037E9CC0EEF2D07A9CB1895410623345F2646D7EA4ED7001F7273C799275C3342081097AF2D231282D6676F4DBC4D33C5E902993BE89B4A678FD
                                          Malicious:false
                                          Reputation:low
                                          Preview:PK.........D.Y...>)...).......mimetypeapplication/vnd.adobe.air-ucf-package+zipPK.........D.Y.+.`............message.xml.]is.8...[.....Oq.'...S...g.X+;....%X."U$.....}.P.%....8.tl. ...../..}......A.......,...a...r.....=..i{......0H..v.g.c0.3~....G.b....,.BvJ.'./.`xJ]..O./.!K...XG?.$.,=.Z...q.f~...,..:b.Pl..f..|....,.A.....Z..a<.C._..../G|....q.....~.?...G.............y+.. ...s.,.2...^uon..:....~....C....i.>.<hy..x..?....F.w..4e.|.'...#?..a......i...W.".+...'.......,..6..... ..}.........llj.>.3v.."..CdA.".....v...4H..C]>........4..$.O........9._..C{(....A~.k...f.x8.<... l!..}...ol.q.......2.s.Y..&:....>...l.S..w.t^D.C....]0......L...z[`J<.....L.1t-.Z.n..7.)...aj;.0.r|.._.V......JWT.>.p.?s....boN.....X.jkN.9..3jN.9..t...o..c.nX4......0.D.....Cv .....!k..........d.1B....=3.Bq.E.bo.....6..r..6@.b...T......Ig...(..(K].:...#..k..q2G."o.Tz...qJ.......;?|~..1...J...RA...'..*C...T...dNMZ.3.z-..LCI..I..-.,.Y.J.....m.KY}.Lw......G........-.(E....b..^..}..
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:ASCII text, with very long lines (393)
                                          Category:dropped
                                          Size (bytes):16525
                                          Entropy (8bit):5.345946398610936
                                          Encrypted:false
                                          SSDEEP:384:zHIq8qrq0qoq/qUILImCIrImI9IWdFdDdoPtPTPtP7ygyAydy0yGV///X/J/VokV:nNW
                                          MD5:8947C10F5AB6CFFFAE64BCA79B5A0BE3
                                          SHA1:70F87EEB71BA1BE43D2ABAB7563F94C73AB5F778
                                          SHA-256:4F3449101521DA7DF6B58A2C856592E1359BA8BD1ACD0688ECF4292BA5388485
                                          SHA-512:B76DB9EF3AE758F00CAF0C1705105C875838C7801F7265B17396466EECDA4BCD915DA4611155C5F2AD1C82A800C1BEC855E52E2203421815F915B77AA7331CA0
                                          Malicious:false
                                          Reputation:low
                                          Preview:SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:088+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="SetConfig:
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                          Category:dropped
                                          Size (bytes):15114
                                          Entropy (8bit):5.366416745702382
                                          Encrypted:false
                                          SSDEEP:384:Xo+GBXsVYVs3SAuN7wUVXVukZoELqZMplKAHn06uKs7168qV3iopIC414Zcfd8wp:N/uRe
                                          MD5:6EC8299EDA8412A7700EE3A5C5E723E8
                                          SHA1:BEE7B4B05B660DE73B0A1E6C954D4144A5C22788
                                          SHA-256:BBC1EB7BD49D594F1C06685BE0CF5135F576E476ABF747631E088503E95A6305
                                          SHA-512:A31DB10C7CC933984924DD584ACFC37C9939BEEDC4E4AFA7FA100DDDD301458E1868036CD730FBE8F38ABF77F3B1D63106C59B27508C04F0B97689B4FB0FA312
                                          Malicious:false
                                          Reputation:low
                                          Preview:SessionID=0cf32e68-6e84-4c19-8209-89725db3b067.1732105615673 Timestamp=2024-11-20T07:26:55:673-0500 ThreadID=6444 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=0cf32e68-6e84-4c19-8209-89725db3b067.1732105615673 Timestamp=2024-11-20T07:26:55:695-0500 ThreadID=6444 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=0cf32e68-6e84-4c19-8209-89725db3b067.1732105615673 Timestamp=2024-11-20T07:26:55:695-0500 ThreadID=6444 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=0cf32e68-6e84-4c19-8209-89725db3b067.1732105615673 Timestamp=2024-11-20T07:26:55:696-0500 ThreadID=6444 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=0cf32e68-6e84-4c19-8209-89725db3b067.1732105615673 Timestamp=2024-11-20T07:26:55:696-0500 ThreadID=6444 Component=ngl-lib_NglAppLib Description="SetConf
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:ASCII text, with CRLF line terminators
                                          Category:dropped
                                          Size (bytes):29752
                                          Entropy (8bit):5.39356048887184
                                          Encrypted:false
                                          SSDEEP:768:anddBuBYZwcfCnwZCnR8Bu5hx18HoCnLlAY+iCBuzhLCnx1CnPrRRFS10l8gT2rW:i
                                          MD5:693F88B3B10FA69C13FA44DC527CE25E
                                          SHA1:08AC774881849143F02498E2B1724961EBC1E010
                                          SHA-256:BB00433D01DB987F4CF6DE04AA0D379721339C28A5A5FCC54FC6BEFBC8B1B88C
                                          SHA-512:A21BC97D55E7E548FC2C31E51DFFD8709D0693465E18698B18E159CD113C72D2FB6D8CFC57BC4C6FD4F6F2A1BB9110F4746D446C6C0DA8E9D59413ABF5062E09
                                          Malicious:false
                                          Reputation:low
                                          Preview:03-10-2023 12:50:40:.---2---..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ***************************************..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ***************************************..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : Starting NGL..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..03-10-2023 12:50:40:.Closing File..03-10-
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                          Category:dropped
                                          Size (bytes):386528
                                          Entropy (8bit):7.9736851559892425
                                          Encrypted:false
                                          SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                                          MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                          SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                          SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                          SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                          Malicious:false
                                          Reputation:low
                                          Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 647360
                                          Category:dropped
                                          Size (bytes):1407294
                                          Entropy (8bit):7.97605879016224
                                          Encrypted:false
                                          SSDEEP:24576:/n5ZwYIGNPzWL07o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07tGZd:xZwZG5WLxB3mlind9i4ufFXpAXkrfUsb
                                          MD5:E78E4D1CA18BE28748F65C3A192DAFB2
                                          SHA1:78AD6025CB470EFB9ECA8FF1ED41F617372D1F9F
                                          SHA-256:F4B25F5C5BE48E151080D9CC24C8A4662CBB591A6B32037DB8D7ADE1828D8849
                                          SHA-512:E170C9BD3B6BB575244FCD380334D763C30352586F60824A67868EAE8E895BE0601D51670FCC304724BDF321CE8EF64881E606C9CF4C18C5817DFB5A679E44D6
                                          Malicious:false
                                          Reputation:low
                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                          Category:dropped
                                          Size (bytes):1419751
                                          Entropy (8bit):7.976496077007677
                                          Encrypted:false
                                          SSDEEP:24576:/VRaWL07oXGZ4YIGNPJNdpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:tRaWLxXGZ4ZGh3mlind9i4ufFXpAXkru
                                          MD5:41034A6B023B6BB9C723DA146E190954
                                          SHA1:22C95166FF8A1C4D2AAC25B75D804CEBAAA6ACF2
                                          SHA-256:52BB8B0CA62248721986D650004C11ACCB0C988B6FBA645D9B4E3557CA87A15D
                                          SHA-512:6F8CD54BBB750E32FEBD78895F433CCF0C553C56E6B7DDEA03E3EA36ED283084CF6EA6FA8999162999D184B0F04B6E6DAB7F6FC27648EE517F744D7E8DBC8AAD
                                          Malicious:false
                                          Reputation:low
                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                          Category:dropped
                                          Size (bytes):758601
                                          Entropy (8bit):7.98639316555857
                                          Encrypted:false
                                          SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg
                                          MD5:3A49135134665364308390AC398006F1
                                          SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                          SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                          SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                          Malicious:false
                                          Reputation:low
                                          Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:ASCII text
                                          Category:dropped
                                          Size (bytes):24
                                          Entropy (8bit):3.66829583405449
                                          Encrypted:false
                                          SSDEEP:3:So6FwHn:So6FwHn
                                          MD5:DD4A3BD8B9FF61628346391EA9987E1D
                                          SHA1:474076C122CACAAF112469FC62976BB69187AA2B
                                          SHA-256:7C22C759CA704106556BBC4FC10B7F53404CA1F8B40F01038D3F7C4B8183F486
                                          SHA-512:FDAF3D9F8072ED7DE9B2528376C10E3C3FDBEA74347710A4795BECF23C6577B3582B2E89D3C04EF0523C98FE0A46F2AF3629490701A20B848C63BA7B26579491
                                          Malicious:false
                                          Reputation:low
                                          Preview:<</Settings [/c <<>>].>>
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:data
                                          Category:dropped
                                          Size (bytes):98682
                                          Entropy (8bit):6.445287254681573
                                          Encrypted:false
                                          SSDEEP:1536:0tlkIi4M2MXZcFVZNt0zfIagnbSLDII+D61S8:03kf4MlpyZN+gbE8pD61L
                                          MD5:7113425405A05E110DC458BBF93F608A
                                          SHA1:88123C4AD0C5E5AFB0A3D4E9A43EAFDF7C4EBAAF
                                          SHA-256:7E5C3C23B9F730818CDC71D7A2EA01FE57F03C03118D477ADB18FA6A8DBDBC46
                                          SHA-512:6AFE246B0B5CD5DE74F60A19E31822F83CCA274A61545546BDA90DDE97C84C163CB1D4277D0F4E0F70F1E4DE4B76D1DEB22992E44030E28EB9E56A7EA2AB5E8D
                                          Malicious:false
                                          Reputation:low
                                          Preview:0...u0...\...0...*.H........0i1.0...U....US1.0...U....DigiCert, Inc.1A0?..U...8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1..240807121815Z..240814121815Z0..~.0!.......0.E....[0...210531000001Z0!...7g...(..^`.x.l...210531000001Z0!...\./M.8..>.f.....210531000001Z0!...*B.Sh...f...s.0..210531000001Z0!..../n...h..7....>..210601000001Z0!....0..>5..aN.u{D..210601000001Z0!...-...qpWa.!n.....210601000001Z0!..."f...\..N.....X..210601000001Z0!...in.H...[u...]....210602000001Z0!......`......._.]...210602000001Z0!...{..e..i......=..210602000001Z0!......S....fNj'.wy..210602000001Z0!......C.lm..B.*.....210602000001Z0!... .}...|.,dk...+..210603000001Z0!...U.K....o.".Rj..210603000001Z0!.....A...K.ZpK..'h..210603000001Z0!.....&}{ ......l..210603000001Z0!...:.m...I.p.;..v..210604000001Z0!...1"uw3..Gou.qg.q..210607000001Z0!...1.o}...c/...-R}..210608000001Z0!................210608000001Z0!...[.N.d............210609000001Z0!......x..i........210610000001Z0!...(... (..#.^.f...210
                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          File Type:data
                                          Category:dropped
                                          Size (bytes):737
                                          Entropy (8bit):7.501268097735403
                                          Encrypted:false
                                          SSDEEP:12:yeRLaWQMnFQlRKfdFfBy6T6FYoX0fH8PkwWWOxPLA3jw/fQMlNdP8LOUa:y2GWnSKfdtw46FYfP1icPLHCfa
                                          MD5:5274D23C3AB7C3D5A4F3F86D4249A545
                                          SHA1:8A3778F5083169B281B610F2036E79AEA3020192
                                          SHA-256:8FEF0EEC745051335467846C2F3059BD450048E744D83EBE6B7FD7179A5E5F97
                                          SHA-512:FC3E30422A35A78C93EDB2DAD6FAF02058FC37099E9CACD639A079DF70E650FEC635CF7592FFB069F23E90B47B0D7CF3518166848494A35AF1E10B50BB177574
                                          Malicious:false
                                          Reputation:low
                                          Preview:0...0.....0...*.H........0b1.0...U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1!0...U....DigiCert Trusted Root G4..240806194648Z..240827194648Z.00.0...U.#..0.......q]dL..g?....O0...U........0...*.H.............vz..@.Nm...6d...t;.Jx?....6...p...#.[.......o.q...;.........?......o...^p0R*.......~....)....i.*n;A.n.z..O~..%=..s..W.4.+........G...*..=....xen$_i"s..\...L..4../<.4...G.....L...c..k@.J.rC.4h.c.ck./.Q-r53..a#.8#......0.n......a.-'..S. .>..xAKo.k.....;.D>....sb '<..-o.KE...X!i.].c.....o~.q........D...`....N... W:{.3......a@....i....#./..eQ...e.......W.s..V:.38..U.H{.>.....#....?{.....bYAk'b0on..Gb..-..).."q2GO<S.C...FsY!D....x..]4.....X....Y...Rj.....I.96$.4ZQ&..$,hC..H.%..hE....
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:PDF document, version 1.3, 2 pages
                                          Category:dropped
                                          Size (bytes):1226772
                                          Entropy (8bit):7.992240684125922
                                          Encrypted:true
                                          SSDEEP:24576:7RmFN6xsguXbaaAJXv7apWyV0mThxvYGlcV2QsUYkiuC/72npzPG/:Fm+ZuOjJzaQyVPTh1YGZQshkiuG72p7+
                                          MD5:A3977EDCA33AD89379E30467ECEACC4C
                                          SHA1:CDC6F7F3161A192D8BD325C423FE591A93B9BF23
                                          SHA-256:3BCE5F62A799E0DF8FE84AEF521A8AB441A503CFE86F808077DF728FC14C7C20
                                          SHA-512:95EBB211668F5650A76C820F1D2514FFCCBBEE49EF7CB47CA20B9D9CA61D82F11FF74E524D3B078F3F081064DD3C0B93F99367F6D1DFECF22F0C401AF96D4A0B
                                          Malicious:false
                                          Reputation:low
                                          Preview:%PDF-1.3.%......19 0 obj.<</Linearized 1/L 1226772/O 21/E 224553/N 2/T 1226277/H [ 856 240]>>.endobj. .xref..19 28..0000000016 00000 n..0000001096 00000 n..0000001342 00000 n..0000001732 00000 n..0000001871 00000 n..0000002578 00000 n..0000003249 00000 n..0000003362 00000 n..0000003855 00000 n..0000003965 00000 n..0000004554 00000 n..0000004579 00000 n..0000004849 00000 n..0000013611 00000 n..0000020911 00000 n..0000028396 00000 n..0000035618 00000 n..0000042806 00000 n..0000051609 00000 n..0000059576 00000 n..0000067189 00000 n..0000067472 00000 n..0000074523 00000 n..0000074637 00000 n..0000217277 00000 n..0000217346 00000 n..0000224187 00000 n..0000000856 00000 n..trailer.<</Size 47/Root 20 0 R/Info 18 0 R/ID[<01868BA676EB4DCB98867917E31FAED1><DF8504429FB24F4CB51EA55147A8FC2C>]/Prev 1226266>>.startxref.0.%%EOF. .46 0 obj.<</Filter/FlateDecode/I 180/Length 160/S 89>>stream..h.b``.f``.c`a`N.. ..B..@..........BJ.|.Rv...Bsu@|.........V.d.0p.h.iI ...J...v
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:PDF document, version 1.3, 2 pages
                                          Category:dropped
                                          Size (bytes):1226772
                                          Entropy (8bit):7.992240684125922
                                          Encrypted:true
                                          SSDEEP:24576:7RmFN6xsguXbaaAJXv7apWyV0mThxvYGlcV2QsUYkiuC/72npzPG/:Fm+ZuOjJzaQyVPTh1YGZQshkiuG72p7+
                                          MD5:A3977EDCA33AD89379E30467ECEACC4C
                                          SHA1:CDC6F7F3161A192D8BD325C423FE591A93B9BF23
                                          SHA-256:3BCE5F62A799E0DF8FE84AEF521A8AB441A503CFE86F808077DF728FC14C7C20
                                          SHA-512:95EBB211668F5650A76C820F1D2514FFCCBBEE49EF7CB47CA20B9D9CA61D82F11FF74E524D3B078F3F081064DD3C0B93F99367F6D1DFECF22F0C401AF96D4A0B
                                          Malicious:false
                                          Reputation:low
                                          Preview:%PDF-1.3.%......19 0 obj.<</Linearized 1/L 1226772/O 21/E 224553/N 2/T 1226277/H [ 856 240]>>.endobj. .xref..19 28..0000000016 00000 n..0000001096 00000 n..0000001342 00000 n..0000001732 00000 n..0000001871 00000 n..0000002578 00000 n..0000003249 00000 n..0000003362 00000 n..0000003855 00000 n..0000003965 00000 n..0000004554 00000 n..0000004579 00000 n..0000004849 00000 n..0000013611 00000 n..0000020911 00000 n..0000028396 00000 n..0000035618 00000 n..0000042806 00000 n..0000051609 00000 n..0000059576 00000 n..0000067189 00000 n..0000067472 00000 n..0000074523 00000 n..0000074637 00000 n..0000217277 00000 n..0000217346 00000 n..0000224187 00000 n..0000000856 00000 n..trailer.<</Size 47/Root 20 0 R/Info 18 0 R/ID[<01868BA676EB4DCB98867917E31FAED1><DF8504429FB24F4CB51EA55147A8FC2C>]/Prev 1226266>>.startxref.0.%%EOF. .46 0 obj.<</Filter/FlateDecode/I 180/Length 160/S 89>>stream..h.b``.f``.c`a`N.. ..B..@..........BJ.|.Rv...Bsu@|.........V.d.0p.h.iI ...J...v
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:PDF document, version 1.3, 2 pages
                                          Category:dropped
                                          Size (bytes):1226772
                                          Entropy (8bit):7.992240684125922
                                          Encrypted:true
                                          SSDEEP:24576:7RmFN6xsguXbaaAJXv7apWyV0mThxvYGlcV2QsUYkiuC/72npzPG/:Fm+ZuOjJzaQyVPTh1YGZQshkiuG72p7+
                                          MD5:A3977EDCA33AD89379E30467ECEACC4C
                                          SHA1:CDC6F7F3161A192D8BD325C423FE591A93B9BF23
                                          SHA-256:3BCE5F62A799E0DF8FE84AEF521A8AB441A503CFE86F808077DF728FC14C7C20
                                          SHA-512:95EBB211668F5650A76C820F1D2514FFCCBBEE49EF7CB47CA20B9D9CA61D82F11FF74E524D3B078F3F081064DD3C0B93F99367F6D1DFECF22F0C401AF96D4A0B
                                          Malicious:false
                                          Reputation:low
                                          Preview:%PDF-1.3.%......19 0 obj.<</Linearized 1/L 1226772/O 21/E 224553/N 2/T 1226277/H [ 856 240]>>.endobj. .xref..19 28..0000000016 00000 n..0000001096 00000 n..0000001342 00000 n..0000001732 00000 n..0000001871 00000 n..0000002578 00000 n..0000003249 00000 n..0000003362 00000 n..0000003855 00000 n..0000003965 00000 n..0000004554 00000 n..0000004579 00000 n..0000004849 00000 n..0000013611 00000 n..0000020911 00000 n..0000028396 00000 n..0000035618 00000 n..0000042806 00000 n..0000051609 00000 n..0000059576 00000 n..0000067189 00000 n..0000067472 00000 n..0000074523 00000 n..0000074637 00000 n..0000217277 00000 n..0000217346 00000 n..0000224187 00000 n..0000000856 00000 n..trailer.<</Size 47/Root 20 0 R/Info 18 0 R/ID[<01868BA676EB4DCB98867917E31FAED1><DF8504429FB24F4CB51EA55147A8FC2C>]/Prev 1226266>>.startxref.0.%%EOF. .46 0 obj.<</Filter/FlateDecode/I 180/Length 160/S 89>>stream..h.b``.f``.c`a`N.. ..B..@..........BJ.|.Rv...Bsu@|.........V.d.0p.h.iI ...J...v
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:SVG Scalable Vector Graphics image
                                          Category:dropped
                                          Size (bytes):109032
                                          Entropy (8bit):5.952026077650293
                                          Encrypted:false
                                          SSDEEP:1536:hYnOBuDu9p7aO6c/pZDgpq3hFjyLzXhvkWkjNii/DazDfUMyfze03HyYEAqefqww:hNuo7hfwpUFjyLVvkWs9DsI3Hy3ZV
                                          MD5:1800F1899AE3AAEC5325D8CB82A160CD
                                          SHA1:33081DDAC167D0302E68D9E350437B81CA60D0FA
                                          SHA-256:B5FEA6A62CA944350C1738566BBB1756E9CE1ACDBC15BDAF28B62CC4B7B14F64
                                          SHA-512:5319F8906DE126E8A2120411C9019B82BB90D009F35D9AD5F5DE6742808C291928254F76EE1EECB62B84AFD590D7C9D7A5A2FF8712C32A36788D3400045042B0
                                          Malicious:false
                                          Reputation:low
                                          Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg width="44px" height="44px" viewBox="0 0 44 44" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. Generator: Sketch 55.2 (78181) - https://sketchapp.com -->. <title>Bitmap</title>. <desc>Created with Sketch.</desc>. <defs>. <rect id="path-1" x="0" y="0" width="43.2892562" height="43.3928571" rx="21.6446281"></rect>. </defs>. <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="POPUP_V2-JE.LI-SI.-PAN-WYROBI/STOPKA" transform="translate(-979.000000, -42.000000)">. <g id="Group-7" transform="translate(979.000000, 42.000000)">. <g id="Bitmap">. <mask id="mask-2" fill="white">. <use xlink:href="#path-1"></use>. </mask>. <use id="Mask" fill="#D8D8D8" xlink:href="#path-1"></use>. <image mask="url(#mask-2)" x="-38
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (3306)
                                          Category:dropped
                                          Size (bytes):265790
                                          Entropy (8bit):5.556485582345966
                                          Encrypted:false
                                          SSDEEP:3072:swgYpTAX/D+Ofjlt0gBgDwPAjIJ8UUlPM22KiDUG7Z0DmoMfgQJyTRbD:1MX/iOfjHPmPx276DmoMfgQJyx
                                          MD5:00FBE133592D75CFEBF9D72D2D52A9DE
                                          SHA1:99EBF7DFA9069E4B0D62790D334C9B3ACCCCF7F0
                                          SHA-256:E63D1C1AE49535A7E9CF046F65E73A03E67BEC63925DF3D9B160097E7FFEB55D
                                          SHA-512:20544E41C335F1400805870FCA4081BB83E0516C276ADDE983B59A07DE31B41DB64F5E8AFEF0FB1CEECF47A9E42462A9F09F976FC4404B4DCF414FA7BA0B8BDA
                                          Malicious:false
                                          Reputation:low
                                          Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__v","vtp_name":"gtm.elementUrl","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__f","vtp_component":"URL"},{"function":"__e"}],. "tags":[{"function":"__gclidw","metadata":["map"],"once_per_event":true,"vtp_enableCrossDomain":false,"vtp_enableUrlPassthrough":false,"vtp_enableCookieOverrides":
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Web Open Font Format (Version 2), TrueType, length 23196, version 1.0
                                          Category:downloaded
                                          Size (bytes):23196
                                          Entropy (8bit):7.990286454154605
                                          Encrypted:true
                                          SSDEEP:384:3rZ40nmVePGYShVvDpRmN4OsZI6MdrupK/gRqtoz5a51peTDZy+kGzjv6YGAjn:3rZZmVwEvNRm4OjdruEYkOGzeTDI+bz3
                                          MD5:97327A380F89525B91539BB8BF27C858
                                          SHA1:BBBA03E6582F7FF56B0A103A255D34999126122B
                                          SHA-256:2AB71D12B24E5ADE0280071D749FDEC1684C256D397A258F78176F2D4F5B524F
                                          SHA-512:BA4BE8CB038B6FF7D4B2C4515DEC4F2FE42D3F87E113FC4FEA4601AE03CCBF081D7FA4F9A9167FCCBAD65037D8DF703B740751A04BC2A13B964E9296161B0C8F
                                          Malicious:false
                                          Reputation:low
                                          URL:https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_B2sl.woff2
                                          Preview:wOF2......Z..........Z6..........................:.....v.`..... ........D..:..$..6.$..D. ..".....V.T....vH...%..g1.!8..j.Qxv....p........"G%.vc...!X.aG...l.....>P.R?t...>......H..^-x..=.I.|.42...5I.vw....%.6.J.0..>a..-N..%J....8 <..nz..h...h@.B.3~....F..U..:Z...R...l;..N...|.,.x.A-:.......5V.zy....Gd.t/.....P-.C..!.cu=......}._..].m... v..dexr..{.;P. Ce..D...%.p..("h..G....fm..4.?I...6.?{u..{...;..]....n.O.......D..S\..=..T..&.#...5U.v..R...-.@.L.......XI..]..v.Z.j.>..|.....A.H....T[(....'-.......6..v.O.......3...Q.2+.+F.x..9..A6.....u.....y...}Zh#.$.7.HU..PK'.. F...!........e~..1i..{...r3f.;m.r3-l=...!;.r......g...La..&I[.....Jj...W.7.az...55..W...K.0...u.sm..H......:pI...KI.(]|......I.......(..K...Z..0.e..v^...8~...X..~....{f..<...).6................;.g.s(g~.Z....f....{3..@B ..H. ..@.'.`............v.@r....)P....r....O.n.u.wQ.,]..._...9..6D5..Z.p15).....z..M..&...f..&.....B"Q..(..(......0.....J.H.X;mO./.cA.P(....L.S.\....Cq.#R....8
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Unicode text, UTF-8 text, with very long lines (65441), with CRLF line terminators
                                          Category:downloaded
                                          Size (bytes):67359
                                          Entropy (8bit):5.352035171848617
                                          Encrypted:false
                                          SSDEEP:768:oDR8aeY7IeuemSlrl6JoUXXRuoBMALCYdPRJ2Op/Xnum7xX/FA1pFwmv6SKbyGl6:oDR+cASlrlerNjxp/Xnum7zlEb
                                          MD5:0018B2947487CCA1596BA00A9D80130C
                                          SHA1:F701C05D59788094B38DC8FCBBBB24219F903845
                                          SHA-256:DC1DA692990307185621FD661B7305E29D3A0A5BA0F0D998E5A1463A17C57044
                                          SHA-512:4411B4512287790F763F84B4C5FAE7FBF08AC6FEA39111964FA5AABB31EC7EE5051F3AF434103379A37148A65E1B354F0967AA27FD5844C4D5C7DFD416E49AA4
                                          Malicious:false
                                          Reputation:low
                                          URL:https://www.clarity.ms/s/0.7.56/clarity.js
                                          Preview:/* clarity-js v0.7.56: https://github.com/microsoft/clarity (License: MIT) */..!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return dr},get start(){return lr},get stop(){return fr},get track(){return ir}}),e=Object.freeze({__proto__:null,get clone(){return Ar},get compute(){return jr},get data(){return Tr},get keys(){return Nr},get reset(){return Rr},get start(){return Cr},get stop(){return zr},get trigger(){return Dr},get update(){return Lr}}),n=Object.freeze({__proto__:null,get check(){return qr},get compute(){return Fr},get data(){return Or},get start(){return Yr},get stop(){return Vr},get trigger(){return Ur}}),a=Object.freeze({__proto__:null,get compute(){return $r},get data(){return Br},get log(){return Qr},get reset(){return ti},get start(){return Kr},get stop(){return Zr},get updates(){return Jr}}),r=Object.freeze({__proto__:null,get callback(){return fi},get callbacks(){return ai},get clear(){return di},get consent(){return li},get data(){return ni},
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:SVG Scalable Vector Graphics image
                                          Category:dropped
                                          Size (bytes):197
                                          Entropy (8bit):5.011698762860873
                                          Encrypted:false
                                          SSDEEP:6:tI9mc4slzu1U0K/vduB33B3SmvU4FUzw3Frf0i:t4I1LK/K3xCmvU4FUkgi
                                          MD5:24444096200B9D12E2BECCDC4E075F96
                                          SHA1:CBE41460B29234DF2EF6F543AE3EFF9F83440F81
                                          SHA-256:10D68EDDD0D1B8820D763B8EE46674D6B29F4DC30A04980CE85568E4F89FD8DF
                                          SHA-512:D1909D404E973274E5662123CA8FEFC8893C0B1E255EE59BFA9E5D5ED4053B0268D8929F0B8783570ED2284763FBE2007A20DD6DDDD0CDD774DF64AEDF1D70B6
                                          Malicious:false
                                          Reputation:low
                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18"><g><g transform="rotate(91 9.5 9)"><path d="M9.15 0L.65 15.56S4.782 18 9.15 18s8.5-2.44 8.5-2.44z"/></g></g></svg>
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (1372)
                                          Category:downloaded
                                          Size (bytes):5894
                                          Entropy (8bit):5.138500481616588
                                          Encrypted:false
                                          SSDEEP:96:HCafbL6vWfk2p5d5aM4m1D5an+thYcHWs1SlVr:iafbL6+fB5SDm1I8hYlDr
                                          MD5:69FAAA6C85AD3FF87C75ED6A4828119D
                                          SHA1:5A97B53B2F1DDF0BA823ABFE5410925C79CD130E
                                          SHA-256:44CB2EE3E7D990BE7A3D3A944AA8A06E90677DD01EB4C56D2463609FAB768AFB
                                          SHA-512:318A34DB9FFE2EEEF017CB758D35BB59A4C484AAC6C4473623A099C4CE8E91B2979F621A47F43DA98101A1E5B2B5FB09E4835E8DE26FD05ACF85F860E2536393
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/litespeed/js/e7b9c01e9f038345cef720ac6a7cb5f1.js?ver=cb5f1
                                          Preview:(function(factory){if(typeof define==='function'&&define.amd){define(['jquery'],factory)}else if(typeof module==='object'&&module.exports){module.exports=factory(require('jquery'))}else{factory(jQuery)}}(function($){var slice=Array.prototype.slice;var splice=Array.prototype.splice;var defaults={topSpacing:0,bottomSpacing:0,className:'is-sticky',wrapperClassName:'sticky-wrapper',center:!1,getWidthFrom:'',widthFromWrapper:!0,responsiveWidth:!1,zIndex:'inherit'},$window=$(window),$document=$(document),sticked=[],windowHeight=$window.height(),scroller=function(){var scrollTop=$window.scrollTop(),documentHeight=$document.height(),dwh=documentHeight-windowHeight,extra=(scrollTop>dwh)?dwh-scrollTop:0;for(var i=0,l=sticked.length;i<l;i++){var s=sticked[i],elementTop=s.stickyWrapper.offset().top,etse=elementTop-s.topSpacing-extra;s.stickyWrapper.css('height',s.stickyElement.outerHeight());if(scrollTop<=etse){if(s.currentTop!==null){s.stickyElement.css({'width':'','position':'','top':'','z-index
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (26776), with no line terminators
                                          Category:downloaded
                                          Size (bytes):26776
                                          Entropy (8bit):5.096076305888252
                                          Encrypted:false
                                          SSDEEP:384:UAw9+7qbJRrJJBCstxalrzb+36UCbkakuncKk823JcO7+sbxsp:U+7qbJRrJJBCstxalrzhTbL23CONGp
                                          MD5:EBA886958941191AAFC65AF7E4E117AE
                                          SHA1:57DE7316FD8AE4A3EA5CAB2308049511CE536F78
                                          SHA-256:A75F94E0069672FECB745AD293D434FC07EF720305E9DC93574CE284A68FC906
                                          SHA-512:DD73078BD4A4CA5C686CB6B996054A1F3D37402D17F1DBD43409DE645EBEB913B119D4925598063E056D5B55AD06355CD3728E0F9E87174CAA79E9EE751CF309
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/litespeed/css/68cd2460d4d9f72fde436a1695d0cea3.css?ver=0cea3
                                          Preview:@import url("https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap");@font-face{font-display:swap;font-family:Holtzman-Textured;src:url(/wp-content/themes/kreskamaki/fonts/Holtzman-Textured-PL.woff2) format('woff2');font-display:swap;unicode-range:U+0100-024F,U+1E00-1EFF,U+20A0-20AB,U+20D0-20CF,U+2C60-2C7F,U+A720-A7FF}html{font-size:62.5%}body{font-family:"Barlow Semi Condensed",sans-serif;font-weight:400;font-size:3rem;color:#000;background:#fff;overflow-x:hidden}@media (max-width:991px){body{font-size:1.8rem}}@media (min-width:1310px){.container,.container-sm,.container-md,.container-lg,.container-xl{max-width:1280px}}#wrapper{position:relative;overflow:hidden;width:100%;height:auto}a{color:#f8e178;-webkit-transition:all .2s ease-in-out;-moz-transition:all .2s ease-in-out;-ms-transition:all .2s ease-in-out;-o-transition:all .2s ease-in-out;transi
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:PDF document, version 1.3, 2 pages
                                          Category:downloaded
                                          Size (bytes):1226772
                                          Entropy (8bit):7.992240684125922
                                          Encrypted:true
                                          SSDEEP:24576:7RmFN6xsguXbaaAJXv7apWyV0mThxvYGlcV2QsUYkiuC/72npzPG/:Fm+ZuOjJzaQyVPTh1YGZQshkiuG72p7+
                                          MD5:A3977EDCA33AD89379E30467ECEACC4C
                                          SHA1:CDC6F7F3161A192D8BD325C423FE591A93B9BF23
                                          SHA-256:3BCE5F62A799E0DF8FE84AEF521A8AB441A503CFE86F808077DF728FC14C7C20
                                          SHA-512:95EBB211668F5650A76C820F1D2514FFCCBBEE49EF7CB47CA20B9D9CA61D82F11FF74E524D3B078F3F081064DD3C0B93F99367F6D1DFECF22F0C401AF96D4A0B
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/uploads/KRESKA-MAKI-ULOTKA.pdf
                                          Preview:%PDF-1.3.%......19 0 obj.<</Linearized 1/L 1226772/O 21/E 224553/N 2/T 1226277/H [ 856 240]>>.endobj. .xref..19 28..0000000016 00000 n..0000001096 00000 n..0000001342 00000 n..0000001732 00000 n..0000001871 00000 n..0000002578 00000 n..0000003249 00000 n..0000003362 00000 n..0000003855 00000 n..0000003965 00000 n..0000004554 00000 n..0000004579 00000 n..0000004849 00000 n..0000013611 00000 n..0000020911 00000 n..0000028396 00000 n..0000035618 00000 n..0000042806 00000 n..0000051609 00000 n..0000059576 00000 n..0000067189 00000 n..0000067472 00000 n..0000074523 00000 n..0000074637 00000 n..0000217277 00000 n..0000217346 00000 n..0000224187 00000 n..0000000856 00000 n..trailer.<</Size 47/Root 20 0 R/Info 18 0 R/ID[<01868BA676EB4DCB98867917E31FAED1><DF8504429FB24F4CB51EA55147A8FC2C>]/Prev 1226266>>.startxref.0.%%EOF. .46 0 obj.<</Filter/FlateDecode/I 180/Length 160/S 89>>stream..h.b``.f``.c`a`N.. ..B..@..........BJ.|.Rv...Bsu@|.........V.d.0p.h.iI ...J...v
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:SVG Scalable Vector Graphics image
                                          Category:downloaded
                                          Size (bytes):219884
                                          Entropy (8bit):5.999372265630994
                                          Encrypted:false
                                          SSDEEP:6144:9DwkDQXOSkhZuifuzXP7HLOoEOcFX4Daq:9BDQXOSBifu/HCoEOcp4Daq
                                          MD5:046912FC158B9501CD1742626EB0A5C0
                                          SHA1:FF004306BBCF2BE570D995FCF0BB64A4B5FF259E
                                          SHA-256:E12910505D5D5A3FA9CABF0424259BC36AE9949EDD321A5F871B96B53C0A136B
                                          SHA-512:17BD886DE1F65D946343948415045B358E33A48CA7F4EAA870B5248B8D3DD8FDD0C651E88B532C287F1F5D8290BACDF1C782C384CC3425B70F72D0656B3669EE
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/uploads/inst.svg
                                          Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg width="45px" height="45px" viewBox="0 0 45 45" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. Generator: Sketch 55.2 (78181) - https://sketchapp.com -->. <title>Bitmap</title>. <desc>Created with Sketch.</desc>. <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="POPUP_V2-JE.LI-SI.-PAN-WYROBI/STOPKA" transform="translate(-1031.000000, -42.000000)">. <g id="Group-7" transform="translate(979.000000, 42.000000)">. <image id="Bitmap" x="52.107438" y="0" width="44.892562" height="45" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAgAAAAIACAYAAAD0eNT6AAAEGWlDQ1BrQ0dDb2xvclNwYWNlR2VuZXJpY1JHQgAAOI2NVV1oHFUUPrtzZyMkzlNsNIV0qD8NJQ2TVjShtLp/3d02bpZJNtoi6GT27s6Yyc44M7v9oU9FUHwx6psUxL+3gCAo9Q/bPrQvlQol2tQgKD60+INQ6Ium65k7M5lpurHeZe58853vnnvuuWfvBei5qliWkRQBFpquLRcy4nOHj4g9K5CEh6AXBqFXUR0rXalMAjZPC3e1W99Dwntf2dXd
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (1372)
                                          Category:dropped
                                          Size (bytes):5894
                                          Entropy (8bit):5.138500481616588
                                          Encrypted:false
                                          SSDEEP:96:HCafbL6vWfk2p5d5aM4m1D5an+thYcHWs1SlVr:iafbL6+fB5SDm1I8hYlDr
                                          MD5:69FAAA6C85AD3FF87C75ED6A4828119D
                                          SHA1:5A97B53B2F1DDF0BA823ABFE5410925C79CD130E
                                          SHA-256:44CB2EE3E7D990BE7A3D3A944AA8A06E90677DD01EB4C56D2463609FAB768AFB
                                          SHA-512:318A34DB9FFE2EEEF017CB758D35BB59A4C484AAC6C4473623A099C4CE8E91B2979F621A47F43DA98101A1E5B2B5FB09E4835E8DE26FD05ACF85F860E2536393
                                          Malicious:false
                                          Reputation:low
                                          Preview:(function(factory){if(typeof define==='function'&&define.amd){define(['jquery'],factory)}else if(typeof module==='object'&&module.exports){module.exports=factory(require('jquery'))}else{factory(jQuery)}}(function($){var slice=Array.prototype.slice;var splice=Array.prototype.splice;var defaults={topSpacing:0,bottomSpacing:0,className:'is-sticky',wrapperClassName:'sticky-wrapper',center:!1,getWidthFrom:'',widthFromWrapper:!0,responsiveWidth:!1,zIndex:'inherit'},$window=$(window),$document=$(document),sticked=[],windowHeight=$window.height(),scroller=function(){var scrollTop=$window.scrollTop(),documentHeight=$document.height(),dwh=documentHeight-windowHeight,extra=(scrollTop>dwh)?dwh-scrollTop:0;for(var i=0,l=sticked.length;i<l;i++){var s=sticked[i],elementTop=s.stickyWrapper.offset().top,etse=elementTop-s.topSpacing-extra;s.stickyWrapper.css('height',s.stickyElement.outerHeight());if(scrollTop<=etse){if(s.currentTop!==null){s.stickyElement.css({'width':'','position':'','top':'','z-index
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (13501)
                                          Category:dropped
                                          Size (bytes):13576
                                          Entropy (8bit):5.381708037296056
                                          Encrypted:false
                                          SSDEEP:192:P5cjRGweGwMVmNiYsFH1/H828p9jsaCKHHtfktoM34m4MUMlWTv4+XLAiSRu:09wMVUsz/HopgCfkWM34m4Mtqvau
                                          MD5:44013DC9768C1D7A46754D8AEC9C87AF
                                          SHA1:165AE6DF100AB76FE10607596978D3792EFCDC45
                                          SHA-256:BBC8E20865F6925998B843B5D4C3E0B42FEEA7CC668BEE93D03CF621D2B67860
                                          SHA-512:88EC2BFC2CE01AFC007A634A8142C866BCF1BB6190770DA36BA720C6F2145048F6C73655FF72659530C3452D3D06C02C6CA28F001E546609B9F6F401485679F5
                                          Malicious:false
                                          Reputation:low
                                          Preview:/* == Page scroll to id == Version: 1.6.5, License: MIT License (MIT) */.!function(e,t,a){var n,l,s,i,o,r,c,u,h,f,g,d,p="mPageScroll2id",_="mPS2id",C=".m_PageScroll2id,a[rel~='m_PageScroll2id'],.page-scroll-to-id,a[rel~='page-scroll-to-id'],._ps2id",v={scrollSpeed:1e3,autoScrollSpeed:!0,scrollEasing:"easeInOutQuint",scrollingEasing:"easeOutQuint",pageEndSmoothScroll:!0,layout:"vertical",offset:0,highlightSelector:!1,clickedClass:_+"-clicked",targetClass:_+"-target",highlightClass:_+"-highlight",forceSingleHighlight:!1,keepHighlightUntilNext:!1,highlightByNextTarget:!1,disablePluginBelow:!1,clickEvents:!0,appendHash:!1,onStart:function(){},onComplete:function(){},defaultSelector:!1,live:!0,liveSelector:!1,excludeSelectors:!1,encodeLinks:!1},m=0,I={init:function(r){var r=e.extend(!0,{},v,r);if(e(a).data(_,r),l=e(a).data(_),!this.selector){var c="__"+_;this.each(function(){var t=e(this);t.hasClass(c)||t.addClass(c)}),this.selector="."+c}l.liveSelector&&(this.selector+=","+l.liveSelector),
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
                                          Category:dropped
                                          Size (bytes):8992
                                          Entropy (8bit):7.964869327496373
                                          Encrypted:false
                                          SSDEEP:192:wqnuvy5bPiOSbGRrPZfnDSQQbjte6ZPnDTXQgT2d86re/4JhQ:zuv2PoqRrPlnCbpPlnD4d8T/ShQ
                                          MD5:A46FA17354271E78E03D331B0EA1C325
                                          SHA1:6614BF744118435CD4BDBD598ECE5C12C420F326
                                          SHA-256:1DEFF18BE93C970ED89E14800A63B74771A8770B15476F00E20464F7A8EA99CF
                                          SHA-512:3347B189EAF39E54CD91DE9BA5D2DBD14480893141900F7F519D30555A0B32270F1EA83ED514F21A33DC688B9EDB4818503B117EAA45FB1E8C6782304D594FB4
                                          Malicious:false
                                          Reputation:low
                                          Preview:.PNG........IHDR...<...<.....:..r....gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....bKGD............"nIDATh...g.e.Y......v.9..;Mw4.-Y.l.%;$86..EwBXN!aA...kE.@H1.........,!.EV.>w......s..=..Epb..f..............+.W...u...n.p..?:.Vo.E.fh3W...x&....=...{$k...W...k.....Ba.W....D.p...x.m.S.{....9....[[r...z....N.!.g..z.H4$:.@DRq.i...M1...0...+._....D...../.mTZ.{....~%jL....aV_...h*s.......4zCV..'..Y.fri......S.I.-.........w|vee.R...x..~r|.......1&.s.......6..Fy.....i1..XY.a..&.......?..0.,.L%-R^.`..j.$.c.b.W.H.8}U._...s... t.Z.....=.....a.x]=.x!F...^.5._..co...=.....0.X,&...&7Yd..R...9...V.ILqQ.)...Hwc........P.O_..|./....wi./...........X..=..s.W1s....$[{u......y..X...rn%....W.m....T{.uTc8}..^F.%...R....D'...SrP....:./0q,....L....;.Ss'.|...#...U.......1...[.|m.......Q.3<0'..*..#.....Jrt....WP.....f..0.q3..R@k ..Mb,......W.\c~2....s:..J4;..lN..x^..'...Ko....^A.^...^..'..w...;.^.43&..}.l..W.T.U..9N.,0..X..Ld....y.\..%!.q.
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (13501)
                                          Category:downloaded
                                          Size (bytes):13576
                                          Entropy (8bit):5.381708037296056
                                          Encrypted:false
                                          SSDEEP:192:P5cjRGweGwMVmNiYsFH1/H828p9jsaCKHHtfktoM34m4MUMlWTv4+XLAiSRu:09wMVUsz/HopgCfkWM34m4Mtqvau
                                          MD5:44013DC9768C1D7A46754D8AEC9C87AF
                                          SHA1:165AE6DF100AB76FE10607596978D3792EFCDC45
                                          SHA-256:BBC8E20865F6925998B843B5D4C3E0B42FEEA7CC668BEE93D03CF621D2B67860
                                          SHA-512:88EC2BFC2CE01AFC007A634A8142C866BCF1BB6190770DA36BA720C6F2145048F6C73655FF72659530C3452D3D06C02C6CA28F001E546609B9F6F401485679F5
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/litespeed/js/31a67072baeb9a0d16e95ccea2f8e7c8.js?ver=8e7c8
                                          Preview:/* == Page scroll to id == Version: 1.6.5, License: MIT License (MIT) */.!function(e,t,a){var n,l,s,i,o,r,c,u,h,f,g,d,p="mPageScroll2id",_="mPS2id",C=".m_PageScroll2id,a[rel~='m_PageScroll2id'],.page-scroll-to-id,a[rel~='page-scroll-to-id'],._ps2id",v={scrollSpeed:1e3,autoScrollSpeed:!0,scrollEasing:"easeInOutQuint",scrollingEasing:"easeOutQuint",pageEndSmoothScroll:!0,layout:"vertical",offset:0,highlightSelector:!1,clickedClass:_+"-clicked",targetClass:_+"-target",highlightClass:_+"-highlight",forceSingleHighlight:!1,keepHighlightUntilNext:!1,highlightByNextTarget:!1,disablePluginBelow:!1,clickEvents:!0,appendHash:!1,onStart:function(){},onComplete:function(){},defaultSelector:!1,live:!0,liveSelector:!1,excludeSelectors:!1,encodeLinks:!1},m=0,I={init:function(r){var r=e.extend(!0,{},v,r);if(e(a).data(_,r),l=e(a).data(_),!this.selector){var c="__"+_;this.each(function(){var t=e(this);t.hasClass(c)||t.addClass(c)}),this.selector="."+c}l.liveSelector&&(this.selector+=","+l.liveSelector),
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (1053)
                                          Category:downloaded
                                          Size (bytes):3733
                                          Entropy (8bit):5.2886019449038635
                                          Encrypted:false
                                          SSDEEP:96:UeHY6eHYGwrlJ0wRTvR7xqUe+NP/s6qhm:UCPrzVT57XeYqhm
                                          MD5:537A079C133394D4E0F2AD8103F5DF2D
                                          SHA1:7FE93F5B70808EF1ECE24E232EE6D006AAA5FB60
                                          SHA-256:5A1EE52E8E1B31F47503D977DB28DD7243E494F0D8144CB6E1ABCA60192321AB
                                          SHA-512:34E207E7D9AE734B0C9492C756D415FBD6690E22E6C5AFB05F9D5CA12B62F6A706272661FDA9E901B1547848160954B41F2418B3DB679D57A2D8205D61AEB10E
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/litespeed/js/d3c4b1ae6baaab2a018f5b51e7096bea.js?ver=96bea
                                          Preview:$(".nav-link.dropdown-toggle").hover(function(){$(this).removeAttr('data-toggle');$(this).parent().addClass('show');$(this).next().addClass('show')},function(){var isDropdownHovered=$(this).next().filter(":hover").length;var isThisHovered=$(this).filter(":hover").length;if(isDropdownHovered||isThisHovered){}else{$(this).attr('data-toggle','dropdown');$(this).parent().removeClass('show');$(this).next().removeClass('show')}});$(".dropdown-menu").hover(function(){},function(){var isDropdownHovered=$(this).prev().filter(":hover").length;var isThisHovered=$(this).filter(":hover").length;if(isDropdownHovered||isThisHovered){}else{$(this).parent().removeClass('show');$(this).removeClass('show')}});var forEach=function(t,o,r){if("[object Object]"===Object.prototype.toString.call(t)).for(var c in t)Object.prototype.hasOwnProperty.call(t,c)&&o.call(r,t[c],c,t);else for(var e=0,l=t.length;l>e;e++)o.call(r,t[e],e,t)};var hamburgers=document.querySelectorAll(".hamburger");if(hamburgers.length>0){fo
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (65324)
                                          Category:downloaded
                                          Size (bytes):155758
                                          Entropy (8bit):5.06621719317054
                                          Encrypted:false
                                          SSDEEP:1536:b/xImT+IcCQYYDnDEBi83NcuSEk/ekX/uKiq3SYiLENM6HN26F:b/Riz7G3q3SYiLENM6HN26F
                                          MD5:A15C2AC3234AA8F6064EF9C1F7383C37
                                          SHA1:6E10354828454898FDA80F55F3DECB347FD9ED21
                                          SHA-256:60B19E5DA6A9234FF9220668A5EC1125C157A268513256188EE80F2D2C8D8D36
                                          SHA-512:B435CF71A9AE66C59677A3AC285C87EA702A87F32367FE5893CF13E68F9A31FCA0A8D14F6A7D692F23C5027751CE63961CA4FE8D20F35A926FF24AE3EB1D4B30
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/litespeed/css/337468f3ab634f283848c9874971e922.css?ver=1e922
                                          Preview:/*!. * Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors. * Copyright 2011-2019 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace}*,::after,::before{box-sizing:
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Web Open Font Format (Version 2), TrueType, length 14888, version 1.0
                                          Category:downloaded
                                          Size (bytes):14888
                                          Entropy (8bit):7.986255916557493
                                          Encrypted:false
                                          SSDEEP:384:SCKIrNnYIi6ucSFn4P0UgQStTMIT8kIi6QEEPTnl7:Sx8N3AckIWrT8OxBh
                                          MD5:D8D570F7D4197B4DC5B07A9299949EBE
                                          SHA1:06D06A518B72AD08DD33682F96E59D99C3FEBB20
                                          SHA-256:A52A95C1CE2A7FAF45902E5899D205439D8940D09A0F98932DD256883BBD9AC2
                                          SHA-512:80D8AFA3E86D717FE8E0E333D6FE855D28B50475AF2461F655968D6F8479154AD89E70A67C83548E2F37F3BCA1206BCB8AD7C6401EDC20D6A359969484BC5B5B
                                          Malicious:false
                                          Reputation:low
                                          URL:https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_CWslu50.woff2
                                          Preview:wOF2......:(.......p..9...........................(..F.(.`..... ........<.....J..6.$.... ..".....V..~...vB..L.;9..6....N....@U.s...Jr"c..l.2(....Peg....]G#[0&....JJH.S...K.'.l...G.....Al..%..........@E.^|..AX.`.-C..E+.J......C6+.!\.O.g\....?....7\.n.\.p.......t.R....A.:.V.......3.m.Or.......s.s...&P.O...@.Q...w.O......JS)....`fT.u.c.j....I.@.!F.J...J...%...F.k...nx....{p.#....a.`...MI.......k..?...B<.\.$9.U.....c.f......}...-v.....l.G...7o.k. .E.:.~fd..!..q$.v.WK..|.z.i~Q.q... ..9..1...W...S.....io...qy.)I...M..hN........\..+..S.A...{.....]M....o.,...G.2.r_.M.....).J.G....._..^t...L.;......a......h6.....>?.$.A...2...<.X....=.X".Hf...^@cQ.._....j...'.EJ..$..e#$....]g....hR.$....!..qD....H.p(%..S......]!...uR.&...:..e:...y..;..M..H.d.@v3......~.,...0.I...K)....7o.....%..|.........1.@.7........?.m..I%...G.v.....E.I....@?.i^RM.... ..Y...g..C.6.X.F.0..2..w.v.......a....C$.@.(@.(C8.!.4!:.!..!..!.. 6. N.!..!.. A.!.. ).!.r y. .* <5.:..f.N]..=.>C..c...C.Z.Yn.d....6@
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:HTML document, ASCII text, with very long lines (815)
                                          Category:downloaded
                                          Size (bytes):3501
                                          Entropy (8bit):5.383873370647921
                                          Encrypted:false
                                          SSDEEP:96:EI5cZUiKliCJ86U+QTEVWfeLwTauSEegdkZ5edOIC:EI5hiWNJ8kQTEVWfeUauRfdkZ5edO1
                                          MD5:147FD3B00C22BA9C939712E9213C24CA
                                          SHA1:3B48369B86FA0574F35379AACD1F42CC9C98A52B
                                          SHA-256:70F5B11C1870CF90201A6D5F770CA318A3FA5827C74A8765EDE22B487F7D4532
                                          SHA-512:E8419A71232EDAC8FD131446777F7D034B3171EFE07B3267479B439E4982650DB65A0D1DDC9F516315D5ED1B01ECFD2F7EB55D75D44AA51EE0AD494D441586D2
                                          Malicious:false
                                          Reputation:low
                                          URL:https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fkreskamaki.pl
                                          Preview:<!DOCTYPE html>.<html>.<head>. <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon">.</head>.<body>. <script>.'use strict';class m{constructor(a){this.j=a;this.g={};this.h={};this.i=0;this.id=String(Math.floor(Number.MAX_SAFE_INTEGER*Math.random()))}}function n(a){return a.performance&&a.performance.now()||Date.now()}.var p=function(a,b){class d{constructor(c,g,f){this.failureType=c;this.data=g;this.g=f;this.h=new m(n(f))}s(c,g){const f=c.clientId;if(c.type===0){c.isDead=!0;var e=this.h,h=n(this.g);e.g[f]==null&&(e.g[f]=0,e.h[f]=h,e.i++);e.g[f]++;c.stats={targetId:e.id,clientCount:e.i,totalLifeMs:Math.round(h-e.j),heartbeatCount:e.g[f],clientLifeMs:Math.round(h-e.h[f])}}c.failure={failureType:this.failureType,data:this.data};g(c)}}return new d(5,a,b)};/*.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/.let q=globalThis.trustedTypes,r;function t(){let a=null;if(!q)return a;try{const b=d=>d;a=q.createPolicy("goog#html",{createHTML:b,createScript:b,crea
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text
                                          Category:downloaded
                                          Size (bytes):24835
                                          Entropy (8bit):5.426601222870483
                                          Encrypted:false
                                          SSDEEP:384:ca3B3V3RayPHatWhda27TaUlRaCfXaREYa0FxaUlR72PKPCs5A9mR:RdhWL2Pa
                                          MD5:2A64706269AE7B0440DA71E1BAC26E66
                                          SHA1:D51F3A24E95AF4234BE47B8F869F1A1ED8D68914
                                          SHA-256:8BEC0B406AAC0001B783FB1F55BFA909661261DDF17F59F57AF90A864BF06F44
                                          SHA-512:1AE9CB876A0E377CE52CD14FD8FBE7578FDC20A52033455B8EF109AC07BB77AB695349835DECDC01DEBB7F26720E0D20790025FC0CB1818D77B0220CE442BC55
                                          Malicious:false
                                          Reputation:low
                                          URL:"https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap"
                                          Preview:/* vietnamese */.@font-face {. font-family: 'Barlow Semi Condensed';. font-style: italic;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpjgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbLLEEMAhqSP.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./* latin-ext */.@font-face {. font-family: 'Barlow Semi Condensed';. font-style: italic;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpjgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbLLEEIAhqSP.woff2) format('woff2');. unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./* latin */.@font-face {. font-family: 'Barlow Semi Condensed';. font-s
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (1053)
                                          Category:dropped
                                          Size (bytes):3733
                                          Entropy (8bit):5.2886019449038635
                                          Encrypted:false
                                          SSDEEP:96:UeHY6eHYGwrlJ0wRTvR7xqUe+NP/s6qhm:UCPrzVT57XeYqhm
                                          MD5:537A079C133394D4E0F2AD8103F5DF2D
                                          SHA1:7FE93F5B70808EF1ECE24E232EE6D006AAA5FB60
                                          SHA-256:5A1EE52E8E1B31F47503D977DB28DD7243E494F0D8144CB6E1ABCA60192321AB
                                          SHA-512:34E207E7D9AE734B0C9492C756D415FBD6690E22E6C5AFB05F9D5CA12B62F6A706272661FDA9E901B1547848160954B41F2418B3DB679D57A2D8205D61AEB10E
                                          Malicious:false
                                          Reputation:low
                                          Preview:$(".nav-link.dropdown-toggle").hover(function(){$(this).removeAttr('data-toggle');$(this).parent().addClass('show');$(this).next().addClass('show')},function(){var isDropdownHovered=$(this).next().filter(":hover").length;var isThisHovered=$(this).filter(":hover").length;if(isDropdownHovered||isThisHovered){}else{$(this).attr('data-toggle','dropdown');$(this).parent().removeClass('show');$(this).next().removeClass('show')}});$(".dropdown-menu").hover(function(){},function(){var isDropdownHovered=$(this).prev().filter(":hover").length;var isThisHovered=$(this).filter(":hover").length;if(isDropdownHovered||isThisHovered){}else{$(this).parent().removeClass('show');$(this).removeClass('show')}});var forEach=function(t,o,r){if("[object Object]"===Object.prototype.toString.call(t)).for(var c in t)Object.prototype.hasOwnProperty.call(t,c)&&o.call(r,t[c],c,t);else for(var e=0,l=t.length;l>e;e++)o.call(r,t[e],e,t)};var hamburgers=document.querySelectorAll(".hamburger");if(hamburgers.length>0){fo
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Web Open Font Format (Version 2), TrueType, length 14332, version 1.0
                                          Category:downloaded
                                          Size (bytes):14332
                                          Entropy (8bit):7.982156099870702
                                          Encrypted:false
                                          SSDEEP:384:lyFqFYFmTMVxGwEm7ZpR398cKUirlUhl7FlZoDW8I8q:Q/EQxVEkfRUzruROo8q
                                          MD5:03A479C043B4C516D94C98C8A866159B
                                          SHA1:5C6BF5BB2DC5915B5AC31D8DF0E2F01FFD687F89
                                          SHA-256:A4D3C6DAE270ACBD137141DAB83933F07FB4ABA3A17136460859E743FD1D6F1A
                                          SHA-512:AE1BCDBD61C06EE2454DE307FB2CCA225064712D3FC6CACDBC757183A6E7DB3E961C47D44C29AB89E50ACDC20C70C825F36B9E24F414FEE09F2D321349C95E1C
                                          Malicious:false
                                          Reputation:low
                                          URL:https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXdoqqOEo.woff2
                                          Preview:wOF2......7........(..7...........................(..8.(.`..... ........l.....J..6.$.... ..:.....V..x.....A...k....F.b.....]...... .C.....C.,%..c..J.4Vy....%...:lT....vh.K..}m.IO..X...,.... .I....w#....A]4)..>.Qtq......,.Kd...G.HF..o.k..R.i...0.h...?+..}......j4.(..[.<.{..~g.Fe.`a._<..}x.Gh.#=&......g*.U9... ~.#:mf...M..~...t.._{2..B....Q......p.8W.z.2......-.|z.~..#.A.U.:..s....d....Y.'.p.p.....@..E..G.......|........:...i.B....9+6...g...y.?.%.`...+<p..2.WM49.9.....=....}._.E..`W3o....?.@@x>u%.U..|.w...8..C...o....]....T.cBm....STx.......SmK"?.mA(a...a...tf>.je.C#.._...Z.l..&E]...F]..KSsQ.V..8..M-.........$..kQ.........LD.,...lW H.....s.....aj.*".....c....c...u.~.i...h...ve....`..x.{..,u..$.g..>. Z..n.'...G@..%..T.)..(........(B.H...X..wA..>.?./......K..{...4...y....g$.I?.......2t&...v.....r...8..B.cDD*.s....M..JgNS.D.b.....9.`..i.4.....n"n.....<$...R.4.@z. #.)...d..r....xC..P.`(D$.-.J...+...B..5P.6.C..g.4.ph.Q..c.q&ASL.f...5..o...Rh...
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Unicode text, UTF-8 text, with very long lines (2530)
                                          Category:dropped
                                          Size (bytes):222951
                                          Entropy (8bit):5.541172027785511
                                          Encrypted:false
                                          SSDEEP:3072:4RgYpTAX/D+ORdG0X/gDwPAjIJ8UUlPLKOZ0DmoMfgQJ9rDbD:+MX/iORfPmPLoDmoMfgQJ9P
                                          MD5:E0B9DE9C57DC4FA28E353794355AF653
                                          SHA1:CD30BC8E8D94A600D1A9B6C0393BC0E99A627E36
                                          SHA-256:49EEED213B7CAEFB2327EFD1607160E6397C5F6837D0AE0BA731ACF94B016044
                                          SHA-512:A1B3F1FA741E2E19FB032C0A1510943A9C87CEBE37813AA0FF120A863EA975BBC288E4F3F14422BB4FB65476D5298622C416BC0CCB7083B3EA163FC64BB6E48D
                                          Malicious:false
                                          Reputation:low
                                          Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"4",. . "macros":[{"function":"__e"},{"function":"__v","vtp_name":"gtm.elementUrl","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__f","vtp_component":"URL"},{"function":"__e"}],. "tags":[{"function":"__googtag","metadata":["map"],"once_per_event":true,"vtp_tagId":"G-LQCZW9R2TQ","vtp_configSettingsTable":["list",["map","parameter","send_page_view","parameterValue","true"]],"tag_id":3},{"function":"__gaawe","metadata":["map"],"once_
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:SVG Scalable Vector Graphics image
                                          Category:dropped
                                          Size (bytes):219884
                                          Entropy (8bit):5.999372265630994
                                          Encrypted:false
                                          SSDEEP:6144:9DwkDQXOSkhZuifuzXP7HLOoEOcFX4Daq:9BDQXOSBifu/HCoEOcp4Daq
                                          MD5:046912FC158B9501CD1742626EB0A5C0
                                          SHA1:FF004306BBCF2BE570D995FCF0BB64A4B5FF259E
                                          SHA-256:E12910505D5D5A3FA9CABF0424259BC36AE9949EDD321A5F871B96B53C0A136B
                                          SHA-512:17BD886DE1F65D946343948415045B358E33A48CA7F4EAA870B5248B8D3DD8FDD0C651E88B532C287F1F5D8290BACDF1C782C384CC3425B70F72D0656B3669EE
                                          Malicious:false
                                          Reputation:low
                                          Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg width="45px" height="45px" viewBox="0 0 45 45" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. Generator: Sketch 55.2 (78181) - https://sketchapp.com -->. <title>Bitmap</title>. <desc>Created with Sketch.</desc>. <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="POPUP_V2-JE.LI-SI.-PAN-WYROBI/STOPKA" transform="translate(-1031.000000, -42.000000)">. <g id="Group-7" transform="translate(979.000000, 42.000000)">. <image id="Bitmap" x="52.107438" y="0" width="44.892562" height="45" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAgAAAAIACAYAAAD0eNT6AAAEGWlDQ1BrQ0dDb2xvclNwYWNlR2VuZXJpY1JHQgAAOI2NVV1oHFUUPrtzZyMkzlNsNIV0qD8NJQ2TVjShtLp/3d02bpZJNtoi6GT27s6Yyc44M7v9oU9FUHwx6psUxL+3gCAo9Q/bPrQvlQol2tQgKD60+INQ6Ium65k7M5lpurHeZe58853vnnvuuWfvBei5qliWkRQBFpquLRcy4nOHj4g9K5CEh6AXBqFXUR0rXalMAjZPC3e1W99Dwntf2dXd
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (1752)
                                          Category:downloaded
                                          Size (bytes):1937
                                          Entropy (8bit):4.9212602876122284
                                          Encrypted:false
                                          SSDEEP:24:Bljm0ukm/gf4pOQZP8ZqUDbdkPkPV6OS1m0TPO1Itahl2+TP4:HjP20vPk8PV6xmqwI+Q
                                          MD5:36F720ECE0E9CF5B8383A20599D5DBB5
                                          SHA1:D815B0DED5030B455536A39FCCAAFACD2FD7A635
                                          SHA-256:A34B74AA5D1235D90A0A66242BDBEA9209680C2B1F2F366EBC81E8E7C5357852
                                          SHA-512:7CC46E54D932914CE6165A5C70411B39CE63A470D1F479AE9E205ACFDBE9C16334AA38A1D74EE9137A4C3BDE271E0874F6FF552A1EFCABDAE25F07E236106DD3
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/litespeed/css/5249450f0b6dbec702c6eddfd93e86c2.css?ver=e86c2
                                          Preview:/*!. * Hamburgers. * @description Tasty CSS-animated hamburgers. * @author Jonathan Suh @jonsuh. * @site https://jonsuh.com/hamburgers. * @link https://github.com/jonsuh/hamburgers. */..hamburger{padding:15px;display:inline-block;cursor:pointer;transition-property:opacity,filter;transition-duration:.15s;transition-timing-function:linear;font:inherit;color:inherit;text-transform:none;background-color:transparent;border:0;margin:0;overflow:visible}.hamburger:hover{opacity:.7}.hamburger.is-active:hover{opacity:.7}.hamburger.is-active .hamburger-inner,.hamburger.is-active .hamburger-inner:before,.hamburger.is-active .hamburger-inner:after{background-color:#000}.hamburger-box{width:40px;height:24px;display:inline-block;position:relative}.hamburger-inner{display:block;top:50%;margin-top:-2px}.hamburger-inner,.hamburger-inner:before,.hamburger-inner:after{width:40px;height:4px;background-color:#000;border-radius:4px;position:absolute;transition-property:transform;transition-duration:.15s;tran
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:SVG Scalable Vector Graphics image
                                          Category:downloaded
                                          Size (bytes):197
                                          Entropy (8bit):5.011698762860873
                                          Encrypted:false
                                          SSDEEP:6:tI9mc4slzu1U0K/vduB33B3SmvU4FUzw3Frf0i:t4I1LK/K3xCmvU4FUkgi
                                          MD5:24444096200B9D12E2BECCDC4E075F96
                                          SHA1:CBE41460B29234DF2EF6F543AE3EFF9F83440F81
                                          SHA-256:10D68EDDD0D1B8820D763B8EE46674D6B29F4DC30A04980CE85568E4F89FD8DF
                                          SHA-512:D1909D404E973274E5662123CA8FEFC8893C0B1E255EE59BFA9E5D5ED4053B0268D8929F0B8783570ED2284763FBE2007A20DD6DDDD0CDD774DF64AEDF1D70B6
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/themes/kreskamaki/img/btn-arrow.svg
                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18"><g><g transform="rotate(91 9.5 9)"><path d="M9.15 0L.65 15.56S4.782 18 9.15 18s8.5-2.44 8.5-2.44z"/></g></g></svg>
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:SVG Scalable Vector Graphics image
                                          Category:downloaded
                                          Size (bytes):109032
                                          Entropy (8bit):5.952026077650293
                                          Encrypted:false
                                          SSDEEP:1536:hYnOBuDu9p7aO6c/pZDgpq3hFjyLzXhvkWkjNii/DazDfUMyfze03HyYEAqefqww:hNuo7hfwpUFjyLVvkWs9DsI3Hy3ZV
                                          MD5:1800F1899AE3AAEC5325D8CB82A160CD
                                          SHA1:33081DDAC167D0302E68D9E350437B81CA60D0FA
                                          SHA-256:B5FEA6A62CA944350C1738566BBB1756E9CE1ACDBC15BDAF28B62CC4B7B14F64
                                          SHA-512:5319F8906DE126E8A2120411C9019B82BB90D009F35D9AD5F5DE6742808C291928254F76EE1EECB62B84AFD590D7C9D7A5A2FF8712C32A36788D3400045042B0
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/uploads/fb.svg
                                          Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg width="44px" height="44px" viewBox="0 0 44 44" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. Generator: Sketch 55.2 (78181) - https://sketchapp.com -->. <title>Bitmap</title>. <desc>Created with Sketch.</desc>. <defs>. <rect id="path-1" x="0" y="0" width="43.2892562" height="43.3928571" rx="21.6446281"></rect>. </defs>. <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="POPUP_V2-JE.LI-SI.-PAN-WYROBI/STOPKA" transform="translate(-979.000000, -42.000000)">. <g id="Group-7" transform="translate(979.000000, 42.000000)">. <g id="Bitmap">. <mask id="mask-2" fill="white">. <use xlink:href="#path-1"></use>. </mask>. <use id="Mask" fill="#D8D8D8" xlink:href="#path-1"></use>. <image mask="url(#mask-2)" x="-38
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Unicode text, UTF-8 text, with very long lines (65441), with CRLF line terminators
                                          Category:dropped
                                          Size (bytes):67359
                                          Entropy (8bit):5.352035171848617
                                          Encrypted:false
                                          SSDEEP:768:oDR8aeY7IeuemSlrl6JoUXXRuoBMALCYdPRJ2Op/Xnum7xX/FA1pFwmv6SKbyGl6:oDR+cASlrlerNjxp/Xnum7zlEb
                                          MD5:0018B2947487CCA1596BA00A9D80130C
                                          SHA1:F701C05D59788094B38DC8FCBBBB24219F903845
                                          SHA-256:DC1DA692990307185621FD661B7305E29D3A0A5BA0F0D998E5A1463A17C57044
                                          SHA-512:4411B4512287790F763F84B4C5FAE7FBF08AC6FEA39111964FA5AABB31EC7EE5051F3AF434103379A37148A65E1B354F0967AA27FD5844C4D5C7DFD416E49AA4
                                          Malicious:false
                                          Reputation:low
                                          Preview:/* clarity-js v0.7.56: https://github.com/microsoft/clarity (License: MIT) */..!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return dr},get start(){return lr},get stop(){return fr},get track(){return ir}}),e=Object.freeze({__proto__:null,get clone(){return Ar},get compute(){return jr},get data(){return Tr},get keys(){return Nr},get reset(){return Rr},get start(){return Cr},get stop(){return zr},get trigger(){return Dr},get update(){return Lr}}),n=Object.freeze({__proto__:null,get check(){return qr},get compute(){return Fr},get data(){return Or},get start(){return Yr},get stop(){return Vr},get trigger(){return Ur}}),a=Object.freeze({__proto__:null,get compute(){return $r},get data(){return Br},get log(){return Qr},get reset(){return ti},get start(){return Kr},get stop(){return Zr},get updates(){return Jr}}),r=Object.freeze({__proto__:null,get callback(){return fi},get callbacks(){return ai},get clear(){return di},get consent(){return li},get data(){return ni},
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:SVG Scalable Vector Graphics image
                                          Category:downloaded
                                          Size (bytes):653669
                                          Entropy (8bit):4.030661820380514
                                          Encrypted:false
                                          SSDEEP:1536:h3BKVYWdF5PbSkbNZxf2oU16IFusDHSpx+nnINTuUD7jLNJnDxFNSz6AuibzZCdv:hM/d+g
                                          MD5:5C9FABF5ECFA53CFDAEEF8D371F59A96
                                          SHA1:9EEA22AF6FB90B402D287C30969A98A9C9DE4408
                                          SHA-256:055A9255FBC0603E63577E2D3A26DC6182E8126AF8DD57B64EF36DEFB17E5288
                                          SHA-512:F1D31DB55D9DAB527E0E10E3AD36F892FFA0B0484C11965205ABC32B64823F2CA817F7A635889333A1F2D8CEF8C0C5C94D9BD49A011AD39BDFBBAAA5161C62D3
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/uploads/logo.svg
                                          Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg width="120px" height="81px" viewBox="0 0 120 81" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. Generator: Sketch 55.2 (78181) - https://sketchapp.com -->. <title>Group 21</title>. <desc>Created with Sketch.</desc>. <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="POPUP_V1" transform="translate(-103.000000, -22.000000)">. <g id="Group-26">. <g id="Group-17" transform="translate(103.000000, 22.000000)">. <g id="Group-21">. <g id="Group-Copy-23">. <path d="M1.1301836,36.188905 C1.35068216,36.2979435 2.17014693,36.2178781 1.96829751,36.0281512 C1.91783515,35.9804858 2.07415875,35.796055 1.87285784,35.7720666 C1.30570484,35.7035281 0.737454835,35.9948166 1.1301836,36.188905" id="Fill-1" fill="#000000"></path>. <path d="
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (65447)
                                          Category:dropped
                                          Size (bytes):87532
                                          Entropy (8bit):5.262415846264695
                                          Encrypted:false
                                          SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GK7:sHNwcv9VBQpLl88SMBQ47GK7
                                          MD5:C9771CC3E90E18F5336EEDBD0FFFB2CF
                                          SHA1:6EE8AAA3AC1F4E0AE18717A3FD26892E9F0E4CC5
                                          SHA-256:3E7501D15C3630E791C8B20392EB9DEE31A9F65CE3EFDDE76CEF5C710141AB24
                                          SHA-512:C503341FA3A7176FD10BD8CD7A5717C8FAF971F87FA0C158F2D94FCD484AE3ED5031F49414DAE833FB806B7365B5699C21D2E655376F69ADB052B22F6F6982A7
                                          Malicious:false
                                          Reputation:low
                                          Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (57791)
                                          Category:dropped
                                          Size (bytes):58074
                                          Entropy (8bit):5.248134402525336
                                          Encrypted:false
                                          SSDEEP:768:5NYyDyKAmHVaS3m3Dqp0NwCkXDtdFDLmTV+miDNJcJiQMRqyPiYtB6UvcCg8YGp:5NTKktDLmTF8yJL45XtHjoGp
                                          MD5:52C82CCA9DDA8D72474551BC511194D9
                                          SHA1:70CFDF04A622E5F6C2B77CFC3AACF9A97527DEBD
                                          SHA-256:884AF0998D5F0A4C6A28FB857ABAFA720672D1F572C4E6904EB12557A53A7044
                                          SHA-512:7DB92A7AB6D46C227A3CBB8DBFF98AFC11AD310A40865F5877960E996951230D116AE1CC6B3A5BF732981698E0961E39ECBA64BC11E70CEEA848E397F7FEA397
                                          Malicious:false
                                          Reputation:low
                                          Preview:/*!. * Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t=t||self).bootstrap={},t.jQuery,t.Popper)}(this,function(t,g,u){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(o){for(var t=1;t<arguments.length;t++){var r=null!=arguments[t]?arguments[t]:{},e=Object.keys(r);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(r).filter(function(t){return Object.getOwnPropertyDescriptor
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:HTML document, ASCII text, with very long lines (1452)
                                          Category:downloaded
                                          Size (bytes):1561
                                          Entropy (8bit):5.206862026865269
                                          Encrypted:false
                                          SSDEEP:24:+PSasGNz1TdyzUy7EgwXIOGlUIOG8h+Flaj0k0+1H3YurYRWk+9c+1ObVTGX7LDD:+P15NzeUy7EgwXOU/caNkwkrq6EV
                                          MD5:468AA46BA091B3C6983CD0AB8FBC3B0B
                                          SHA1:15C0F253D4264B20E065398D9583C252221F8501
                                          SHA-256:904E772EF58C7DDB704B6B2269F621578BE95CA842832CEFEBAE5EF48B44678D
                                          SHA-512:90F9303C6105B8F47E69A8A675E143594C43A509BB99ED8E60C9BFEE12CCB840F5C573683EF196399140B281AFCCF2000D67397802E42A7839075741E474BC50
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/litespeed/js/84b575d5c4d62ac66e9efe2707cd62a2.js?ver=d62a2
                                          Preview:/*. * jQuery hashchange event, v1.4, 2013-11-29. * https://github.com/georgekosmidis/jquery-hashchange. */.(function(e,t,n){"$:nomunge";function f(e){e=e||location.href;return"#"+e.replace(/^[^#]*#?(.*)$/,"$1")}var r="hashchange",i=document,s,o=e.event.special,u=i.documentMode,a="on"+r in t&&(u===n||u>7);e.fn[r]=function(e){return e?this.bind(r,e):this.trigger(r)};e.fn[r].delay=50;o[r]=e.extend(o[r],{setup:function(){if(a){return false}e(s.start)},teardown:function(){if(a){return false}e(s.stop)}});s=function(){function p(){var n=f(),i=h(u);if(n!==u){c(u=n,i);e(t).trigger(r)}else if(i!==u){location.href=location.href.replace(/#.*/,"")+i}o=setTimeout(p,e.fn[r].delay)}var s={},o,u=f(),l=function(e){return e},c=l,h=l;s.start=function(){o||p()};s.stop=function(){o&&clearTimeout(o);o=n};var d=function(){var e,t=3,n=document.createElement("div"),r=n.getElementsByTagName("i");while(n.innerHTML=" [if gt IE "+ ++t+"]><i></i><![endif]-->",r[0]);return t>4?t:e}();d&&!a&&function(){var t,n;s.st
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:SVG Scalable Vector Graphics image
                                          Category:dropped
                                          Size (bytes):653669
                                          Entropy (8bit):4.030661820380514
                                          Encrypted:false
                                          SSDEEP:1536:h3BKVYWdF5PbSkbNZxf2oU16IFusDHSpx+nnINTuUD7jLNJnDxFNSz6AuibzZCdv:hM/d+g
                                          MD5:5C9FABF5ECFA53CFDAEEF8D371F59A96
                                          SHA1:9EEA22AF6FB90B402D287C30969A98A9C9DE4408
                                          SHA-256:055A9255FBC0603E63577E2D3A26DC6182E8126AF8DD57B64EF36DEFB17E5288
                                          SHA-512:F1D31DB55D9DAB527E0E10E3AD36F892FFA0B0484C11965205ABC32B64823F2CA817F7A635889333A1F2D8CEF8C0C5C94D9BD49A011AD39BDFBBAAA5161C62D3
                                          Malicious:false
                                          Reputation:low
                                          Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg width="120px" height="81px" viewBox="0 0 120 81" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. Generator: Sketch 55.2 (78181) - https://sketchapp.com -->. <title>Group 21</title>. <desc>Created with Sketch.</desc>. <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="POPUP_V1" transform="translate(-103.000000, -22.000000)">. <g id="Group-26">. <g id="Group-17" transform="translate(103.000000, 22.000000)">. <g id="Group-21">. <g id="Group-Copy-23">. <path d="M1.1301836,36.188905 C1.35068216,36.2979435 2.17014693,36.2178781 1.96829751,36.0281512 C1.91783515,35.9804858 2.07415875,35.796055 1.87285784,35.7720666 C1.30570484,35.7035281 0.737454835,35.9948166 1.1301836,36.188905" id="Fill-1" fill="#000000"></path>. <path d="
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (57791)
                                          Category:downloaded
                                          Size (bytes):58074
                                          Entropy (8bit):5.248134402525336
                                          Encrypted:false
                                          SSDEEP:768:5NYyDyKAmHVaS3m3Dqp0NwCkXDtdFDLmTV+miDNJcJiQMRqyPiYtB6UvcCg8YGp:5NTKktDLmTF8yJL45XtHjoGp
                                          MD5:52C82CCA9DDA8D72474551BC511194D9
                                          SHA1:70CFDF04A622E5F6C2B77CFC3AACF9A97527DEBD
                                          SHA-256:884AF0998D5F0A4C6A28FB857ABAFA720672D1F572C4E6904EB12557A53A7044
                                          SHA-512:7DB92A7AB6D46C227A3CBB8DBFF98AFC11AD310A40865F5877960E996951230D116AE1CC6B3A5BF732981698E0961E39ECBA64BC11E70CEEA848E397F7FEA397
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/litespeed/js/fae7c159952a107f5852e1af9f92db52.js?ver=2db52
                                          Preview:/*!. * Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t=t||self).bootstrap={},t.jQuery,t.Popper)}(this,function(t,g,u){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(o){for(var t=1;t<arguments.length;t++){var r=null!=arguments[t]?arguments[t]:{},e=Object.keys(r);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(r).filter(function(t){return Object.getOwnPropertyDescriptor
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Web Open Font Format (Version 2), TrueType, length 22356, version 1.0
                                          Category:downloaded
                                          Size (bytes):22356
                                          Entropy (8bit):7.986238502121669
                                          Encrypted:false
                                          SSDEEP:384:tP0AUSf8RPOofIMCA4wGQQMhE0QofTEKkgYo45MyNcIE27+C/gP7xq8573T:6AHfofXkWQMh4oL/t45MEc5iwjxqQP
                                          MD5:2CC472DE37FB921E16B709DF94D2E8A9
                                          SHA1:6A7A3DF1DB5D2CF37DA704C4CE1D2540FEDBFC4E
                                          SHA-256:74EC7AA456249A38FB4826BD398C5CEB4FC82469CA304492A70AF2B8500DB605
                                          SHA-512:3E6A38ECD61003DC2E212ADC3C66BE8D5DE998549EA013F27A6719A3307FDFF059BC8CEBD8B67C095141F5576AB438D9E0BC04F86EFDB2F34F557ED3914CBA02
                                          Malicious:false
                                          Reputation:low
                                          URL:https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
                                          Preview:wOF2......WT..........V...........................:..X..v.`..... ...........B..$..6.$..D. ..:.....V.J.%lW.n.@.....L7w......A..6O.v.......)Ic..........$[Ua......\=.m.p.P...y33;N%^..0..V...q\w....5?/2...).=%.P8.[.C.V..f....,#..$,.p^7....=.........V~.d'_r..z.j ;?.!*V.U.y........ ....X.bA.T...*..T.(..)mG'F.x......}.....'....G..d....fu....t....L.$af_..../.$.. .0..%.UP.]8G..k.X.U\..n..Zv...........<....1 A.%h..B....h.O......Bl....?\.v......:7$H..x..6M..U.S$F.pt.4...^....x~.B.@.....k.4..x7.{...D.".....".I...(...rQ%..(?|o7@......A...vQ..F2._...{.......4.. ..)4.r/U.PO-.............\.].........=k&.i57.?./g..7.....P.4.P....:...g.U.V.....[]~.....qhr..[n.J.\7..d..}p..#...m................?......2%...F.&.^......'|.N....j...MH...1....K.9.lJQg...v..~.....&%.AJ.@j@.....9.. u.Hmq<....y...h.pHi....wIvA........e....v...b..v.dT*....m..P..PgEo.......t..........o.......\.O..@oE.@.&......eS.....'...W.P.7..P......}AriaA.!..^f...aMX{..$..n.f....C...".DB.o.w.-...A.
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Web Open Font Format (Version 2), CFF, length 200156, version 1.0
                                          Category:downloaded
                                          Size (bytes):200156
                                          Entropy (8bit):7.992974878320264
                                          Encrypted:true
                                          SSDEEP:3072:zQQPFCHXytCnxqJswbP773441TQFjB0AIx62n69VpQBJg5z8p1I:tcnxqbfoMmjGAIngvwJ3/I
                                          MD5:E608DD9F1E54A2755DDE8AA6C41025D1
                                          SHA1:4CA9B545AE2CC11305F0104ED6042EEC751CFFEF
                                          SHA-256:4D0BB31B78D31B1463BB4FF58F8C8F36B812C0B51BB10A10EB36B55820706412
                                          SHA-512:460CF0E4F9FF5B85A953D02625EB5867208B43E65938B6CACEE63F57C5373115F9AA916280C81B208E9FA2F03941DA34C9178FD1EEA7F33DAB371F9080DAA7BF
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/themes/kreskamaki/fonts/Holtzman-Textured-PL.woff2
                                          Preview:wOF2OTTO..........................................."."..&. .`..0.6.$..j...... [..^.&"...9.d.\'..-.8....I.....i...KV].Z........kC.;@D.z.A.@U.H......u....B.....C."....,.#h&....i5d...<.I.tCH....A6....x...'.....^Aqe...L....&.`6.].%C..OV..L'.S.._.5D-..cL.Z+~uR...Iu....'..X..dC}.*_..E..m..?AY.n..~....\..E.H.....%......./......y!e...@..........`......\...-......p...c6l..nRN. .ga..l..........LJ....'.}......D....._+).....gO..`.}..9...8......2H.CKN.@0.Sr.\|.h.....N...%...)$m....:.N#.~.....R...R. .4..,....p...y.@.b....n.^s...n4..Q.-.*.'.M.=i...F...t...g6>...Z..N...9>............z.......B0.D..CL$."h...{W.fu...Z`..1$q.8......h....|.... ...ll...xr..Rd......eT.ZJ@.SAc..w;.e2#.TU....;&..*R5(.........tW.,@Q..G..9......F.'..... 6&qb..6.....}.1..W...T.Z..P...C.7JE.....Z03.!v...^....4.....u$.Q.'".}I.....{...J..P....Fs.a=..'.^.......UJ....$.......2.l.{du.;....N.WK.*..M.O.....$.p.9.....jn...u..u...N..%.l.".;...S.F..!.S...I....d...............U..H).L.0U.A..J.f...
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Web Open Font Format (Version 2), TrueType, length 22908, version 1.0
                                          Category:downloaded
                                          Size (bytes):22908
                                          Entropy (8bit):7.989913624292428
                                          Encrypted:false
                                          SSDEEP:384:0NMUT9pJXz/kbDBdgiW5OUKvesIytWR6dnStXF1RSP1DdTObIIKyfv7ry2ipqmku:0C8LkbDBdgiW5OULpR6ItVaP1JTQbDfq
                                          MD5:06127CD56E9922BC0DA450AE76DDF43F
                                          SHA1:AA8CB2E361E610CF7C0DCE47BB344EDAEDCF9290
                                          SHA-256:57ADA345DC677B0B614D9F39E775FEDDE2D2EC49F29660654CBBA52B1B5A2220
                                          SHA-512:3E4A33FD9E31EAA205B38B962A90FEF3304BC4810D40F9609B7E359D5EBDFEDEA8885014187FA5DC9DAE9AF0AE564BBC4687F710E0BA6DFFB4AAD17FC3F960F3
                                          Malicious:false
                                          Reputation:low
                                          URL:https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.woff2
                                          Preview:wOF2......Y|.........Y...........................:.....v.`..... ........D..&..$..6.$..D. ........V.4.%l.F.n..Hs}..F.n.QRa......03NG..g%.!.->M.lg...YU.....N.`..p0h.L.....\......?`.###.....ES..\V.......F)....3....&.r..7.... T<......j...?.|....{.Nz..G\..-|.zy.....c.}....o'.!3.Ul/~).......y~n..}..8....mS.J2.h..oQ_'_.1...F.....;...M..9..;4.f4Nd...?.m....4R'C.9d..1$.c4tC...!.....H..,.d...7...`..u...^..|...C.)..$..N2..q..v.M....,dSK.;.R.B..:....G5....og{*..b.E.B......bV...^......f./..kn.sY.d.".~bP$..k.?.9..Z...%....Q....2]...W9....U.&@`...'....aJY..........r..E)..0.0k.....6.....D..$A-.'!pX..H..$.i...dR..6k...h..N..V....r...U.=.<..".!dZf.9...........w;.......C2X.}...u..rpK. .`......OK T...D....{..t.DBY{._.u.....5,...\}..,.....ZS..>.1..$...).o.e...F.6..KA..s.hDJ.Y>.K..[W..............ZF-.* ..HH......r.....9.IL...z....I.1.)..5...z.e.....e..G...4....N8..B...%..ei.3..]e)mi].Y......iT...F(...s...G&%JAN....v.p.J(.@.20[...l..j...\..DB....Y..[.7NL.%.E6.. ."."
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:RIFF (little-endian) data, Web/P image
                                          Category:downloaded
                                          Size (bytes):2596
                                          Entropy (8bit):7.908398216009705
                                          Encrypted:false
                                          SSDEEP:48:sSBoWjrqNiBBZRAIhr20J/y+QRPLIsgJ/pWDUqm6gteVq0:sgoy3BBZWPY/gRjfgdp8nvgJ0
                                          MD5:25D9C6F28CD9A01D7432E2C79303DEE5
                                          SHA1:AE7B61DEE39F4B1B9CC220FB7E4D3212B17EA5E9
                                          SHA-256:FEB2AA5CD33BFCF73EC35D417F097908CDF068B360B3AA188CBD9D23ED60211B
                                          SHA-512:B170146FE1D2F3D5B8CF97665DEBFF747E78FECF57C1A8BB766F286297C62D5A5379C835FB95A69D52480654E1BDD745F8B9E943A341A5455D0B3A4C578F0B6F
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/uploads/favicon.png
                                          Preview:RIFF....WEBPVP8X........;..;..ALPH........iK#Y.U.m.6.\u.X.m.m.m]....Zs..D....J_....'^.~rv.^U..q.^.>h.|o\!&..H2...U".....lU.G6oG$...W$Y.V.\..d_.Q../..y.L.b:.H..\...D'.mtq_.K...4~j...>....u.. ...L.Qg/.....n.".Q7.5$.f"..q.(.i.....O.5...?.....O...9=..R(.H.R.<.x...@E..2.j....r(.+.u@+-..2}...mIR.kr..S.\...9...,f8...."..N..x..5.w.....Z.....n....\...rA............>g.......\..E6..V..t..4.....L..qx.B......ik}v.,..c.`[..w.L...............q....=x.M.....+pW.)2...V.....VP8 6....#...*<.<.>E..D".!..U.(.D..N.BB+.<...|pw....2......{...?...I/P........z.~.z..........................T...?.?..]...........P/\.3.................?..D.0..`.....x....../......!z;..0Z?O8.1.Y....K.td..7V...p4~.d....%.....?~.ex.M...k2bT.&..B.plP8....a%.....*l.`....n....=<..:5.)s|..vR........8F9...xq~.<.M..gk..u.XD...u4.x}..y.9...ACFq....c%)..mG.......?.tq...S.-..m.d..=.Q.S@y...;.s.s#mI>Bt...Mi....670...a.7....(d ..u5.Md...."..>F..,...s..7..C.....fm..E..x.....L3..8....h=:.Z.\.....
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:Unicode text, UTF-8 text, with very long lines (2530)
                                          Category:downloaded
                                          Size (bytes):222957
                                          Entropy (8bit):5.541267337185621
                                          Encrypted:false
                                          SSDEEP:3072:4RgYpTAX/D+OR7G0X/gDwPAjIJ8UUlPLKOZ0DmoMfgQJ9rDbD:+MX/iOR5PmPLoDmoMfgQJ9P
                                          MD5:D7F3CE4A853422BFB828047C4DAB15AE
                                          SHA1:65F32D39D584EDB0C932568029BD7D2115F8BCEB
                                          SHA-256:49F7E73B8832F60F14BED7DD74B20629417006ECFEE95F7267F02120C3B439FF
                                          SHA-512:AB4735B208DD3DE4026B9EECC22674AAC5A4C365D86F912298B6A8ABAC37964662A8844268228E22AE6D96F808634E133063DDDC84BCBED1A6989D06779A90DF
                                          Malicious:false
                                          Reputation:low
                                          URL:https://www.googletagmanager.com/gtm.js?id=GTM-5DJH2VX
                                          Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"4",. . "macros":[{"function":"__e"},{"function":"__v","vtp_name":"gtm.elementUrl","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__f","vtp_component":"URL"},{"function":"__e"}],. "tags":[{"function":"__googtag","metadata":["map"],"once_per_event":true,"vtp_tagId":"G-LQCZW9R2TQ","vtp_configSettingsTable":["list",["map","parameter","send_page_view","parameterValue","true"]],"tag_id":3},{"function":"__gaawe","metadata":["map"],"once_
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (1223)
                                          Category:downloaded
                                          Size (bytes):19485
                                          Entropy (8bit):5.498123677217319
                                          Encrypted:false
                                          SSDEEP:384:LC/TzpZmdYHPu1cnq9W3eVqIudA7ItW09ROE1WWkK1z0Ika7YyifuxNrx5FejxO9:LCbNZmd6Pu1ct3yqZDtWcUE1WWr1qaV3
                                          MD5:ACFAAF3B7DA03D515C434409A8CEDFE3
                                          SHA1:4E2FE4950FCED5DF7A649497A093614E0A7D778F
                                          SHA-256:A192CC8B869A545B6910C7CB5C96612499A856C49585A67D1629CEC7EBB83DA0
                                          SHA-512:8F6D029D18C0AEFECC9F864A9DAA33E19D6F7B73E9CE6D4FABEEB7DABACE55764A7DE6771604B2E2CF59BCC5E3E12D076D508D9773EA14E6E1B2188F25184AE0
                                          Malicious:false
                                          Reputation:low
                                          URL:https://www.googletagmanager.com/static/service_worker/4bj0/sw.js?origin=https%3A%2F%2Fkreskamaki.pl
                                          Preview:'use strict';var aa=function(a){function c(d){return a.next(d)}function b(d){return a.throw(d)}return new Promise(function(d,e){function f(g){g.done?d(g.value):Promise.resolve(g.value).then(c,b).then(f,e)}f(a.next())})},h=function(a){return aa(a())};/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self;var r,u;a:{for(var ba=["CLOSURE_FLAGS"],z=n,A=0;A<ba.length;A++)if(z=z[ba[A]],z==null){u=null;break a}u=z}var ca=u&&u[610401301];r=ca!=null?ca:!1;var D;const da=n.navigator;D=da?da.userAgentData||null:null;function F(a){return r?D?D.brands.some(({brand:c})=>c&&c.indexOf(a)!=-1):!1:!1}function G(a){var c;a:{const b=n.navigator;if(b){const d=b.userAgent;if(d){c=d;break a}}c=""}return c.indexOf(a)!=-1};function H(){return r?!!D&&D.brands.length>0:!1}function I(){return H()?F("Chromium"):(G("Chrome")||G("CriOS"))&&!(H()?0:G("Edge"))||G("Silk")};!G("Android")||I();I();G("Safari")&&(I()||(H()?0:G("Coast"))||(H()?0:G("Opera"))||(H()?0:G("Edge"))||(
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:HTML document, Unicode text, UTF-8 text, with very long lines (9521)
                                          Category:downloaded
                                          Size (bytes):27748
                                          Entropy (8bit):5.48682546713626
                                          Encrypted:false
                                          SSDEEP:768:6JZdapzIwcXsTvc7H+fVGGrPRoSRNbj/a2u:65apswcXsTvA+fVH/bVu
                                          MD5:93E4C739B9A2041AD55742FB6E4CD930
                                          SHA1:1E02049D18299F0BF141DC673C59FD47496A9FA7
                                          SHA-256:A79BF42EB8D9E394F933EA68AB200B786BBFADCCFFC572C1157B4F75887E2E1C
                                          SHA-512:604BD0B0789BB03DBB839A3802C266DCC64D0CD7B2808F10207F5B9148A6CA63A0798E00F157815A6DDADF8760780D3BBFF595B860F92626495631901E687F2F
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f
                                          Preview:<!DOCTYPE html><html lang="pl"><head>. <script src="data:text/javascript;base64,KGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxqPWQuY3JlYXRlRWxlbWVudChzKSxkbD1sIT0nZGF0YUxheWVyJz8nJmw9JytsOicnO2ouYXN5bmM9ITA7ai5zcmM9J2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0bS5qcz9pZD0nK2krZGw7Zi5wYXJlbnROb2RlLmluc2VydEJlZm9yZShqLGYpfSkod2luZG93LGRvY3VtZW50LCdzY3JpcHQnLCdkYXRhTGF5ZXInLCdHVE0tUFFKSzM4MlYnKQ==" defer></script> <meta name='robots' content='max-image-preview:large' /> <script data-cfasync="false" data-pagespeed-no-defer>var gtm4wp_datalayer_name = "dataLayer";..var dataLayer = dataLayer || [];</script> <style id='classic-theme-styles-inline-css' type='text/css'>/*! This file is auto-generated */..wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);f
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (65447)
                                          Category:downloaded
                                          Size (bytes):87532
                                          Entropy (8bit):5.262415846264695
                                          Encrypted:false
                                          SSDEEP:1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GK7:sHNwcv9VBQpLl88SMBQ47GK7
                                          MD5:C9771CC3E90E18F5336EEDBD0FFFB2CF
                                          SHA1:6EE8AAA3AC1F4E0AE18717A3FD26892E9F0E4CC5
                                          SHA-256:3E7501D15C3630E791C8B20392EB9DEE31A9F65CE3EFDDE76CEF5C710141AB24
                                          SHA-512:C503341FA3A7176FD10BD8CD7A5717C8FAF971F87FA0C158F2D94FCD484AE3ED5031F49414DAE833FB806B7365B5699C21D2E655376F69ADB052B22F6F6982A7
                                          Malicious:false
                                          Reputation:low
                                          URL:https://kreskamaki.pl/wp-content/themes/kreskamaki/lib/jquery/jquery.min.js
                                          Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:ASCII text, with very long lines (3306)
                                          Category:downloaded
                                          Size (bytes):265790
                                          Entropy (8bit):5.556485582345966
                                          Encrypted:false
                                          SSDEEP:3072:swgYpTAX/D+Ofjlt0gBgDwPAjIJ8UUlPM22KiDUG7Z0DmoMfgQJyTRbD:1MX/iOfjHPmPx276DmoMfgQJyx
                                          MD5:00FBE133592D75CFEBF9D72D2D52A9DE
                                          SHA1:99EBF7DFA9069E4B0D62790D334C9B3ACCCCF7F0
                                          SHA-256:E63D1C1AE49535A7E9CF046F65E73A03E67BEC63925DF3D9B160097E7FFEB55D
                                          SHA-512:20544E41C335F1400805870FCA4081BB83E0516C276ADDE983B59A07DE31B41DB64F5E8AFEF0FB1CEECF47A9E42462A9F09F976FC4404B4DCF414FA7BA0B8BDA
                                          Malicious:false
                                          Reputation:low
                                          URL:https://www.googletagmanager.com/gtm.js?id=GTM-PQJK382V
                                          Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__v","vtp_name":"gtm.elementUrl","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__f","vtp_component":"URL"},{"function":"__e"}],. "tags":[{"function":"__gclidw","metadata":["map"],"once_per_event":true,"vtp_enableCrossDomain":false,"vtp_enableUrlPassthrough":false,"vtp_enableCookieOverrides":
                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          File Type:HTML document, ASCII text, with very long lines (1452)
                                          Category:dropped
                                          Size (bytes):1561
                                          Entropy (8bit):5.206862026865269
                                          Encrypted:false
                                          SSDEEP:24:+PSasGNz1TdyzUy7EgwXIOGlUIOG8h+Flaj0k0+1H3YurYRWk+9c+1ObVTGX7LDD:+P15NzeUy7EgwXOU/caNkwkrq6EV
                                          MD5:468AA46BA091B3C6983CD0AB8FBC3B0B
                                          SHA1:15C0F253D4264B20E065398D9583C252221F8501
                                          SHA-256:904E772EF58C7DDB704B6B2269F621578BE95CA842832CEFEBAE5EF48B44678D
                                          SHA-512:90F9303C6105B8F47E69A8A675E143594C43A509BB99ED8E60C9BFEE12CCB840F5C573683EF196399140B281AFCCF2000D67397802E42A7839075741E474BC50
                                          Malicious:false
                                          Reputation:low
                                          Preview:/*. * jQuery hashchange event, v1.4, 2013-11-29. * https://github.com/georgekosmidis/jquery-hashchange. */.(function(e,t,n){"$:nomunge";function f(e){e=e||location.href;return"#"+e.replace(/^[^#]*#?(.*)$/,"$1")}var r="hashchange",i=document,s,o=e.event.special,u=i.documentMode,a="on"+r in t&&(u===n||u>7);e.fn[r]=function(e){return e?this.bind(r,e):this.trigger(r)};e.fn[r].delay=50;o[r]=e.extend(o[r],{setup:function(){if(a){return false}e(s.start)},teardown:function(){if(a){return false}e(s.stop)}});s=function(){function p(){var n=f(),i=h(u);if(n!==u){c(u=n,i);e(t).trigger(r)}else if(i!==u){location.href=location.href.replace(/#.*/,"")+i}o=setTimeout(p,e.fn[r].delay)}var s={},o,u=f(),l=function(e){return e},c=l,h=l;s.start=function(){o||p()};s.stop=function(){o&&clearTimeout(o);o=n};var d=function(){var e,t=3,n=document.createElement("div"),r=n.getElementsByTagName("i");while(n.innerHTML=" [if gt IE "+ ++t+"]><i></i><![endif]-->",r[0]);return t>4?t:e}();d&&!a&&function(){var t,n;s.st
                                          No static file info
                                          Icon Hash:b29a8a8e86868381
                                          No network behavior found

                                          Click to jump to process

                                          Click to jump to process

                                          Click to dive into process behavior distribution

                                          Click to jump to process

                                          Target ID:0
                                          Start time:07:25:33
                                          Start date:20/11/2024
                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          Wow64 process (32bit):false
                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                          Imagebase:0x7ff76e190000
                                          File size:3'242'272 bytes
                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                          Has elevated privileges:true
                                          Has administrator privileges:true
                                          Programmed in:C, C++ or other language
                                          Reputation:low
                                          Has exited:true

                                          Target ID:2
                                          Start time:07:25:36
                                          Start date:20/11/2024
                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          Wow64 process (32bit):false
                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2000,i,3380293206825283762,15677942766615917640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                          Imagebase:0x7ff76e190000
                                          File size:3'242'272 bytes
                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                          Has elevated privileges:true
                                          Has administrator privileges:true
                                          Programmed in:C, C++ or other language
                                          Reputation:low
                                          Has exited:true

                                          Target ID:3
                                          Start time:07:25:39
                                          Start date:20/11/2024
                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                          Wow64 process (32bit):false
                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://kreskamaki.pl/&ved=2ahUKEwjXsdXPoeaJAxXOV0EAHeHeI60QFnoECBgQAQ&usg=AOvVaw3Fydc_x43m7WUzJ18d737f"
                                          Imagebase:0x7ff76e190000
                                          File size:3'242'272 bytes
                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                          Has elevated privileges:true
                                          Has administrator privileges:true
                                          Programmed in:C, C++ or other language
                                          Reputation:low
                                          Has exited:true

                                          Target ID:7
                                          Start time:07:26:51
                                          Start date:20/11/2024
                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                          Wow64 process (32bit):false
                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\downloaded.pdf"
                                          Imagebase:0x7ff6bc1b0000
                                          File size:5'641'176 bytes
                                          MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                          Has elevated privileges:true
                                          Has administrator privileges:true
                                          Programmed in:C, C++ or other language
                                          Reputation:low
                                          Has exited:true

                                          Target ID:8
                                          Start time:07:26:52
                                          Start date:20/11/2024
                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          Wow64 process (32bit):true
                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                          Imagebase:0x800000
                                          File size:3'581'912 bytes
                                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                          Has elevated privileges:true
                                          Has administrator privileges:true
                                          Programmed in:C, C++ or other language
                                          Reputation:low
                                          Has exited:true

                                          Target ID:9
                                          Start time:07:26:53
                                          Start date:20/11/2024
                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                          Wow64 process (32bit):false
                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1560,i,3530712955350696723,17840097560420890255,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                          Imagebase:0x7ff74bb60000
                                          File size:3'581'912 bytes
                                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                          Has elevated privileges:true
                                          Has administrator privileges:true
                                          Programmed in:C, C++ or other language
                                          Reputation:low
                                          Has exited:true

                                          No disassembly