Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Windows Analysis Report http://bam.nr-data.net

Overview

General Information

Sample URL:http://bam.nr-data.net
Analysis ID:437505
Infos:

Most interesting Screenshot:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

No high impact signatures.

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5500 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://bam.nr-data.net' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 5204 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1640,16557517724500513583,328483702961810642,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1700 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: unknownHTTPS traffic detected: 162.247.242.21:443 -> 192.168.2.7:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.247.242.21:443 -> 192.168.2.7:49721 version: TLS 1.2
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: unknownDNS traffic detected: queries for: bam.nr-data.net
Source: History.0.drString found in binary or memory: http://bam.nr-data.net/
Source: History.0.drString found in binary or memory: http://bam.nr-data.net/bam.nr-data.net
Source: History.0.drString found in binary or memory: http://bam.nr-data.net/bam.nr-data.net/#
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, manifest.json0.0.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://accounts.google.com
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, manifest.json0.0.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://apis.google.com
Source: Current Session.0.drString found in binary or memory: https://bam.nr-data.net/
Source: History.0.drString found in binary or memory: https://bam.nr-data.net/bam.nr-data.net
Source: History.0.drString found in binary or memory: https://bam.nr-data.net/bam.nr-data.net/#
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://clients2.google.com
Source: manifest.json1.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 36e36e12-5fcf-4c27-976e-abe64e970649.tmp.2.dr, 3aab008f-9cce-41f5-8cc9-1d1ecabf8a68.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://ogs.google.com
Source: manifest.json1.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://r4---sn-4g5ednse.gvt1.com
Source: 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://redirector.gvt1.com
Source: manifest.json1.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, manifest.json0.0.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://www.google.com
Source: manifest.json1.0.drString found in binary or memory: https://www.google.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drString found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownHTTPS traffic detected: 162.247.242.21:443 -> 192.168.2.7:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.247.242.21:443 -> 192.168.2.7:49721 version: TLS 1.2
Source: classification engineClassification label: clean0.win@36/217@2/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60D0B300-157C.pmaJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user~1\AppData\Local\Temp\ac71f7f9-24a1-49b5-b2ba-facbc7288894.tmpJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://bam.nr-data.net'
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1640,16557517724500513583,328483702961810642,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1700 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1640,16557517724500513583,328483702961810642,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1700 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading3OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol2Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol3Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferIngress Tool Transfer1SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 437505 URL: http://bam.nr-data.net Startdate: 21/06/2021 Architecture: WINDOWS Score: 0 5 chrome.exe 15 501 2->5         started        dnsIp3 11 192.168.2.1 unknown unknown 5->11 13 239.255.255.250 unknown Reserved 5->13 8 chrome.exe 17 5->8         started        process4 dnsIp5 15 bam.nr-data.net 162.247.242.21, 443, 49709, 49710 NEWRELIC-AS-1US United States 8->15 17 googlehosted.l.googleusercontent.com 216.58.212.161, 443, 49738 GOOGLEUS United States 8->17 19 2 other IPs or domains 8->19

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://bam.nr-data.net1%VirustotalBrowse
http://bam.nr-data.net0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://bam.nr-data.net/bam.nr-data.net0%Avira URL Cloudsafe
https://bam.nr-data.net/bam.nr-data.net0%Avira URL Cloudsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
http://bam.nr-data.net/0%Avira URL Cloudsafe
https://bam.nr-data.net/bam.nr-data.net/#0%Avira URL Cloudsafe
https://bam.nr-data.net/0%Avira URL Cloudsafe
http://bam.nr-data.net/bam.nr-data.net/#0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bam.nr-data.net
162.247.242.21
truefalse
    		unknown
    googlehosted.l.googleusercontent.com
    		216.58.212.161
    		truefalse
      		high
      clients2.googleusercontent.com
      		unknown
      		unknownfalse
        		high

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        http://bam.nr-data.net/false
        • Avira URL Cloud: safe
        		unknown
        NameSourceMaliciousAntivirus DetectionReputation
        http://bam.nr-data.net/bam.nr-data.netHistory.0.drfalse
        • Avira URL Cloud: safe
        		unknown
        https://bam.nr-data.net/bam.nr-data.netHistory.0.drfalse
        • Avira URL Cloud: safe
        		unknown
        https://dns.google7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 36e36e12-5fcf-4c27-976e-abe64e970649.tmp.2.dr, 3aab008f-9cce-41f5-8cc9-1d1ecabf8a68.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drfalse
        • URL Reputation: safe
        • URL Reputation: safe
        • URL Reputation: safe
        		unknown
        https://clients2.googleusercontent.com7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp.2.dr, 4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp.2.drfalse
          		high
          https://bam.nr-data.net/bam.nr-data.net/#History.0.drfalse
          • Avira URL Cloud: safe
          		unknown
          https://feedback.googleusercontent.commanifest.json0.0.drfalse
            		high
            https://bam.nr-data.net/Current Session.0.drfalse
            • Avira URL Cloud: safe
            		unknown
            http://bam.nr-data.net/bam.nr-data.net/#History.0.drfalse
            • Avira URL Cloud: safe
            		unknown

            Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public

            IPDomainCountryFlagASNASN NameMalicious
            162.247.242.21
            		bam.nr-data.netUnited States
            		23467NEWRELIC-AS-1USfalse
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse
            216.58.212.161
            		googlehosted.l.googleusercontent.comUnited States
            		15169GOOGLEUSfalse

            Private

            IP
            192.168.2.1
            127.0.0.1

            General Information

            Joe Sandbox Version:32.0.0 Black Diamond
            Analysis ID:437505
            Start date:21.06.2021
            Start time:08:39:52
            Joe Sandbox Product:CloudBasic
            Overall analysis duration:0h 4m 14s
            Hypervisor based Inspection enabled:false
            Report type:light
            Cookbook file name:browseurl.jbs
            Sample URL:http://bam.nr-data.net
            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
            Number of analysed new started processes analysed:15
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:CLEAN
            Classification:clean0.win@36/217@2/5
            Cookbook Comments:
            • Adjust boot time
            • Enable AMSI
            Warnings:
            • Exclude process from analysis (whitelisted): taskhostw.exe, BackgroundTransferHost.exe, RuntimeBroker.exe, SgrmBroker.exe, backgroundTaskHost.exe, svchost.exe
            • TCP Packets have been reduced to 100
            • Created / dropped Files have been reduced to 100
            • Excluded IPs from analysis (whitelisted): 20.82.209.104, 40.88.32.150, 23.211.6.115, 168.61.161.212, 142.250.185.163, 172.217.18.109, 142.250.186.174, 216.58.212.174, 173.194.188.41, 74.125.104.92, 23.35.236.56, 34.104.35.123, 216.58.212.138, 142.250.185.74, 172.217.16.138, 142.250.185.106, 142.250.185.138, 142.250.185.170, 142.250.185.202, 142.250.185.234, 142.250.181.234, 216.58.212.170, 142.250.74.202, 142.250.186.42, 142.250.186.74, 142.250.186.106, 142.250.186.138, 142.250.186.170, 20.82.210.154, 8.253.95.249, 8.248.145.254, 8.253.204.120, 67.26.81.254, 8.253.207.121, 142.250.181.227, 142.250.186.35
            • Excluded domains from analysis (whitelisted): store-images.s-microsoft.com-c.edgekey.net, clientservices.googleapis.com, r4.sn-4g5ednse.gvt1.com, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, iris-de-ppe-azsc-neu.northeurope.cloudapp.azure.com, skypedataprdcoleus15.cloudapp.net, e12564.dspb.akamaiedge.net, r4---sn-4g5ednse.gvt1.com, clients2.google.com, redirector.gvt1.com, audownload.windowsupdate.nsatc.net, update.googleapis.com, arc.trafficmanager.net, watson.telemetry.microsoft.com, auto.au.download.windowsupdate.com.c.footprint.net, www.gstatic.com, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, fs.microsoft.com, accounts.google.com, r6---sn-4g5ednle.gvt1.com, skypedataprdcolcus17.cloudapp.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, www.googleapis.com, r6.sn-4g5ednle.gvt1.com, edgedl.me.gvt1.com, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, clients.l.google.com
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtCreateFile calls found.
            • Report size getting too big, too many NtOpenFile calls found.
            • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
            • Report size getting too big, too many NtWriteVirtualMemory calls found.

            Simulations

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASN

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):451603
            Entropy (8bit):5.009711072558331
            Encrypted:false
            SSDEEP:12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
            MD5:A78AD14E77147E7DE3647E61964C0335
            SHA1:CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
            SHA-256:0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
            SHA-512:DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
            Malicious:false
            Reputation:low
            Preview: BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ
            C:\Users\user\AppData\Local\Google\Chrome\User Data\1eea01a0-d3b6-4b4a-a67c-a3062113be5b.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):173321
            Entropy (8bit):6.0793473902154975
            Encrypted:false
            SSDEEP:3072:IkAaZUTyARKVazMVqiJfq3GMuj0auAfRHj6TiLA7bV/nYorVcI8XIssElYTRd:nfZUTjRKVl/JiW4auAfx6GgbV/njhcIr
            MD5:DA31480E2E70E7C9703F5EC738B01C47
            SHA1:29320692A869538992FF9117E2819D5BCA28F386
            SHA-256:11F71E1BC570FF61A22A132916F19CEE42FB6C791297B88DD3290F32E574A344
            SHA-512:0CC4BEEB905CFCA7361FD4185C91243A6DD4A2D5139AC48198B77C503906CFCB3B623FA11D1AF1A64C7AC08C3121D107E11B5AA3D7EB3DA9BF329AF354DC7ACF
            Malicious:false
            Reputation:low
            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.624290053622916e+12,"network":1.624257655e+12,"ticks":117613491.0,"uncertainty":4818037.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAD5yRpyxHTvRo045wUdD0XcAAAAAAIAAAAAABBmAAAAAQAAIAAAABLbexqB/oExTFJmpcENOvX+bVETIkvlcZMf3oIBvp2bAAAAAA6AAAAAAgAAIAAAAAb9GGQ1QmHgGBymkKDudOpZA89StPbsfruaqqGAbN50MAAAALDWaloNNJZN9rwnlUq/XLN9khJ9Jz9md9VO4rX+Yg+g8mRS88Enlg3B2TpBYYNjwkAAAACddQYw45aj+S/8dGnDKvRWon1T/sv/0i6HXgLXg0I1kMUaef/c6zqkTQ7ehiG3nkSfg6dR/4o1ZLALr+MYbEZ2"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951909820208"},"plugins":{"metadata":{"adobe-flash-player":{"disp
            C:\Users\user\AppData\Local\Google\Chrome\User Data\486788de-82c1-48f1-b0a0-66ff2eb02620.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):95428
            Entropy (8bit):3.7521968066682194
            Encrypted:false
            SSDEEP:384:NzMDjBGodSplVSovqN/rMvrB3cr54HhwGgvralvzxcNlh0rODmeK0GRPPHIOtVHz:1uqVtqFkw0eDLd1g3P+hKrx/hV
            MD5:71A94C7103408E84387EBA3D4A513E1C
            SHA1:9255DBFFFFEB201C2947445137F5519B2A681D16
            SHA-256:C206C4B0ECF3DDC66A4F30A3C3726C74BEBF1D9193D54CE5D2FFF9F8F6E9EC7B
            SHA-512:6474CC7BF58B1E4D082BC5C6D964E619682EAEE03E7F9EA62DC16F8A915D53DF309673A6317ADE6FCB09354CA83F17DA4BC2FCD9DC7EE18BD3B878FD87685502
            Malicious:false
            Reputation:low
            Preview: .t..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....=8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\5afbaa2f-bfcb-4cef-abf9-e9a64d4afe6d.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):173321
            Entropy (8bit):6.079348351416822
            Encrypted:false
            SSDEEP:3072:NkvaZUTyARKVazMVqiJfq3GMuj0auAfRHj6TiLA7bV/nYorVcI8XIssElYTRd:CyZUTjRKVl/JiW4auAfx6GgbV/njhcIr
            MD5:B57CF0AFFADBF6DCC1991028AEEBD333
            SHA1:E867CF9B212FE5FAA99C66C4A7AC1090F7CF24E4
            SHA-256:A121910AE1B38364FCD1CDDA030589579469854D08BB0DB0F97CC1847407BF21
            SHA-512:DB8628A0C767EF133CC3E4068A0AA3DE6B242398DE8CD9A6DD567F9E30E22754A246E1DA58123D64A0774F43DB657C88C02C16B6CB18761F18549D267B0BC365
            Malicious:false
            Reputation:low
            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.624290053622916e+12,"network":1.624257655e+12,"ticks":117613491.0,"uncertainty":4818037.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAD5yRpyxHTvRo045wUdD0XcAAAAAAIAAAAAABBmAAAAAQAAIAAAABLbexqB/oExTFJmpcENOvX+bVETIkvlcZMf3oIBvp2bAAAAAA6AAAAAAgAAIAAAAAb9GGQ1QmHgGBymkKDudOpZA89StPbsfruaqqGAbN50MAAAALDWaloNNJZN9rwnlUq/XLN9khJ9Jz9md9VO4rX+Yg+g8mRS88Enlg3B2TpBYYNjwkAAAACddQYw45aj+S/8dGnDKvRWon1T/sv/0i6HXgLXg0I1kMUaef/c6zqkTQ7ehiG3nkSfg6dR/4o1ZLALr+MYbEZ2"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951909956858"},"plugins":{"metadata":{"adobe-flash-player":{"disp
            C:\Users\user\AppData\Local\Google\Chrome\User Data\6ce7224e-478a-4e62-92b3-b4728247cbe7.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):92724
            Entropy (8bit):3.7517419844597644
            Encrypted:false
            SSDEEP:384:zzMDjBGoZp+vqN/rMvrB3cr54HhwGgvralvzxcNlh0rODmeJGRPPHIOtVHN61HGO:EqVtqFAw0eDLd1g3P+hKrx/hs
            MD5:84C4B817DF943247D224FCB213284C0E
            SHA1:1B9B5EB73B8370722CDFB0A29C355B513131C977
            SHA-256:2D7B998A06C0983DF2C411FB9191D0B27E5D53993E24B6302F9A3A4C57B72735
            SHA-512:223C1AAB5F0D2AA51B484299FB52ADD9667EA1FAB301582692F84E30B779164630186DC992D4361B119AD79B9568C29AE4192C0B39464FE44BEE88740F2505D6
            Malicious:false
            Reputation:low
            Preview: 0j..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....=8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\7600f43c-351c-41bd-9a21-e281d052af82.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:SysEx File -
            Category:dropped
            Size (bytes):94708
            Entropy (8bit):3.752548524762932
            Encrypted:false
            SSDEEP:384:dzMDjBGodSplVSovqN/rMvrB3cr54HhwGgvralvzxcNlh0rODmeJGRPPHIOtVHN7:luqVtqFAw0eDLd1g3P+hKrx/h/
            MD5:E2DE6843C852EB09D3F16930C902D0D3
            SHA1:43A6C3E55A3A7F2645BA58433BF945422CEC7015
            SHA-256:4E3892208B94D48BE23AEFE28E2C6473F83D7D89EF5CA56733768283E8139510
            SHA-512:CE0707DECD993C12757CBCC247F514A3F01DDD763E0C38AE77F6C2563580261B9F4F1BD35570A6ABD130A1DC269DD47E5079FD31A637B59249099219EEA57462
            Malicious:false
            Reputation:low
            Preview: .q..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....=8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):120
            Entropy (8bit):3.254162526001658
            Encrypted:false
            SSDEEP:3:FkXJFIsz6VVJFIsz6VVJFIsz6I:+rJsrJsrJJ
            MD5:E4C3A0CCEDB71D53052C719DE30FD750
            SHA1:C89D101217D4AA05AD9C6FB24DB2037B3BCC630E
            SHA-256:B9ABED457F567199890198C9CE3B20954C73C458014CEB77C5E4514B1A8D8BF9
            SHA-512:D248EFCFA1BA3BA433A7A8D57B432F13D968DCF82A29535295BF03044982E69F441E6455EE7E6E7E4E902794B6D1B9CDAACBC92050B73062C0FDD33C40580346
            Malicious:false
            Reputation:low
            Preview: sdPC.......................@.*.L..nM._bMsdPC.......................@.*.L..nM._bMsdPC.......................@.*.L..nM._bM
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2220fe0d-df63-4a85-ab86-3fba0670664d.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):24055
            Entropy (8bit):5.533650985471655
            Encrypted:false
            SSDEEP:384:ZiCtyLlUHWXg1kXqKf/pUZNCgVLH2HfDDrUSHGxYHGEnTJCTi4L+:oLlTg1kXqKf/pUZNCgVLH2Hf/rUSGxMj
            MD5:2222B7D35A30620C30160719C32654A0
            SHA1:06FBBC53B9CD6A810213059D05730BF82E3DAF00
            SHA-256:46A2062739E096B5523A3A1A28E6185C99A7459474281AF602F2CC49AC5CF89A
            SHA-512:645BB95540C39B9463CCAE09870ECBD068CE9C248AD42F0DEE12EFD8B01AA4B4614336C4B71BF2E7413AB250C9CA397D0D6CEA1FAC7E8FF890EB9082B4EF885E
            Malicious:false
            Reputation:low
            Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13268763648976026","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4e9bd676-1f78-42e7-8ee4-e174dacc5397.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:modified
            Size (bytes):2078
            Entropy (8bit):4.888413221724402
            Encrypted:false
            SSDEEP:48:Y2nCDHXT6qtwz5swuRLswjTswwwvZrqyswkZyKswj3zswAMHkYhbyD8:JnCDHXTxOzinnZrcNmG1hj
            MD5:B27BF8A890E704476CBFC1E7FD96A2B8
            SHA1:2F7E218A2B37E4DB49C242589ECE8F917D912A42
            SHA-256:3502ED9E13E796568FF1A6CEB4E1F8C91124A81A8C6409651622C26C08A1C29A
            SHA-512:9D40B2DFA0478A58C4685CA0E28E17C89E612DDB334A9CC511226323AD16053E579459AA18C1F46860C253D8637D8B24B1B09A95F685655916776469FA6BEEA0
            Malicious:false
            Reputation:low
            Preview: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13271355655398829","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13271355655524016","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://redirector.gvt1.com","
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4ff6ecff-bc16-41dc-be10-efbde3c1f81a.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):5731
            Entropy (8bit):5.193634956054764
            Encrypted:false
            SSDEEP:96:nxv3ho5KMRuEHYV1Jik0JCKL8mkG1CbOTQVuwn:nNhXMRZYHJk4KPkGu
            MD5:45C6DE8D5FCBE2AB38CBDEBC33A4A754
            SHA1:1BF4DB036F1279159BFA8BA7431674BE377AB66C
            SHA-256:F76E3BBB8BC205BAC55D5230A94081E3C65AD50A091401C7E43E1A12F947AADD
            SHA-512:2D9D28645C661D5559839F5A195F4421B8C16E5574302EDD1E87C881BD85978ECA48EB3C44B6D43900127B6BAC8C6A72BE2BD572C7E6F4E083BE9D52B2DEE8A7
            Malicious:false
            Reputation:low
            Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13268763649367386","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245952329814949","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245952502420488","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355952"],"daily_received_length":["0","0","0","0","0","0","0","
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\722292fd-a50e-4ea5-aa64-4d0ebd0e6ad0.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):5108
            Entropy (8bit):4.9872053789159105
            Encrypted:false
            SSDEEP:96:nxv3hoo/MpYV1Jik0JCKL8mkG1ZbOTQVuwn:nNhxMpYHJk4KPkG/
            MD5:9C9BA93E49FB09A5B97721A082301950
            SHA1:C5D0D180F36FB78F91A8F5DAE154F2B5DF59E20F
            SHA-256:C402EEC5F0B22FE15452FB9D7FF21557918E3AC80261EA7F6271B3A80383A0E0
            SHA-512:FA751B0F405789F16DDBFE34857F1C83515497BE7BFE551DAB31EE7970F330D78CE78948DBF7052F9326B904C61F49BECE6F73CB8059C3AE07F3C81FF8C04B45
            Malicious:false
            Reputation:low
            Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13268763649367386","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245952329814949","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245952502420488","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355952"],"daily_received_length":["0","0","0","0","0","0","0","
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\74da1eee-7f90-40c5-be1d-0e309ae59d05.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):16745
            Entropy (8bit):5.5774423138746485
            Encrypted:false
            SSDEEP:384:ZiCtvLlUHWXg1kXqKf/pUZNCgVLH2HfDDrUhhUi4J:tLlTg1kXqKf/pUZNCgVLH2Hf/rUAi+
            MD5:303BD58770357B58421A8C04E6F56908
            SHA1:5923A2DD0A4B8E9DD240B81847BC8A420679E6BD
            SHA-256:C547BDBC16FB13612B942B9B72E464EFF74CF12062F107181364C1726C9CCCF8
            SHA-512:5965E791AFF8B82D93E0E546589D20EED07F201B20F3FEF7D5D618527CC4743D0581AE15E2F76071E962C421050EBB450B3C742C1850DF0B1C1F6CD044BB0DE3
            Malicious:false
            Reputation:low
            Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13268763648976026","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7726e175-980a-41cc-a2f3-73fbbe9cd614.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):2724
            Entropy (8bit):4.858441642519087
            Encrypted:false
            SSDEEP:48:YXsPMHi5s7MHgKsSMH/zs8MHIs51tFsL6zsbWsdCshDysuMHCLsKMH9swIMHlYhj:XGiQGBGFGJ12LLHDwGyGkGihj
            MD5:9E0C31BCE1C83C78981EB86A29E2879B
            SHA1:3973E5D4DA1BC0BB99B78D1DFA7BEA045C85E173
            SHA-256:3D1BDA968D1CFF79DBD0C4B9D2A22367E9D9B8374622CD4263BD39137D8FE584
            SHA-512:D196B2993F4A46AFFD38DBA59866B048221D5CF6EAB1574846D1799B748BD71B09BE28D8154B16D97AEA300C7EE13719DC2E5034EC9D8913C6A6B399BDEBC23E
            Malicious:false
            Reputation:low
            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248544495618845","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31528},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544345624305","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":26637},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544345531701","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":53820},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544345601356","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":36228},"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"exp
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):342
            Entropy (8bit):5.232173442127454
            Encrypted:false
            SSDEEP:6:mvd5Oq2PcNwi23iKKdK9RXXTZIFUtp6dn3ZmwP6dMkwOcNwi23iKKdK9RXX5LJ:I5OvLZ5Kk7XT2FUtp43/P4M54Z5Kk7XH
            MD5:6D83F5D1E6D31749A5F54E460269C8E7
            SHA1:891F753C30869208346AEAA592AABA1BF6F3803A
            SHA-256:014F4D15DE54BC55C1295040B100A94DEC6CC22C7954AA82C58883C48B0412B1
            SHA-512:1C657AA1082DFA8617EE6BABC9C0B5F6DF9DB4476CC3AF43CDDFCF2ED867F0C4395D441F58F6168AFCBD97F30AB3CF3DB77778E11E07619980FA9EFAF0E2E78D
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:07.306 1bd4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/06/21-08:41:07.308 1bd4 Recovering log #3.2021/06/21-08:41:07.309 1bd4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):326
            Entropy (8bit):5.243109171889542
            Encrypted:false
            SSDEEP:6:mvdBq2PcNwi23iKKdKyDZIFUtp6dHZmwP6dkPkwOcNwi23iKKdKyJLJ:IBvLZ5Kk02FUtp4H/P4kP54Z5KkWJ
            MD5:6569BFAD2BD7E237B00C1A28CCEE86CC
            SHA1:0BDAA3D1468D363BB9704320FD0E87F1356F0E7B
            SHA-256:8F78B922FEA5AC771D0A8226FF3C4CE4D8FE6389B860FA661A4B035A52884E57
            SHA-512:A01FB199CC72E4E9AD29F037F1516026F6023A4EDFDB64AC12F33A704D37461F06AF8F8A4ECF770F54BA52B085E22F20FF74FD5FD0281D64F8033A1ADFC0D62A
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:07.288 1bd4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/06/21-08:41:07.289 1bd4 Recovering log #3.2021/06/21-08:41:07.293 1bd4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:SQLite 3.x database, last written using SQLite version 3032001
            Category:dropped
            Size (bytes):12288
            Entropy (8bit):0.6863571317626186
            Encrypted:false
            SSDEEP:12:TLyen4ufFdbXGwcFOaOndOtJRbGMNmt2SH/+eVpUHFxOUwae6:TLyqJLbXaFpEO5bNmISHn06Uwd
            MD5:1C0EAEEE6463CAE33B7A7CD9D9DF4DA5
            SHA1:FBC6A28A1501E40154FDC0A9D0C2F34A5F88AA65
            SHA-256:ED8AE7C5E6885874A39F4E86258F552670352A18D29BE1FF4D372A2F4CD06C8A
            SHA-512:355D19828609971998B09B36E7C7D304B7FB88C7A726670BEBF5CF2E2710F8E71B0F9DEF6FE9712B484C1EB122AEEEFDECF31D13E02C4539C399DFB86EC7619F
            Malicious:false
            Reputation:low
            Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):12836
            Entropy (8bit):0.9685292521026563
            Encrypted:false
            SSDEEP:24:3F2+tYeFV1qLbJLbXaFpEO5bNmISHn06UwBz8:3F2UYe/1q5LLOpEO5J/Kn7Um8
            MD5:B8FAD8977D5B0D8C32E7928C9EAB50D0
            SHA1:A0515F0F8F1C51E9A944378F27093E28C8762B19
            SHA-256:86BD34D7A57FFA0767937F9F6590F7A0AA3F8F36946E9E84B4F6AEA36117A166
            SHA-512:0CEFBCF91B24FFD6A109D4AD3407B6028029A83D47F9B754F39B72ED8FDF90621BD1BF5A7FCEBF4B4E55F2F0C4B8529877AFA06F7251A9C4CD328DC13E8ACCB9
            Malicious:false
            Reputation:low
            Preview: ........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):910
            Entropy (8bit):3.123837366641437
            Encrypted:false
            SSDEEP:12:3olydJheRTKasdPlpxlpNwKMF1lpmlm1bAbRtsZy1alF:34SmitlrlpM/l8lmJkR7EF
            MD5:F4A12778AE093650D1CD18F52A78C010
            SHA1:72B9A576F0D28E8A219617F8FBC6AE3FF99E567C
            SHA-256:47CCCBD3A1F12A2B821F3C6D19479B9DEBDFB2F8078F7DFE422D811550789249
            SHA-512:CB0B6768731FAFC803C8F1A07CA388AD913B2AA77A70D2C317AFA935DDA9B65DED97F1BAE957BD61B02F456D10471A4CFAC0985081F700597A62AB72E090FDB8
            Malicious:false
            Reputation:low
            Preview: SNSS....................................................!.............................................1..,.......$...90d0e62d_1da1_44a0_9ca0_befd717152cc.......................>..................................................................................5..0.......&...{C578CEAF-A17C-4AAB-9284-A5059F1242C7}...................................................!..................https://bam.nr-data.net/....................................................h.......`........................................................H..H....H..H...........................................8.......h.t.t.p.s.:././.b.a.m...n.r.-.d.a.t.a...n.e.t./.................................8.......0.......8..............?........................................................ ...............................................null........................https://bam.nr-data.net/......X..#/.............................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):8
            Entropy (8bit):1.8112781244591325
            Encrypted:false
            SSDEEP:3:3Dtn:3h
            MD5:0686D6159557E1162D04C44240103333
            SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
            SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
            SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
            Malicious:false
            Reputation:low
            Preview: SNSS....
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):183
            Entropy (8bit):4.267376444120917
            Encrypted:false
            SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+GgGg:qT5z/t2qoEwhXeLKBt
            MD5:7FA0F874EABF1EED31988230680AD210
            SHA1:E71B360F1E8D5C278A051AD03DFB9027ACCF38C3
            SHA-256:09E15F8939364145E710C314EBD93FD19BF60C2B6B20BF8023315D617B6B141B
            SHA-512:AF4C2E595AA0B1FD96474A0E73530B38BE5F2906B10BE1DEFC0A9221129A3E5BB8D0816777550863AD426C5C836ECA1F0C384986C2A1108E2E4CA20EF10A7824
            Malicious:false
            Reputation:low
            Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F..................F................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):322
            Entropy (8bit):5.224370537460535
            Encrypted:false
            SSDEEP:6:mvdFVOq2PcNwi23iKKdK8aPrqIFUtp6d+hZmwP6drkwOcNwi23iKKdK8amLJ:I2vLZ5KkL3FUtp4+h/P4r54Z5KkQJ
            MD5:D81E09ACFA636A7F6AFCF4B2BE8B1D31
            SHA1:A9A9CEA87DE6525BD63C60DD2D15A0F8644956A9
            SHA-256:EEFA77F26FD3D03311ED3C489B5685E066B858B8773707BF3CCA4D2C7C41A118
            SHA-512:310F6DEA3F6393851268DD435F76463D5283595030D5AAFE50E5CD0B5263B99C7E75A549C132AB508264BB8E8C87EF11757E064CA396867C360BAD87A0648C74
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:49.365 a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/06/21-08:40:49.366 a0 Recovering log #3.2021/06/21-08:40:49.367 a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):627
            Entropy (8bit):1.8784775129881184
            Encrypted:false
            SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
            MD5:9D7435EA49A80FDD66E4915F513017F9
            SHA1:469F6C6E4B19B85CC1BE497812B2F20864F4FF2C
            SHA-256:409D4C47E940688527D730B996E8991E010988C7671565467ED69D640D0947F3
            SHA-512:0561CD632D4219AEF4686DE40EC092921384CA89755D354801E0EAEC8645A8630A180807AF518AC8FCF01F71EB3D10FAA9CE1E62C7A7226A274975BDCB7EEB4C
            Malicious:false
            Reputation:low
            Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):328
            Entropy (8bit):5.202994558552575
            Encrypted:false
            SSDEEP:6:mvd1Wq2PcNwi23iKKdK8NIFUtp6dF2ZZmwP6d1kwOcNwi23iKKdK8+eLJ:I1WvLZ5KkpFUtp4FS/P4154Z5KkqJ
            MD5:F7EE15EC7C0D4F2EDDD5A3259F6B4B14
            SHA1:3691CE82BFA48EC054085A5EEF81D50E8AD444C3
            SHA-256:696988C3883D13F57992539A2AF18E6904D255DCC14E2F15FF49465D73E000A6
            SHA-512:2D6262A0408AB37DF6EE7230522AC170FCF83591D38F3133575717656A45F04DB620F8C0FFFAD643B89AADFD526653F6D08D797AF25058E9616FC7D43F2BE10F
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:53.328 1730 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/06/21-08:40:53.330 1730 Recovering log #3.2021/06/21-08:40:53.331 1730 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):11217
            Entropy (8bit):6.069602775336632
            Encrypted:false
            SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
            MD5:90F880064A42B29CCFF51FE5425BF1A3
            SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
            SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
            SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
            Malicious:false
            Reputation:low
            Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):11217
            Entropy (8bit):6.069602775336632
            Encrypted:false
            SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
            MD5:90F880064A42B29CCFF51FE5425BF1A3
            SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
            SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
            SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
            Malicious:false
            Reputation:low
            Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):23474
            Entropy (8bit):6.059847580419268
            Encrypted:false
            SSDEEP:384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
            MD5:6AE2135EA4583C2F06CDEBEA4AE70FA4
            SHA1:DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
            SHA-256:03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
            SHA-512:B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
            Malicious:false
            Reputation:low
            Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):19
            Entropy (8bit):1.8784775129881184
            Encrypted:false
            SSDEEP:3:FQxlX:qT
            MD5:0407B455F23E3655661BA46A574CFCA4
            SHA1:855CB7CC8EAC30458B4207614D046CB09EE3A591
            SHA-256:AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
            SHA-512:3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
            Malicious:false
            Reputation:low
            Preview: .f.5...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):380
            Entropy (8bit):5.260382496522684
            Encrypted:false
            SSDEEP:6:mvdWq2PcNwi23iKKdK25+Xqx8chI+IFUtp6dHXZmwP6dMkwOcNwi23iKKdK25+Xc:IWvLZ5KkTXfchI3FUtp43/P4M54Z5KkI
            MD5:28037DAF55780A2B46237877AB93235B
            SHA1:D5650EA0553953E877A8023946ED9AC20F19CA9A
            SHA-256:CB8DA08D8107C5AF14717B4305168955B1BCA4B180EBFBA26802998A2CEF8E53
            SHA-512:E161A455D4347836A21E4B7BABFA34EC33C097DE4D587BC3AA2C0B46886C50F89FEE58701F12D6170063B15BA72D300E394CBDED96794E8606B78EB76E57B38B
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:07.209 1bd4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/06/21-08:41:07.212 1bd4 Recovering log #3.2021/06/21-08:41:07.213 1bd4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):366
            Entropy (8bit):5.230845807719681
            Encrypted:false
            SSDEEP:6:mvd5q2PcNwi23iKKdK25+XuoIFUtp6d89ZmwP6dzkwOcNwi23iKKdK25+XuxWLJ:I5vLZ5KkTXYFUtp489/P4z54Z5KkTXHJ
            MD5:32C5C67DF7BCDD3D0BDB689F3ECF78B5
            SHA1:CF63CB8896C6A6EEBD4B1AE06DE829A2051A7134
            SHA-256:23BD2C75CCB332D3E2F24AFA2E3452CF057B2FDBC1237EF66376C7BFD4B2E0D7
            SHA-512:AA4911ACBA1B1E4C013F45440EEC41B674894552DEFD9AD528FB51426A726D62F7389CDD834AAC8DEFFF7DA97565F6294245F61A8DDF10B80415BB2A9CE1CE4D
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:07.046 1bd4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/06/21-08:41:07.051 1bd4 Recovering log #3.2021/06/21-08:41:07.052 1bd4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):338
            Entropy (8bit):5.253819784243436
            Encrypted:false
            SSDEEP:6:mvdWXq2PcNwi23iKKdKWT5g1IdqIFUtp6diXZmwP6diFkwOcNwi23iKKdKWT5g1L:I0vLZ5Kkg5gSRFUtp4C/P4u54Z5Kkg5i
            MD5:7DE91EE1970782812EF97B1BCDF2BD7F
            SHA1:6AC02D86914D3409768B85DCCCD80C63D19CC517
            SHA-256:0C3A6C28F1857A1F9769948A86904074785B56C87BBC6EE048B33ED0A3E6CC95
            SHA-512:3FB7564645A12BCFDCB6009738F0EC021A9811B584E2E876C12C1A22AC882A0FBE878A3BA35371B1DF510E92F390F5B715BFBE6DD14873A82F4B12B1361C99E5
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:06.924 16c4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/06/21-08:41:06.925 16c4 Recovering log #3.2021/06/21-08:41:06.925 16c4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:SQLite 3.x database, last written using SQLite version 3032001
            Category:dropped
            Size (bytes):32768
            Entropy (8bit):0.1443831996116873
            Encrypted:false
            SSDEEP:12:TL+A/nYLE3M3sCE3/QJ/9QZ2sc6BRs25BTmDzhLs:TLxnNM3C/E1C2sc6Aqxozm
            MD5:828EEB71139951FAAAA1285750AA1B7D
            SHA1:A086C43E9F92D734B8382003280C1A66F801215C
            SHA-256:0284767F5E5E17CE795390A2ACD2E6C2C913C85CA9F64FB9C4AEA5D0CF954FCC
            SHA-512:1590B3B6515370DC87C125DFD51D883582A718EB81AD129A247D02C3D0EC4027A45222998066600FE64880474965D686F9230B774235562F932F2478FC2A9F3F
            Malicious:false
            Reputation:low
            Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):42076
            Entropy (8bit):0.11668803149213285
            Encrypted:false
            SSDEEP:12:ERyN4RqLBj/R3lr4nMWQti9LahBQZ8fOhc:p4RqLBR3eTNATff
            MD5:D0D717BBC5011BA4B2670F12A4D1CC70
            SHA1:213EEA04F655022C5961AC73521CD8806164A255
            SHA-256:9330D48C6003E5414213D690692AEAFD814AE6E370F439E85BE3A64313D4ECFA
            SHA-512:455A95F61D6DE95AF8A1CDA479F67D1DD7875B15E966056BC6746FC2ABB9B279E7C6B31017D588F4E5C379F822EECAE632806C0BDA1BA1F5E9516A26BCC07ED0
            Malicious:false
            Reputation:low
            Preview: ........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):2955
            Entropy (8bit):5.4736044415067955
            Encrypted:false
            SSDEEP:48:GD1GRTa7QMr8db2459bQSefgGYNrS0U9RdiN98:9a7QM4db2459bQ5fgGgrS06
            MD5:E36F06B00200273C3489FBF55F64CD9A
            SHA1:FA87DE406CD15EF5D7680DD564D207CA6DBB0C13
            SHA-256:5A6AE9CD6906AD7426934D4DE1314EC57156460932F007CA42E91A2A3C6F7A0C
            SHA-512:1867976B6FF1698C48C9BAA1B93BC2E2FD33A48C91D5A2DB54054955BFF9685ACA23D84EA2D2084D696E0F6C3432CF016C30E067BE4D4DF2B099191C70DCE673
            Malicious:false
            Reputation:low
            Preview: .Y.1...*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm.............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..858470000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-06-21 08:41:10.85][INFO][mr.Init] MR instance ID: 6d27056f-80ac-4175-8d16-3054ee92c569\n","[2021-06-21 08:41:10.85][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-06-21 08:41:10.85][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-06-21 08:41:10.85][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-06-21 08:41:10.85][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-06-21 08:41:10.85][INFO][mr.CastProvider] Query enabled: true\n","[2021-06-21 08:41:10.85][INFO][mr.CloudProvider]
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):337
            Entropy (8bit):5.214797552192159
            Encrypted:false
            SSDEEP:6:mvdwyq2PcNwi23iKKdK8a2jMGIFUtp6dg1ZmwP6d7P31RkwOcNwi23iKKdK8a2jz:IwyvLZ5Kk8EFUtp4O/P47PlR54Z5Kk8N
            MD5:B3D49D70EEB5F3BA1F75F3E0CABF9BD4
            SHA1:3CB651D9E2152A4F4347746B1871D6C2567710A2
            SHA-256:B0D1562083B7E79DC7E05E47E1AB671B24E05D7FC0D30091BBC40B15AC77AF53
            SHA-512:91A99723F4D0B8675FA05D9A427957C8EA0F1C0DFA64DC254C7FDB02113B643B858FA57C35D9BF3C089961B8B252C78F04FEE3B131D218890B497AEDBA223E90
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:49.013 570 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/06/21-08:40:49.015 570 Recovering log #3.2021/06/21-08:40:49.016 570 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):339
            Entropy (8bit):5.23316135841924
            Encrypted:false
            SSDEEP:6:mvd29yq2PcNwi23iKKdKgXz4rRIFUtp6drI1ZmwP6dreRkwOcNwi23iKKdKgXz4n:I29yvLZ5KkgXiuFUtp4rG/P4reR54Z5j
            MD5:34B361B9E717A2EA613B4F3CDD7D0FDD
            SHA1:5F66DC0F83F4EF5874979B47B5F78359DB919DA5
            SHA-256:CF72F1EEC804771297F0FC9AD1F0C2DA61450B7D8E0F1136CA531E7760D1D5EB
            SHA-512:C5AB5A3553575837A0B47675BBE2892E17646B0738141A6E17685DAB9E41B26B93B9B94E3F6AECF03B545506EBC0D93F2CCF6EC0D76573EBD27E72FF855C812E
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:49.415 570 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/06/21-08:40:49.420 570 Recovering log #3.2021/06/21-08:40:49.420 570 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):114
            Entropy (8bit):1.9837406708828553
            Encrypted:false
            SSDEEP:3:5ljljljljljl:5ljljljljljl
            MD5:1B4FA89099996CE3C9E5A0A9768230E8
            SHA1:9026E1E0906E3B3FE0E414EE814CC5A042807A04
            SHA-256:537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
            SHA-512:4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
            Malicious:false
            Reputation:low
            Preview: ..&f.................&f.................&f.................&f.................&f.................&f...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):322
            Entropy (8bit):5.150813466308884
            Encrypted:false
            SSDEEP:6:mvdNIq2PcNwi23iKKdKrQMxIFUtp6dy8XZmwP6dy8FkwOcNwi23iKKdKrQMFLJ:ImvLZ5KkCFUtp4y8X/P4y8F54Z5KktJ
            MD5:2C0FF44671D4100010D23E454F31D20D
            SHA1:ABA937FED9A412D9120853F71B64E06D213602CE
            SHA-256:EE5227B2448659ABF756CAB9B3D3429EDF08AF26EB81944339E295482B39D974
            SHA-512:C3775AACFEA990618A782DC9B4B90F8219CCCA6846182BD3DE68B85121D6791FA13AEE5CD38D815E149B58910D36E35D85CC0E1A68F0F8C9C808CF393F0FD4FC
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:49.259 a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/06/21-08:40:49.262 a0 Recovering log #3.2021/06/21-08:40:49.262 a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):353
            Entropy (8bit):5.20612314221252
            Encrypted:false
            SSDEEP:6:mvdnf+q2PcNwi23iKKdK7Uh2ghZIFUtp6dU5ZmwP6dUo9VkwOcNwi23iKKdK7Uh9:InmvLZ5KkIhHh2FUtp4A/P4PD54Z5Kks
            MD5:72EC8E90FA1F4311FC22CCE32ECA770D
            SHA1:5BEDE2F6F73B0F02C0C13DF080FBDAE1A6B06690
            SHA-256:5CB60F877FF5E9B67614F32C107F88C5F2AFF7FEF894DCB34C6F4D70F772DD72
            SHA-512:DEDBF00D152930FB5BD484508A3CF476E016D57CC98B22DDDF49A15CDA274FEB59EAC18D2DE86C6784B6A6B5BDE75BBDD97DF0A2E51FF91672D7A0F3CA050025
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:48.972 5c8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/06/21-08:40:48.980 5c8 Recovering log #3.2021/06/21-08:40:48.981 5c8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\36e36e12-5fcf-4c27-976e-abe64e970649.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):325
            Entropy (8bit):4.957371343316884
            Encrypted:false
            SSDEEP:6:YHpoNXR8+eq7JdV5hsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sd7sBdLJlyH7E4f3K33y
            MD5:363D9EBEDB5030036B53B6B28E8A8EA5
            SHA1:1C7C9012156AC8295EB465BC774430A866096832
            SHA-256:466FE09323B709A587648157D77298132B29F7CD916CD68EF6B28A0FC5EE355B
            SHA-512:9C9A230BAF627B8A9856C0AC66E4EA262C304BBC2272662F4213EB617297DFE222E0CCC4FC0F22B04FAFB3125D55D774174700B381EA3FF90B8C3D11926E0238
            Malicious:false
            Reputation:low
            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248544335120983","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):296
            Entropy (8bit):0.19535324365485862
            Encrypted:false
            SSDEEP:3:8E:8
            MD5:C4DF0FB10C4332150B2C336396CE1B66
            SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
            SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
            SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
            Malicious:false
            Reputation:low
            Preview: .'..(...................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):432
            Entropy (8bit):5.256221626150079
            Encrypted:false
            SSDEEP:6:mvd0+q2PcNwi23iKKdKusNpV/2jMGIFUtp6dHXWZmwP6d6HVkwOcNwi23iKKdKux:I0+vLZ5KkFFUtp4HXW/P4EV54Z5KkOJ
            MD5:B6ECFE88B45733E2764AE8E559B81516
            SHA1:C4ECFD12197D064B70070BD8B2A72510F7D6A447
            SHA-256:699239B8AD96514EEEBE9A10A73CE77F77C16591CCB6F51B4BF69ED083C9D4E8
            SHA-512:107D15DE929A4F78B5839B5143F2A15E9A21E715BB9A01AB02827FC5DD88CBF125D5CBF6AD82D5BD0D10CB1B5441022891FE7CC5ED6719805D7CF0804C8FD90D
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:49.327 cc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/06/21-08:40:49.329 cc Recovering log #3.2021/06/21-08:40:49.330 cc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):440
            Entropy (8bit):5.2959770516227325
            Encrypted:false
            SSDEEP:12:IxvLZ5KkmiuFUtp462Z/P47z54Z5Kkm2J:sl5KkSgPlo5Kkr
            MD5:3AC5E5EF08463E27EB5853383BDA54F4
            SHA1:20AD3A826379C06380A4BD3A238E7B85475E9AC1
            SHA-256:56FEFA209464BDEC212C0272261248D735C0DC73633E70389553B593FA8B11DB
            SHA-512:AE2620E656F57C631779CC6A597A3672C7A30064529D5D92C0ED1B9CF7BB04A937C4E9AEF38AECE96C1B74C8C8E9FBDDD5DE8BBD769D4AF1CA32625084A385A4
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:49.410 1730 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/06/21-08:40:49.415 1730 Recovering log #3.2021/06/21-08:40:49.417 1730 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):19
            Entropy (8bit):1.9837406708828553
            Encrypted:false
            SSDEEP:3:5l:5l
            MD5:E556F26DF3E95C19DBAECA8F5DF0C341
            SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
            SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
            SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
            Malicious:false
            Reputation:low
            Preview: ..&f...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):420
            Entropy (8bit):5.22982597077791
            Encrypted:false
            SSDEEP:6:mvdLu4q2PcNwi23iKKdKusNpZQMxIFUtp6dxEhZmwP6dvkwOcNwi23iKKdKusNpB:IS4vLZ5KkMFUtp4xo/P4v54Z5KkTJ
            MD5:16839A4625A1EDBE2C76A30811571AF9
            SHA1:A4DBEA129C53D2C479C3C950A0144E008FF5F2CD
            SHA-256:944329D340B440E01973B7974DCAF1BD9B300CF9D1ADCAB65741063958A96EC9
            SHA-512:082C11EDD7FF3F5F360FADBF8B3B59FFE7EB6BA208350B380FDDA3BFACBAB1113FF379C062B823AE7FFA47BDFE992A2FD6878314BCF04B09C588383542028C9F
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:07.444 a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/06/21-08:41:07.446 a0 Recovering log #3.2021/06/21-08:41:07.447 a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\3aab008f-9cce-41f5-8cc9-1d1ecabf8a68.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):325
            Entropy (8bit):4.96345415074364
            Encrypted:false
            SSDEEP:6:YHpoNXR8+eq7JdV5Z0WlyhsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sd/0WCsBdLJlyH7E4f3K33y
            MD5:1FE877DDE8B96DED122AC08BB07A83C5
            SHA1:5BEA5FFAF686474CE8ACA1D95500C29D65007745
            SHA-256:3AD373EB6FF8EA394964EDA2A9E53ADD8DBA11DC9716ED3CA672F10DF369BA4D
            SHA-512:1854F005CD691674FCF27376150ABD6F036A79C42BB4FFECDCCA14A74CB21D8ADF2552CACE631E6E9C92C58E7EF27279CA30CE5648C8EB90B06F2247A4620043
            Malicious:false
            Reputation:low
            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248544342473569","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):592
            Entropy (8bit):0.19535324365485862
            Encrypted:false
            SSDEEP:3:8E8E:8N
            MD5:B505641E5E90B7CF4BC869DD1B4BE451
            SHA1:0EC7B13DC043E054AB48B8F45FE49EF1209C01AA
            SHA-256:2755F85F14CF33404CEEBF053D0CB79DC3B98D643A51075737E6A5BE154FE1D9
            SHA-512:610AF095630C93B0586F4D9CA84FA75454C472C557D4FDBC0D5C1851F9AABF8653079A7ADE4659ABADDEDC2E02E58AD13C7244CD004B0AA5A462307F293F83A3
            Malicious:false
            Reputation:low
            Preview: .'..(....................................................................................................................................................................................................................................................................................................'..(...................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):432
            Entropy (8bit):5.1723388973813345
            Encrypted:false
            SSDEEP:12:IE+vLZ5KkkGHArBFUtp44wW/P44HV54Z5KkkGHAryJ:sl5KkkGgPgj1no5KkkGga
            MD5:C930E28FDC54FF45B87420E8F1BA2BDD
            SHA1:B0A692F498C3C6F5B2006E4025E34409D82D8829
            SHA-256:90B4CE24CB115FF481E1235132694944A68142EC462AE8EF67537802F4ABD82E
            SHA-512:AD8BEF334C94D0B4843535A53EEF81699A00EAE66A1E1F2A4117712467B1F706E7998AFE7B86070BA841745FC4EA4910866DA2D9E874AE24A20D5FE44FEC38EB
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:06.370 cc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/06/21-08:41:06.372 cc Recovering log #3.2021/06/21-08:41:06.372 cc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):437
            Entropy (8bit):5.203114362890603
            Encrypted:false
            SSDEEP:12:IDuVvLZ5KkkGHArqiuFUtp47g/P4aI54Z5KkkGHArq2J:Wu5l5KkkGgCgC0So5KkkGg7
            MD5:75CC78DB7677D58F696C5CB734080212
            SHA1:D84567F605BC701E7FB8EAA8DACC73AB964D33DF
            SHA-256:4DBA8BC512871ED5D8BFE17278EDFE894ABCE5C600DDA30357B123C6BDD16710
            SHA-512:374B9979DE8C8702A7729A8B96F922366270C3864CAC4C6BC1DB5FF9A06499C51561742488D276FACA075D414DEF7B238C94C81336B326FEEC6EFE15984D6B1C
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:06.375 4d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/06/21-08:41:06.383 4d0 Recovering log #3.2021/06/21-08:41:06.384 4d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):38
            Entropy (8bit):1.9837406708828553
            Encrypted:false
            SSDEEP:3:5ljl:5ljl
            MD5:E9C694B34731BF91073CF432768A9C44
            SHA1:861F5A99AD9EF017106CA6826EFE42413CDA1A0E
            SHA-256:01C766E2C0228436212045FA98D970A0AD1F1F73ABAA6A26E97C6639A4950D85
            SHA-512:2A359571C4326559459C881CBA4FF4FA9F312F6A7C2955B120B907430B700EA6FD42A48FBB3CC9F0CA2950D114DF036D1BB3B0618D137A36EBAAA17092FE5F01
            Malicious:false
            Reputation:low
            Preview: ..&f.................&f...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):423
            Entropy (8bit):5.163625453205183
            Encrypted:false
            SSDEEP:12:IHMwVvLZ5KkkGHArAFUtp4Hig/P4HiI54Z5KkkGHArfJ:sn5l5KkkGgkgKiRiSo5KkkGgV
            MD5:29DC20D1C2329BC89004BF65E2EEDE92
            SHA1:F18276463A140EE575768805F184B1497E7FEEC5
            SHA-256:5561FDA174E0B95237098756EC994F675E7DC724D473C05DAFBC638A99103740
            SHA-512:D3C86EF87419BC753BECB25551F071D878871C74E1EE67A4FCBECAE0E1D0189E2F971AE7FE17F997884B734A9B190617F8DE97F3C50A404E41D48AF09D09940A
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:21.845 4d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/06/21-08:41:21.846 4d0 Recovering log #3.2021/06/21-08:41:21.846 4d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):38
            Entropy (8bit):1.9837406708828553
            Encrypted:false
            SSDEEP:3:sgGg:st
            MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
            SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
            SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
            SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
            Malicious:false
            Reputation:low
            Preview: ..F..................F................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):332
            Entropy (8bit):5.257841216642792
            Encrypted:false
            SSDEEP:6:mvdtiN+q2PcNwi23iKKdKpIFUtp6dQTGSmWZmwP6d7d3VkwOcNwi23iKKdKa/WLJ:Ig+vLZ5KkmFUtp4AmW/P47d3V54Z5Kk7
            MD5:BC7EB43359073ED372A31DABA48681DF
            SHA1:F6A637EC90D783EEAD244A5E7A3525C7C30EA877
            SHA-256:13163EFB3D110926B5CE116A6A0A09207E00D1DF75D242E63898F8EDADAF669B
            SHA-512:CCF6F081A893C79F712B0D5962D1352C6F8876647C6405C04D3463C4466450F434FBE669AD2EE17EE6A82D879C10D1C070968F15FF979CBA9AA572A226592214
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:40:48.978 16cc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/06/21-08:40:48.981 16cc Recovering log #3.2021/06/21-08:40:48.982 16cc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):404
            Entropy (8bit):5.291525737765608
            Encrypted:false
            SSDEEP:12:IFvLZ5KkkOrsFUtp40g/P4K54Z5KkkOrzJ:wl5Kk+gnqo5Kkn
            MD5:F11666E859974FF3A76A9FB59D8E3BAC
            SHA1:C7CAC748358D4B5B6BF438D51A6942B6885EC6B7
            SHA-256:E9C680131DAF00EEF8D2213A93CE8637402203DCF88B6E744BDEF8C7EBC4F7B0
            SHA-512:D201DB3D3BC4F808A196C1B6E7A42DD878CC77F0C3B5D493C41230E941F1A6254F92CC84A2396F45C133114524E641EFE2CCD325E3032D82CFA633E12438EF7C
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:10.857 a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/06/21-08:41:10.858 a0 Recovering log #3.2021/06/21-08:41:10.859 a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):24
            Entropy (8bit):3.7720552088742014
            Encrypted:false
            SSDEEP:3:mi3QYmdhNWn:dQVHWn
            MD5:455EC13FA4A45D9B1115033D3568D2CC
            SHA1:A588DFDE55D9574BB14160EDD26735238D0EDBDC
            SHA-256:B8131FA83D746F1B2B197845152983AC7E2FF0DD86C2E6B2C2C10EACCBAC50C4
            SHA-512:8B78F84FFF899643B641E52F90CB2B9F9F9AB57D9B6782AEB48CD81EEE23B3E6B66457AA9A199CD38C71A4D77058055066360E4209C840E5FBC62168BFF02C4F
            Malicious:false
            Reputation:low
            Preview: .........Ke....p..II4v.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\8227f570-187a-4810-8869-8da9b31753fa.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
            Category:dropped
            Size (bytes):175509
            Entropy (8bit):5.489440694064333
            Encrypted:false
            SSDEEP:1536:rKbsLAR2A4VBQV1111111111111Nr366R6faFR+up0y0y2im1OsFcgYzQNL9X:rKbsLAR2fe/FZntrslfX
            MD5:33EABC19FDF40F3D36B6870EF5861957
            SHA1:CF3EF59C3940B58C314E9F6A1616751553F2D9A2
            SHA-256:647D07F37554672865902B2CEE80864B5A5283C372C7263BB1497D5582054E57
            SHA-512:47CFEDB1FDBC9BC09905C70F69A5114C64A8FC791BCA480D24972275276F00CEB230C579B4217337F9C69ECB2AB3221A3B549F06E8074D76BCE2F31773FB69F5
            Malicious:false
            Reputation:low
            Preview: ............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .w`...M..(............. ..............................+.O-8&]P>/^Q?-^&:?I.1;<....qye.f.%.......X...E.....I...k}....{.m.t.CP..........E...\...............=H..,A..,J..;P......................................................................................nnp}nnp}........~~~........!...!---2---2... ........................................(............. ................................!...7.#.:3,";3,!<.&'/............NPLYt.F.K.%.....L..C.....1...`...KOPVutz}..A.BxX.......P...Q.....1...x...tqpyxuux...0D..DP..........G...........uojuppnw....t|..9F..-=..+:..5:..rr......llkrkkmw................................ggitllkv................................hhgssss~............YY\eYY[e............nnnzXXXa.............................RRR\..........................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):16
            Entropy (8bit):4.0
            Encrypted:false
            SSDEEP:3:SeFcn:Sec
            MD5:61B979ECA159ECAC9C7F8F1D6FD43E9D
            SHA1:0373696351FC2172E811DA8393DEC84036FA34A0
            SHA-256:AB05E0A6FF7E8FFF89F924B279D93AFC72ACCE817C4D250C60BB8059CC534303
            SHA-512:C95825DA33CBDDFA627D9FF9A5B8371BC5F4E643A09573B6E1E839A83B619F53D878C344030B9701DCBC24D4CECCC016CF4D298D10EE8C37D1B5FEC1A51682B6
            Malicious:false
            Reputation:low
            Preview: F......r...(R..
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\be364141-4027-4930-9bf6-314d5ea51f1c.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):22595
            Entropy (8bit):5.536114063423213
            Encrypted:false
            SSDEEP:384:ZiCtyLlUHWXg1kXqKf/pUZNCgVLH2HfDDrU4HGXnTJC0i4pC:oLlTg1kXqKf/pUZNCgVLH2Hf/rUsGXnG
            MD5:1847547A23AA9EB6A000208AD3C00F0B
            SHA1:8DFF9FA22B67CF8F3E2DCC6952AB2D54D00D5952
            SHA-256:C33E3790BDF0E400ECB7A771FEDCC9A0EBAEE525C36B96FED34CA20D4591C78A
            SHA-512:66743B219206CD1C8DD507038A51B53EE2BBD0A3C1DE8B63FC09605D7BAFEB299868A794C396C8F795C9854BA867B983811CA68D70E17355AB961AE436F8051A
            Malicious:false
            Reputation:low
            Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13268763648976026","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ce17c6e5-41e8-470b-85f5-246ccf18edbd.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):875
            Entropy (8bit):5.5645519307072
            Encrypted:false
            SSDEEP:24:YU6H0UhvrRlG1KUevEhUeT7Wb7wUXeRUevxQ:YU6UUhveKUevGUeSwUXeUev2
            MD5:43D8BCE30370146FF7DF8384DD2E328D
            SHA1:888014A666796C28D1B85E6923128F7B821FC15E
            SHA-256:4BE94F165746B870C5FF76420A367B55B716573248CC3F99C5B9B6979DF837FF
            SHA-512:C08EF7E0FF26D6F7DACF70FD9924C0931D10487EFB184ABAC2D2082E95C5EC9CC8942747FBEA497B57272FA6C7A6CDA3569CA17CDD5C3F1045EE2B6F76B1D0D1
            Malicious:false
            Reputation:low
            Preview: {"expect_ct":[],"sts":[{"expiry":1633014895.618904,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478895.618908},{"expiry":1633014895.522238,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478895.522241},{"expiry":1633014902.981094,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478902.981097},{"expiry":1655826055.398898,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1624290055.398902},{"expiry":1633014895.739906,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478895.739909}],"version":2}
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d3b52897-57c9-4ced-ab6e-fd9ff6931cb8.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:very short file (no magic)
            Category:dropped
            Size (bytes):1
            Entropy (8bit):0.0
            Encrypted:false
            SSDEEP:3:L:L
            MD5:5058F1AF8388633F609CADB75A75DC9D
            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
            Malicious:false
            Reputation:low
            Preview: .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):16
            Entropy (8bit):3.2743974703476995
            Encrypted:false
            SSDEEP:3:1sjgWIV//Rv:1qIFJ
            MD5:6752A1D65B201C13B62EA44016EB221F
            SHA1:58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
            SHA-256:0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
            SHA-512:9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
            Malicious:false
            Reputation:low
            Preview: MANIFEST-000004.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):139
            Entropy (8bit):4.619394565953042
            Encrypted:false
            SSDEEP:3:tUKUXzd+l2yZmwv3GXzdBdFUESV8sGXzdBcJSWGv:mvdgZmwP6dBdJSVv6dBOStv
            MD5:3B841A998BA67F759A0DBE7237339E24
            SHA1:B1C0F71FB3602C761BFE67BCEC389F056C00C6AA
            SHA-256:3BBD78CF7C004602643C386A2C3055450803341C2748C8481BEC978FFDF95F13
            SHA-512:BCE4A7C64ED7A029210F335DB6C3615F9CF7A052FA3EA76D0F590B6B0A04CCEAFAA744102131316A624428BE865BACCCAEEDB43B1E79DA44FADD9091C207EB61
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:02.919 1bd4 Recovering log #3.2021/06/21-08:41:03.558 1bd4 Delete type=0 #3.2021/06/21-08:41:03.559 1bd4 Delete type=3 #2.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MPEG-4 LOAS
            Category:dropped
            Size (bytes):50
            Entropy (8bit):5.028758439731456
            Encrypted:false
            SSDEEP:3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
            MD5:031D6D1E28FE41A9BDCBD8A21DA92DF1
            SHA1:38CEE81CB035A60A23D6E045E5D72116F2A58683
            SHA-256:B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
            SHA-512:E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
            Malicious:false
            Reputation:low
            Preview: V........leveldb.BytewiseComparator...#...........
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\df0cb8e8-cee9-4ee6-bb8f-7d8ec574d25c.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):5705
            Entropy (8bit):5.1919807073643724
            Encrypted:false
            SSDEEP:96:nxv3hooKMRuEHYV1Jik0JCKL8mkG1ZbOTQVuwn:nNhcMRZYHJk4KPkG/
            MD5:99AA1236E50BA730542583751472865B
            SHA1:230C0DC012401A3FDE2C73AD17DEF69BBA845B4B
            SHA-256:E1FAD790C906DC59C02CC9E45D3DDE04D46257026FE31860D17486713EA95B2A
            SHA-512:6FCA3FDFB82CFB56A2C004A0F0F34313B60D69FB7FBBD7B9AF737EEBB318DEBB6E88140A547C5601A4B8F1292541E8CA18656BDC42243BDD81D78B7421685104
            Malicious:false
            Reputation:low
            Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13268763649367386","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245952329814949","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245952502420488","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355952"],"daily_received_length":["0","0","0","0","0","0","0","
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f9bad60a-b3e2-4e7c-bf86-330d85992830.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):22596
            Entropy (8bit):5.536106813255013
            Encrypted:false
            SSDEEP:384:ZiCtyLlUHWXg1kXqKf/pUZNCgVLH2HfDDrU4HGynTJCsAi48:oLlTg1kXqKf/pUZNCgVLH2Hf/rUsGynp
            MD5:EEE72CB226392D9F9495A683AD0BA760
            SHA1:DB779B7014F5BD6726691A231CFCE34844332BD1
            SHA-256:1364FD8ADE1D51D909BA334F886B0980FA12760BD7BB2E7EBFAADC28A5A88270
            SHA-512:0876509B55B44219E77EBA7E7D99A95D9C79E19E11D4E433E893BD3C912ACC5D2CFC014E99DFF43302079EF83E8B85DA8750A591B036F4F08ACF17DC81C4AF44
            Malicious:false
            Reputation:low
            Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13268763648976026","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):340
            Entropy (8bit):5.236445125381118
            Encrypted:false
            SSDEEP:6:mvdZ+q2PcNwi23iKKdKfrzAdIFUtp6dB2WZmwP6d8VkwOcNwi23iKKdKfrzILJ:IZ+vLZ5Kk9FUtp4cW/P48V54Z5Kk2J
            MD5:024E304A0A20F004F2C5C8EAC7D810C4
            SHA1:106F3D710D5FBE9C103775F3D3B9676366AAB80B
            SHA-256:33A79C943773FFE5E082780C748E2B6656D5961AB7CA4A53DFE3C746B5554D16
            SHA-512:071A3FB4441FC01F6DDE33ED3BF0E031325D17BBAA71E310E80B4FF7E56965D985756E69A07A802DEB554F413A72B3C49A3C3840440180A6FCA6BF9C55E621A7
            Malicious:false
            Reputation:low
            Preview: 2021/06/21-08:41:07.732 cc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/06/21-08:41:07.734 cc Recovering log #3.2021/06/21-08:41:07.735 cc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):106
            Entropy (8bit):3.138546519832722
            Encrypted:false
            SSDEEP:3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
            MD5:DE9EF0C5BCC012A3A1131988DEE272D8
            SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
            SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
            SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
            Malicious:false
            Reputation:low
            Preview: C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with no line terminators
            Category:dropped
            Size (bytes):13
            Entropy (8bit):2.8150724101159437
            Encrypted:false
            SSDEEP:3:Yx7:4
            MD5:C422F72BA41F662A919ED0B70E5C3289
            SHA1:AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
            SHA-256:02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
            SHA-512:86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
            Malicious:false
            Reputation:low
            Preview: 85.0.4183.121
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\9.27.0\Indexing in Progress
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:empty
            Category:modified
            Size (bytes):0
            Entropy (8bit):0.0
            Encrypted:false
            SSDEEP:3::
            MD5:D41D8CD98F00B204E9800998ECF8427E
            SHA1:DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
            SHA-256:E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
            SHA-512:CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
            Malicious:false
            Reputation:low
            Preview:
            C:\Users\user\AppData\Local\Google\Chrome\User Data\a7cf2298-f5c3-4aca-8fe1-56502b17e523.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):164858
            Entropy (8bit):6.049563661728144
            Encrypted:false
            SSDEEP:3072:daZUTyARKVazMVqiJfq3GMuj0auAfRHj6TiLA7bV/nYorVcI8XIssElYTRd:kZUTjRKVl/JiW4auAfx6GgbV/njhcI8E
            MD5:178BA76275AF3EFA4E4B5FE71465374F
            SHA1:AB0268ED18BC01BBE19D3450CE72DD5C62C51133
            SHA-256:18BDB5775ECBDC31F5B88810DAC7955459A54A9CE6A53CECAC85BDABC1378E96
            SHA-512:668F5E4930CC0AF7F77F0F16FD98641DF19FB7981879B32863EDE3994C32E8856D42B11E2E43230F44CD8673172EBBE9889771049FAB0659276ED4A1F1E53E86
            Malicious:false
            Reputation:low
            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.624290053622916e+12,"network":1.624257655e+12,"ticks":117613491.0,"uncertainty":4818037.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAD5yRpyxHTvRo045wUdD0XcAAAAAAIAAAAAABBmAAAAAQAAIAAAABLbexqB/oExTFJmpcENOvX+bVETIkvlcZMf3oIBvp2bAAAAAA6AAAAAAgAAIAAAAAb9GGQ1QmHgGBymkKDudOpZA89StPbsfruaqqGAbN50MAAAALDWaloNNJZN9rwnlUq/XLN9khJ9Jz9md9VO4rX+Yg+g8mRS88Enlg3B2TpBYYNjwkAAAACddQYw45aj+S/8dGnDKvRWon1T/sv/0i6HXgLXg0I1kMUaef/c6zqkTQ7ehiG3nkSfg6dR/4o1ZLALr+MYbEZ2"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951909956858"},"plugins":{"metadata":{"adobe-flash-player":{"disp
            C:\Users\user\AppData\Local\Google\Chrome\User Data\dc99d2d3-e108-4a1e-977c-48f46e1b1eb9.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):173321
            Entropy (8bit):6.079346836832308
            Encrypted:false
            SSDEEP:3072:Ik6aZUTyARKVazMVqiJfq3GMuj0auAfRHj6TiLA7bV/nYorVcI8XIssElYTRd:ntZUTjRKVl/JiW4auAfx6GgbV/njhcIr
            MD5:0AAC57938E35B358AFDA1AB50588FB29
            SHA1:F1822F2B7CFBC3C6A333A58DF39E54E889993C7E
            SHA-256:2F6EB3783AF7CD53BB2B62730E5CCDBABBF6D40CFC214C47D81A1B9D7E92ADE2
            SHA-512:FB2EB89A38082CE9BA6A0A9EC170B59D659C4CA3670CD518A93AAD6AE54F2D2B6D4C4814228BF470792C345A3C9EA38EA46FED6C4FAC1B714F86D20D26423EF7
            Malicious:false
            Reputation:low
            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.624290053622916e+12,"network":1.624257655e+12,"ticks":117613491.0,"uncertainty":4818037.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAD5yRpyxHTvRo045wUdD0XcAAAAAAIAAAAAABBmAAAAAQAAIAAAABLbexqB/oExTFJmpcENOvX+bVETIkvlcZMf3oIBvp2bAAAAAA6AAAAAAgAAIAAAAAb9GGQ1QmHgGBymkKDudOpZA89StPbsfruaqqGAbN50MAAAALDWaloNNJZN9rwnlUq/XLN9khJ9Jz9md9VO4rX+Yg+g8mRS88Enlg3B2TpBYYNjwkAAAACddQYw45aj+S/8dGnDKvRWon1T/sv/0i6HXgLXg0I1kMUaef/c6zqkTQ7ehiG3nkSfg6dR/4o1ZLALr+MYbEZ2"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951909820208"},"plugins":{"metadata":{"adobe-flash-player":{"disp
            C:\Users\user\AppData\Local\Temp\024d24a3-5926-43a7-b97f-35a728439c67.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:very short file (no magic)
            Category:dropped
            Size (bytes):1
            Entropy (8bit):0.0
            Encrypted:false
            SSDEEP:3:L:L
            MD5:5058F1AF8388633F609CADB75A75DC9D
            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
            Malicious:false
            Reputation:low
            Preview: .
            C:\Users\user\AppData\Local\Temp\3344fa0f-c4ed-4f8c-9acd-0e75aec9bf46.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:very short file (no magic)
            Category:dropped
            Size (bytes):1
            Entropy (8bit):0.0
            Encrypted:false
            SSDEEP:3:L:L
            MD5:5058F1AF8388633F609CADB75A75DC9D
            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
            Malicious:false
            Reputation:low
            Preview: .
            C:\Users\user\AppData\Local\Temp\5500_263514640\manifest.fingerprint
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with no line terminators
            Category:dropped
            Size (bytes):66
            Entropy (8bit):3.8417538334903507
            Encrypted:false
            SSDEEP:3:SRkGDEzGKb2dGMAz5Bi6QPEA1:SSUVKb2EMcXA
            MD5:C5EB6E81FF20793640FF1368767FE2E4
            SHA1:3838AB9769B8EA3F6F3241504099F6FB2591173C
            SHA-256:DB81C2532D8152C4606833C06B818B1C94FBDB0FBF98F0E89365AD4E7A093529
            SHA-512:3AE2FF526D5908E1B3F4AA5FDBBDF0D0859520CAFFCBF84BFA7D6DC31293CD08243B418533A526015BCF3F1A85E08CEBAB55ADE500D66F962EC8A19D3DA84CD2
            Malicious:false
            Reputation:low
            Preview: 1.4302cf764844fc6ca4cd4de8cf5e13481c4dd15b4bd8d667869f9ae2fb54f9bd
            C:\Users\user\AppData\Local\Temp\67557a6b-0123-4fb5-98d0-5d8ff6689aed.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:very short file (no magic)
            Category:dropped
            Size (bytes):1
            Entropy (8bit):0.0
            Encrypted:false
            SSDEEP:3:L:L
            MD5:5058F1AF8388633F609CADB75A75DC9D
            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
            Malicious:false
            Reputation:low
            Preview: .
            C:\Users\user\AppData\Local\Temp\7077f01f-18fb-42f4-a803-673e0a0506eb.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:Google Chrome extension, version 3
            Category:dropped
            Size (bytes):248531
            Entropy (8bit):7.963657412635355
            Encrypted:false
            SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
            MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
            SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
            SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
            SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
            Malicious:false
            Reputation:low
            Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
            C:\Users\user\AppData\Local\Temp\8563899a-b71f-4deb-bc26-ebc5ad66f04b.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:Google Chrome extension, version 3
            Category:dropped
            Size (bytes):768843
            Entropy (8bit):7.992932603402907
            Encrypted:true
            SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
            MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
            SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
            SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
            SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
            Malicious:false
            Reputation:low
            Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
            C:\Users\user\AppData\Local\Temp\ac71f7f9-24a1-49b5-b2ba-facbc7288894.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:Google Chrome extension, version 3
            Category:dropped
            Size (bytes):248531
            Entropy (8bit):7.963657412635355
            Encrypted:false
            SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
            MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
            SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
            SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
            SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
            Malicious:false
            Reputation:low
            Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
            C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):7354
            Entropy (8bit):4.6398144944646855
            Encrypted:false
            SSDEEP:96:WMQkJKDk+2nyoYgPI9mERL4Q2eWP02b6DVsOT5sH3CCYqMZu9EaatZ:LLm19GUVsOtsX2u9+Z
            MD5:803C73CAFBCE843D9196A904DAD0CDEC
            SHA1:B678AC8E77EB93223DABCA4FBD9CB0D6FDB065D2
            SHA-256:827D0C141A162030BFF6D406FAD189A0CC34F67F76E56DD2530D615BA155173A
            SHA-512:C2BECB408DDE158D55E987860884F176585DEE9597BFCD1DED2A24A8F8C825AC66ED954B8114851A64E947A12B923804F9D8E3D67AC8AA77F8398235567E01B6
            Malicious:false
            Reputation:low
            Preview: CLIENT_HANDSHAKE_TRAFFIC_SECRET 9751c5da4ab0f692247f39490a1cec8be4c19505c2b5663c5565894301b4a82b 3d82db39e574892c77c951cff468072ba29a8f3ab76b4db0d27f51f7f909751c.SERVER_HANDSHAKE_TRAFFIC_SECRET 9751c5da4ab0f692247f39490a1cec8be4c19505c2b5663c5565894301b4a82b 4147620ca8a857bc2da5b9649264e25dd141957cc658901278eb4e50d7a9bc16.CLIENT_HANDSHAKE_TRAFFIC_SECRET 6e266c50f785712f7e55646ae9e2f6d6dd95cbccf0b05f3da19cb1de3f09e68c 0da09563490fe197a08583cf203ee9952066c95b4834206f4afe76b4d3b90282.SERVER_HANDSHAKE_TRAFFIC_SECRET 6e266c50f785712f7e55646ae9e2f6d6dd95cbccf0b05f3da19cb1de3f09e68c 14eccb45adad222d980cb3bd81c6d7f9f8dd731b7dff39c99abed01d8dbb1d97.CLIENT_HANDSHAKE_TRAFFIC_SECRET 8cd5ef3fc69f064158581ea19f2afc2d0bc098a77398ed58f3d9026e5a8d5a6c 86f130e769eaf61f166d23b41e9998025b1ada6ab41a170afefe6ad76264efbb.SERVER_HANDSHAKE_TRAFFIC_SECRET 8cd5ef3fc69f064158581ea19f2afc2d0bc098a77398ed58f3d9026e5a8d5a6c 268966a86883fa1375e13a6412cfc8b5bcd491c74535a85da6db6bca16150e2b.CLIENT_HANDSHAKE_TRAFFIC_SEC
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\8563899a-b71f-4deb-bc26-ebc5ad66f04b.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:Google Chrome extension, version 3
            Category:dropped
            Size (bytes):768843
            Entropy (8bit):7.992932603402907
            Encrypted:true
            SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
            MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
            SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
            SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
            SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
            Malicious:false
            Reputation:low
            Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\am\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):17307
            Entropy (8bit):5.461848619761356
            Encrypted:false
            SSDEEP:384:arfbEVrFvMP4rMhuDopC3vUuFBYZV6uml:aHEVrFvMP4KuFvr6D6uml
            MD5:26330929DF0ED4E86F06C00C03F07CE3
            SHA1:478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C
            SHA-256:621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
            SHA-512:0BE6183A1BF12575C0F99960705D4249E79CDB8528C55FF132BE99A111F09494231AD6A36CD61B090A3B34C6971D68A29373BA346888E852C52E05DC14380682
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ... ..... .. ...... .... ... .... ......?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": ".... ......".. },.. "1522140683318860351": {.. "message": "..... ....... .... ..... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "... ...".. },.. "1802762746589457177": {.. "message": "...".. },.. "1850397500312020388": {.. "message": ".$START_LINK$Google Home .......$END_LINK$ ... ...... Chromecast ..... .....? $START_SPAN$*$END_SPAN$",.. "placeholde
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\ar\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):16809
            Entropy (8bit):5.458147730761559
            Encrypted:false
            SSDEEP:192:0IprKC78JmUjk8RkeryFOYPATxLZ8fsbE3/IFV6c8TEKdl:Jrp8JjA8RkerK0lc3wFV6uml
            MD5:44325A88063573A4C77F6EF943B0FC3E
            SHA1:78908D766F3E7A0E4545E7BD823C8ED47C7164EB
            SHA-256:67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
            SHA-512:889C02BC986794C58C76022E78F57F867DD1D5217687F12D679A33A2DB9E5A18F3A37CF94D8FE4585E747C78E4662EAB93361FF7D945990774C7CFCACCFB79D1
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": ".. .. ........ ....... .... .... ... .......".. },.. "128276876460319075": {.. "message": "...... .......".. },.. "1428448869078126731": {.. "message": "..... .......".. },.. "1522140683318860351": {.. "message": "..... ........ .... ........ ... .....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "..... .....".. },.. "1850397500312020388": {.. "message": "... ....... .. .... Chromecast .. $START_LINK$..... Google Home$END_LINK$. $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\bg\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):18086
            Entropy (8bit):5.408731329060678
            Encrypted:false
            SSDEEP:192:4jjpr342SIwPIasR9VhMkACVmrv8evj+3eXivOMbb2vVzCkwRV6V6c8TEKdl:4ZrYo+rxT+qOV6V6uml
            MD5:6911CE87E8C47223F33BEF9488272E40
            SHA1:980398F076BB7D451B18D7FDE2DE09041B1F55AD
            SHA-256:273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
            SHA-512:CDB69405BB553E46DCF02F71B1A394307D0051E7FA662DFFEBA7888F30DD933F13C7FD6E32F1D7AEAEE8746316873B6E1D92029724ABDC75E49DCC092172EA22
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": "... .. ........ ......... ...... ...-..... ....... ..?".. },.. "128276876460319075": {.. "message": "......... .. ..........".. },.. "1428448869078126731": {.. "message": "........ .. .........".. },.. "1522140683318860351": {.. "message": "........... .. .. ........ ...., ........ .......".. },.. "1550904064710828958": {.. "message": "......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": ".... .. .....".. },.. "1850397500312020388": {.. "message": "....... .. ............ .. Chromecast . $START_LINK$............ Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "p
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\bn\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):19695
            Entropy (8bit):5.315564774032776
            Encrypted:false
            SSDEEP:384:PrUCrcTIOeswIW/Vre/sZn8TFfzheV6uml:lPswIWtoK8xfG6uml
            MD5:F9DDF525C07251282A3BFFCEE9A09ABB
            SHA1:A343A078E804AF400A8F3E1891E3390DA754A5CD
            SHA-256:C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
            SHA-512:EBD339C37162984672513019D470B92DF8B743DD69D4430361EF12D42FD1C208DBDE818A7BFE20BE8A7D63CD6E02B3F4344DEA1C4AEDB8719D789981A49DA44C
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".... ...".. },.. "1213957982723875920": {.. "message": "..... ....... ..... ........... ...... ....... ...... ...?".. },.. "128276876460319075": {.. "message": "...... ........".. },.. "1428448869078126731": {.. "message": "...... ......... ...".. },.. "1522140683318860351": {.. "message": "..... .... ...... ....... ... ... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "$START_LINK$ Google
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\ca\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15518
            Entropy (8bit):5.242542310885
            Encrypted:false
            SSDEEP:384:drGUBKxMF2ayv8FrIccUVFmwf+7d9VKS3V6uml:dCUBKxMFBy0FE3UzmQ+zkSl6uml
            MD5:A90CF7930E7C3BEC61EE252DEFAD574A
            SHA1:F630CA01114A7BDD39607CB84B8280CCE218A5C6
            SHA-256:A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
            SHA-512:598F991B344FA6724617D6CE57BB0D6D64EF86B4F5317BF6AD5EDF43E6B0A385094E7885F7A8FA2B107405B31C3D9F76E92315BC1D9BB52ACD4ECAD342917DE1
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Es congela".. },.. "1213957982723875920": {.. "message": "Quina de les opcions.seg.ents descriu millor la vostra xarxa?".. },.. "128276876460319075": {.. "message": "Detecci. de dispositius".. },.. "1428448869078126731": {.. "message": "Flu.desa del v.deo".. },.. "1522140683318860351": {.. "message": "S'ha produ.t un error en la connexi.. Torneu-ho a provar.".. },.. "1550904064710828958": {.. "message": "Correcta".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Pots veure el Chromecast a l'$START_LINK$aplicaci. Google.Home$END_LINK$?$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\cs\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15552
            Entropy (8bit):5.406413558584244
            Encrypted:false
            SSDEEP:192:eVdprJrG5efiTk93ebrxZR1fdc8VDCwT9fTV6c8TEKdl:2rMqiQerxQ88W7V6uml
            MD5:17E753EE877FDED25886D5F7925CA652
            SHA1:8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678
            SHA-256:C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
            SHA-512:33D61F6327FC81D7A45AA2CC97922DC527F5F43E54AA1A1638DA6EE407024A2F10CFD82CC5C3C581C2E7B216276987CB26C3FA95198572E139ACF29CC5B7ADCB
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Video zamrz.".. },.. "1213957982723875920": {.. "message": "Kter. popis nejl.pe vystihuje va.i s..?".. },.. "128276876460319075": {.. "message": "Zji..ov.n. za..zen.".. },.. "1428448869078126731": {.. "message": "Plynulost videa".. },.. "1522140683318860351": {.. "message": "P.ipojen. se nezda.ilo. Zkuste to pros.m znovu.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "Perfektn.".. },.. "1802762746589457177": {.. "message": "Hlasitost".. },.. "1850397500312020388": {.. "message": "Vid.te sv.j Chromecast v.$START_LINK$aplikaci Google Home $END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\da\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15340
            Entropy (8bit):5.2479291792849105
            Encrypted:false
            SSDEEP:192:+Upr8XnI1MY2kPuir8j7Rd3kbTWc4QtV6c8TEKdl:FrJ1H9br8h6eZCV6uml
            MD5:F08A313C78454109B629B37521959B33
            SHA1:3D585D52EC8B4399F66D4BE88CED10F4A034FCCC
            SHA-256:23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
            SHA-512:9F2868AEBBF7F6167A7EA120FE65E752F9A65D1DC51072AA2413B2FDE374DA2D169D455A4788E341717F694179E6F1FA80413C080D9CD8CB397C3E84668CBFEC
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket af f.lgende udsagn beskriver bedst dit netv.rk?".. },.. "128276876460319075": {.. "message": "Enhedsregistrering".. },.. "1428448869078126731": {.. "message": "Videostabilitet".. },.. "1522140683318860351": {.. "message": "Forbindelsen blev afbrudt. Pr.v igen.".. },.. "1550904064710828958": {.. "message": "Problemfri".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lydstyrke".. },.. "1850397500312020388": {.. "message": "Kan du se din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "STAR
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\de\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15555
            Entropy (8bit):5.258022363187752
            Encrypted:false
            SSDEEP:192:AJprM71A4qyJSwlk5KR5rtXsmvL0xhVw921YV6c8TEKdl:2re3jJS5A5rt8msA2KV6uml
            MD5:980FB419ED6ED94AD75686AFFB4E4C2E
            SHA1:871BFBCA6BCBA9197811883A93C50C0716562D57
            SHA-256:585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
            SHA-512:1681FA9C3BA882250A5005FB807D759EB8A634F1AA011725B1C865C0028BE7AB7BC16DC821A7F5BBFBA84C91E7D663ADE715284798E7E84E8FFF2D254488882D
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "H.ngenbleiben".. },.. "1213957982723875920": {.. "message": "Welche dieser Aussagen beschreibt dein Netzwerk am besten?".. },.. "128276876460319075": {.. "message": "Ger.teerkennung".. },.. "1428448869078126731": {.. "message": "Videowiedergabequalit.t".. },.. "1522140683318860351": {.. "message": "Fehler beim Herstellen der Verbindung. Bitte versuche es noch einmal.".. },.. "1550904064710828958": {.. "message": "St.rungsfrei".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lautst.rke".. },.. "1850397500312020388": {.. "message": "Siehst du deinen Chromecast in der $START_LINK$Google Home App$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\el\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):17941
            Entropy (8bit):5.465343004010711
            Encrypted:false
            SSDEEP:384:S0rDuhLh41cZrP3TzDBknbpgo6djIV6uml:S0fuBh46ZD3TzDinbpgoUK6uml
            MD5:40EB778339005A24FF9DA775D56E02B7
            SHA1:B00561CC7020F7FE717B5F692884253C689A7C61
            SHA-256:F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
            SHA-512:8BED281A33EC1E4E88A9F9D62BB13FE0266C0FAF8856D1DC2A843D26DD3CE5E7D1400FD3325ABD783B0364EC4FB1188AD941D56AEB9073BC365BE0D12DE6C013
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".... ... .. ........ .......... ........ .. ...... ...;".. },.. "128276876460319075": {.. "message": ".......... ........".. },.. "1428448869078126731": {.. "message": "......... ......".. },.. "1522140683318860351": {.. "message": "........ ......... ......... .....".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "...... ....".. },.. "1850397500312020388": {.. "message": "........ .. ..... .. Chromecast .... $START_LINK$........ Google Home$END_LINK$; $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\en\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):14897
            Entropy (8bit):5.197356586852831
            Encrypted:false
            SSDEEP:96:2MKUOp5N7GTNMRuv6M0bIt3FXGkW6/5NkkQ9NJKJhnH3t9F410sUA+ISN6cGDSyR:VKzprogudTGkWqrKcJhdIR+V6c8TEKdl
            MD5:8351AF4EA9BDD9C09019BC85D25B0016
            SHA1:F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF
            SHA-256:F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
            SHA-512:75672B57F21F38F97341AD76A199AD764E9FBAB2384D701BF6EB06CEFDE6C4F20F047F9051A4E30D99621E5C1FBBDB9E38E8D2B47470806704B38DA130A146CF
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Freezes".. },.. "1213957982723875920": {.. "message": "Which of the following best describes your network?".. },.. "128276876460319075": {.. "message": "Device Discovery".. },.. "1428448869078126731": {.. "message": "Video Smoothness".. },.. "1522140683318860351": {.. "message": "Connection failed. Please try again.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Are you able to see your Chromecast in the $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\es\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15560
            Entropy (8bit):5.236752363299121
            Encrypted:false
            SSDEEP:192:NAgprfy1pTCukFr+1DIyDRoanvV6c8TEKdl:KMrq6FrmvV6uml
            MD5:8A70C18BB1090AA4D500DE9E8E4A00EF
            SHA1:8AFC097FA956C1317DB0835348B2DA19F0789669
            SHA-256:FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
            SHA-512:140BAF40A4ABE9B8AF0855B0EBB7DFDF17869EDFC4EE1037C5EA7FDD8EDEBD4850E055B6A4D7B8782657618BCE1517813779BA01BA993CC838BB43E0BE71EEEE
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Congelaci.n de im.genes".. },.. "1213957982723875920": {.. "message": ".Cu.l de las siguientes respuestas describe mejor tu red?".. },.. "128276876460319075": {.. "message": "Detecci.n de dispositivo".. },.. "1428448869078126731": {.. "message": "Fluidez del v.deo".. },.. "1522140683318860351": {.. "message": "Error en la conexi.n. Vuelve a intentarlo.".. },.. "1550904064710828958": {.. "message": "V.deo fluido".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volumen".. },.. "1850397500312020388": {.. "message": ".Puedes ver tu Chromecast en la $START_LINK$aplicaci.n Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\et\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15139
            Entropy (8bit):5.228213017029721
            Encrypted:false
            SSDEEP:96:Z48bxhWYp5Ny5M63niwAKD4rrJSJ2RkPXh9P5NFP2+NBMU01jewUEVez3QOiSevy:ikxprot3lYkf/rHBc0KsUV6c8TEKdl
            MD5:A62F12BCBA6D2C579212CA2FF90F8266
            SHA1:F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E
            SHA-256:3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
            SHA-512:E300201245C00ADEC8F39D586875F8FA4607AB203572BF3CE353C1CA7CDCA05B8786810CA0CEE27E4EA54A5EFD53690F1EA7AA4148CFF472A66BB11202723566
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Hangub".. },.. "1213957982723875920": {.. "message": "Milline j.rgmistest v.idetest kirjeldab k.ige paremini teie v.rku?".. },.. "128276876460319075": {.. "message": "Seadme tuvastamine".. },.. "1428448869078126731": {.. "message": "Video sujuvus".. },.. "1522140683318860351": {.. "message": ".hendamine eba.nnestus. Proovige uuesti.".. },.. "1550904064710828958": {.. "message": ".htlane".. },.. "1636686747687494376": {.. "message": "T.iuslik".. },.. "1802762746589457177": {.. "message": "Helitugevus".. },.. "1850397500312020388": {.. "message": "Kas n.ete oma Chromecasti $START_LINK$rakenduses Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\fa\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):17004
            Entropy (8bit):5.485874780010479
            Encrypted:false
            SSDEEP:192:rngaIprIX/t9wkjTJrs3hqaXxRQdiIMDnD+LhfHdoltV6c8TEKdl:4rin5rU1X7Qd0M9CtV6uml
            MD5:852BD3CFF960F1BC3A2AAB3CB3874EF9
            SHA1:C9F6F3C776542889FE3B67971D65ACFE048A3A0A
            SHA-256:D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
            SHA-512:2A7AE4D70E33E53EE31831CE2E61DD8DF103C4170EC483BDA14B8788E5DD536EEE84DBA340CACBDF16889C7E6465B48D82C4714E746E8A7B372D12CBDF371C95
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".... ... .......".. },.. "1213957982723875920": {.. "message": ".... .. .. ..... ... .... ... .. .. ...... ... ..... .......".. },.. "128276876460319075": {.. "message": "..... ......".. },.. "1428448869078126731": {.. "message": "..... .....".. },.. "1522140683318860351": {.. "message": "..... ...... .... ..... ...... ...... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..... ...".. },.. "1850397500312020388": {.. "message": ".... ......... Chromecast ... .. .. $START_LINK$ ...... Google Home$END_LINK$ ....... $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\fi\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15268
            Entropy (8bit):5.268402902466895
            Encrypted:false
            SSDEEP:192:efMprYXiYUNpj5Coik1tXxrUhvUzSPWV6c8TEKdl:eIrjbjosdrU5WV6uml
            MD5:3902581B6170D0CEA9B1ECF6CC82D669
            SHA1:C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B
            SHA-256:D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
            SHA-512:612FDD8A3C5051F0A4F1E11E50B5D124B337C77D62D987D35C2AF9E08AFC6AFCEBAEE8D40FDFBCD1E1889F39758B96FAECBF6C6D1CF146C741A5261952050221
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Pys.htyy".. },.. "1213957982723875920": {.. "message": "Mik. seuraavista kuvaa parhaiten verkkoasi?".. },.. "128276876460319075": {.. "message": "Laitteiden tunnistaminen".. },.. "1428448869078126731": {.. "message": "Videon tasaisuus".. },.. "1522140683318860351": {.. "message": "Yhteys ep.onnistui. Yrit. uudelleen.".. },.. "1550904064710828958": {.. "message": "Tasainen".. },.. "1636686747687494376": {.. "message": "T.ydellinen".. },.. "1802762746589457177": {.. "message": "..nenvoimakkuus".. },.. "1850397500312020388": {.. "message": "N.etk. Chromecastisi $START_LINK$Google Home .sovelluksessa$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\fil\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15570
            Entropy (8bit):5.1924418176212646
            Encrypted:false
            SSDEEP:192:+esprzAsQp68wIJYkMyr2k0jR1/7Rr1uV6c8TEKdl:Gr78JDMyrR0tJuV6uml
            MD5:59483AD798347B291363327D446FA107
            SHA1:C069F29BB68FA7BA2631B0BF5BBF313346AC6736
            SHA-256:DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
            SHA-512:091595CA135E965ED3DE376873541117F0E7A8EBDEB4714833EFDD6C820234373891BE5DEC437BA85CCB79CCCA053D407E6ADA17EBDAE7D313324A48775C0010
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Hindi gumagalaw".. },.. "1213957982723875920": {.. "message": "Alin sa sumusunod ang pinakamahusay na naglalarawan sa iyong network?".. },.. "128276876460319075": {.. "message": "Pagtuklas ng Device".. },.. "1428448869078126731": {.. "message": "Pagka-smooth ng Video".. },.. "1522140683318860351": {.. "message": "Hindi nakakonekta. Pakisubukang muli.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perpekto".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Nakikita mo ba ang iyong Chromecast sa $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\fr\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15826
            Entropy (8bit):5.277877116547859
            Encrypted:false
            SSDEEP:192:nLZprAZg3EkV3sjrICe8L/1Va7lt1rlxLAkoYHHavV6c8TEKdl:vrW+2jrI7TdLAk3MV6uml
            MD5:9B416146FE4F1403C2AACAC4DCF1A5C3
            SHA1:616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD
            SHA-256:7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
            SHA-512:6E8E70380A8C6E2C0587ADFF6AE36963EC76694904841CE1DFE4EEE215B917AD3E8AF727555627FBDF6B8BA6A4A0674D2B90AC4E9331B6628A32F4C4348FB51B
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Se fige".. },.. "1213957982723875920": {.. "message": "Parmi les propositions suivantes, laquelle d.crit le mieux votre r.seau.?".. },.. "128276876460319075": {.. "message": "D.tection d'appareils".. },.. "1428448869078126731": {.. "message": "Fluidit. de la vid.o".. },.. "1522140683318860351": {.. "message": ".chec de la connexion. Veuillez r.essayer.".. },.. "1550904064710828958": {.. "message": "Fluide".. },.. "1636686747687494376": {.. "message": "Parfaite".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Votre Chromecast est-il visible dans l'$START_LINK$application Google.Home$END_LINK$.? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\gu\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):19255
            Entropy (8bit):5.32628732852814
            Encrypted:false
            SSDEEP:384:Hq2Mr+qPlJKYMdzKgXr3dGsGF+yAK37Wf7Cy/V6uml:KxzTVgX7ykj6uml
            MD5:68B03519786F71A426BAC24DECA2DD52
            SHA1:B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D
            SHA-256:C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
            SHA-512:5FFE06A10774877AF25E05BA07F3032CC52F874896D67E320F4EF9D524A22E40B462CC6206700E9557EB354FA2730172DC6912EBCA49C671FB0EF155B17F9EFF
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "........... .... ..... .......... ....... ..... ... ..?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": "........ ......".. },.. "1522140683318860351": {.. "message": "....... ...... ..... .... ..... ..... ...... ....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".......".. },.. "1850397500312020388": {.. "message": "... ... $START_LINK$ Google Home ..$END_LINK$... Chromecast..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\hi\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):19381
            Entropy (8bit):5.328912995891658
            Encrypted:false
            SSDEEP:384:zrGrSmhKy7KyY+bNEDqlQdrMEPxtShJV6uml:zBqG6QdwEPrW6uml
            MD5:20C86E04B1833EA7F21C07361061420A
            SHA1:617C0D70E162CF380005E9780B61F650B7A39F9B
            SHA-256:C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
            SHA-512:9FB91AA8E0226519E298B1136E8A1A3C1879DB7F0E6052AF1BFD55921CD698346278D04602510680A9695A76DD5C96D9665380580044C50D81392BB2CB3E8E95
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "..... ... .. ... .... ....... .. .... ..... ..... .... ..?".. },.. "128276876460319075": {.. "message": "...... ...".. },.. "1428448869078126731": {.. "message": "...... .........".. },.. "1522140683318860351": {.. "message": "....... ..... ..... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": ".... .. $START_LINK$ Google Home .........$END_LINK$ ... .... Ch
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\hr\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15507
            Entropy (8bit):5.290847699527565
            Encrypted:false
            SSDEEP:192:Pdapr6h85tRwVQgkvJryLkla5Kfndg/V6c8TEKdl:Arwot2Q7BryVce/V6uml
            MD5:3ED90E66789927D80B42346BB431431E
            SHA1:2B061E3271DF4255B1FFC47BDB207CDEC0D9724F
            SHA-256:0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
            SHA-512:92BE43F1FFC8EFBF5BBC50573AC4C65F6104416A5B6CD04404C3A9854CA3DCF2A43A4044C168590CDF83887D234495843572331ADCD5B020D2E48A3956F3C164
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Zamrzavanje".. },.. "1213957982723875920": {.. "message": "Koje od sljede.eg najbolje opisuje va.u mre.u?".. },.. "128276876460319075": {.. "message": "Otkrivanje ure.aja".. },.. "1428448869078126731": {.. "message": "Ujedna.enost videoreprodukcije".. },.. "1522140683318860351": {.. "message": "Povezivanje nije uspjelo. Poku.ajte ponovo.".. },.. "1550904064710828958": {.. "message": "Glatko".. },.. "1636686747687494376": {.. "message": "Savr.ena".. },.. "1802762746589457177": {.. "message": "Glasno.a".. },.. "1850397500312020388": {.. "message": "Vidite li svoj Chromecast u $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\hu\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15682
            Entropy (8bit):5.354505633120392
            Encrypted:false
            SSDEEP:192:CCEAproS9fZv+JwkDMrC2NSxoSgbV6c8TEKdl:5r5VZv+RDMrazoV6uml
            MD5:8E9FF7E49473C5734A2F6F0812E12EB3
            SHA1:A4F10DDD1580582533D5EB59EDF6D8048F887C81
            SHA-256:6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
            SHA-512:E9A4AF31B1A276F395599BB620A3164CABF3459F3C102DD3F57DFEA734510BD985DE65CB409E1975559ACCC615075439A08E1DEBE22C90A0ABCAA3CAFEE79AC7
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Lefagy".. },.. "1213957982723875920": {.. "message": "Az al.bbiak k.z.l melyik jellemzi legjobban h.l.zat.t?".. },.. "128276876460319075": {.. "message": "Eszk.zfelfedez.s".. },.. "1428448869078126731": {.. "message": "Vide. folyamatoss.ga".. },.. "1522140683318860351": {.. "message": "Sikertelen kapcsol.d.s. K.rj.k, pr.b.lja .jra.".. },.. "1550904064710828958": {.. "message": "Folyamatos".. },.. "1636686747687494376": {.. "message": "T.k.letes".. },.. "1802762746589457177": {.. "message": "Hanger.".. },.. "1850397500312020388": {.. "message": "L.tja a Chromecastot a $START_LINK$Google Home alkalmaz.sban$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":
            C:\Users\user\AppData\Local\Temp\scoped_dir5500_32183682\CRX_INSTALL\_locales\id\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15070
            Entropy (8bit):5.190057470347349
            Encrypted:false
            SSDEEP:192:GsprMtChjkWfrEWL0KRCnEOWV6c8TEKdl:9rtAEr3LTRuWV6uml
            MD5:7ADF9F2048944821F93879336EB61A78
            SHA1:C3DA74FB544684D5B250767BB0CB66FFB7C58963
            SHA-256:3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
            SHA-512:1F28BB80E1839C5581106BEA3AE2501C7618249D7E3115819F5A9A87771D59F5DE346C1B9C87F7FFC390604D5B9888CE738E25F2F04A094002A0FB3B22CBEC95
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Membeku".. },.. "1213957982723875920": {.. "message": "Dari berikut ini, manakah yang paling mendeskripsikan jaringan Anda?".. },.. "128276876460319075": {.. "message": "Penemuan Perangkat".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Coba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Bisakah Anda melihat Chromecast di $START_LINK$aplikasi Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

            Static File Info

            No static file info

            Network Behavior

            Network Port Distribution

            • Total Packets: 86
            • 443 (HTTPS)
            • 80 (HTTP)
            • 53 (DNS)
            TimestampSource PortDest PortSource IPDest IP
            Jun 21, 2021 08:40:55.610506058 CEST4970980192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:55.611222029 CEST4971080192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:55.756844997 CEST8049709162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:55.758312941 CEST4970980192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:55.761044025 CEST4970980192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:55.774390936 CEST8049710162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:55.774504900 CEST4971080192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:55.907373905 CEST8049709162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:55.957216024 CEST4970980192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:55.980882883 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:56.130963087 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.131088972 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:56.150265932 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:56.300510883 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.301317930 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.301346064 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.301363945 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.301460981 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:56.523746967 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:56.673799992 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.674472094 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.674979925 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:56.825274944 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.825949907 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:56.952445030 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:57.038049936 CEST49721443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:57.184933901 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:57.185051918 CEST49721443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:57.185558081 CEST49721443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:57.332555056 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:57.333456039 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:57.333487034 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:57.333508015 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:57.333554983 CEST49721443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:57.335004091 CEST49721443192.168.2.7162.247.242.21
            Jun 21, 2021 08:40:57.481995106 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:57.482590914 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:40:57.552505970 CEST49721443192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.455214024 CEST4971080192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.456207037 CEST4970980192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.456463099 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.456530094 CEST49721443192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.602560997 CEST8049709162.247.242.21192.168.2.7
            Jun 21, 2021 08:41:04.602595091 CEST8049709162.247.242.21192.168.2.7
            Jun 21, 2021 08:41:04.602688074 CEST4970980192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.603243113 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:41:04.603269100 CEST44349721162.247.242.21192.168.2.7
            Jun 21, 2021 08:41:04.603369951 CEST49721443192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.605966091 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:04.606268883 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:41:04.606287956 CEST44349716162.247.242.21192.168.2.7
            Jun 21, 2021 08:41:04.606545925 CEST49716443192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.618304014 CEST8049710162.247.242.21192.168.2.7
            Jun 21, 2021 08:41:04.618326902 CEST8049710162.247.242.21192.168.2.7
            Jun 21, 2021 08:41:04.618452072 CEST4971080192.168.2.7162.247.242.21
            Jun 21, 2021 08:41:04.648238897 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:04.648895025 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:04.648920059 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:04.691263914 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:04.698611021 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:04.698657990 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:04.698683977 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:04.698709011 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:04.698736906 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:04.698759079 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:04.698867083 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:04.698895931 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.084599972 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.084640980 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.084891081 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.127401114 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.128262043 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.128712893 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.130038023 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.130155087 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.130490065 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.131542921 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.131587982 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.131685019 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.134560108 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.134605885 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.134855032 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.137586117 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.137625933 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.138089895 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.140578032 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.140619993 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.140732050 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.143569946 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.143644094 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.144402027 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.146586895 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.146627903 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.146758080 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.171597004 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.171643019 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.171783924 CEST49738443192.168.2.7216.58.212.161
            Jun 21, 2021 08:41:06.173038960 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.173108101 CEST44349738216.58.212.161192.168.2.7
            Jun 21, 2021 08:41:06.174093962 CEST49738443192.168.2.7216.58.212.161
            TimestampSource PortDest PortSource IPDest IP
            Jun 21, 2021 08:40:35.533389091 CEST53624528.8.8.8192.168.2.7
            Jun 21, 2021 08:40:35.787688017 CEST5782053192.168.2.78.8.8.8
            Jun 21, 2021 08:40:35.838275909 CEST53578208.8.8.8192.168.2.7
            Jun 21, 2021 08:40:36.711142063 CEST5084853192.168.2.78.8.8.8
            Jun 21, 2021 08:40:36.761621952 CEST53508488.8.8.8192.168.2.7
            Jun 21, 2021 08:40:37.548510075 CEST6124253192.168.2.78.8.8.8
            Jun 21, 2021 08:40:37.602231026 CEST53612428.8.8.8192.168.2.7
            Jun 21, 2021 08:40:37.808223009 CEST5856253192.168.2.78.8.8.8
            Jun 21, 2021 08:40:37.880201101 CEST53585628.8.8.8192.168.2.7
            Jun 21, 2021 08:40:38.363163948 CEST5659053192.168.2.78.8.8.8
            Jun 21, 2021 08:40:38.416512012 CEST53565908.8.8.8192.168.2.7
            Jun 21, 2021 08:40:39.785151958 CEST6050153192.168.2.78.8.8.8
            Jun 21, 2021 08:40:39.843885899 CEST53605018.8.8.8192.168.2.7
            Jun 21, 2021 08:40:40.616271019 CEST5377553192.168.2.78.8.8.8
            Jun 21, 2021 08:40:40.667232037 CEST53537758.8.8.8192.168.2.7
            Jun 21, 2021 08:40:43.561923981 CEST5183753192.168.2.78.8.8.8
            Jun 21, 2021 08:40:43.613648891 CEST53518378.8.8.8192.168.2.7
            Jun 21, 2021 08:40:44.452214003 CEST5541153192.168.2.78.8.8.8
            Jun 21, 2021 08:40:44.505336046 CEST53554118.8.8.8192.168.2.7
            Jun 21, 2021 08:40:45.504292011 CEST6366853192.168.2.78.8.8.8
            Jun 21, 2021 08:40:45.557796001 CEST53636688.8.8.8192.168.2.7
            Jun 21, 2021 08:40:46.600383997 CEST5464053192.168.2.78.8.8.8
            Jun 21, 2021 08:40:46.651285887 CEST53546408.8.8.8192.168.2.7
            Jun 21, 2021 08:40:47.528301954 CEST5873953192.168.2.78.8.8.8
            Jun 21, 2021 08:40:47.578501940 CEST53587398.8.8.8192.168.2.7
            Jun 21, 2021 08:40:48.525485992 CEST6033853192.168.2.78.8.8.8
            Jun 21, 2021 08:40:48.575951099 CEST53603388.8.8.8192.168.2.7
            Jun 21, 2021 08:40:50.736915112 CEST5871753192.168.2.78.8.8.8
            Jun 21, 2021 08:40:50.797126055 CEST53587178.8.8.8192.168.2.7
            Jun 21, 2021 08:40:53.330122948 CEST5976253192.168.2.78.8.8.8
            Jun 21, 2021 08:40:53.386198997 CEST53597628.8.8.8192.168.2.7
            Jun 21, 2021 08:40:54.249322891 CEST5432953192.168.2.78.8.8.8
            Jun 21, 2021 08:40:54.299860001 CEST53543298.8.8.8192.168.2.7
            Jun 21, 2021 08:40:55.160047054 CEST5291453192.168.2.78.8.8.8
            Jun 21, 2021 08:40:55.210745096 CEST53529148.8.8.8192.168.2.7
            Jun 21, 2021 08:40:55.537359953 CEST6456953192.168.2.78.8.8.8
            Jun 21, 2021 08:40:55.550715923 CEST5281653192.168.2.78.8.8.8
            Jun 21, 2021 08:40:55.554668903 CEST5078153192.168.2.78.8.8.8
            Jun 21, 2021 08:40:55.554712057 CEST5423053192.168.2.78.8.8.8
            Jun 21, 2021 08:40:55.555366039 CEST5491153192.168.2.78.8.8.8
            Jun 21, 2021 08:40:55.601907969 CEST53645698.8.8.8192.168.2.7
            Jun 21, 2021 08:40:55.604410887 CEST53528168.8.8.8192.168.2.7
            Jun 21, 2021 08:40:55.614043951 CEST53549118.8.8.8192.168.2.7
            Jun 21, 2021 08:40:55.627891064 CEST53542308.8.8.8192.168.2.7
            Jun 21, 2021 08:40:55.644973040 CEST53507818.8.8.8192.168.2.7
            Jun 21, 2021 08:40:56.547271013 CEST4995853192.168.2.78.8.8.8
            Jun 21, 2021 08:40:56.617036104 CEST53499588.8.8.8192.168.2.7
            Jun 21, 2021 08:40:56.681598902 CEST5931053192.168.2.78.8.8.8
            Jun 21, 2021 08:40:56.749941111 CEST53593108.8.8.8192.168.2.7
            Jun 21, 2021 08:40:57.421212912 CEST5191953192.168.2.78.8.8.8
            Jun 21, 2021 08:40:57.474695921 CEST53519198.8.8.8192.168.2.7
            Jun 21, 2021 08:40:58.394222975 CEST6429653192.168.2.78.8.8.8
            Jun 21, 2021 08:40:58.445471048 CEST53642968.8.8.8192.168.2.7
            Jun 21, 2021 08:40:59.204051971 CEST5668053192.168.2.78.8.8.8
            Jun 21, 2021 08:40:59.271867037 CEST53566808.8.8.8192.168.2.7
            Jun 21, 2021 08:41:00.001961946 CEST5882053192.168.2.78.8.8.8
            Jun 21, 2021 08:41:00.061539888 CEST53588208.8.8.8192.168.2.7
            Jun 21, 2021 08:41:01.464973927 CEST6098353192.168.2.78.8.8.8
            Jun 21, 2021 08:41:01.524127007 CEST53609838.8.8.8192.168.2.7
            Jun 21, 2021 08:41:03.519268990 CEST4924753192.168.2.78.8.8.8
            Jun 21, 2021 08:41:03.571367979 CEST53492478.8.8.8192.168.2.7
            Jun 21, 2021 08:41:04.487627029 CEST6145753192.168.2.78.8.8.8
            Jun 21, 2021 08:41:04.557668924 CEST53614578.8.8.8192.168.2.7
            Jun 21, 2021 08:41:07.656096935 CEST5836753192.168.2.78.8.8.8
            Jun 21, 2021 08:41:07.716470957 CEST53583678.8.8.8192.168.2.7
            Jun 21, 2021 08:41:08.371179104 CEST6059953192.168.2.78.8.8.8
            Jun 21, 2021 08:41:08.437531948 CEST53605998.8.8.8192.168.2.7
            Jun 21, 2021 08:41:10.359313965 CEST5957153192.168.2.78.8.8.8
            Jun 21, 2021 08:41:10.432754993 CEST53595718.8.8.8192.168.2.7
            Jun 21, 2021 08:41:28.802181959 CEST5268953192.168.2.78.8.8.8
            Jun 21, 2021 08:41:28.861709118 CEST53526898.8.8.8192.168.2.7
            Jun 21, 2021 08:41:30.300199986 CEST5029053192.168.2.78.8.8.8
            Jun 21, 2021 08:41:30.350713968 CEST53502908.8.8.8192.168.2.7
            Jun 21, 2021 08:41:50.053734064 CEST6042753192.168.2.78.8.8.8
            Jun 21, 2021 08:41:50.126370907 CEST53604278.8.8.8192.168.2.7
            Jun 21, 2021 08:41:50.917218924 CEST5958253192.168.2.78.8.8.8
            Jun 21, 2021 08:41:50.988868952 CEST53595828.8.8.8192.168.2.7
            Jun 21, 2021 08:41:51.212351084 CEST6094953192.168.2.78.8.8.8
            Jun 21, 2021 08:41:51.275340080 CEST53609498.8.8.8192.168.2.7
            Jun 21, 2021 08:41:52.439932108 CEST5854253192.168.2.78.8.8.8
            Jun 21, 2021 08:41:52.507854939 CEST53585428.8.8.8192.168.2.7
            Jun 21, 2021 08:42:08.813350916 CEST5917953192.168.2.78.8.8.8
            Jun 21, 2021 08:42:08.887639046 CEST53591798.8.8.8192.168.2.7

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
            Jun 21, 2021 08:40:55.550715923 CEST192.168.2.78.8.8.80x9199Standard query (0)bam.nr-data.netA (IP address)IN (0x0001)
            Jun 21, 2021 08:41:04.487627029 CEST192.168.2.78.8.8.80x73e1Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
            Jun 21, 2021 08:40:55.604410887 CEST8.8.8.8192.168.2.70x9199No error (0)bam.nr-data.net162.247.242.21A (IP address)IN (0x0001)
            Jun 21, 2021 08:40:55.604410887 CEST8.8.8.8192.168.2.70x9199No error (0)bam.nr-data.net162.247.242.19A (IP address)IN (0x0001)
            Jun 21, 2021 08:40:55.604410887 CEST8.8.8.8192.168.2.70x9199No error (0)bam.nr-data.net162.247.242.20A (IP address)IN (0x0001)
            Jun 21, 2021 08:40:55.604410887 CEST8.8.8.8192.168.2.70x9199No error (0)bam.nr-data.net162.247.242.18A (IP address)IN (0x0001)
            Jun 21, 2021 08:41:04.557668924 CEST8.8.8.8192.168.2.70x73e1No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
            Jun 21, 2021 08:41:04.557668924 CEST8.8.8.8192.168.2.70x73e1No error (0)googlehosted.l.googleusercontent.com216.58.212.161A (IP address)IN (0x0001)

            HTTP Request Dependency Graph

            • bam.nr-data.net

            HTTP Packets

            Session IDSource IPSource PortDestination IPDestination PortProcess
            0192.168.2.749709162.247.242.2180C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampkBytes transferredDirectionData
            Jun 21, 2021 08:40:55.761044025 CEST1401OUTGET / HTTP/1.1
            Host: bam.nr-data.net
            Connection: keep-alive
            Upgrade-Insecure-Requests: 1
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
            Accept-Encoding: gzip, deflate
            Accept-Language: en-US,en;q=0.9
            Jun 21, 2021 08:40:55.907373905 CEST1405INHTTP/1.0 302 Moved Temporarily
            Location: https://bam.nr-data.net/
            Server: BigIP
            Connection: Keep-Alive
            Content-Length: 0


            HTTPS Packets

            TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
            Jun 21, 2021 08:40:56.301363945 CEST162.247.242.21443192.168.2.749716CN=*.nr-data.net, O="New Relic, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Feb 05 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Tue Feb 08 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
            CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
            Jun 21, 2021 08:40:57.333508015 CEST162.247.242.21443192.168.2.749721CN=*.nr-data.net, O="New Relic, Inc.", L=San Francisco, ST=California, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USWed Feb 05 01:00:00 CET 2020 Fri Mar 08 13:00:00 CET 2013Tue Feb 08 13:00:00 CET 2022 Wed Mar 08 13:00:00 CET 2023771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
            CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023

            Code Manipulations

            Statistics

            Behavior

            Click to jump to process

            System Behavior

            Analysis Process: chrome.exe PID: 5500 Parent PID: 608

            General

            Start time:08:40:47
            Start date:21/06/2021
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://bam.nr-data.net'
            Imagebase:0x7ff76d1c0000
            File size:2150896 bytes
            MD5 hash:C139654B5C1438A95B321BB01AD63EF6
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Show Windows behavior

            File Activities

            Show Windows behavior

            Registry Activities

            Analysis Process: chrome.exe PID: 5204 Parent PID: 5500

            General

            Start time:08:40:49
            Start date:21/06/2021
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1640,16557517724500513583,328483702961810642,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1700 /prefetch:8
            Imagebase:0x7ff76d1c0000
            File size:2150896 bytes
            MD5 hash:C139654B5C1438A95B321BB01AD63EF6
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Show Windows behavior

            File Activities

            Disassembly