Joe Sandbox Cloud Basic Analysis Report
Play interactive tourEdit tour

Windows Analysis Report http://sdk.51.la/js-sdk-pro.min.js

Overview

General Information

Sample URL:http://sdk.51.la/js-sdk-pro.min.js
Analysis ID:459256
Infos:

Most interesting Screenshot:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

No high impact signatures.

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 4404 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://sdk.51.la/js-sdk-pro.min.js' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 4904 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,14614802094828961617,3296713774243117047,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1804 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: unknownDNS traffic detected: queries for: accounts.google.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://accounts.google.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://apis.google.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://clients2.google.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://clients2.googleusercontent.com
Source: Reporting and NEL.2.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
Source: Reporting and NEL.2.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/downloads-lorry
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 581afd96-2b7a-40f1-96c8-205bdda1f7c7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://dns.google
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.drString found in binary or memory: https://fonts.googleapis.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://fonts.gstatic.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://ogs.google.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://play.google.com
Source: 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://r3---sn-h0jeened.gvt1.com
Source: 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://redirector.gvt1.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://ssl.gstatic.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://www.google.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://www.googleapis.com
Source: f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drString found in binary or memory: https://www.gstatic.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: classification engineClassification label: clean0.win@14/60@3/9
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-610B04DC-1134.pmaJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://sdk.51.la/js-sdk-pro.min.js'
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,14614802094828961617,3296713774243117047,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1804 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,14614802094828961617,3296713774243117047,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1804 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading3OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 459256 URL: http://sdk.51.la/js-sdk-pro... Startdate: 04/08/2021 Architecture: WINDOWS Score: 0 5 chrome.exe 10 43 2->5         started        dnsIp3 11 192.168.2.1 unknown unknown 5->11 13 239.255.255.250 unknown Reserved 5->13 8 chrome.exe 15 5->8         started        process4 dnsIp5 15 120.52.95.242, 80 UNICOM-CNChinaUnicomIPnetworkCN China 8->15 17 hcdnd101.gslb.c.cdnhwc2.com 120.52.95.243, 80 UNICOM-CNChinaUnicomIPnetworkCN China 8->17 19 8 other IPs or domains 8->19

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://sdk.51.la/js-sdk-pro.min.js1%VirustotalBrowse
http://sdk.51.la/js-sdk-pro.min.js0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
hcdnd101.gslb.c.cdnhwc2.com0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://dns.google0%URL Reputationsafe
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external0%URL Reputationsafe
https://csp.withgoogle.com/csp/report-to/downloads-lorry0%URL Reputationsafe

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
accounts.google.com
216.58.205.77
truefalse
    		high
    hcdnd101.gslb.c.cdnhwc2.com
    		120.52.95.243
    		truefalseunknown
    clients.l.google.com
    		142.250.74.206
    		truefalse
      		high
      clients2.google.com
      		unknown
      		unknownfalse
        		high
        sdk.51.la
        		unknown
        		unknownfalse
          		high
          NameSourceMaliciousAntivirus DetectionReputation
          https://www.google.comf3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drfalse
            		high
            https://dns.googlef3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 581afd96-2b7a-40f1-96c8-205bdda1f7c7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drfalse
            • URL Reputation: safe
            		unknown
            https://ogs.google.comf3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drfalse
              		high
              https://clients2.googleusercontent.comf3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drfalse
                		high
                https://apis.google.comf3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drfalse
                  		high
                  https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/externalReporting and NEL.2.drfalse
                  • URL Reputation: safe
                  		unknown
                  https://csp.withgoogle.com/csp/report-to/downloads-lorryReporting and NEL.2.drfalse
                  • URL Reputation: safe
                  		unknown
                  https://play.google.comf3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drfalse
                    		high
                    https://accounts.google.comf3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drfalse
                      		high
                      https://clients2.google.comf3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp.2.dr, 8fae1a34-a870-4bfb-b0f6-53c893755532.tmp.2.drfalse
                        		high

                        Contacted IPs

                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs

                        Public

                        IPDomainCountryFlagASNASN NameMalicious
                        142.250.74.206
                        		clients.l.google.comUnited States
                        		15169GOOGLEUSfalse
                        216.58.205.77
                        		accounts.google.comUnited States
                        		15169GOOGLEUSfalse
                        120.52.95.243
                        		hcdnd101.gslb.c.cdnhwc2.comChina
                        		133119UNICOM-CNChinaUnicomIPnetworkCNfalse
                        120.52.95.242
                        		unknownChina
                        		133119UNICOM-CNChinaUnicomIPnetworkCNfalse
                        239.255.255.250
                        		unknownReserved
                        		unknownunknownfalse
                        218.12.76.150
                        		unknownChina
                        		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
                        218.12.76.151
                        		unknownChina
                        		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse

                        Private

                        IP
                        192.168.2.1
                        127.0.0.1

                        General Information

                        Joe Sandbox Version:33.0.0 White Diamond
                        Analysis ID:459256
                        Start date:04.08.2021
                        Start time:14:20:43
                        Joe Sandbox Product:CloudBasic
                        Overall analysis duration:0h 3m 21s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:browseurl.jbs
                        Sample URL:http://sdk.51.la/js-sdk-pro.min.js
                        Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                        Number of analysed new started processes analysed:21
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Detection:CLEAN
                        Classification:clean0.win@14/60@3/9
                        Cookbook Comments:
                        • Adjust boot time
                        • Enable AMSI
                        Warnings:
                        • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe, wuapihost.exe
                        • Excluded IPs from analysis (whitelisted): 20.189.173.20, 40.88.32.150, 142.250.184.110, 172.217.130.8, 142.250.180.163, 52.147.198.201, 104.43.193.48, 20.50.102.62, 23.211.4.86, 20.54.110.249, 8.238.85.126, 8.238.85.254, 8.248.145.254, 8.248.119.254, 67.26.137.254, 40.112.88.60, 80.67.82.235, 80.67.82.211, 216.58.209.35
                        • Excluded domains from analysis (whitelisted): clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, skypedataprdcoleus15.cloudapp.net, redirector.gvt1.com, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, audownload.windowsupdate.nsatc.net, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, auto.au.download.windowsupdate.com.c.footprint.net, img-prod-cms-rt-microsoft-com.akamaized.net, www.gstatic.com, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, r3---sn-h0jeened.gvt1.com, fs.microsoft.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, neu-displaycatalogrp.frontdoor.bigcatalog.commerce.microsoft.com, ris-prod.trafficmanager.net, onedsblobprdwus15.westus.cloudapp.azure.com, asf-ris-prod-neu.northeurope.cloudapp.azure.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, skypedataprdcolcus15.cloudapp.net, skypedataprdcoleus16.cloudapp.net, ris.api.iris.microsoft.com, r3.sn-h0jeened.gvt1.com, blobcollector.events.data.trafficmanager.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net
                        • Not all processes where analyzed, report is missing behavior information
                        • Report size getting too big, too many NtOpenFile calls found.
                        • Report size getting too big, too many NtSetInformationFile calls found.

                        Simulations

                        No simulations

                        Joe Sandbox View / Context

                        IPs

                        No context

                        Domains

                        No context

                        ASN

                        No context

                        JA3 Fingerprints

                        No context

                        Dropped Files

                        No context

                        Created / dropped Files

                        C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):451603
                        Entropy (8bit):5.009711072558331
                        Encrypted:false
                        SSDEEP:12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
                        MD5:A78AD14E77147E7DE3647E61964C0335
                        SHA1:CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
                        SHA-256:0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
                        SHA-512:DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
                        Malicious:false
                        Reputation:low
                        Preview: BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\23e269e4-82cf-4976-be15-909e64fcf0e8.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:modified
                        Size (bytes):165612
                        Entropy (8bit):6.048524321950563
                        Encrypted:false
                        SSDEEP:3072:ZQGaYTJQE+mugy9+QV1T7IRwdfLSNPUFcbXafIB0u1GOJmA3iuR9:ZRxaV+QfT7GSmhSaqfIlUOoSiuR9
                        MD5:4FA7593F6193118F2A2C3434E898C52E
                        SHA1:A4D4A4BA85EED1120CC54B63586FA0720BC18B06
                        SHA-256:5C1DCCE8EB1AAFDB47CFA703C9E01869BB238BBB4EFCF8F1D9996F9875C69BA4
                        SHA-512:E368A8DBDD57FB4B410AC6239137110FDF272EEB47BB35FBBB0B555EEA7CD59A8C94EB6F4E3A5FBCB40C117CBAB01626B794AD4B6D58FC591A4D88B602F94917
                        Malicious:false
                        Reputation:low
                        Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.628112095531828e+12,"network":1.628079697e+12,"ticks":5238822978.0,"uncertainty":4555779.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"dis
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):120
                        Entropy (8bit):3.254162526001658
                        Encrypted:false
                        SSDEEP:3:FkXft0xE1G1mstft0xE1G1mstft0xE1n:+ftIE1G1mkftIE1G1mkftIE1n
                        MD5:E9224A19341F2979669144B01332DF59
                        SHA1:F7F760C7104457DF463306A7F7BAE0142EFCEB5B
                        SHA-256:47DD519C226D23F203ACAE0EC44DF9BB6208828E24F726E1602EA52F63C3E2BE
                        SHA-512:4184302DEB5009D767FECFC150F580DD57D5CF9CF3BFEB7E52C9F3340E5E6499251B9F0DFF37F0454411FED9046880E0A9204312D021294256372C916B8155AC
                        Malicious:false
                        Reputation:low
                        Preview: sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0cfd8b36-7942-403c-9bda-7f8f088272e5.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):16746
                        Entropy (8bit):5.577345474329702
                        Encrypted:false
                        SSDEEP:384:y8otaLlPhXc1kXqKf/pUZNCgVLH2HfDqrUJkYIA+4v:9LlNc1kXqKf/pUZNCgVLH2HfmrUJk0+s
                        MD5:DD34E5B4911274C07734C1A1A7DAC577
                        SHA1:9A29EF6970AD48E60EA7D1FD84EF3E0514EF747A
                        SHA-256:D10FDC1C72996AE20B96A97A50EA890427C49A7C2AD616C7497D99E6F99EDE9D
                        SHA-512:E251A1560A64D5788A83F816C667F0BBF2C97EF6F9039CFD537F7338A12F4D1BD142698F233D7059D0059AF256D96A909B8A4F557DA82D35D78B8EF4C9032D74
                        Malicious:false
                        Reputation:low
                        Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13272585692368891","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6bd5860d-d4bf-4205-904e-aead865de91e.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):4865
                        Entropy (8bit):4.958575480169079
                        Encrypted:false
                        SSDEEP:48:YcEUklSLklwHjvc2qA8qqTlYqlQKHoTw01H3CH3G/s8C1Nfct/9BhUJo3KhmeSnz:nmCmHX9pcKIRok0JCKL8VbOTQVuwn
                        MD5:F1A8FCB7EB154063057730EFA0844DA8
                        SHA1:5891BADDB28EFA25336D0C5CF1C4DBAA0D3513D5
                        SHA-256:5CC56689BF645C09C9E4903344B2BB07F0CB8203FD8271A3104CE6B2034FAEDA
                        SHA-512:5C0742F49D4AE661DDA808C6D125F6F5738F84677D055C060BF40C9B746D2AD1DEF5A0C4BCCC408F28CB6756217F60E6D19AC270AE3A76EA07A63B30265EE595
                        Malicious:false
                        Reputation:low
                        Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13272585692665177","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245951692116406","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8fae1a34-a870-4bfb-b0f6-53c893755532.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:modified
                        Size (bytes):1804
                        Entropy (8bit):4.888418333594971
                        Encrypted:false
                        SSDEEP:48:Y2TntwCXGDH3qyvz5sTDsOTsiRLs6260SSmbD:JTnOCXGDHa+zojrbj0VmH
                        MD5:8F7E156CAB0E7FDE26DF58F4AAA710F6
                        SHA1:A42E6B25333AD57D708EB5DFB89E37A4E4627BF5
                        SHA-256:1ABB5DD50994F5ADAC4DEF0B9A37CD61349B958091BFC5CC530D5B8670C752EC
                        SHA-512:F8753503BA12AFF8F2BBFFEA492C33168383891451AD249F5AED81C5E8A2014ECDEF7C4F8B753D68724D1DCA691CDE13377D69FA9FDA316E7D9D0C104080B492
                        Malicious:false
                        Reputation:low
                        Preview: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://www.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275177696011226","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_se
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\90dd3beb-6ef9-412a-8be4-e5e59701342b.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):4865
                        Entropy (8bit):4.958575480169079
                        Encrypted:false
                        SSDEEP:48:YcEUklSLklwHjvc2qA8qqTlYqlQKHoTw01H3CH3G/s8C1Nfct/9BhUJo3KhmeSnz:nmCmHX9pcKIRok0JCKL8VbOTQVuwn
                        MD5:F1A8FCB7EB154063057730EFA0844DA8
                        SHA1:5891BADDB28EFA25336D0C5CF1C4DBAA0D3513D5
                        SHA-256:5CC56689BF645C09C9E4903344B2BB07F0CB8203FD8271A3104CE6B2034FAEDA
                        SHA-512:5C0742F49D4AE661DDA808C6D125F6F5738F84677D055C060BF40C9B746D2AD1DEF5A0C4BCCC408F28CB6756217F60E6D19AC270AE3A76EA07A63B30265EE595
                        Malicious:false
                        Reputation:low
                        Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13272585692665177","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245951692116406","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9926759c-42d2-42ee-ad93-83108024b9bc.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):4878
                        Entropy (8bit):4.960572244379093
                        Encrypted:false
                        SSDEEP:48:YcEUklSLklwHjvc8KqA8qqTlYqlQKHoTw01H3CH3G/s8C1Nfct/9BhUJo3KhmeSJ:nmCmQX9pcKIRok0JCKL87bOTQVuwn
                        MD5:F1FFBA1A2DD18896367DC2BA4E9DF0EB
                        SHA1:6EE201B722F1426DD6F476395CFDB6715683A4B6
                        SHA-256:582A1854FA2F128269F49D6C18956C3D15224FB8DBF7E8F85AF5399BC4B25B7B
                        SHA-512:2DA977AD9B35271E371CB9C5FA7A97D7DFA84751B2060A379ED5B8C46E773ACE14C330831A665BBE47BBA59FCC4720C2008A90221587AE7E39F76D2CAAA1689B
                        Malicious:false
                        Reputation:low
                        Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13272585692665177","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245951692116406","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:SQLite 3.x database, last written using SQLite version 3032001
                        Category:dropped
                        Size (bytes):12288
                        Entropy (8bit):0.6863571317626186
                        Encrypted:false
                        SSDEEP:12:TLyen4ufFdbXGwcFOaOndOtJRbGMNmt2SH/+eVpUHFxOUwae6:TLyqJLbXaFpEO5bNmISHn06Uwd
                        MD5:1C0EAEEE6463CAE33B7A7CD9D9DF4DA5
                        SHA1:FBC6A28A1501E40154FDC0A9D0C2F34A5F88AA65
                        SHA-256:ED8AE7C5E6885874A39F4E86258F552670352A18D29BE1FF4D372A2F4CD06C8A
                        SHA-512:355D19828609971998B09B36E7C7D304B7FB88C7A726670BEBF5CF2E2710F8E71B0F9DEF6FE9712B484C1EB122AEEEFDECF31D13E02C4539C399DFB86EC7619F
                        Malicious:false
                        Reputation:low
                        Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):12836
                        Entropy (8bit):0.9675089571251646
                        Encrypted:false
                        SSDEEP:24:EcLgAZOZD/7qLbJLbXaFpEO5bNmISHn06Uwi8:E8NOZ7q5LLOpEO5J/Kn7U18
                        MD5:035C6035F7247ADCF4BFE1CB4438D42C
                        SHA1:E289B22A620C64342DFFF9D21E9ABA97E51EE488
                        SHA-256:0BD0FD1C86D966F16A3B887658FC10838569AD66BF9BC620480BE9F01ACA1553
                        SHA-512:FF53EAC99445C09102ABE44244635B4565C32234DBEF3DEB51FC761EB9768B7BD7EEC86D5D67FB303632D41AE06BC556237AFC7A2A47C0645123E6673174C170
                        Malicious:false
                        Reputation:low
                        Preview: .............w0p........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):375
                        Entropy (8bit):3.3679518790098366
                        Encrypted:false
                        SSDEEP:6:3olydJljsT34EPK07EjXPl9/xl9/NsRxkIyI8RxEl9/tl9/l:3olydJhsTYYETPlpxlpN8kIyT0lptlpl
                        MD5:E0753DE7BF495A21B35344D06539A689
                        SHA1:DD99DFCEE0BE66D89D317326FFE6B09EF41502FC
                        SHA-256:A9C52EDB55CCE9319D6B5BA07B1B749BEFF47293D55786AF258C45CBCE281811
                        SHA-512:FF12BFF91CE330CF3ADE2966D602A58CA49C5BC52448ECA5C7E984F9DD7E4E2C89E5CD45E8D8C6208E23E36EB386ABA3A4A00D908206769A0CA4709690D2708B
                        Malicious:false
                        Reputation:low
                        Preview: SNSS....................................................!.............................................1..,.......$...4e010f16_9f22_4722_b7fb_52ba1af89644......................A..8................................................................................5..0.......&...{524A03AB-861D-4591-9B4E-BDD69F9D425A}...............................................................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):8
                        Entropy (8bit):1.8112781244591325
                        Encrypted:false
                        SSDEEP:3:3Dtn:3h
                        MD5:0686D6159557E1162D04C44240103333
                        SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
                        SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
                        SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
                        Malicious:false
                        Reputation:low
                        Preview: SNSS....
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):126
                        Entropy (8bit):4.569580985472087
                        Encrypted:false
                        SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC54:qT5z/t2qoEwhXeLKI
                        MD5:F9672B4DD4FE52E26F179EAF35E69B22
                        SHA1:DE3C80E35851DFAD51E1FD0F35E90EC5C223B739
                        SHA-256:11F36B4E7449BA10E1E24571A5DE3A67918F8B971A2B2B43FFC549492C00DEC5
                        SHA-512:898A55D8F35DA209FA85E9F94654CFA12859D411740394BBA1A909FA77109B0FB6F36D5E7B4AFA7F8CCBF6BE407E01421229E7EC241906A9ECCCAE852622609B
                        Malicious:false
                        Reputation:low
                        Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):320
                        Entropy (8bit):5.228800757609797
                        Encrypted:false
                        SSDEEP:6:mZBgq2PWXp+N23iKKdK8aPrqIFUtpUHhZmwPU8kwOWXp+N23iKKdK8amLJ:kava5KkL3FUtpUHh/PU85f5KkQJ
                        MD5:B547028C0AC3FAA44457025BA1666271
                        SHA1:3B7E6D4C58F8575E180DA708CAA4BB66D1EB3212
                        SHA-256:8AAFF47F3CCFC60FEADB496C0A61F944B64E32F4891FEB001D6595496ED08112
                        SHA-512:502B4066530CB03C431B7EAC321BD1D293DBB1C669085B9140F6121FA557DF098C53C6974D50D66EA31FCC7BBB3444FF0E3F81FAEF809E0A3BFF5E5EF86A3FA3
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.713 12b0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/08/04-14:21:32.715 12b0 Recovering log #3.2021/08/04-14:21:32.716 12b0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):320
                        Entropy (8bit):5.228800757609797
                        Encrypted:false
                        SSDEEP:6:mZBgq2PWXp+N23iKKdK8aPrqIFUtpUHhZmwPU8kwOWXp+N23iKKdK8amLJ:kava5KkL3FUtpUHh/PU85f5KkQJ
                        MD5:B547028C0AC3FAA44457025BA1666271
                        SHA1:3B7E6D4C58F8575E180DA708CAA4BB66D1EB3212
                        SHA-256:8AAFF47F3CCFC60FEADB496C0A61F944B64E32F4891FEB001D6595496ED08112
                        SHA-512:502B4066530CB03C431B7EAC321BD1D293DBB1C669085B9140F6121FA557DF098C53C6974D50D66EA31FCC7BBB3444FF0E3F81FAEF809E0A3BFF5E5EF86A3FA3
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.713 12b0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/08/04-14:21:32.715 12b0 Recovering log #3.2021/08/04-14:21:32.716 12b0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):456
                        Entropy (8bit):1.8784775129881184
                        Encrypted:false
                        SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWW
                        MD5:F23D2DF21A39AA8D814CADE6C37856C8
                        SHA1:233E65707015A53F83A0D53DB03A4AF8FAB21EA6
                        SHA-256:C5CE9AAF8FFDCB8A00463A7BF24001885E0A792F110C8DB74A1E2F4392CB0E31
                        SHA-512:A7B50B8CAFBA80F6BACA44B260F8379852C4176F3DD57168812F3B4B811D2FF340F09F8CE625CC2ADECAB2851CC33725CB729548A3DA98B041387C7952077918
                        Malicious:false
                        Reputation:low
                        Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):320
                        Entropy (8bit):5.2309015662117755
                        Encrypted:false
                        SSDEEP:6:mZYB/QL+q2PWXp+N23iKKdK8NIFUtpUYa/GKWZmwPUYcQLVkwOWXp+N23iKKdK8n:kYZQ+va5KkpFUtpUYa/GKW/PUYcQV5fa
                        MD5:C5A561F728C53D0808070A907B9D7AB1
                        SHA1:81E474D501FEF498457C0CCDF00453465B954F7E
                        SHA-256:9294AE598304B37969401DD5029AF06AE4788881A02F96DDE599831045361DFC
                        SHA-512:6D1DFB7AFBFCDC6A04BCE2F2F5F9BF4995FB5753C01539A1D7196DCDE691B473A10B6F4E6F5E9F18053FF28E33E6F108FFC6C326FF90405AC9B14250BA98437A
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:34.905 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/08/04-14:21:34.906 15ec Recovering log #3.2021/08/04-14:21:34.908 15ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldZ (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):320
                        Entropy (8bit):5.2309015662117755
                        Encrypted:false
                        SSDEEP:6:mZYB/QL+q2PWXp+N23iKKdK8NIFUtpUYa/GKWZmwPUYcQLVkwOWXp+N23iKKdK8n:kYZQ+va5KkpFUtpUYa/GKW/PUYcQV5fa
                        MD5:C5A561F728C53D0808070A907B9D7AB1
                        SHA1:81E474D501FEF498457C0CCDF00453465B954F7E
                        SHA-256:9294AE598304B37969401DD5029AF06AE4788881A02F96DDE599831045361DFC
                        SHA-512:6D1DFB7AFBFCDC6A04BCE2F2F5F9BF4995FB5753C01539A1D7196DCDE691B473A10B6F4E6F5E9F18053FF28E33E6F108FFC6C326FF90405AC9B14250BA98437A
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:34.905 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/08/04-14:21:34.906 15ec Recovering log #3.2021/08/04-14:21:34.908 15ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):8720
                        Entropy (8bit):0.3279856122423786
                        Encrypted:false
                        SSDEEP:6:yZ4/fMt76Y4QZVRtRex99pG/jjqR4EZY4QZv8fO/:q4nMWQA9LcWBQZ8fO/
                        MD5:663958E840A6DDDEB78EB63C202FEE8E
                        SHA1:9C85B77AD879D6404670E37744C6F39B4623250E
                        SHA-256:9038F206F43CEB0AE741C22F3D3BAF28D2F8C99414E3375517D92B62A0D9C5E8
                        SHA-512:3BDBC3C09AAF2CECA02A1142B147D7CDE0A97F6802EAC71F1DB476DE2149403DC51C5653D26071D229326C9D6F657A03BB17F716CCEA7E2D4DF35088091C38B3
                        Malicious:false
                        Reputation:low
                        Preview: .............B.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):375
                        Entropy (8bit):3.3679518790098366
                        Encrypted:false
                        SSDEEP:6:3olydJljsT34EPK07EjXPl9/xl9/NsRxkIyI8RxEl9/tl9/l:3olydJhsTYYETPlpxlpN8kIyT0lptlpl
                        MD5:E0753DE7BF495A21B35344D06539A689
                        SHA1:DD99DFCEE0BE66D89D317326FFE6B09EF41502FC
                        SHA-256:A9C52EDB55CCE9319D6B5BA07B1B749BEFF47293D55786AF258C45CBCE281811
                        SHA-512:FF12BFF91CE330CF3ADE2966D602A58CA49C5BC52448ECA5C7E984F9DD7E4E2C89E5CD45E8D8C6208E23E36EB386ABA3A4A00D908206769A0CA4709690D2708B
                        Malicious:false
                        Reputation:low
                        Preview: SNSS....................................................!.............................................1..,.......$...4e010f16_9f22_4722_b7fb_52ba1af89644......................A..8................................................................................5..0.......&...{524A03AB-861D-4591-9B4E-BDD69F9D425A}...............................................................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):8
                        Entropy (8bit):1.8112781244591325
                        Encrypted:false
                        SSDEEP:3:3Dtn:3h
                        MD5:0686D6159557E1162D04C44240103333
                        SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
                        SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
                        SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
                        Malicious:false
                        Reputation:low
                        Preview: SNSS....
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):332
                        Entropy (8bit):5.153686601545067
                        Encrypted:false
                        SSDEEP:6:mZOi+q2PWXp+N23iKKdK8a2jMGIFUtpUpyWZmwPUvF2NVkwOWXp+N23iKKdK8a23:kOi+va5Kk8EFUtpUpyW/PUsV5f5Kk8bJ
                        MD5:4237F9593576D22D87D907F093960845
                        SHA1:17401DCD6569881E0A53CC0341C844BBD0C67195
                        SHA-256:7CF5AD4AB5F92F493657B7A8C198E5C1A68A9AB17FFB5AE42FD202DD86A7A051
                        SHA-512:C7A30901F669A17113F9623743D03EE47A2E8D211000A9AC4CABC93402F41A001DE184A872DC51BE15AF25A87600949CCD804F47850E7E6445EFC38014CD6B32
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.429 143c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/08/04-14:21:32.430 143c Recovering log #3.2021/08/04-14:21:32.431 143c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):332
                        Entropy (8bit):5.153686601545067
                        Encrypted:false
                        SSDEEP:6:mZOi+q2PWXp+N23iKKdK8a2jMGIFUtpUpyWZmwPUvF2NVkwOWXp+N23iKKdK8a23:kOi+va5Kk8EFUtpUpyW/PUsV5f5Kk8bJ
                        MD5:4237F9593576D22D87D907F093960845
                        SHA1:17401DCD6569881E0A53CC0341C844BBD0C67195
                        SHA-256:7CF5AD4AB5F92F493657B7A8C198E5C1A68A9AB17FFB5AE42FD202DD86A7A051
                        SHA-512:C7A30901F669A17113F9623743D03EE47A2E8D211000A9AC4CABC93402F41A001DE184A872DC51BE15AF25A87600949CCD804F47850E7E6445EFC38014CD6B32
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.429 143c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/08/04-14:21:32.430 143c Recovering log #3.2021/08/04-14:21:32.431 143c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):1804
                        Entropy (8bit):4.888418333594971
                        Encrypted:false
                        SSDEEP:48:Y2TntwCXGDH3qyvz5sTDsOTsiRLs6260SSmbD:JTnOCXGDHa+zojrbj0VmH
                        MD5:8F7E156CAB0E7FDE26DF58F4AAA710F6
                        SHA1:A42E6B25333AD57D708EB5DFB89E37A4E4627BF5
                        SHA-256:1ABB5DD50994F5ADAC4DEF0B9A37CD61349B958091BFC5CC530D5B8670C752EC
                        SHA-512:F8753503BA12AFF8F2BBFFEA492C33168383891451AD249F5AED81C5E8A2014ECDEF7C4F8B753D68724D1DCA691CDE13377D69FA9FDA316E7D9D0C104080B492
                        Malicious:false
                        Reputation:low
                        Preview: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://www.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13275177696011226","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_se
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):4219
                        Entropy (8bit):4.871684703914691
                        Encrypted:false
                        SSDEEP:48:YXsJjMH+5s7YMHBKsvxMHVzspxMHbsIHt/soBDysKqnsllzMHpDCLsWJMHLsNuMg:RG+ZGJG+GTTD7IGpD+G7Gp2GnG4GVhH
                        MD5:EDC4A4E22003A711AEF67FAED28DB603
                        SHA1:977E551B9ED5F60D018C030B0B4AA2E33B954556
                        SHA-256:DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
                        SHA-512:84D3930579FD73C7D86144D5CDC636436955BA79759273C740D2D72BC4847F2F7F165BBCA3EB2E4DFB01777D6A5F141623278C1BF74615C5A491092CE3FD1602
                        Malicious:false
                        Reputation:low
                        Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248543677350473","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543677350474","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31344},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31656},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501454993","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501454994","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39369},"server":"https://www.googleapis.com","supports_spdy":true},
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):334
                        Entropy (8bit):5.241773439993972
                        Encrypted:false
                        SSDEEP:6:mZsUFOq2PWXp+N23iKKdKgXz4rRIFUtpUsZmwPUiVFkwOWXp+N23iKKdKgXz4q8d:ksUFOva5KkgXiuFUtpUs/PUi75f5Kkgi
                        MD5:5FE85D06CA2734B80D470907E15F3F4F
                        SHA1:4442F9C2647F154EF2F6391FCDADE60955451554
                        SHA-256:A3BDC2A908F93EE4C759A484899499399563829A571D20A15C4E302E912CC95B
                        SHA-512:1C3B2FBB789E5B0E20A5180BD687ABD14A6AB9478E305CDF1DA87F30A6FBAD092DAA831B3EDF9F195837A7D7CDFB6C4DBAA6E0C575699B97D54D1D00F8A884D0
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.748 12b0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/08/04-14:21:32.749 12b0 Recovering log #3.2021/08/04-14:21:32.750 12b0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old. (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):334
                        Entropy (8bit):5.241773439993972
                        Encrypted:false
                        SSDEEP:6:mZsUFOq2PWXp+N23iKKdKgXz4rRIFUtpUsZmwPUiVFkwOWXp+N23iKKdKgXz4q8d:ksUFOva5KkgXiuFUtpUs/PUi75f5Kkgi
                        MD5:5FE85D06CA2734B80D470907E15F3F4F
                        SHA1:4442F9C2647F154EF2F6391FCDADE60955451554
                        SHA-256:A3BDC2A908F93EE4C759A484899499399563829A571D20A15C4E302E912CC95B
                        SHA-512:1C3B2FBB789E5B0E20A5180BD687ABD14A6AB9478E305CDF1DA87F30A6FBAD092DAA831B3EDF9F195837A7D7CDFB6C4DBAA6E0C575699B97D54D1D00F8A884D0
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.748 12b0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/08/04-14:21:32.749 12b0 Recovering log #3.2021/08/04-14:21:32.750 12b0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences.. (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):4878
                        Entropy (8bit):4.960572244379093
                        Encrypted:false
                        SSDEEP:48:YcEUklSLklwHjvc8KqA8qqTlYqlQKHoTw01H3CH3G/s8C1Nfct/9BhUJo3KhmeSJ:nmCmQX9pcKIRok0JCKL87bOTQVuwn
                        MD5:F1FFBA1A2DD18896367DC2BA4E9DF0EB
                        SHA1:6EE201B722F1426DD6F476395CFDB6715683A4B6
                        SHA-256:582A1854FA2F128269F49D6C18956C3D15224FB8DBF7E8F85AF5399BC4B25B7B
                        SHA-512:2DA977AD9B35271E371CB9C5FA7A97D7DFA84751B2060A379ED5B8C46E773ACE14C330831A665BBE47BBA59FCC4720C2008A90221587AE7E39F76D2CAAA1689B
                        Malicious:false
                        Reputation:low
                        Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13272585692665177","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245951692116406","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences5. (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):4865
                        Entropy (8bit):4.958575480169079
                        Encrypted:false
                        SSDEEP:48:YcEUklSLklwHjvc2qA8qqTlYqlQKHoTw01H3CH3G/s8C1Nfct/9BhUJo3KhmeSnz:nmCmHX9pcKIRok0JCKL8VbOTQVuwn
                        MD5:F1A8FCB7EB154063057730EFA0844DA8
                        SHA1:5891BADDB28EFA25336D0C5CF1C4DBAA0D3513D5
                        SHA-256:5CC56689BF645C09C9E4903344B2BB07F0CB8203FD8271A3104CE6B2034FAEDA
                        SHA-512:5C0742F49D4AE661DDA808C6D125F6F5738F84677D055C060BF40C9B746D2AD1DEF5A0C4BCCC408F28CB6756217F60E6D19AC270AE3A76EA07A63B30265EE595
                        Malicious:false
                        Reputation:low
                        Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13272585692665177","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245951692116406","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:SQLite 3.x database, last written using SQLite version 3032001
                        Category:dropped
                        Size (bytes):20480
                        Entropy (8bit):1.1796726976953937
                        Encrypted:false
                        SSDEEP:48:TUIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUnJoTRs9JoTRs5:wIElwQF8mpcSjSMSWrvjSo1
                        MD5:76D7B8A8D3FE27D71F7EC649AC20809B
                        SHA1:57810C4E3C201CCEB2CD4C311DEA7B31DF2D7EA5
                        SHA-256:F04E149DBF8F6192C555CDA98EB34E415808F2DF27FAB8348EDD313B89191270
                        SHA-512:E12C77B927B04D57E40399152996F0AEA6C527691326905CEB6BDD828F51449B782E0A894135AFC30C9D5A735895924D6C6E5B9DD36DF289CE308075B093F9CA
                        Malicious:false
                        Reputation:low
                        Preview: SQLite format 3......@ ..........................................................................C..........g...^.........j............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):21044
                        Entropy (8bit):0.8267334615679122
                        Encrypted:false
                        SSDEEP:48:nvxKk0RqkIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUsM6:nvxKk0RhIElwQF8mpcSC
                        MD5:20E582140DF40431D1B151FF46DCEC35
                        SHA1:B7958190709A052D562B8CB317FA834DFBDA6D32
                        SHA-256:BABE934CA3D90626AAA300A5F955B7A106C7AA7F9EFB20D6018FC2D9C8901DB5
                        SHA-512:3A989FD90C020E282C3D3371818A5729D6E2402969B04CDBE7FE0CD95A6888070E4AA79C31DE37D09BD47F7F94D4E60170B33AFA4E112030B10B0C095842E833
                        Malicious:false
                        Reputation:low
                        Preview: ..............F........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferenceskZ (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):16746
                        Entropy (8bit):5.577345474329702
                        Encrypted:false
                        SSDEEP:384:y8otaLlPhXc1kXqKf/pUZNCgVLH2HfDqrUJkYIA+4v:9LlNc1kXqKf/pUZNCgVLH2HfmrUJk0+s
                        MD5:DD34E5B4911274C07734C1A1A7DAC577
                        SHA1:9A29EF6970AD48E60EA7D1FD84EF3E0514EF747A
                        SHA-256:D10FDC1C72996AE20B96A97A50EA890427C49A7C2AD616C7497D99E6F99EDE9D
                        SHA-512:E251A1560A64D5788A83F816C667F0BBF2C97EF6F9039CFD537F7338A12F4D1BD142698F233D7059D0059AF256D96A909B8A4F557DA82D35D78B8EF4C9032D74
                        Malicious:false
                        Reputation:low
                        Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13272585692368891","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):95
                        Entropy (8bit):1.9837406708828553
                        Encrypted:false
                        SSDEEP:3:5ljljljljl:5ljljljljl
                        MD5:181ED05FAE6D31CDBFC2680CB632F859
                        SHA1:B6391180B7167969686A3986E06D975F4CE67FAD
                        SHA-256:62150C5EA1D8CFDE4916440F9662C32F3DCC1207BBC5441536D121EC683607E4
                        SHA-512:40D79847C0420FA9395511DAA271B735ABD60CB55983F23DBF9552E56AAE1D915058D6D236D37D433FA7B16567957DB2C515BDB61B9032003914FF34EFA26BB5
                        Malicious:false
                        Reputation:low
                        Preview: ..&f.................&f.................&f.................&f.................&f...............
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):320
                        Entropy (8bit):5.183625545666686
                        Encrypted:false
                        SSDEEP:6:mZxY+q2PWXp+N23iKKdKrQMxIFUtpUzIZmwPUTLVkwOWXp+N23iKKdKrQMFLJ:kxY+va5KkCFUtpUk/PU3V5f5KktJ
                        MD5:30E494D748028CB708D6BD643CF58385
                        SHA1:CEEAF555DED1A09625408341B7EBC6348261C9E3
                        SHA-256:49CA25334E264CBCA08A3B36561BBA635FFDB5852B7EDD6753CBD70E095C46CA
                        SHA-512:7660A3ECC8008D2D93B01C686706FCA22762EAE8480C2F0163563AB9550C28B7D060F507DD89A2034114AFBC2132CBF3D8B7928EC8DC5B6F110420F5ABC026CA
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.644 11dc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/08/04-14:21:32.646 11dc Recovering log #3.2021/08/04-14:21:32.647 11dc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):320
                        Entropy (8bit):5.183625545666686
                        Encrypted:false
                        SSDEEP:6:mZxY+q2PWXp+N23iKKdKrQMxIFUtpUzIZmwPUTLVkwOWXp+N23iKKdKrQMFLJ:kxY+va5KkCFUtpUk/PU3V5f5KktJ
                        MD5:30E494D748028CB708D6BD643CF58385
                        SHA1:CEEAF555DED1A09625408341B7EBC6348261C9E3
                        SHA-256:49CA25334E264CBCA08A3B36561BBA635FFDB5852B7EDD6753CBD70E095C46CA
                        SHA-512:7660A3ECC8008D2D93B01C686706FCA22762EAE8480C2F0163563AB9550C28B7D060F507DD89A2034114AFBC2132CBF3D8B7928EC8DC5B6F110420F5ABC026CA
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.644 11dc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/08/04-14:21:32.646 11dc Recovering log #3.2021/08/04-14:21:32.647 11dc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):345
                        Entropy (8bit):5.1802533600498695
                        Encrypted:false
                        SSDEEP:6:mZ4gq2PWXp+N23iKKdK7Uh2ghZIFUtpUySZmwPUeGWvzkwOWXp+N23iKKdK7Uh2w:k4gva5KkIhHh2FUtpUyS/PUovz5f5Kks
                        MD5:91A4D3484964DC53AD84B54D4D2BD13F
                        SHA1:1D1F334D320B5448766EEA45A6F1A4774692E5EB
                        SHA-256:FA1FB5A3FD151C27AA1998E12923D4C0CC2A75D6FE451CE99596C02B02DEA578
                        SHA-512:3775E03C499265944284E7CB20A6476B75CB731D7A4B20A7429D2882D6D7CD1A9B5A909BE79D662B58DA0CB447B6CF141EB0289F76AC9256EE0BA4D35D4EB878
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.379 c30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/08/04-14:21:32.385 c30 Recovering log #3.2021/08/04-14:21:32.386 c30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):345
                        Entropy (8bit):5.1802533600498695
                        Encrypted:false
                        SSDEEP:6:mZ4gq2PWXp+N23iKKdK7Uh2ghZIFUtpUySZmwPUeGWvzkwOWXp+N23iKKdK7Uh2w:k4gva5KkIhHh2FUtpUyS/PUovz5f5Kks
                        MD5:91A4D3484964DC53AD84B54D4D2BD13F
                        SHA1:1D1F334D320B5448766EEA45A6F1A4774692E5EB
                        SHA-256:FA1FB5A3FD151C27AA1998E12923D4C0CC2A75D6FE451CE99596C02B02DEA578
                        SHA-512:3775E03C499265944284E7CB20A6476B75CB731D7A4B20A7429D2882D6D7CD1A9B5A909BE79D662B58DA0CB447B6CF141EB0289F76AC9256EE0BA4D35D4EB878
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.379 c30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/08/04-14:21:32.385 c30 Recovering log #3.2021/08/04-14:21:32.386 c30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\581afd96-2b7a-40f1-96c8-205bdda1f7c7.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):420
                        Entropy (8bit):4.985305467053914
                        Encrypted:false
                        SSDEEP:6:YHpoNXR8+eq7JdV5qQlsDHF4xj70PpqQEsDHF4R8HLJ2AVQBR70S7PMVKJw1K3Ky:YHO8sdBsB6MAsBdLJlyH7E4f3K33y
                        MD5:C401B619D9D8E0ADABC25A47EE49CFBA
                        SHA1:C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA
                        SHA-256:8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
                        SHA-512:BC12F16CB95CB0AD708C6BBD005EF863A8552613E612F1084086E0F8262752E1B5144D044F0D141CE8462CC33343C36B517A5CC778751680485D8F88FB51B862
                        Malicious:false
                        Reputation:low
                        Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543490879170","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543490879171","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):296
                        Entropy (8bit):0.19535324365485862
                        Encrypted:false
                        SSDEEP:3:8E:8
                        MD5:C4DF0FB10C4332150B2C336396CE1B66
                        SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                        SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                        SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                        Malicious:false
                        Reputation:low
                        Preview: .'..(...................................................................................................................................................................................................................................................................................................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):430
                        Entropy (8bit):5.2763498809379294
                        Encrypted:false
                        SSDEEP:6:mZTpQL+q2PWXp+N23iKKdKusNpV/2jMGIFUtpUrGKWZmwPUrQLVkwOWXp+N23iK4:kdQ+va5KkFFUtpUrGKW/PUrQV5f5KkOJ
                        MD5:ED142CEF29531C61ABB6E6DD81E9AEFB
                        SHA1:654428CB5816DFBC4B71FCF9CB7037C13BC4F951
                        SHA-256:34252C1DE7E0401F61BBC478E2830A3B172E44C3D2014976465652029007023E
                        SHA-512:D884639735AA5F7DA7300C5BA572736CC1AF0D8B0EBCD2A969493E25789A4BCA7E7838AEEA32DBCC45BEE68458C62998BA66F7788C0BEA147A7FBA1C4777E533
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.692 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/08/04-14:21:32.694 15ec Recovering log #3.2021/08/04-14:21:32.694 15ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):430
                        Entropy (8bit):5.2763498809379294
                        Encrypted:false
                        SSDEEP:6:mZTpQL+q2PWXp+N23iKKdKusNpV/2jMGIFUtpUrGKWZmwPUrQLVkwOWXp+N23iK4:kdQ+va5KkFFUtpUrGKW/PUrQV5f5KkOJ
                        MD5:ED142CEF29531C61ABB6E6DD81E9AEFB
                        SHA1:654428CB5816DFBC4B71FCF9CB7037C13BC4F951
                        SHA-256:34252C1DE7E0401F61BBC478E2830A3B172E44C3D2014976465652029007023E
                        SHA-512:D884639735AA5F7DA7300C5BA572736CC1AF0D8B0EBCD2A969493E25789A4BCA7E7838AEEA32DBCC45BEE68458C62998BA66F7788C0BEA147A7FBA1C4777E533
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.692 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/08/04-14:21:32.694 15ec Recovering log #3.2021/08/04-14:21:32.694 15ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent StateTM (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):420
                        Entropy (8bit):4.985305467053914
                        Encrypted:false
                        SSDEEP:6:YHpoNXR8+eq7JdV5qQlsDHF4xj70PpqQEsDHF4R8HLJ2AVQBR70S7PMVKJw1K3Ky:YHO8sdBsB6MAsBdLJlyH7E4f3K33y
                        MD5:C401B619D9D8E0ADABC25A47EE49CFBA
                        SHA1:C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA
                        SHA-256:8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
                        SHA-512:BC12F16CB95CB0AD708C6BBD005EF863A8552613E612F1084086E0F8262752E1B5144D044F0D141CE8462CC33343C36B517A5CC778751680485D8F88FB51B862
                        Malicious:false
                        Reputation:low
                        Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543490879170","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543490879171","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):432
                        Entropy (8bit):5.300103341930331
                        Encrypted:false
                        SSDEEP:12:kCQ+va5KkmiuFUtpUkGKW/PUOQV5f5Kkm2J:T5a5KkSgrGKaSf5Kkr
                        MD5:166174C37FBDD4F50E73123EBFCF4AE6
                        SHA1:BC6C1337846E6072C919F86C14905E50C5748B2B
                        SHA-256:92F7428902A7E9FA177618EE7DF7E4E4401D9DA24892B3469E3A054CD0956708
                        SHA-512:A1B3995D519857A08E98418F45B145CBC836902D1A0C81B7DED95042D90EAF5B06E290EF65824634A47602B4F5104F410DDC1CE3F8430C12AC8831EB6F31EBFC
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.747 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/08/04-14:21:32.749 15ec Recovering log #3.2021/08/04-14:21:32.750 15ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):432
                        Entropy (8bit):5.300103341930331
                        Encrypted:false
                        SSDEEP:12:kCQ+va5KkmiuFUtpUkGKW/PUOQV5f5Kkm2J:T5a5KkSgrGKaSf5Kkr
                        MD5:166174C37FBDD4F50E73123EBFCF4AE6
                        SHA1:BC6C1337846E6072C919F86C14905E50C5748B2B
                        SHA-256:92F7428902A7E9FA177618EE7DF7E4E4401D9DA24892B3469E3A054CD0956708
                        SHA-512:A1B3995D519857A08E98418F45B145CBC836902D1A0C81B7DED95042D90EAF5B06E290EF65824634A47602B4F5104F410DDC1CE3F8430C12AC8831EB6F31EBFC
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.747 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/08/04-14:21:32.749 15ec Recovering log #3.2021/08/04-14:21:32.750 15ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):19
                        Entropy (8bit):1.9837406708828553
                        Encrypted:false
                        SSDEEP:3:5l:5l
                        MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                        SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                        SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                        SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                        Malicious:false
                        Reputation:low
                        Preview: ..&f...............
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):418
                        Entropy (8bit):5.274915893237621
                        Encrypted:false
                        SSDEEP:12:ktmpQ+va5KkMFUtpUt4SGKW/PUtyQV5f5KkTJ:b5a5KkUgXSGKISf5Kkl
                        MD5:799319CAB740FD2A7F93FD8A82EF525E
                        SHA1:205136F758A09A85EEF42BF5EEC33900B0F9F719
                        SHA-256:4231CFD50823994F4A2A9E13C73534AB07CDFE4D24635FFCB27853E28CC23055
                        SHA-512:7BE55AAA99398B67B43667499558958F4FE5BACCDA3C91A7B8A73A73B1FE1F99F885602518A0614A5213253B7DF6235782B186D2A039A51D5E786102E202F706
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:49.037 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/08/04-14:21:49.038 15ec Recovering log #3.2021/08/04-14:21:49.039 15ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):418
                        Entropy (8bit):5.274915893237621
                        Encrypted:false
                        SSDEEP:12:ktmpQ+va5KkMFUtpUt4SGKW/PUtyQV5f5KkTJ:b5a5KkUgXSGKISf5Kkl
                        MD5:799319CAB740FD2A7F93FD8A82EF525E
                        SHA1:205136F758A09A85EEF42BF5EEC33900B0F9F719
                        SHA-256:4231CFD50823994F4A2A9E13C73534AB07CDFE4D24635FFCB27853E28CC23055
                        SHA-512:7BE55AAA99398B67B43667499558958F4FE5BACCDA3C91A7B8A73A73B1FE1F99F885602518A0614A5213253B7DF6235782B186D2A039A51D5E786102E202F706
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:49.037 15ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/08/04-14:21:49.038 15ec Recovering log #3.2021/08/04-14:21:49.039 15ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:data
                        Category:dropped
                        Size (bytes):38
                        Entropy (8bit):1.9837406708828553
                        Encrypted:false
                        SSDEEP:3:sgGg:st
                        MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
                        SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
                        SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
                        SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
                        Malicious:false
                        Reputation:low
                        Preview: ..F..................F................
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):321
                        Entropy (8bit):5.20736984343725
                        Encrypted:false
                        SSDEEP:6:mZ2tjSVq2PWXp+N23iKKdKpIFUtpUE+gZmwPUE+IkwOWXp+N23iKKdKa/WLJ:kYOva5KkmFUtpUEz/PUEp5f5KkaUJ
                        MD5:9550FC1EC0DE45A9DC00E285F20D50CC
                        SHA1:8B79DE734B57520379EA83A42E94A14EF8B24E2F
                        SHA-256:A07E21DC18F3641607B1D8258B919BC73BB9A8B71060202979F92D35886C6D13
                        SHA-512:54AC99512EE8E3DE08E7FD28B8E497B9FA93F0CEEA8E065DB83ECBFC33A3FA30719E9D866F0387A53F255900F847451E5662BF5661FE76D47C4A6E98B9E99CE5
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.377 2d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/08/04-14:21:32.380 2d0 Recovering log #3.2021/08/04-14:21:32.380 2d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldTM (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):321
                        Entropy (8bit):5.20736984343725
                        Encrypted:false
                        SSDEEP:6:mZ2tjSVq2PWXp+N23iKKdKpIFUtpUE+gZmwPUE+IkwOWXp+N23iKKdKa/WLJ:kYOva5KkmFUtpUEz/PUEp5f5KkaUJ
                        MD5:9550FC1EC0DE45A9DC00E285F20D50CC
                        SHA1:8B79DE734B57520379EA83A42E94A14EF8B24E2F
                        SHA-256:A07E21DC18F3641607B1D8258B919BC73BB9A8B71060202979F92D35886C6D13
                        SHA-512:54AC99512EE8E3DE08E7FD28B8E497B9FA93F0CEEA8E065DB83ECBFC33A3FA30719E9D866F0387A53F255900F847451E5662BF5661FE76D47C4A6E98B9E99CE5
                        Malicious:false
                        Reputation:low
                        Preview: 2021/08/04-14:21:32.377 2d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/08/04-14:21:32.380 2d0 Recovering log #3.2021/08/04-14:21:32.380 2d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity.6 (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):1039
                        Entropy (8bit):5.567158686301229
                        Encrypted:false
                        SSDEEP:24:YI6H0UhVsTG1KUerkq/HeUeXby2qUeXvt77wUfRUenHQ:YI6UUhVseKUewqPeUer2Uef9wUJUenw
                        MD5:3F7C744A8B79517C5DA657689341F28B
                        SHA1:915E5BED4873AB50A8BB8757C2988AD272164797
                        SHA-256:6DED80F95997710F0EF5B944FC552CE8FD81C835E2C6CF90A79DC1EFBD737AC1
                        SHA-512:5D04ACA9E7E847228DC1B6FCE80175C7837AC8BCCFE8E40AA70D3E9DDBDD2DF277C8D0C520A1D1FA19BBEF79C2D65906E68EEBE36456DA6A9BBD5E6A8BC3FEE8
                        Malicious:false
                        Reputation:low
                        Preview: {"expect_ct":[],"sts":[{"expiry":1633014077.350499,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478077.350503},{"expiry":1633014077.22511,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478077.225114},{"expiry":1633014092.4175,"host":"0J7rAWV0ouCFYJ9XrkDiKnAO1SshXJmLJE1SS3V8kDM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478092.417504},{"expiry":1633014091.91938,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478091.919383},{"expiry":1659648096.105243,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1628112096.105248},{"expiry":1633014077.462534,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_obs
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ab999289-28ea-49d5-ac5d-735dc814f6e6.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):1039
                        Entropy (8bit):5.567158686301229
                        Encrypted:false
                        SSDEEP:24:YI6H0UhVsTG1KUerkq/HeUeXby2qUeXvt77wUfRUenHQ:YI6UUhVseKUewqPeUer2Uef9wUJUenw
                        MD5:3F7C744A8B79517C5DA657689341F28B
                        SHA1:915E5BED4873AB50A8BB8757C2988AD272164797
                        SHA-256:6DED80F95997710F0EF5B944FC552CE8FD81C835E2C6CF90A79DC1EFBD737AC1
                        SHA-512:5D04ACA9E7E847228DC1B6FCE80175C7837AC8BCCFE8E40AA70D3E9DDBDD2DF277C8D0C520A1D1FA19BBEF79C2D65906E68EEBE36456DA6A9BBD5E6A8BC3FEE8
                        Malicious:false
                        Reputation:low
                        Preview: {"expect_ct":[],"sts":[{"expiry":1633014077.350499,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478077.350503},{"expiry":1633014077.22511,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478077.225114},{"expiry":1633014092.4175,"host":"0J7rAWV0ouCFYJ9XrkDiKnAO1SshXJmLJE1SS3V8kDM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478092.417504},{"expiry":1633014091.91938,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478091.919383},{"expiry":1659648096.105243,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1628112096.105248},{"expiry":1633014077.462534,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_obs
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d8be9ab1-865e-4fe5-ba28-fd25dd8b7ebf.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):16745
                        Entropy (8bit):5.577508117839869
                        Encrypted:false
                        SSDEEP:384:y8otfLlPhXc1kXqKf/pUZNCgVLH2HfDqrU1YIA+4p:eLlNc1kXqKf/pUZNCgVLH2HfmrU10+C
                        MD5:BDA3EEA3DCBDDD04052367B945B82BBD
                        SHA1:E866E12257EEA1A97343EA4CF879190439695EAC
                        SHA-256:E3573AD35AE3E1E2C48384F0A6933BE979C9E8CCA66FADC277CD71A95709FBDB
                        SHA-512:A60E53323C8AAC4965B4DBC3C60016AAD3B74909A1F8EC5BFD32C4718CE35515D62B43E418844492E2AC703767383E167C200203394AC7D32E6F32648A966A1E
                        Malicious:false
                        Reputation:low
                        Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13272585692368891","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e1edc641-a0f7-4cb6-a888-5c50c47626b6.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:very short file (no magic)
                        Category:dropped
                        Size (bytes):1
                        Entropy (8bit):0.0
                        Encrypted:false
                        SSDEEP:3:L:L
                        MD5:5058F1AF8388633F609CADB75A75DC9D
                        SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                        SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                        SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                        Malicious:false
                        Reputation:low
                        Preview: .
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f3d10841-6587-4cd9-8daa-d7eb7c9beda7.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):4219
                        Entropy (8bit):4.871684703914691
                        Encrypted:false
                        SSDEEP:48:YXsJjMH+5s7YMHBKsvxMHVzspxMHbsIHt/soBDysKqnsllzMHpDCLsWJMHLsNuMg:RG+ZGJG+GTTD7IGpD+G7Gp2GnG4GVhH
                        MD5:EDC4A4E22003A711AEF67FAED28DB603
                        SHA1:977E551B9ED5F60D018C030B0B4AA2E33B954556
                        SHA-256:DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
                        SHA-512:84D3930579FD73C7D86144D5CDC636436955BA79759273C740D2D72BC4847F2F7F165BBCA3EB2E4DFB01777D6A5F141623278C1BF74615C5A491092CE3FD1602
                        Malicious:false
                        Reputation:low
                        Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248543677350473","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543677350474","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31344},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31656},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501454993","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501454994","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39369},"server":"https://www.googleapis.com","supports_spdy":true},
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with no line terminators
                        Category:dropped
                        Size (bytes):13
                        Entropy (8bit):2.8150724101159437
                        Encrypted:false
                        SSDEEP:3:Yx7:4
                        MD5:C422F72BA41F662A919ED0B70E5C3289
                        SHA1:AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
                        SHA-256:02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
                        SHA-512:86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
                        Malicious:false
                        Reputation:low
                        Preview: 85.0.4183.121
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateZ (copy)
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):165612
                        Entropy (8bit):6.048524321950563
                        Encrypted:false
                        SSDEEP:3072:ZQGaYTJQE+mugy9+QV1T7IRwdfLSNPUFcbXafIB0u1GOJmA3iuR9:ZRxaV+QfT7GSmhSaqfIlUOoSiuR9
                        MD5:4FA7593F6193118F2A2C3434E898C52E
                        SHA1:A4D4A4BA85EED1120CC54B63586FA0720BC18B06
                        SHA-256:5C1DCCE8EB1AAFDB47CFA703C9E01869BB238BBB4EFCF8F1D9996F9875C69BA4
                        SHA-512:E368A8DBDD57FB4B410AC6239137110FDF272EEB47BB35FBBB0B555EEA7CD59A8C94EB6F4E3A5FBCB40C117CBAB01626B794AD4B6D58FC591A4D88B602F94917
                        Malicious:false
                        Reputation:low
                        Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.628112095531828e+12,"network":1.628079697e+12,"ticks":5238822978.0,"uncertainty":4555779.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"dis
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\ba219636-7890-4016-bef1-b1838a7805c0.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):174336
                        Entropy (8bit):6.079387039211196
                        Encrypted:false
                        SSDEEP:3072:pAQGaYTJQE+mugy9+QV1T7IRwdfLSNPUFcbXafIB0u1GOJmA3iuR9:mRxaV+QfT7GSmhSaqfIlUOoSiuR9
                        MD5:2F720159B05588C8C9B19A31A7743787
                        SHA1:4319B2D76D7C075E4B0A3BC7686C0AA538CD3AF6
                        SHA-256:A5FD6F6488C7E23854B32B667551DEB64E46B8F5567F0546096B7E4ECA48BB07
                        SHA-512:D34C0FC0BCE58682F5E0CDE9F7E080C7E0064737F164A4FDCD23EE950B8C7F4E20C3077B131B4BE557B994901CF877AAFF26A23A6777BEA91AE26E876280D480
                        Malicious:false
                        Reputation:low
                        Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.628112095531828e+12,"network":1.628079697e+12,"ticks":5238822978.0,"uncertainty":4555779.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"dis
                        C:\Users\user\AppData\Local\Google\Chrome\User Data\d0bd041e-c31f-40ed-94e0-9f67156a18a8.tmp
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines, with no line terminators
                        Category:dropped
                        Size (bytes):174336
                        Entropy (8bit):6.079387039211196
                        Encrypted:false
                        SSDEEP:3072:pAQGaYTJQE+mugy9+QV1T7IRwdfLSNPUFcbXafIB0u1GOJmA3iuR9:mRxaV+QfT7GSmhSaqfIlUOoSiuR9
                        MD5:2F720159B05588C8C9B19A31A7743787
                        SHA1:4319B2D76D7C075E4B0A3BC7686C0AA538CD3AF6
                        SHA-256:A5FD6F6488C7E23854B32B667551DEB64E46B8F5567F0546096B7E4ECA48BB07
                        SHA-512:D34C0FC0BCE58682F5E0CDE9F7E080C7E0064737F164A4FDCD23EE950B8C7F4E20C3077B131B4BE557B994901CF877AAFF26A23A6777BEA91AE26E876280D480
                        Malicious:false
                        Reputation:low
                        Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.628112095531828e+12,"network":1.628079697e+12,"ticks":5238822978.0,"uncertainty":4555779.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"dis
                        C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:dropped
                        Size (bytes):5446
                        Entropy (8bit):4.637246249123247
                        Encrypted:false
                        SSDEEP:96:HpspN0nK5K6pukp66Tp3K3/ebIdSFJhkgM6u4Ur4JKzsHOb0jh7DSmZ+HpZtHZax:HpspN0nKs6pukp9pe/eUd6wgM6uRtYH5
                        MD5:2641035C27FB75064CD8C82865F6BFED
                        SHA1:C83E4D09C8B51569CC0219955507800694803402
                        SHA-256:ED89E14541010EE1D55FB23E7D5989A0ED391957353F81F2E488BC3911931915
                        SHA-512:4EF57B09C9059CF057632B8A6B9892C43D049D73C13AEB55E5CFDBC52B5D623F721EB4479A94E778AE0F52ACF05EED00B7F1A538892162DB892C4DC381F8D622
                        Malicious:false
                        Reputation:low
                        Preview: CLIENT_HANDSHAKE_TRAFFIC_SECRET 223389d51232e24aab42c018233be5b6d07ebeabbcfc717f3ced6465ec94c37d baa63feef888a43a8d0ca117b47722cb6d1a57d8cd87e3f3633007f5734266f8.SERVER_HANDSHAKE_TRAFFIC_SECRET 223389d51232e24aab42c018233be5b6d07ebeabbcfc717f3ced6465ec94c37d 6280ffe618ba6b14723c9de13a8eda274d10b289e8860688c96961116d90f824.CLIENT_HANDSHAKE_TRAFFIC_SECRET 03560400164c921caf23a7339a60a0814cde4e860788e82bcd30a496f897482b 3eb7b826452e1428d307bee3230a158aed230b7b4b4251b7c94646dd05978696.SERVER_HANDSHAKE_TRAFFIC_SECRET 03560400164c921caf23a7339a60a0814cde4e860788e82bcd30a496f897482b 3657b1c6b32f1c8f9b3c040de4ee57f30f9c74eaa668a26045e78f94e724680f.CLIENT_HANDSHAKE_TRAFFIC_SECRET 847a103cc0fc673c2183747cc26f75d4c8978154af56376d5d9e40d872f005a7 4d56e72a952ea8a9e86c4866f0ca591fe4294a6b4724a78b0c139288c03df3a0.SERVER_HANDSHAKE_TRAFFIC_SECRET 847a103cc0fc673c2183747cc26f75d4c8978154af56376d5d9e40d872f005a7 f38a7c5cc787c6a59aac78770196e109e2a8c107139dbcd9bef8da70b713429f.CLIENT_TRAFFIC_SECRET_0 2233

                        Static File Info

                        No static file info

                        Network Behavior

                        Download Network PCAP: filteredfull

                        Network Port Distribution

                        • Total Packets: 111
                        • 443 (HTTPS)
                        • 80 (HTTP)
                        • 53 (DNS)
                        TimestampSource PortDest PortSource IPDest IP
                        Aug 4, 2021 14:21:34.868649960 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:34.868993044 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:34.891930103 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:34.892076969 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:34.895370007 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:34.901076078 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:34.901231050 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:34.918147087 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:34.933995008 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:34.934039116 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:34.934195995 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:35.317174911 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.342108011 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.342222929 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.342556000 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.367396116 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.373629093 CEST4971880192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:35.374550104 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.374574900 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.374588013 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.374603987 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.374603987 CEST4971980192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:35.374624014 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.374638081 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.374686956 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.901488066 CEST4972080192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:35.911549091 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.911905050 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.912223101 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.938230038 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.938265085 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.938353062 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.940537930 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.943095922 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.949875116 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.949919939 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.949965000 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.950042963 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.950054884 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.950118065 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.966294050 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:35.970215082 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:35.987310886 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:35.987507105 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:35.987701893 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:35.987739086 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:35.991194963 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:36.008812904 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:36.009052038 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:36.009141922 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:36.030009985 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:36.030056000 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:36.030082941 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:36.030109882 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:36.030131102 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:36.030162096 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:36.046133995 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:36.046946049 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:21:36.068248034 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:21:37.951262951 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:37.980103016 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:37.981056929 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:37.981503963 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:38.010143042 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:38.017405033 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:38.017441034 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:38.017466068 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:38.017491102 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:38.017513037 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:38.017633915 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:38.020092010 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:38.049354076 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:38.151350975 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:38.375157118 CEST4971880192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:38.375193119 CEST4971980192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:38.903477907 CEST4972080192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:44.379308939 CEST4971880192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:44.379674911 CEST4971980192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:44.906501055 CEST4972080192.168.2.3120.52.95.243
                        Aug 4, 2021 14:21:48.098417997 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:48.126458883 CEST44349715142.250.74.206192.168.2.3
                        Aug 4, 2021 14:21:48.126552105 CEST49715443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:21:56.382982016 CEST4975180192.168.2.3120.52.95.242
                        Aug 4, 2021 14:21:56.384238005 CEST4975280192.168.2.3120.52.95.242
                        Aug 4, 2021 14:21:56.910767078 CEST4975380192.168.2.3120.52.95.242
                        Aug 4, 2021 14:21:59.382381916 CEST4975180192.168.2.3120.52.95.242
                        Aug 4, 2021 14:21:59.382812023 CEST4975280192.168.2.3120.52.95.242
                        Aug 4, 2021 14:21:59.910409927 CEST4975380192.168.2.3120.52.95.242
                        Aug 4, 2021 14:22:05.575869083 CEST4975180192.168.2.3120.52.95.242
                        Aug 4, 2021 14:22:05.575875044 CEST4975280192.168.2.3120.52.95.242
                        Aug 4, 2021 14:22:05.975868940 CEST4975380192.168.2.3120.52.95.242
                        Aug 4, 2021 14:22:17.654648066 CEST4975880192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:17.655172110 CEST4975980192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:18.054367065 CEST4976080192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:20.656060934 CEST4975880192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:20.656300068 CEST4975980192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:20.995117903 CEST49717443192.168.2.3142.250.74.206
                        Aug 4, 2021 14:22:21.020086050 CEST44349717142.250.74.206192.168.2.3
                        Aug 4, 2021 14:22:21.055083036 CEST4976080192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:21.073048115 CEST49716443192.168.2.3216.58.205.77
                        Aug 4, 2021 14:22:21.094266891 CEST44349716216.58.205.77192.168.2.3
                        Aug 4, 2021 14:22:26.657818079 CEST4975880192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:26.659274101 CEST4975980192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:27.055516005 CEST4976080192.168.2.3218.12.76.151
                        Aug 4, 2021 14:22:38.740860939 CEST4977480192.168.2.3218.12.76.150
                        Aug 4, 2021 14:22:38.741087914 CEST4977580192.168.2.3218.12.76.150
                        Aug 4, 2021 14:22:39.108968019 CEST4977680192.168.2.3218.12.76.150
                        Aug 4, 2021 14:22:41.740791082 CEST4977580192.168.2.3218.12.76.150
                        Aug 4, 2021 14:22:41.741103888 CEST4977480192.168.2.3218.12.76.150
                        Aug 4, 2021 14:22:42.108637094 CEST4977680192.168.2.3218.12.76.150
                        Aug 4, 2021 14:22:47.742110968 CEST4977580192.168.2.3218.12.76.150
                        Aug 4, 2021 14:22:47.742116928 CEST4977480192.168.2.3218.12.76.150
                        Aug 4, 2021 14:22:48.110150099 CEST4977680192.168.2.3218.12.76.150
                        TimestampSource PortDest PortSource IPDest IP
                        Aug 4, 2021 14:21:23.930932045 CEST53601528.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:25.070801973 CEST5754453192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:25.106492043 CEST53575448.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:26.121339083 CEST5598453192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:26.153889894 CEST53559848.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:26.751568079 CEST6418553192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:26.785020113 CEST53641858.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:27.460174084 CEST6511053192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:27.492541075 CEST53651108.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:28.630666018 CEST5836153192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:28.655565977 CEST53583618.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:29.723776102 CEST6349253192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:29.750083923 CEST53634928.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:30.754373074 CEST6083153192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:30.779220104 CEST53608318.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:31.538230896 CEST6010053192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:31.563226938 CEST53601008.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:33.047691107 CEST5319553192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:33.072575092 CEST53531958.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:34.788675070 CEST4956353192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:34.796348095 CEST5135253192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:34.798615932 CEST5934953192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:34.803085089 CEST5708453192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:34.823950052 CEST53495638.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:34.833729982 CEST53593498.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:34.846304893 CEST53570848.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:35.123209000 CEST53513528.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:36.099426985 CEST5756853192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:36.136244059 CEST53575688.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:36.486479998 CEST5054053192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:36.514086008 CEST53505408.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:36.919039011 CEST5436653192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:36.953463078 CEST53543668.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:37.681068897 CEST5303453192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:37.705682039 CEST53530348.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:42.423722029 CEST5613253192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:42.450113058 CEST53561328.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:44.724864960 CEST6063353192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:44.749757051 CEST53606338.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:45.503021955 CEST6361953192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:45.533337116 CEST53636198.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:54.024854898 CEST6493853192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:54.080369949 CEST53649388.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:55.538255930 CEST6194653192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:55.579423904 CEST53619468.8.8.8192.168.2.3
                        Aug 4, 2021 14:21:59.936754942 CEST6491053192.168.2.38.8.8.8
                        Aug 4, 2021 14:21:59.971410990 CEST53649108.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:17.352215052 CEST5212353192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:17.460115910 CEST53521238.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:18.072602034 CEST5613053192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:18.121032953 CEST5633853192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:18.149231911 CEST53561308.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:18.153656006 CEST53563388.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:18.684406996 CEST5942053192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:18.718867064 CEST53594208.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:18.967961073 CEST5878453192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:19.016591072 CEST53587848.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:19.332289934 CEST6397853192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:19.364523888 CEST53639788.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:19.830080986 CEST6293853192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:19.862910986 CEST53629388.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:20.382002115 CEST5570853192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:20.417552948 CEST53557088.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:20.954888105 CEST5680353192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:20.987301111 CEST53568038.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:22.259768009 CEST5714553192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:22.285762072 CEST53571458.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:23.146795034 CEST5535953192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:23.180385113 CEST53553598.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:23.551147938 CEST5830653192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:23.583997965 CEST53583068.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:32.980408907 CEST6412453192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:33.016442060 CEST53641248.8.8.8192.168.2.3
                        Aug 4, 2021 14:22:33.768980026 CEST4936153192.168.2.38.8.8.8
                        Aug 4, 2021 14:22:33.801428080 CEST53493618.8.8.8192.168.2.3

                        DNS Queries

                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                        Aug 4, 2021 14:21:34.788675070 CEST192.168.2.38.8.8.80x8765Standard query (0)accounts.google.comA (IP address)IN (0x0001)
                        Aug 4, 2021 14:21:34.796348095 CEST192.168.2.38.8.8.80x6d9Standard query (0)sdk.51.laA (IP address)IN (0x0001)
                        Aug 4, 2021 14:21:34.803085089 CEST192.168.2.38.8.8.80xc2eaStandard query (0)clients2.google.comA (IP address)IN (0x0001)

                        DNS Answers

                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                        Aug 4, 2021 14:21:34.823950052 CEST8.8.8.8192.168.2.30x8765No error (0)accounts.google.com216.58.205.77A (IP address)IN (0x0001)
                        Aug 4, 2021 14:21:34.846304893 CEST8.8.8.8192.168.2.30xc2eaNo error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)
                        Aug 4, 2021 14:21:34.846304893 CEST8.8.8.8192.168.2.30xc2eaNo error (0)clients.l.google.com142.250.74.206A (IP address)IN (0x0001)
                        Aug 4, 2021 14:21:35.123209000 CEST8.8.8.8192.168.2.30x6d9No error (0)sdk.51.lasdk.51.la.c.cdnhwc1.comCNAME (Canonical name)IN (0x0001)
                        Aug 4, 2021 14:21:35.123209000 CEST8.8.8.8192.168.2.30x6d9No error (0)sdk.51.la.c.cdnhwc1.comhcdnd101.gslb.c.cdnhwc2.comCNAME (Canonical name)IN (0x0001)
                        Aug 4, 2021 14:21:35.123209000 CEST8.8.8.8192.168.2.30x6d9No error (0)hcdnd101.gslb.c.cdnhwc2.com120.52.95.243A (IP address)IN (0x0001)
                        Aug 4, 2021 14:21:35.123209000 CEST8.8.8.8192.168.2.30x6d9No error (0)hcdnd101.gslb.c.cdnhwc2.com120.52.95.242A (IP address)IN (0x0001)
                        Aug 4, 2021 14:21:35.123209000 CEST8.8.8.8192.168.2.30x6d9No error (0)hcdnd101.gslb.c.cdnhwc2.com218.12.76.151A (IP address)IN (0x0001)
                        Aug 4, 2021 14:21:35.123209000 CEST8.8.8.8192.168.2.30x6d9No error (0)hcdnd101.gslb.c.cdnhwc2.com218.12.76.150A (IP address)IN (0x0001)

                        Code Manipulations

                        Statistics

                        CPU Usage

                        020406080s020406080100

                        Click to jump to process

                        Memory Usage

                        020406080s0.0020406080MB

                        Click to jump to process

                        High Level Behavior Distribution

                        • File
                        • Registry

                        Click to dive into process behavior distribution

                        Behavior

                        Click to jump to process

                        System Behavior

                        Analysis Process: chrome.exe PID: 4404 Parent PID: 620

                        Function Logs

                        General

                        Start time:14:21:31
                        Start date:04/08/2021
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://sdk.51.la/js-sdk-pro.min.js'
                        Imagebase:0x7ff77b960000
                        File size:2150896 bytes
                        MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Show Windows behavior

                        File Activities

                        Show Windows behavior

                        Section Activities

                        Show Windows behavior

                        Registry Activities

                        Show Windows behavior

                        COM Activities

                        Show Windows behavior

                        Mutex Activities

                        Show Windows behavior

                        Process Activities

                        Show Windows behavior

                        Thread Activities

                        Show Windows behavior

                        Memory Activities

                        Show Windows behavior

                        System Activities

                        Show Windows behavior

                        Timing Activities

                        Show Windows behavior

                        Windows UI Activities

                        Show Windows behavior

                        Object Security Activities

                        Show Windows behavior

                        LPC Port Activities

                        Analysis Process: chrome.exe PID: 4904 Parent PID: 4404

                        Function Logs

                        General

                        Start time:14:21:33
                        Start date:04/08/2021
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,14614802094828961617,3296713774243117047,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1804 /prefetch:8
                        Imagebase:0x7ff77b960000
                        File size:2150896 bytes
                        MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Show Windows behavior

                        File Activities

                        Show Windows behavior

                        Section Activities

                        Show Windows behavior

                        Registry Activities

                        Show Windows behavior

                        Mutex Activities

                        Show Windows behavior

                        Process Activities

                        Show Windows behavior

                        Thread Activities

                        Show Windows behavior

                        Memory Activities

                        Show Windows behavior

                        System Activities

                        Show Windows behavior

                        Windows UI Activities

                        Show Windows behavior

                        Object Security Activities

                        Show Windows behavior

                        LPC Port Activities

                        Disassembly