Create Interactive Tour

Windows Analysis Report https://my.visme.co/view/y4mrjzjj-rolling-components-ltd

Overview

General Information

Sample URL:	https://my.visme.co/view/y4mrjzjj-rolling-components-ltd
Analysis ID:	467704
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Antivirus detection for URL or domain

HTML body contains low number of good links

No HTML title found

Classification

Process Tree

System is w10x64

chrome.exe (PID: 6508 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://my.visme.co/view/y4mrjzjj-rolling-components-ltd' MD5: C139654B5C1438A95B321BB01AD63EF6)

chrome.exe (PID: 6740 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,1888589540985915792,11004349824563291009,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1760 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)

chrome.exe (PID: 7244 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1544,1888589540985915792,11004349824563291009,131072 --lang=en-GB --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=6932 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

• AV Detection
• Phishing
• Networking
• System Summary

Click to jump to signature section

Show All Signature Results

AV Detection:

Antivirus detection for URL or domain

Show sources

Source: https://documentspockfinancial.blob.core.windows.net/med6eb/office365.html

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Show sources

Source: Yara match

File source: 79598.3.pages.csv, type: HTML

Source: https://documentspockfinancial.blob.core.windows.net/med6eb/office365.html

HTTP Parser: Number of links: 0

Source: https://documentspockfinancial.blob.core.windows.net/med6eb/office365.html

HTTP Parser: HTML title missing

Source: https://documentspockfinancial.blob.core.windows.net/med6eb/office365.html

HTTP Parser: No <meta name="author".. found

Source: https://documentspockfinancial.blob.core.windows.net/med6eb/office365.html

HTTP Parser: No <meta name="copyright".. found

Source: 6b71c6b04690002a_0.1.dr	String found in binary or memory: 2Bhttps://www.facebook.com/.well-known/aggregated-event-measurement/ equals www.facebook.com (Facebook)
Source: Current Session.1.dr	String found in binary or memory: X(https://www.facebook.com/tr/ [id ev ] #0 equals www.facebook.com (Facebook)
Source: 6b71c6b04690002a_0.1.dr	String found in binary or memory: https://www.facebook.com/.well-known/aggregated-event-measurement/ equals www.facebook.com (Facebook)
Source: 6b71c6b04690002a_0.1.dr	String found in binary or memory: https://www.facebook.com/tr equals www.facebook.com (Facebook)
Source: Current Session.1.dr	String found in binary or memory: https://www.facebook.com/tr/ equals www.facebook.com (Facebook)

Source: 77EC63BDA74BD0D0E0426DC8F8008506.3.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: 5a15cdcdf5e4a1f1_0.1.dr	String found in binary or memory: http://schema.org
Source: Favicons.1.dr	String found in binary or memory: http://www.visme.co/?vc=Top-Bar-CTA
Source: History Provider Cache.1.dr	String found in binary or memory: http://www.visme.co/?vc=Top-Bar-CTA2
Source: History Provider Cache.1.dr	String found in binary or memory: http://www.visme.co/?vc=Top-Bar-CTA2:
Source: History.1.dr	String found in binary or memory: http://www.visme.co/?vc=Top-Bar-CTACreate
Source: Current Session.1.dr	String found in binary or memory: http://www.visme.co/?vc=Top-Bar-CTAx
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=%2BAxHG9HGpWFGxFixgGc1Gro18JobGPw1NyBCTxEBDNJpe1xzS2CZj%2Fl
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=042ZWZqTelj%2BZcTCfnXYGKEvQpY%2Bn5THNcAx5I0CdiOm8JDTrbx%2Bv
Source: Reporting and NEL.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=3uGYuhbgnDqgUPkLVOiC2VdC%2FiZt2cMoRrNGHWfgI3S8Q7NjWbDHMnxL%
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=8Dp9TQrHpEeF1J7kgq4Dpm6jm6a0YoLH9Tw2OJwTMEYY2c1nwDOMQByF7iJ
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=ClP5MB0hxnyMDqmCNSVcOWqg%2BbIXMIMgW0n1OhkNvaGbxdOL2urXUZZFH
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=K3gQI4%2FwzG3LsPjeU%2BPZnncLHer6jTO%2BcPn2M8vERw1u9XaFGcb2i
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=OdgmlbHpUPun%2BL93c7mBo2LeB%2FfKtuzZgJAeLyzkY2q%2BNqB2B13H8
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=QYorrWnhS6upMSJtcaBsX1Y7%2FAKy133nJJIJzoOKbMSei7FCfp0SwXC3O
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=dY1VT4sYm8xXyNAHOwGQ3cCh7%2BC8ph66ipNtX3m9AQO3kRgVU0n4fK9qv
Source: Reporting and NEL.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=iMwGRa5apY1g2DMYX5Lj3PhlpG4tuFWWL8btZPu47v59nqM36O1xYSATJCm
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=os1myc9d6puCf4fPCSZioaZFI1QdCwnkQ8NVVLUpLWaNHL1CaQTGNXe%2BT
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=roPN2Qsjw%2B%2B%2FKTXtJxbJK9eKQMJyO%2B8PCTT63HIsKX00nROSLGY
Source: 4f4a3d05c542d732_0.1.dr	String found in binary or memory: https://a.visme.co/a.js
Source: Current Session.1.dr	String found in binary or memory: https://a.visme.co/index.html
Source: manifest.json0.1.dr, b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://accounts.google.com
Source: Network Action Predictor-journal.1.dr	String found in binary or memory: https://ajax.googleapis.com/
Source: 496d9e45f8604516_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: b49c05c509033192_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.jsa
Source: b49c05c509033192_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.jsaD
Source: fbeef185f77778d5_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Source: f6dbe2b0af0cc202_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.jsa
Source: f6dbe2b0af0cc202_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.jsaD
Source: manifest.json0.1.dr, b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://apis.google.com
Source: 9a5a492f128722e8_0.1.dr	String found in binary or memory: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Source: 4eb0f0604fdb4b2d_0.1.dr	String found in binary or memory: https://cdn.firstpromoter.com/fpr.js
Source: 4eb0f0604fdb4b2d_0.1.dr	String found in binary or memory: https://cdn.firstpromoter.com/fpr.jsa
Source: 4eb0f0604fdb4b2d_0.1.dr	String found in binary or memory: https://cdn.firstpromoter.com/fpr.jsaD
Source: Network Action Predictor-journal.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/
Source: 7222a50007eb25d7_0.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/ScrollMagic.min.js
Source: 7222a50007eb25d7_0.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/ScrollMagic.min.jsaD
Source: a379b12a49028f81_0.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/plugins/debug.addIndicators.min.js
Source: a379b12a49028f81_0.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/plugins/debug.addIndicators.min.jsaD
Source: f31f33ae619631da_0.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: a84326ff637d7068_0.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Source: a84326ff637d7068_0.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.jsaD
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.1.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: c0c506559f4d2ade_0.1.dr	String found in binary or memory: https://cloudflareinsights.com/cdn-cgi/rum
Source: Network Action Predictor.1.dr	String found in binary or memory: https://code.jquery.com/
Source: 163c945c56f96c6c_0.1.dr	String found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
Source: 6b71c6b04690002a_0.1.dr	String found in binary or memory: https://connect.facebook.net/
Source: d4a01e854b42e407_0.1.dr, 6b71c6b04690002a_0.1.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: 6b71c6b04690002a_0.1.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.jsaD
Source: 6b71c6b04690002a_0.1.dr	String found in binary or memory: https://connect.facebook.net/log/fbevents_telemetry/
Source: 5a15cdcdf5e4a1f1_0.1.dr, 90fe993920a17793_0.1.dr	String found in binary or memory: https://connect.facebook.net/signals/config/734022223348259?v=2.9.44&r=stable
Source: 5a15cdcdf5e4a1f1_0.1.dr	String found in binary or memory: https://connect.facebook.net/signals/config/734022223348259?v=2.9.44&r=stableaD
Source: manifest.json0.1.dr	String found in binary or memory: https://content.googleapis.com
Source: Reporting and NEL-journal.3.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
Source: fbd400e3d3d24fc3_0.1.dr	String found in binary or memory: https://dashboard.visme.co/api/affiliate/partner
Source: 636288cf69f73793_0.1.dr	String found in binary or memory: https://dashboard.visme.co/api/auth.js?1629309302893
Source: fbd400e3d3d24fc3_0.1.dr	String found in binary or memory: https://dashboard.visme.co/api/auth/channel
Source: fbd400e3d3d24fc3_0.1.dr	String found in binary or memory: https://dashboard.visme.co/js/channel.js
Source: fbd400e3d3d24fc3_0.1.dr	String found in binary or memory: https://dashboard.visme.co/js/channel.jsa
Source: fbd400e3d3d24fc3_0.1.dr	String found in binary or memory: https://dashboard.visme.co/js/channel.jsaD
Source: 768ca039773876de_0.1.dr	String found in binary or memory: https://dashboard.visme.co/register-visme3.js
Source: 768ca039773876de_0.1.dr	String found in binary or memory: https://dashboard.visme.co/register-visme3.jsaD
Source: d217b36d75e6979c_0.1.dr	String found in binary or memory: https://dashboard.visme.co/v2/request-demo
Source: ab8f89e2-af65-4efa-a6e7-fd2d6b890530.tmp.3.dr, b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr, 7e94a541-1111-47e0-b4ba-76fc92a8fe6d.tmp.3.dr	String found in binary or memory: https://dns.google
Source: Network Action Predictor.1.dr	String found in binary or memory: https://documentspockfinancial.blob.core.windows.net/
Source: History.1.dr, Current Session.1.dr	String found in binary or memory: https://documentspockfinancial.blob.core.windows.net/med6eb/office365.html
Source: History.1.dr	String found in binary or memory: https://documentspockfinancial.blob.core.windows.net/med6eb/office365.htmlLogin
Source: History.1.dr	String found in binary or memory: https://documentspockfinancial.blob.core.windows.net/med6eb/office365.htmlLogin/(ok
Source: manifest.json0.1.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor-journal.1.dr	String found in binary or memory: https://fonts.googleapis.com/
Source: manifest.json0.1.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor-journal.1.dr	String found in binary or memory: https://fonts.gstatic.com/
Source: manifest.json0.1.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: 6cdda5703ec85cc3_0.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309310705&cv
Source: 93f88bfdbddae738_0.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309335572&cv
Source: d890b4e6eafa49c4_0.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309339630&cv
Source: ab06e7a083a72fae_0.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309343790&cv
Source: dbc8feedb595f1fd_0.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309350248&cv
Source: 7ce3b9db28f2de50_0.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309356553&cv
Source: e494ebaace04c0ea_0.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309365766&cv
Source: 045f46eb81408cac_0.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309368635&cv
Source: manifest.json0.1.dr	String found in binary or memory: https://hangouts.google.com/
Source: Network Action Predictor.1.dr	String found in binary or memory: https://ka-f.fontawesome.com/
Source: Network Action Predictor.1.dr	String found in binary or memory: https://kit.fontawesome.com/
Source: c9603f0f37418e30_0.1.dr	String found in binary or memory: https://kit.fontawesome.com/585b051251.js
Source: Network Action Predictor.1.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/
Source: a84f12098c73714f_0.1.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Source: 000003.log3.1.dr	String found in binary or memory: https://my.visme.co
Source: Favicons.1.dr	String found in binary or memory: https://my.visme.co/static/images/favicon.png
Source: Favicons-journal.1.dr	String found in binary or memory: https://my.visme.co/static/images/favicon.pngni;#
Source: b37cfd925151de17_0.1.dr	String found in binary or memory: https://my.visme.co/static/js/player.4.2.187.bundle.js
Source: History.1.dr	String found in binary or memory: https://my.visme.co/utils/goto/1472972343?url=https%3A%2F%2Fdocumentspockfinancial.blob.core.windows
Source: Current Session.1.dr	String found in binary or memory: https://my.visme.co/view/y4mrjzjj-rolling-components-ltd
Source: History Provider Cache.1.dr	String found in binary or memory: https://my.visme.co/view/y4mrjzjj-rolling-components-ltd2
Source: History.1.dr	String found in binary or memory: https://my.visme.co/view/y4mrjzjj-rolling-components-ltdRolling
Source: History-journal.1.dr	String found in binary or memory: https://my.visme.co/view/y4mrjzjj-rolling-components-ltdT
Source: Favicons-journal.1.dr	String found in binary or memory: https://my.visme.co/view/y4mrjzjj-rolling-components-ltdgB
Source: Favicons-journal.1.dr	String found in binary or memory: https://my.visme.co/view/y4mrjzjj-rolling-components-ltdni;#
Source: Current Session.1.dr	String found in binary or memory: https://my.visme.coh
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://ogs.google.com
Source: manifest.json.1.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://play.google.com
Source: 5dbb9ed6240a7934_0.1.dr	String found in binary or memory: https://prinzhorn.github.io/skrollr/dist/skrollr.min.js
Source: 5dbb9ed6240a7934_0.1.dr	String found in binary or memory: https://prinzhorn.github.io/skrollr/dist/skrollr.min.jsaD
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://r5---sn-h0jeln7l.gvt1.com
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://redirector.gvt1.com
Source: 8ae9cc7827d4bf2a_0.1.dr	String found in binary or memory: https://s7.addthis.com/js/300/addthis_widget.js
Source: 87e88ff7ccbbe6a8_0.1.dr	String found in binary or memory: https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Source: Current Session.1.dr	String found in binary or memory: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.5331640560564099&iit=162930930
Source: manifest.json.1.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: Network Action Predictor-journal.1.dr	String found in binary or memory: https://scrollmagic.io/
Source: 64100df6aa7908ac_0.1.dr, 322756f7d9ac04d6_0.1.dr	String found in binary or memory: https://scrollmagic.io/assets/js/lib/greensock/TweenMax.min.js
Source: 64100df6aa7908ac_0.1.dr	String found in binary or memory: https://scrollmagic.io/assets/js/lib/greensock/TweenMax.min.jsaD
Source: 43462a7ee86f274e_0.1.dr	String found in binary or memory: https://scrollmagic.io/scrollmagic/uncompressed/plugins/animation.gsap.js
Source: 43462a7ee86f274e_0.1.dr	String found in binary or memory: https://scrollmagic.io/scrollmagic/uncompressed/plugins/animation.gsap.jsaD
Source: 9a5a492f128722e8_0.1.dr	String found in binary or memory: https://services.google.com/sitestats/
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://ssl.gstatic.com
Source: Network Action Predictor-journal.1.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/
Source: 94507e6800935d69_0.1.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Source: 94507e6800935d69_0.1.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.jsaD
Source: 154492e5c538145e_0.1.dr	String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: c0c506559f4d2ade_0.1.dr	String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js
Source: c0c506559f4d2ade_0.1.dr	String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.jsaD
Source: messages.json83.1.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json83.1.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 4eb0f0604fdb4b2d_0.1.dr	String found in binary or memory: https://t.firstpromoter.com/get_details
Source: 4eb0f0604fdb4b2d_0.1.dr	String found in binary or memory: https://t.firstpromoter.com/tr
Source: 9a5a492f128722e8_0.1.dr, de9027b1817f4760_0.1.dr	String found in binary or memory: https://tagassistant.google.com/
Source: 93369d9bc9a3da44_0.1.dr	String found in binary or memory: https://v1.addthisedge.com/live/boost/ra-5411da2048bc494d/_ate.track.config_resp
Source: 18d095e3a3585d1b_0.1.dr	String found in binary or memory: https://visme.co/
Source: 6deebb808db06934_0.1.dr	String found in binary or memory: https://visme.co/(
Source: d217b36d75e6979c_0.1.dr	String found in binary or memory: https://visme.co//
Source: 045f46eb81408cac_0.1.dr	String found in binary or memory: https://visme.co/0
Source: 201f2ca2bbae2af6_0.1.dr	String found in binary or memory: https://visme.co/1)
Source: 106133a52859013b_0.1.dr	String found in binary or memory: https://visme.co/:
Source: 259cd42b7b987324_0.1.dr	String found in binary or memory: https://visme.co/;7hpo(/
Source: e494ebaace04c0ea_0.1.dr	String found in binary or memory: https://visme.co/?
Source: 9a5a492f128722e8_0.1.dr	String found in binary or memory: https://visme.co/A
Source: 201f2ca2bbae2af6_0.1.dr	String found in binary or memory: https://visme.co/G
Source: 6204a4e16982f9db_0.1.dr	String found in binary or memory: https://visme.co/M
Source: 18d095e3a3585d1b_0.1.dr	String found in binary or memory: https://visme.co/N
Source: 106133a52859013b_0.1.dr	String found in binary or memory: https://visme.co/O
Source: 18d095e3a3585d1b_0.1.dr	String found in binary or memory: https://visme.co/R
Source: 947fcc35c78613d8_0.1.dr	String found in binary or memory: https://visme.co/RJ
Source: 106133a52859013b_0.1.dr	String found in binary or memory: https://visme.co/S
Source: 4eb0f0604fdb4b2d_0.1.dr	String found in binary or memory: https://visme.co/X
Source: f2813b7942d10c39_0.1.dr	String found in binary or memory: https://visme.co/a
Source: 322756f7d9ac04d6_0.1.dr	String found in binary or memory: https://visme.co/c$#ko(/
Source: 87e88ff7ccbbe6a8_0.1.dr	String found in binary or memory: https://visme.co/h
Source: 6cdda5703ec85cc3_0.1.dr	String found in binary or memory: https://visme.co/p
Source: dbc8feedb595f1fd_0.1.dr	String found in binary or memory: https://visme.co/s
Source: 259cd42b7b987324_0.1.dr	String found in binary or memory: https://visme.co/t
Source: 93369d9bc9a3da44_0.1.dr	String found in binary or memory: https://visme.co/u$
Source: 154492e5c538145e_0.1.dr	String found in binary or memory: https://visme.co/v
Source: 5a15cdcdf5e4a1f1_0.1.dr	String found in binary or memory: https://wa.me/
Source: a84f12098c73714f_0.1.dr	String found in binary or memory: https://windows.net/
Source: 496d9e45f8604516_0.1.dr	String found in binary or memory: https://windows.net/:
Source: f31f33ae619631da_0.1.dr	String found in binary or memory: https://windows.net/=
Source: c9603f0f37418e30_0.1.dr	String found in binary or memory: https://windows.net/k
Source: 163c945c56f96c6c_0.1.dr	String found in binary or memory: https://windows.net/u
Source: de9027b1817f4760_0.1.dr, ca7fe54def9628fa_0.1.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: de9027b1817f4760_0.1.dr	String found in binary or memory: https://www.google-analytics.com/analytics.jsaD
Source: de9027b1817f4760_0.1.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: manifest.json0.1.dr, b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.1.dr	String found in binary or memory: https://www.google.com/
Source: manifest.json0.1.dr	String found in binary or memory: https://www.google.com;
Source: Network Action Predictor-journal.1.dr	String found in binary or memory: https://www.googleadservices.com/
Source: 9a5a492f128722e8_0.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/conversion.js
Source: 9a5a492f128722e8_0.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/conversion.jsaD
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 9a5a492f128722e8_0.1.dr	String found in binary or memory: https://www.googletagmanager.com/debug/bootstrap
Source: b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.1.dr	String found in binary or memory: https://www.gstatic.com;
Source: 6b71c6b04690002a_0.1.dr	String found in binary or memory: https://www.instagram.com/tr/
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co
Source: 000003.log0.1.dr	String found in binary or memory: https://www.visme.co/
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/?vc=Top-Bar-CTA
Source: History Provider Cache.1.dr	String found in binary or memory: https://www.visme.co/?vc=Top-Bar-CTA2
Source: History Provider Cache.1.dr	String found in binary or memory: https://www.visme.co/?vc=Top-Bar-CTA2:
Source: History.1.dr	String found in binary or memory: https://www.visme.co/?vc=Top-Bar-CTACreate
Source: History.1.dr	String found in binary or memory: https://www.visme.co/Create
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/create-printables/
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/create-printables/9Create
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/create-printables/:
Source: Favicons.1.dr, Current Session.1.dr	String found in binary or memory: https://www.visme.co/jobs/
Source: History.1.dr	String found in binary or memory: https://www.visme.co/jobs/Careers
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/make-infographics/
Source: History.1.dr	String found in binary or memory: https://www.visme.co/make-infographics/Free
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/presentation-software/
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/presentation-software/.Best
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/presentation-software/2
Source: History.1.dr	String found in binary or memory: https://www.visme.co/presentation-software/Best
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/professional-document-creator/
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/professional-document-creator/7Online
Source: History.1.dr	String found in binary or memory: https://www.visme.co/professional-document-creator/Online
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.co/video-maker/
Source: History.1.dr	String found in binary or memory: https://www.visme.co/video-maker/Free
Source: 6deebb808db06934_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.
Source: 731b8de554f7b803_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2
Source: 259cd42b7b987324_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=
Source: 18d095e3a3585d1b_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.2.1
Source: Favicons.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/img/favicon.png
Source: Favicons.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/img/favicon.png1
Source: 0a9d420e2f657699_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/blazy.js
Source: 0a9d420e2f657699_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/blazy.jsa
Source: 0a9d420e2f657699_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/blazy.jsaD
Source: d3c2b4b4519f0c48_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/bootstrap.youtubepopup.min.js
Source: d217b36d75e6979c_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/functions-live.js?ver=3.3999993
Source: d217b36d75e6979c_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/functions-live.js?ver=3.3999993aD
Source: 201f2ca2bbae2af6_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/functions-menu.js?ver=1.14999998
Source: 6204a4e16982f9db_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/functions-parallax-live.js?ver=1.123
Source: f2813b7942d10c39_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/masonry.pkgd.min.js
Source: b5a47af98ee28895_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/paroller-lib.js
Source: b5a47af98ee28895_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/paroller-lib.jsaD
Source: 947fcc35c78613d8_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/js/svg-animation-lib.js
Source: 106133a52859013b_0.1.dr	String found in binary or memory: https://www.visme.co/wp-content/themes/visme/slick/slick.min.js
Source: Current Session.1.dr	String found in binary or memory: https://www.visme.coh
Source: 74a20469eab3072d_0.1.dr	String found in binary or memory: https://z.moatads.com/addthismoatframe568911941483/moatframe.js

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\8fe9e971-d001-4dce-8fad-ef0edc8d293d.tmp

Jump to behavior

Source: classification engine

Classification label: mal56.phis.win@48/275@0/51

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://my.visme.co/view/y4mrjzjj-rolling-components-ltd'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,1888589540985915792,11004349824563291009,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1760 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1544,1888589540985915792,11004349824563291009,131072 --lang=en-GB --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=6932 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,1888589540985915792,11004349824563291009,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1760 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1544,1888589540985915792,11004349824563291009,131072 --lang=en-GB --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=6932 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-611D4971-196C.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Data Obfuscation	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Junk Data	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://my.visme.co/view/y4mrjzjj-rolling-components-ltd	0%	Virustotal		Browse
https://my.visme.co/view/y4mrjzjj-rolling-components-ltd	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://documentspockfinancial.blob.core.windows.net/med6eb/office365.html	100%	SlashNext	Fake Login Page type: Phishing & Social Engineering
https://prinzhorn.github.io/skrollr/dist/skrollr.min.js	0%	Avira URL Cloud	safe
https://www.visme.coh	0%	Avira URL Cloud	safe
https://v1.addthisedge.com/live/boost/ra-5411da2048bc494d/_ate.track.config_resp	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

No contacted domains info

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://my.visme.co/view/y4mrjzjj-rolling-components-ltd	false		high
https://www.visme.co/jobs/	false		high
https://www.visme.co/?vc=Top-Bar-CTA	false		high
https://www.visme.co/presentation-software/	false		high
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.5331640560564099&iit=1629309305633&tmr=load%3D1629309304794%26core%3D1629309304862%26main%3D1629309305622%26ifr%3D1629309305638&cb=0&cdn=0&md=0&kw=&ab=-&dh=my.visme.co&dr=&du=https%3A%2F%2Fmy.visme.co%2Fview%2Fy4mrjzjj-rolling-components-ltd&href=https%3A%2F%2Fmy.visme.co%2Fview%2Fy4mrjzjj-rolling-components-ltd&dt=Rolling%20Components%20Ltd&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=0&prod=undefined&lng=en&ogt=type%3Dwebsite%2Cimage%2Curl%2Ctitle%2Cdescription&pc=men&pub=ra-5411da2048bc494d&ssl=1&sid=611d4978734f758d&srf=0.01&ver=300&xck=0&xtr=0&og=description%3DRolling%2520Components%2520Ltd%2520-%2520%2520Visme%2520is%2520the%2520Swiss%2520Knife%2520for%2520creating%2520Awesome%2520Visual%2520Content%2520and%2520effective%2520story%2520telling.%26title%3DRolling%2520Components%2520Ltd%26url%3Dhttps%253A%252F%252Fmy.visme.co%252Fview%252Fy4mrjzjj-rolling-components-ltd%26image%3Dhttps%253A%252F%252Fscreenshots.visme.co%252F54%252F42%252F2d%252Fc5%252Fafac6da61c2a77a4249e5aee9147da13_f.jpg%253Fv%253D57%26type%3Dwebsite&csi=undefined&rev=v8.28.8-wp&ct=1&xld=1&xd=1	false		high
https://documentspockfinancial.blob.core.windows.net/med6eb/office365.html	false	SlashNext: Fake Login Page type: Phishing & Social Engineering	high
https://www.visme.co/professional-document-creator/	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309310705&cv	6cdda5703ec85cc3_0.1.dr	false		high
https://visme.co/	18d095e3a3585d1b_0.1.dr	false		high
https://dashboard.visme.co/api/affiliate/partner	fbd400e3d3d24fc3_0.1.dr	false		high
https://code.jquery.com/jquery-3.2.1.slim.min.js	163c945c56f96c6c_0.1.dr	false		high
https://www.visme.co/?vc=Top-Bar-CTA	Current Session.1.dr	false		high
https://visme.co/c$#ko(/	322756f7d9ac04d6_0.1.dr	false		high
https://my.visme.co/view/y4mrjzjj-rolling-components-ltd2	History Provider Cache.1.dr	false		high
https://www.visme.co/?vc=Top-Bar-CTACreate	History.1.dr	false		high
https://www.visme.co/presentation-software/.Best	Current Session.1.dr	false		high
https://dashboard.visme.co/api/auth/channel	fbd400e3d3d24fc3_0.1.dr	false		high
https://www.visme.co/wp-content/themes/visme/slick/slick.min.js	106133a52859013b_0.1.dr	false		high
https://www.visme.co/wp-content/themes/visme/js/svg-animation-lib.js	947fcc35c78613d8_0.1.dr	false		high
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.5331640560564099&iit=162930930	Current Session.1.dr	false		high
https://www.visme.co/professional-document-creator/Online	History.1.dr	false		high
https://prinzhorn.github.io/skrollr/dist/skrollr.min.js	5dbb9ed6240a7934_0.1.dr	false	Avira URL Cloud: safe	unknown
https://t.firstpromoter.com/get_details	4eb0f0604fdb4b2d_0.1.dr	false		high
http://www.visme.co/?vc=Top-Bar-CTA2	History Provider Cache.1.dr	false		high
https://www.visme.co/jobs/	Favicons.1.dr, Current Session.1.dr	false		high
https://www.visme.co/video-maker/	Current Session.1.dr	false		high
https://www.visme.co/create-printables/9Create	Current Session.1.dr	false		high
https://cdn.firstpromoter.com/fpr.jsaD	4eb0f0604fdb4b2d_0.1.dr	false		high
https://kit.fontawesome.com/585b051251.js	c9603f0f37418e30_0.1.dr	false		high
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	a84f12098c73714f_0.1.dr	false		high
https://stackpath.bootstrapcdn.com/	Network Action Predictor-journal.1.dr	false		high
https://a.nel.cloudflare.com/report/v3?s=8Dp9TQrHpEeF1J7kgq4Dpm6jm6a0YoLH9Tw2OJwTMEYY2c1nwDOMQByF7iJ	Reporting and NEL-journal.3.dr	false		high
https://www.visme.co/wp-content/themes/visme/js/functions-menu.js?ver=1.14999998	201f2ca2bbae2af6_0.1.dr	false		high
https://scrollmagic.io/scrollmagic/uncompressed/plugins/animation.gsap.js	43462a7ee86f274e_0.1.dr	false		high
http://www.visme.co/?vc=Top-Bar-CTA	Favicons.1.dr	false		high
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js	a84326ff637d7068_0.1.dr	false		high
https://scrollmagic.io/scrollmagic/uncompressed/plugins/animation.gsap.jsaD	43462a7ee86f274e_0.1.dr	false		high
https://scrollmagic.io/	Network Action Predictor-journal.1.dr	false		high
https://maxcdn.bootstrapcdn.com/	Network Action Predictor.1.dr	false		high
https://payments.google.com/payments/v4/js/integrator.js	manifest.json.1.dr	false		high
https://s7.addthis.com/js/300/addthis_widget.js	8ae9cc7827d4bf2a_0.1.dr	false		high
https://www.visme.co/make-infographics/	Current Session.1.dr	false		high
https://my.visme.co/view/y4mrjzjj-rolling-components-ltdRolling	History.1.dr	false		high
https://kit.fontawesome.com/	Network Action Predictor.1.dr	false		high
https://www.visme.co/wp-content/themes/visme/img/favicon.png1	Favicons.1.dr	false		high
https://connect.facebook.net/	6b71c6b04690002a_0.1.dr	false		high
https://a.nel.cloudflare.com/report/v3?s=%2BAxHG9HGpWFGxFixgGc1Gro18JobGPw1NyBCTxEBDNJpe1xzS2CZj%2Fl	Reporting and NEL-journal.3.dr	false		high
http://www.visme.co/?vc=Top-Bar-CTAx	Current Session.1.dr	false		high
https://my.visme.co/utils/goto/1472972343?url=https%3A%2F%2Fdocumentspockfinancial.blob.core.windows	History.1.dr	false		high
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309350248&cv	dbc8feedb595f1fd_0.1.dr	false		high
https://t.firstpromoter.com/tr	4eb0f0604fdb4b2d_0.1.dr	false		high
https://www.visme.co/wp-content/themes/visme/img/favicon.png	Favicons.1.dr	false		high
https://feedback.googleusercontent.com	manifest.json0.1.dr	false		high
https://www.visme.co/presentation-software/2	Current Session.1.dr	false		high
https://www.visme.co/wp-content/themes/visme/js/functions-live.js?ver=3.3999993	d217b36d75e6979c_0.1.dr	false		high
https://www.visme.co/wp-content/themes/visme/js/paroller-lib.js	b5a47af98ee28895_0.1.dr	false		high
https://visme.co/G	201f2ca2bbae2af6_0.1.dr	false		high
https://my.visme.co/view/y4mrjzjj-rolling-components-ltdni;#	Favicons-journal.1.dr	false		high
https://cdn.firstpromoter.com/fpr.jsa	4eb0f0604fdb4b2d_0.1.dr	false		high
https://visme.co/M	6204a4e16982f9db_0.1.dr	false		high
https://visme.co/?	e494ebaace04c0ea_0.1.dr	false		high
https://visme.co/A	9a5a492f128722e8_0.1.dr	false		high
https://play.google.com	b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	false		high
https://a.nel.cloudflare.com/report/v3?s=QYorrWnhS6upMSJtcaBsX1Y7%2FAKy133nJJIJzoOKbMSei7FCfp0SwXC3O	Reporting and NEL-journal.3.dr	false		high
https://www.visme.co/make-infographics/Free	History.1.dr	false		high
https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/ScrollMagic.min.jsaD	7222a50007eb25d7_0.1.dr	false		high
https://www.visme.co/presentation-software/	Current Session.1.dr	false		high
https://www.visme.coh	Current Session.1.dr	false	Avira URL Cloud: safe	unknown
https://visme.co/X	4eb0f0604fdb4b2d_0.1.dr	false		high
https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/plugins/debug.addIndicators.min.js	a379b12a49028f81_0.1.dr	false		high
https://dashboard.visme.co/api/auth.js?1629309302893	636288cf69f73793_0.1.dr	false		high
https://v1.addthisedge.com/live/boost/ra-5411da2048bc494d/_ate.track.config_resp	93369d9bc9a3da44_0.1.dr	false	Avira URL Cloud: safe	unknown
https://my.visme.co/static/images/favicon.png	Favicons.1.dr	false		high
https://visme.co/O	106133a52859013b_0.1.dr	false		high
https://visme.co/N	18d095e3a3585d1b_0.1.dr	false		high
https://visme.co/S	106133a52859013b_0.1.dr	false		high
https://visme.co/R	18d095e3a3585d1b_0.1.dr	false		high
https://a.nel.cloudflare.com/report/v3?s=K3gQI4%2FwzG3LsPjeU%2BPZnncLHer6jTO%2BcPn2M8vERw1u9XaFGcb2i	Reporting and NEL-journal.3.dr	false		high
https://windows.net/	a84f12098c73714f_0.1.dr	false		high
http://schema.org	5a15cdcdf5e4a1f1_0.1.dr	false		high
https://visme.co/(	6deebb808db06934_0.1.dr	false		high
https://dashboard.visme.co/v2/request-demo	d217b36d75e6979c_0.1.dr	false		high
https://windows.net/=	f31f33ae619631da_0.1.dr	false		high
https://my.visme.co	000003.log3.1.dr	false		high
https://www.visme.co/jobs/Careers	History.1.dr	false		high
https://apis.google.com	manifest.json0.1.dr, b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp.3.dr	false		high
https://visme.co/:	106133a52859013b_0.1.dr	false		high
https://visme.co//	d217b36d75e6979c_0.1.dr	false		high
https://windows.net/:	496d9e45f8604516_0.1.dr	false		high
https://visme.co/0	045f46eb81408cac_0.1.dr	false		high
https://my.visme.co/static/js/player.4.2.187.bundle.js	b37cfd925151de17_0.1.dr	false		high
https://www.visme.co/?vc=Top-Bar-CTA2	History Provider Cache.1.dr	false		high
https://connect.facebook.net/signals/config/734022223348259?v=2.9.44&r=stableaD	5a15cdcdf5e4a1f1_0.1.dr	false		high
https://windows.net/k	c9603f0f37418e30_0.1.dr	false		high
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309356553&cv	7ce3b9db28f2de50_0.1.dr	false		high
https://code.jquery.com/	Network Action Predictor.1.dr	false		high
https://a.nel.cloudflare.com/report/v3?s=ClP5MB0hxnyMDqmCNSVcOWqg%2BbIXMIMgW0n1OhkNvaGbxdOL2urXUZZFH	Reporting and NEL-journal.3.dr	false		high
https://dashboard.visme.co/register-visme3.js	768ca039773876de_0.1.dr	false		high
https://a.nel.cloudflare.com/report/v3?s=3uGYuhbgnDqgUPkLVOiC2VdC%2FiZt2cMoRrNGHWfgI3S8Q7NjWbDHMnxL%	Reporting and NEL.3.dr	false		high
https://www.visme.co/	000003.log0.1.dr	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.99	unknown	United States	15169	GOOGLEUS	false
142.250.186.67	unknown	United States	15169	GOOGLEUS	false
151.101.0.84	unknown	United States	54113	FASTLYUS	false
142.250.74.206	unknown	United States	15169	GOOGLEUS	false
23.211.4.163	unknown	United States	16625	AKAMAI-ASUS	false
157.240.17.35	unknown	United States	32934	FACEBOOKUS	false
8.8.8.8	unknown	United States	15169	GOOGLEUS	false
13.107.253.60	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
173.222.108.210	unknown	United States	20940	AKAMAI-ASN1EU	false
23.211.6.213	unknown	United States	16625	AKAMAI-ASUS	false
35.190.80.1	unknown	United States	15169	GOOGLEUS	false
104.16.18.94	unknown	United States	13335	CLOUDFLARENETUS	false
13.224.196.4	unknown	United States	16509	AMAZON-02US	false
142.250.185.112	unknown	United States	15169	GOOGLEUS	false
142.250.185.234	unknown	United States	15169	GOOGLEUS	false
185.199.109.153	unknown	Netherlands	54113	FASTLYUS	false
69.16.175.42	unknown	United States	20446	HIGHWINDS3US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.196	unknown	United States	15169	GOOGLEUS	false
172.217.18.109	unknown	United States	15169	GOOGLEUS	false
142.250.186.142	unknown	United States	15169	GOOGLEUS	false
216.58.212.161	unknown	United States	15169	GOOGLEUS	false
185.199.108.153	unknown	Netherlands	54113	FASTLYUS	false
216.58.212.163	unknown	United States	15169	GOOGLEUS	false
142.250.184.234	unknown	United States	15169	GOOGLEUS	false
104.16.94.65	unknown	United States	13335	CLOUDFLARENETUS	false
151.101.12.157	unknown	United States	54113	FASTLYUS	false
74.125.133.157	unknown	United States	15169	GOOGLEUS	false
142.250.186.170	unknown	United States	15169	GOOGLEUS	false
104.18.10.207	unknown	United States	13335	CLOUDFLARENETUS	false
142.250.186.174	unknown	United States	15169	GOOGLEUS	false
172.67.161.47	unknown	United States	13335	CLOUDFLARENETUS	false
157.240.17.15	unknown	United States	32934	FACEBOOKUS	false
104.26.15.44	unknown	United States	13335	CLOUDFLARENETUS	false
142.250.185.162	unknown	United States	15169	GOOGLEUS	false
69.16.175.10	unknown	United States	20446	HIGHWINDS3US	false
52.217.162.120	unknown	United States	16509	AMAZON-02US	false
142.250.74.194	unknown	United States	15169	GOOGLEUS	false
104.18.23.52	unknown	United States	13335	CLOUDFLARENETUS	false
74.125.160.199	unknown	United States	15169	GOOGLEUS	false
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
104.244.42.3	unknown	United States	13414	TWITTERUS	false
104.244.42.5	unknown	United States	13414	TWITTERUS	false
104.18.11.207	unknown	United States	13335	CLOUDFLARENETUS	false
20.150.71.132	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.217.16.131	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
192.168.2.4
192.168.2.3
127.0.0.1
192.168.2.22

General Information

Joe Sandbox Version:	33.0.0 White Diamond
Analysis ID:	467704
Start date:	18.08.2021
Start time:	19:53:58
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 5m 21s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://my.visme.co/view/y4mrjzjj-rolling-components-ltd
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.phis.win@48/275@0/51
Cookbook Comments:	Adjust boot time Enable AMSI Browse: http://www.visme.co/?vc=Top-Bar-CTA Browse: https://my.visme.co/utils/goto/1472972343?url=https%3A%2F%2Fdocumentspockfinancial.blob.core.windows.net%2Fmed6eb%2Foffice365.html Browse: https://www.visme.co/ Browse: https://www.visme.co/jobs/ Browse: https://www.visme.co/presentation-software/ Browse: https://www.visme.co/professional-document-creator/ Browse: https://www.visme.co/video-maker/ Browse: https://www.visme.co/make-infographics/ Browse: https://www.visme.co/create-printables/
Warnings:	Show All Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, RuntimeBroker.exe, backgroundTaskHost.exe, svchost.exe Not all processes where analyzed, report is missing behavior information Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtQueryVolumeInformationFile calls found. Report size getting too big, too many NtSetInformationFile calls found. Report size getting too big, too many NtWriteFile calls found. Report size getting too big, too many NtWriteVirtualMemory calls found.

Simulations

Behavior and APIs

Time	Type	Description
19:55:18	API Interceptor	1x Sleep call for process: chrome.exe modified

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Microsoft Cabinet archive data, 61020 bytes, 1 file
Category:	dropped
Size (bytes):	61020
Entropy (8bit):	7.994886945086499
Encrypted:	true
SSDEEP:	1536:IZ/FdeYPeFusuQszEfL0/NfXfdl5lNQbGxO4EBJE:0tdeYPiuWAVtlLBGm
MD5:	2902DE11E30DCC620B184E3BB0F0C1CB
SHA1:	5D11D14A2558801A2688DC2D6DFAD39AC294F222
SHA-256:	E6A7F1F8810E46A736E80EE5AC6187690F28F4D5D35D130D410E20084B2C1544
SHA-512:	EFD415CDE25B827AC2A7CA4D6486CE3A43CDCC1C31D3A94FD7944681AA3E83A4966625BF2E6770581C4B59D05E35FF9318D9ADADDADE9070F131076892AF2FA0
Malicious:	false
Reputation:	low
Preview:	MSCF....\.......,...................I........l.........R.q .authroot.stl.N....5..CK..8T....c_.d....A.K....=.D.eWI..r."Y...."i..,.=.l.D.....3...3WW.......y...9..w..D.yM10....`.0.e.._.'..a0xN....)F.C..t.z.,.O20.1``L.....m?H..C..X>Oc..q.....%.!^v%<...O...-..@/.......H.J.W...... T...Fp..2.\|$....._Y..Y`&..s.1........s.{..,.":o}9.......%._.xWS.K..4"9......q.G:.........a.H.y.. ..r...q./6.p.;.`=.Dwj......!......s).B..y.......A.!W.........D!s0..!"X...l.....D0...........Ba...Z.0.o..l.3.v..W1F hSp.S)@.....'Z..QW...G...G.G.y+.x...aa`.3..X&4E..N...._O..<X.......K...xm..+M...O.H...)............o..~4.6.......p.`Bt.(..V.N.!.p.C>..%.ySXY.>.`..f\|....'^K`\..e......j/..\|..)..&i...wEj.w...o..r<.$.....C.....}.x...L..&..).r..\...>....v........7...^..L!.$..'m...,.....7F$..~..S.6$S.-y....\|.!.....x...~k...Q/.w.e...h.[...9<x...Q.x.][}_%Z..K.).3..'....M.6QkJ.N........Y..Q.n.[.(.... ...Bg..33..[...S..[... .Z..<i.-.]...po.k.,...X6......y3^.t[.Dw.]ts. R..L..`..ut_F....

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	326
Entropy (8bit):	3.1392054451166236
Encrypted:	false
SSDEEP:	6:kKpB6doW+N+SkQlPlEGYRMY9z+4KlDA3RUeIlD1Ut:m5kPlE99SNxAhUe0et
MD5:	83872CE26515084DAB7EC82D517C00B0
SHA1:	340CAF359FAA5659662FEA589A1ACD4E3F14BBCF
SHA-256:	1E7F31F235368CB65CAE10E58FEF4343E9B5A1546E77BB51EE9E7247878FA4E4
SHA-512:	4DB1B214D104C09CD9DB4FE5EF712B320EE66FAFDD7DA8177782A1CC3214D151CAFCC10529DE90D8CBBCFD7B19EF25EE3E470235F961C402A74C0966253B50DA
Malicious:	false
Reputation:	low
Preview:	p...... ...........4Z...(....................................................... .........T'._......$...........\...h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.d.6.5.4.2.7.7.5.f.d.7.1.:.0."...

C:\Users\user\AppData\Local\Google\Chrome\User Data\1133306e-2c8c-4561-8a7b-470498d7801c.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	177059
Entropy (8bit):	6.07909768055534
Encrypted:	false
SSDEEP:	3072:tMMAGSqNyk0PJiB3cATYU6m3gzICIVrRHwYop3YFcbXafIB0u1GOJmA3iuRR:6MgqR0hKMwX6ab9Hup3GaqfIlUOoSiuj
MD5:	3101B3F5A66ECCC922C43D81F777A2C5
SHA1:	BF365176F8801C842EBE18666B08C1796575D66D
SHA-256:	A090156A648B4A24EA9992D9114A515D7A7491EA6BD68FD280ED568CEC6A45C0
SHA-512:	59F6B813AB32F16B5A78760F702C56299E7873F8F177FDE27D0847E73EBA08F7C2A2AF018B7516EB0F8B6487917DB52DF68C52643B87310ACF117AFDF0BBB039
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.629309301179767e+12,"network":1.629309302e+12,"ticks":5488802020.0,"uncertainty":4349713.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715966470"},"plugins":{"metadata":{"adobe-flash-player":{"

C:\Users\user\AppData\Local\Google\Chrome\User Data\23ba64c0-17a0-46da-b26a-6a708916aa04.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	168585
Entropy (8bit):	6.04941155716225
Encrypted:	false
SSDEEP:	3072:lAGSqNyk0PJiB3cATYU6m3gzICIVrRHwYop3YFcbXafIB0u1GOJmA3iuRR:lgqR0hKMwX6ab9Hup3GaqfIlUOoSiuRR
MD5:	2BA2E7C113607B18B18C07F5D5F784C0
SHA1:	DB66888E4AF0B6892468E5475CCE2DD97A64FAE9
SHA-256:	06CBA51F2CD422657CF880D0BBA449B3F04438EDBD3D5958B3CE9FE581D8F395
SHA-512:	D9CFB6EEE86EB35E7711CE35AA7E41E9E0913842565EA309E105CD6481B711A45B1B01E263D1C0D13A07FBA9C0D61D94335F1F71A70FAA22B2C9C7E15E62867A
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.629309301179767e+12,"network":1.629309302e+12,"ticks":5488802020.0,"uncertainty":4349713.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715966470"},"plugins":{"metadata":{"adobe-flash-player":{"

C:\Users\user\AppData\Local\Google\Chrome\User Data\55373ffb-0819-4259-b550-b2366f2a43d3.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	177059
Entropy (8bit):	6.0790949037741155
Encrypted:	false
SSDEEP:	3072:9uOAGSqNyk0PJiB3cATYU6m3gzICIVrRHwYop3YFcbXafIB0u1GOJmA3iuRR:wOgqR0hKMwX6ab9Hup3GaqfIlUOoSiuj
MD5:	6A1524162AA5EF0848B943D0742483E3
SHA1:	0250C986F84A867ADE0A9019A879FAC58563AED9
SHA-256:	BD8325DC552A6BAEB8C5E928DCFC2C47FD4D52E16691AC51ACC158DFFA61D604
SHA-512:	47C2B4ECE78B6065F1C5776F7AEA6697F35C593F818C4B5C4A58B3872908753A2222452FE14A02607181BC15E35A9FA4CEF06F6CE6ADE737AA4A67C613767821
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.629309301179767e+12,"network":1.629309302e+12,"ticks":5488802020.0,"uncertainty":4349713.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715401452"},"plugins":{"metadata":{"adobe-flash-player":{"

C:\Users\user\AppData\Local\Google\Chrome\User Data\66c26bef-862a-4ccf-90a9-2aeaab94d04b.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	92724
Entropy (8bit):	3.7507731925607715
Encrypted:	false
SSDEEP:	384:rTZaeA3xYYXeRNCrnv2O3NmclHQpGJArbIGYxVMcIvrH6mb4r4yieBOsACNP1Sr+:DiF5asJ98ez8G44vD26K8uWJh
MD5:	6A29CAA3A50F1B5D1954DB23CBEC7184
SHA1:	AC2E680CB77C6F7CA310C8F075FA1105CC4EE76B
SHA-256:	8F17C08D2F38AC1CF28BF2D88CA9C1A25A8F332A8BD00F77209A5419B2E66420
SHA-512:	C16EFF53C329D1D69075BB84A3013C9F913F3819E560A0A8F39F7F304EAB62270402C079A1242649D80D4586B83F7B7DB2581C64D46811B9E0D5D8BF434C776E
Malicious:	false
Reputation:	low
Preview:	0j.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....B8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\8d5a4e64-e216-4c10-98ac-e67a2699b061.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	177059
Entropy (8bit):	6.079095518195064
Encrypted:	false
SSDEEP:	3072:9mUAGSqNyk0PJiB3cATYU6m3gzICIVrRHwYop3YFcbXafIB0u1GOJmA3iuRR:YUgqR0hKMwX6ab9Hup3GaqfIlUOoSiuj
MD5:	2BAEB2AED1658B0638CE566FEDDCD776
SHA1:	B656BA80B98D28DB1FDEB89F170EFAE093B1C79C
SHA-256:	1903543E8B43B67528D512F38B95589782ED7815744CA23394B9CE0CA069F507
SHA-512:	05C5DCD5D5C2FC92F183F33FFC0638193973650E00F679FCFDF94A2F4A31E5D192494E39459B1322E3570AE620A625689A2F6B6B30BDFA966CD61BE03F007797
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.629309301179767e+12,"network":1.629309302e+12,"ticks":5488802020.0,"uncertainty":4349713.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715401452"},"plugins":{"metadata":{"adobe-flash-player":{"

C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	120
Entropy (8bit):	3.3041625260016576
Encrypted:	false
SSDEEP:	3:FkXwgs0oRL6twgs0oRL6twgs0oRLn:+taRL+taRL+taRLn
MD5:	E6C1693D9F0F6B6E878D098FBFD4C92A
SHA1:	D9D2708143B4A3BA5D14DFED59DCB6B88DF172D9
SHA-256:	E9DA6B8F6549D084D8740EB4C25755989B057EBF4F36B5E526F34DFFAB7500CF
SHA-512:	19B28BFE66708B294AB033C2F87D219E1C29D4F9363AC92E89B9406F6E2ACB13AD5DF73DD7E163D1ADEC0AF89C42DA112AE153EB23378EC29302F91192B7C5A9
Malicious:	false
Reputation:	low
Preview:	sdPC.....................UO..E.D.Q.o....sdPC.....................UO..E.D.Q.o....sdPC.....................UO..E.D.Q.o....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0ad1a0a9-e45b-4706-9b58-bdaa4d65dfa8.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	6052
Entropy (8bit):	5.178327473922027
Encrypted:	false
SSDEEP:	96:niFLzC9NitQroIKIg5k0JCKL8vkU11kr1UIbOTlVuHn:nULe9NSIWh4KWkUDkreI
MD5:	383099B3F371D4F69DA16381788B82F8
SHA1:	9ACC755A8D178EE66F596E45450B73A94BAF0262
SHA-256:	CDB3559CEE43F40360190084C629F68DA791A4B4AFBD502CF48D6F3C15C93180
SHA-512:	F5DDFA94B882093FACCFC89A4B41815E217A822864E6863B58FA3CFDABCB8FFF608D241270D3D2EE110B556F5763827A2CF8BFD2AFECC4DED307B8F180175818
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13273782898362966","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\16cc3029-8afb-44fd-a726-a9b7eafd104c.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2197576d-a95a-4794-b77f-a57ca511511d.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5807
Entropy (8bit):	5.163354248271513
Encrypted:	false
SSDEEP:	96:niFLXC9NitQroIKIJ5k0JCKL8vkU1lbOTlVuHn:nULy9NSIfh4KWkUB
MD5:	79678D80A5C1CBF7C2952ECC894C328B
SHA1:	D54765D4D0D8146A8E905381A35841A202815D1A
SHA-256:	C6C12614824F42600CA59D5B6F76840890749678BE9BAED04806CB53176E354E
SHA-512:	98AFA05C07D2B0F14D8EA50673F7DA15E28CE310C4C237C097EF28C341A281BEE1AD9BE019896C6269A98FCEBFA54E2DB76D745F1C2FC3A00C8BC4C3887E00AA
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13273782898362966","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\280696c5-66a8-4088-9ad5-e6ba35c06821.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5053
Entropy (8bit):	4.847047183793815
Encrypted:	false
SSDEEP:	96:JzMKDHGXOb0AgAI66oG6KKl6j+6h1EFNJatroUjacGFGeGdGl6NCo06MLwhM:JzMKDHGXOb0AgAI66oG6Ke6j+6hKFNJ7
MD5:	0ABCB9B43BF7A7632587C582D5C1124D
SHA1:	B9C1331B0AF2ECF6869CAEC26A0A6ECE70D10C5A
SHA-256:	03BD90BA82CF319F437BC714461E75BF0D6312BC4780E162E4EDCEF2EF7AE092
SHA-512:	B6BF06F91D6EA92CCBD92EB82333C610F36A0F14CD4F1440D5789D35C97570BE863BF429B947B5C7D5DFDC632B3AF355D47B401BFF897112A00881592F3DF7EA
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13276374901658576","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"isolation":[],"server":"https://z.moatads.com","supports_spdy":true},{"isolation":[],"server":"https://a.nel.cloudflare.com","supports_spdy":true},{"isolation":[],"server":"https://s7.addthis.com","supports_spdy":true},{"isolation":[],"server":"htt

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\514dede0-fba7-4115-80cf-3e26f9bb73c6.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3044
Entropy (8bit):	5.604100867391449
Encrypted:	false
SSDEEP:	48:YXcRUAAEVwURd1UAJeUAUc6UUhaeURASEUAoUA8vUAFuKURZqPeUekUen4UAgwUK:TRUA+URzUAJeUAqUURURAjUAoUA8vUAc
MD5:	EAA694F448345FE83774325AC2D2AA89
SHA1:	FCF288C48D0EE673E779376AE932B04DF5EECBCA
SHA-256:	4110B88E60F7CDCAC31B297E24A686D0969482D28EED84DBFFBA1AE9C95E5D2A
SHA-512:	13F3EE690115D2A3E835A936BE4F7E206795FFDCAA0C15FF1869797389693485072A0F4A798E0F8AA388C5CA83BF6A77D4E04C7A4D0236A7D430B896EC30850C
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089348.918877,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309348.918884},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1640195765.921566,"host":"LAZkYS46RVRcFiZAzmUJrz6TJHBd4nwE6VxPWfPLYHs=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309365.921573},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845318.547056,"host":"PmHKo9+NfFu9AjQSxw3MoTtfuXIu9G3fM8KGQt4xie4=","mode":"force-https","sts_include_subdomains":false,"sts_obs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\605ffad2-c9b7-4bcb-b83f-38a0cf037406.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2877
Entropy (8bit):	5.602812932815176
Encrypted:	false
SSDEEP:	48:YXcRUAAEVwURd1UAq6UUhaeURREUA+UA+vUAFuKURZqPeUekUen4UAgwUR6sYUAY:TRUA+URzUA/UURURGUA+UA+vUAkKURUJ
MD5:	5B6898A42B94FCC824DA17E469336FA2
SHA1:	29E64D1ED27396F28CB62F4562A2324EFDEB0847
SHA-256:	694365A8259B979C32CE191E475B0E2D14FE1A39D1E65725DB63BCCEA87BBBFA
SHA-512:	9E15EA5DD991EF1559C2EA9A58BB291720BE0B1C5589F5D73165EEFA30A01A2FB15BF1917B279BB2EA81BCE3AFD315D2FE56B00AFF334F0BF907E14CC32F5905
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089348.918877,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309348.918884},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845318.547056,"host":"PmHKo9+NfFu9AjQSxw3MoTtfuXIu9G3fM8KGQt4xie4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309318.547062},{"expiry":1660845315.579871,"host":"TZmujbl93Yt3JI8wZ4X/zjkA0WFNGNW44A+o7h4YyHw=","mode":"force-https","sts_include_subdomains":true,"sts_obs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\72868d70-819b-46ec-9495-593abe0e648c.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	22602
Entropy (8bit):	5.536699083748547
Encrypted:	false
SSDEEP:	384:bUKtKLlLvX11kXqKf/pUZNCgVLH2HfDhrUKHGYnZV9w/Lg4Y:kLlj11kXqKf/pUZNCgVLH2HfFrUaGYn9
MD5:	7EB2B4DDC5E9FC9D7ABBADB264200B91
SHA1:	9AF68A115A035A06606CB7B0A67AB9C39CFFA8DB
SHA-256:	983779D85698D046C5F90493D9D949677AB37F9AACD1614F84C9263214A8BE50
SHA-512:	AB14615A59501551BEBFF7C820B02DB6C468E8E42A3459DB157C368C1D39BD9B2C2A0BE0212FF2FF839B944510EABA54E94DC986077BEB6A3CA01B1E744293FA
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13273782897981753","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8a6e80ae-1a1c-4291-868d-4677e82d89f3.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2041
Entropy (8bit):	5.583931524843795
Encrypted:	false
SSDEEP:	48:YXcRUA9VwUR5kUAq6UUhgUA+vUAFtmKUR7AqPeUekUen4UAgwURsUeP:TRUAAUR+UA/UUuUA+vUA2KURLPeU3UkS
MD5:	08632E02DEE167534CD4CB5C14F61856
SHA1:	25F028E99FDEDFBD6F2BE099B0E5DFA9329A5C21
SHA-256:	4F5D7601689C1221E832874DB671FCA6ACD33B8C3536011E5A61F3AA53E60043
SHA-512:	F15638F5AC2DAA0FA2A0837A690757CE48430839395FD0F3DEE743E9E7FB521B2B76B153059C9704E6401897CB1804075B55B9A99B57822D371725416FFAC8C7
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089309.423631,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309309.423636},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845309.593692,"host":"cwmRhK2n8/9JLx+ZaK3dUYNlvHvwWVT/mRZVJ0bFLcQ=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.593696},{"expiry":1640195702.3869,"host":"fJjUrPqhktMfiTHJX3Q0pJi/P12Q72DBgzzJqjlNC4o=","mode":"force-https","sts_include_subdomains":true,"sts_observ

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8c70cf26-3c22-4dee-985f-9abbba4a0363.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2877
Entropy (8bit):	5.600909605801913
Encrypted:	false
SSDEEP:	48:YXcRUA9VwUR5kUAq6UUhaeURREUA+UA+vUAFuKURZqPeUekUen4UAgwURYsYUAeQ:TRUAAUR+UA/UURURGUA+UA+vUAkKURUo
MD5:	F5AFEA73AEFA54FF21DB4F8261284978
SHA1:	0264CBD878712012B6736D8DDB51DCE081F4A95D
SHA-256:	97E41C03839B6A3152630E19FFA9E045298BF854BA045AF91C321306DB81CAA5
SHA-512:	81F44410234D9A2C8A2D101E7A392B803CA43A2A85A0E12BFC660BE63BF7619E06568013B770D3358393A3A4C04F3D9D1FCDC22EEFA9B11ECFD330457636DA8D
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089309.423631,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309309.423636},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845318.547056,"host":"PmHKo9+NfFu9AjQSxw3MoTtfuXIu9G3fM8KGQt4xie4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309318.547062},{"expiry":1660845315.579871,"host":"TZmujbl93Yt3JI8wZ4X/zjkA0WFNGNW44A+o7h4YyHw=","mode":"force-https","sts_include_subdomains":true,"sts_obs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\96f2bda7-cfd4-4dce-a307-dac51d65c848.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	3043
Entropy (8bit):	5.602270512753649
Encrypted:	false
SSDEEP:	48:YXcRUAAEVwURd1UA5eUAu6UUhaeURGEUAXYUAhvUAFuKURZqPeUekUen4UAgwURn:TRUA+URzUA5eUAzUURURfUAIUAhvUAkc
MD5:	FFB2C8A5E15A9085C96E2EFF982BD11A
SHA1:	7F98A63E289C05DFE0478C02B17C1748AFDF0D45
SHA-256:	E842CE51FADE06E40A2DC2027782278377D5A9E12C6636826A280AAE134138F7
SHA-512:	EA327C78355FB6DCF8FB156C61823328D45A7292DA14454E32881BB601EB6D6FFA99FEEE12E6D21775CA7D381614C853064080BEDB76394761E543846B9CD2E1
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089348.918877,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309348.918884},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1640195795.960856,"host":"LAZkYS46RVRcFiZAzmUJrz6TJHBd4nwE6VxPWfPLYHs=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309395.960862},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845318.547056,"host":"PmHKo9+NfFu9AjQSxw3MoTtfuXIu9G3fM8KGQt4xie4=","mode":"force-https","sts_include_subdomains":false,"sts_obs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9d22892c-f0ca-4977-ad99-2114122fce1b.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3045
Entropy (8bit):	5.608003743689931
Encrypted:	false
SSDEEP:	48:YXcRUAAEVwURd1UAJeUAUc6UUhaeURASEUA7UAbbvUAFuKURZqPeUekUen4UAgwM:TRUA+URzUAJeUAqUURURAjUA7UAbbvUe
MD5:	AF5DF3F642A0DC2A88975805C8285164
SHA1:	2CCCFB70782FB9347A22DB9DFBC02663477DAD79
SHA-256:	B693AC84CEBA40B304F5BAE121CBCE34AEDF650F6F6CA9BAD8C2926D47ABE92E
SHA-512:	D0404E558C26749B84A9F400150A09A144D3CC86081A536413D8A601F861406E23DCE3EC74E9CE87209EEAD99FA87D642D35DC00C3E7DB1E0606C7E25B175449
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089348.918877,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309348.918884},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1640195765.921566,"host":"LAZkYS46RVRcFiZAzmUJrz6TJHBd4nwE6VxPWfPLYHs=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309365.921573},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845318.547056,"host":"PmHKo9+NfFu9AjQSxw3MoTtfuXIu9G3fM8KGQt4xie4=","mode":"force-https","sts_include_subdomains":false,"sts_obs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	334
Entropy (8bit):	5.235232062490981
Encrypted:	false
SSDEEP:	6:mmFVN+q2Pwkn23iKKdK9RXXTZIFUtprWZmwPuXFNVkwOwkn23iKKdK9RXX5LJ:FDN+vYf5Kk7XT2FUtpS/PyFNV5Jf5KkT
MD5:	D337B9A259C0D0A6F5E5A916DF487924
SHA1:	485C258ECDC5BDBAD679C60337413411EF92A99E
SHA-256:	EC8880E40019CD38FC97B6260A0991FB8DDA74959B46AE372249998E2EB0DA0A
SHA-512:	F09A9C77B3FFB1308A64EAD4A8064DABC6B379C9B84CFAC7E28612B53518C907DD7EF1E8B830E7D2B67DB6B4531F83BBAC8EADAA4B702271358B1748EF040A08
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.657 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/08/18-19:55:16.658 180c Recovering log #3.2021/08/18-19:55:16.665 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	334
Entropy (8bit):	5.235232062490981
Encrypted:	false
SSDEEP:	6:mmFVN+q2Pwkn23iKKdK9RXXTZIFUtprWZmwPuXFNVkwOwkn23iKKdK9RXX5LJ:FDN+vYf5Kk7XT2FUtpS/PyFNV5Jf5KkT
MD5:	D337B9A259C0D0A6F5E5A916DF487924
SHA1:	485C258ECDC5BDBAD679C60337413411EF92A99E
SHA-256:	EC8880E40019CD38FC97B6260A0991FB8DDA74959B46AE372249998E2EB0DA0A
SHA-512:	F09A9C77B3FFB1308A64EAD4A8064DABC6B379C9B84CFAC7E28612B53518C907DD7EF1E8B830E7D2B67DB6B4531F83BBAC8EADAA4B702271358B1748EF040A08
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.657 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/08/18-19:55:16.658 180c Recovering log #3.2021/08/18-19:55:16.665 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	318
Entropy (8bit):	5.2278989483233
Encrypted:	false
SSDEEP:	6:mB+q2Pwkn23iKKdKyDZIFUtpTFwWZmwPwNVkwOwkn23iKKdKyJLJ:A+vYf5Kk02FUtpJn/PcV5Jf5KkWJ
MD5:	43F2BC58BE019C707F519BE3E0487FC7
SHA1:	154B328743AE645FA47289B5410B8F215517D660
SHA-256:	8EC4AB0BEC8B5C2052396E023A33B90E18A6BAB007E728979CB5D9DC8C84733C
SHA-512:	4E7FDE8539E6139D7E3CD57E7DD25A6A02E21F5AC1EB47446DE833C71716104129C030D49ABD12B3D234BDAA2084C848F4AFC5451FE2451E475A902CE56E71C8
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.649 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/08/18-19:55:16.651 180c Recovering log #3.2021/08/18-19:55:16.652 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.olddi (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	318
Entropy (8bit):	5.2278989483233
Encrypted:	false
SSDEEP:	6:mB+q2Pwkn23iKKdKyDZIFUtpTFwWZmwPwNVkwOwkn23iKKdKyJLJ:A+vYf5Kk02FUtpJn/PcV5Jf5KkWJ
MD5:	43F2BC58BE019C707F519BE3E0487FC7
SHA1:	154B328743AE645FA47289B5410B8F215517D660
SHA-256:	8EC4AB0BEC8B5C2052396E023A33B90E18A6BAB007E728979CB5D9DC8C84733C
SHA-512:	4E7FDE8539E6139D7E3CD57E7DD25A6A02E21F5AC1EB47446DE833C71716104129C030D49ABD12B3D234BDAA2084C848F4AFC5451FE2451E475A902CE56E71C8
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.649 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/08/18-19:55:16.651 180c Recovering log #3.2021/08/18-19:55:16.652 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\045f46eb81408cac_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	623
Entropy (8bit):	5.833209497891281
Encrypted:	false
SSDEEP:	12:oeE32pLSrdhPux2pcFyyQL13CMluU9yziv0TL7HiXms9AOfJzzsYyfzS:oeEmpLSrdhPuycFyyQL1SKtyziMf9OB5
MD5:	3ED3971ABA19E95DAC87658B0F8F8095
SHA1:	88B34F468EDC67817E7FF37A61AF80D6FA12A98E
SHA-256:	3674D93C6B4BAF280E930C9E4620830369654224F7251329BC3A8A75D3110B12
SHA-512:	55BC1E7BF1F4165EC3FF5F94DD82779C4014233D98092E6C3167ABB3A0344CA60A4FDB95738B592473B53192366B6948949119AE088F107A67685593AC3EE44C
Malicious:	false
Reputation:	low
Preview:	0\r..m...........HJX...._keyhttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309368635&cv=9&fst=1629309368635&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.visme.co%2Fcreate-printables%2F&tiba=Create%20Printables%20-%20Posters%2C%20Flyers%2C%20Menus%20%26%20More%20%7C%20Visme&hn=www.googleadservices.com&rfmt=3&fmt=4 .https://visme.co/0.tpo(/..........................d.5."."s....R.7...S.........A..Eo........\|..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0a9d420e2f657699_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	3215
Entropy (8bit):	5.526775771512484
Encrypted:	false
SSDEEP:	48:4N0REWAmbOrqNgNqhBg58hLySLXJBpKYZH5pxapflk/MvJW5gCDci+cGoBfDicq5:fRHfBQ6LyS9TREIfjVDiEg
MD5:	556B9FC0DEFA74778E6E2C84ADE6A77D
SHA1:	041292273C66FDE1208C171AF63C13FB95F59F98
SHA-256:	2B8EE42B2427C6078770292053869ED25F179D6ECEA0AA58FEEF0F33F24DFE90
SHA-512:	9A03384F39D9E963E676ECE33DC737FE0CE9109EA400D12FBD381AD9B3D1E382D7BE9DAA57037FBED1026526B323FB7C6849872F6A7B330F052294588E38BA36
Malicious:	false
Reputation:	low
Preview:	0\r..m......O..........._keyhttps://www.visme.co/wp-content/themes/visme/js/blazy.js .https://visme.co/..ko(/....................g.....E.....l.Ra....o....s.A..Eo...................A..Eo....................ko(/.x.................'.......O....8....;..............................(S.<..`2.....L`.....(S.`.`v.....L`......Q.@...a....define....Qbnv......amd...Q.@J.e.....exports...Q.@.f.$....module....Q.@nDJ.....Blazy.....K`....Dr.................s......&.(........&.]........s......&.\..-.....\..-.........(Rc................I`....Da............e..........P...`...@......@.-....DP.......8...https://www.visme.co/wp-content/themes/visme/js/blazy.jsa........D`....D`4...D`.........`R...&...&....&.(S...`.....hL`0.....Rcx...........4.....Qc.D......_source...Qd>W......_viewport.....Qd.F......_isRetina.....Qe.3.'...._supportClosest...Qc........_attrSrc..Qd........_attrSrcset...Qdb.......initialize....Qc..+4....validate..Qe.P......elementInView.....Qc........inView....Qd.8.....loadElement...Qd

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\106133a52859013b_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1744
Entropy (8bit):	5.380090981679856
Encrypted:	false
SSDEEP:	48:uNdRbSkNdDpkNdlkNdYkNdgmkNdtkNdfgkNdC:Qk
MD5:	4A11A1BAE02B2F2E7F454BA5A98519AD
SHA1:	EFAA17F6F6AFA8CEEF779DEFC0437BEDB9695484
SHA-256:	45C866CABED2EAC037534CFE2BD7BEAEF8A5D0E078482A268B6AB2020430493F
SHA-512:	858FD8013884BB9B7136A603CE6F3E22D947272C6B9FB869175E6FE2314230BB846966407D3C7A8BFF5F8A8254C59ACB619003CC24EDC6E4725FA15E5F2F25B1
Malicious:	false
Reputation:	low
Preview:	0\r..m......V....d$....._keyhttps://www.visme.co/wp-content/themes/visme/slick/slick.min.js .https://visme.co/O..ko(/..................../I.~.~:...p.pV......!.n..<.Zy..A..Eo......@.8..........A..Eo..................0\r..m......V....d$....._keyhttps://www.visme.co/wp-content/themes/visme/slick/slick.min.js .https://visme.co/..ono(/..............Y....../I.~.~:...p.pV......!.n..<.Zy..A..Eo..................A..Eo..................0\r..m......V....d$....._keyhttps://www.visme.co/wp-content/themes/visme/slick/slick.min.js .https://visme.co/...no(/..............i....../I.~.~:...p.pV......!.n..<.Zy..A..Eo..................A..Eo..................0\r..m......V....d$....._keyhttps://www.visme.co/wp-content/themes/visme/slick/slick.min.js .https://visme.co/.j.no(/.............fz....../I.~.~:...p.pV......!.n..<.Zy..A..Eo.......Xg..........A..Eo..................0\r..m......V....d$....._keyhttps://www.visme.co/wp-content/themes/visme/slick/slick.min.js .https://visme.co/S,Joo(/...........

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\154492e5c538145e_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1536
Entropy (8bit):	5.399153795940374
Encrypted:	false
SSDEEP:	24:jp13nlp1zlp13lp1bwglp1qQlp1Elp1cgvlp1vg:jXXlXzlX3lXvlXqQlXElXcgvlXvg
MD5:	AFD6A7ABAFC3F79D20F4E89D73E4FF56
SHA1:	460EF1BBD46EFA95CC8855878F3F1CD10D513990
SHA-256:	3E068B5DEE31D38E49F9286B3839859D7120297D643754428C7D63B832D11369
SHA-512:	0752DAEB0C007BA72CBE6B9885AE55A4B279D458F1BC36E7C05423F8923F3A93FFB37D326B212B7994DEFF74A537D7D9EC0F71C7AF70B2D2B41B1BBC0D8B7210
Malicious:	false
Reputation:	low
Preview:	0\r..m......<...J.S....._keyhttps://static.ads-twitter.com/uwt.js .https://visme.co/.<ko(/.....................p..gI~.&.....V..BE.......7.o..A..Eo...................A..Eo..................0\r..m......<...J.S....._keyhttps://static.ads-twitter.com/uwt.js .https://visme.co/v.{no(/..............[.......p..gI~.&.....V..BE.......7.o..A..Eo...................A..Eo..................0\r..m......<...J.S....._keyhttps://static.ads-twitter.com/uwt.js .https://visme.co/...no(/.............^k.......p..gI~.&.....V..BE.......7.o..A..Eo.......w;..........A..Eo..................0\r..m......<...J.S....._keyhttps://static.ads-twitter.com/uwt.js .https://visme.co/...no(/.............0~.......p..gI~.&.....V..BE.......7.o..A..Eo.........l.........A..Eo..................0\r..m......<...J.S....._keyhttps://static.ads-twitter.com/uwt.js .https://visme.co/`.[oo(/.....................p..gI~.&.....V..BE.......7.o..A..Eo......c./r.........A..Eo..................0\r..m......<...J.S....._keyhttps://stat

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\163c945c56f96c6c_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	206
Entropy (8bit):	5.382811338856955
Encrypted:	false
SSDEEP:	3:m+lOL7lllLA8RzYP2FycyGYWCULLuFvDWu3NKHtlHC3geaWrCN6+TkA/P5m0mNtP:mDLYerCUMoyhtCI+T9P4fPbK6t
MD5:	2E9DC446FB0E3C8167B90430C12E31A7
SHA1:	EDED1746BBA7F8803F7C3279B7FC423E7F6AD254
SHA-256:	D6A825FAD75E2E942A72677E18BC6417B7314D1747CB9E4EC56ED0C808ECCCF9
SHA-512:	8A4CE1263F561DBBAA20EEE8F5ACE61A9CF4E25ECA391E818BFF3754F9785A079B72ADD9FE2CC6FEDD8B94A242C1ED8C1EB90416C8ACD4D7E6CD01E3E6FD67C5
Malicious:	false
Reputation:	low
Preview:	0\r..m......J...g.Q....._keyhttps://code.jquery.com/jquery-3.2.1.slim.min.js .https://windows.net/u'.mo(/.............l.......q...t..'...&<....5..AmqK..'T...A..Eo......A............A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\18d095e3a3585d1b_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1215
Entropy (8bit):	5.54261723646641
Encrypted:	false
SSDEEP:	24:UykHiuH8XCykHiRBH8hCykHittBH8HCykHiHBH8WrNCykHi1BH8U:1hF7hY7hI7h7x7ht
MD5:	516CC09B1CC3F404B11718E9C513A3BB
SHA1:	ACDA5E24EC4B666A0A8191BA59BDC780A0927DA7
SHA-256:	A68C1A837B1D97DF364518EF7436F791B9F0F2A906F97FCA29CACACBBEDBD9DC
SHA-512:	2D2333E38D8ECF3AF4FDA5B1503FE253B547F18D1C1E0C68EB12629094B58865B60A7EB2DBAE0D67E6F2D63DEA7BF12F5D6CA94653D2BB8FDB8D8882C7393203
Malicious:	false
Reputation:	low
Preview:	0\r..m......o..."......._keyhttps://www.visme.co/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.2.1 .https://visme.co/\|.!ko(/......................d.4.:.N...W!Xf.._.....h%.!.K...A..Eo.......&.O.........A..Eo..................0\r..m......o..."......._keyhttps://www.visme.co/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.2.1 .https://visme.co/@.ono(/..............[.......d.4.:.N...W!Xf.._.....h%.!.K...A..Eo......5)..........A..Eo..................0\r..m......o..."......._keyhttps://www.visme.co/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.2.1 .https://visme.co/R..no(/..............j.......d.4.:.N...W!Xf.._.....h%.!.K...A..Eo.......%.e.........A..Eo..................0\r..m......o..."......._keyhttps://www.visme.co/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.2.1 .https://visme.co/N.Joo(/.............Y........d.4.:.N...W!Xf.._.....h%.!.K...A..Eo........!c.........A..Eo..................0\r..m......o..."......._key

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\201f2ca2bbae2af6_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1880
Entropy (8bit):	5.507216623811527
Encrypted:	false
SSDEEP:	48:/NUMHB1NUMHY21NUMHTT1NUMH/FU1NUMHU1NUMH61NUMHdr1NUMHvT:6MWM+MYMzMFMPM98MP
MD5:	6AA9140E0F142EAA998320F3097B033C
SHA1:	B3465A04174F6A27467C1C0D1A9BE3BE3D0C5F28
SHA-256:	BCE223C817FC080BB011412C6CE04CE6D567D149F2A6D4C08A8C5CE27C5E8BFA
SHA-512:	2F0F127C3A9D45ADB7FD022B2DAFAB5A51AF7B7D0DDE07A53FD356BFA9E2292940415AEFD881E60D2F3FD13EFF97599AAC788D1BFBCC9371877011537578A205
Malicious:	false
Reputation:	low
Preview:	0\r..m......g.....3p...._keyhttps://www.visme.co/wp-content/themes/visme/js/functions-menu.js?ver=1.14999998 .https://visme.co/.4'ko(/........................0\}.?3.@..3..:.$z...\|.us3.m..A..Eo........s.........A..Eo..................0\r..m......g.....3p...._keyhttps://www.visme.co/wp-content/themes/visme/js/functions-menu.js?ver=1.14999998 .https://visme.co/..qno(/.............4[.........0\}.?3.@..3..:.$z...\|.us3.m..A..Eo......G.l`.........A..Eo..................0\r..m......g.....3p...._keyhttps://www.visme.co/wp-content/themes/visme/js/functions-menu.js?ver=1.14999998 .https://visme.co/1).no(/..............j.........0\}.?3.@..3..:.$z...\|.us3.m..A..Eo...................A..Eo..................0\r..m......g.....3p...._keyhttps://www.visme.co/wp-content/themes/visme/js/functions-menu.js?ver=1.14999998 .https://visme.co/...no(/.............t}.........0\}.?3.@..3..:.$z...\|.us3.m..A..Eo......q............A..Eo..................0\r..m......g.....3p...._keyhttps://www.visme.co/wp-content/

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\259cd42b7b987324_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	70092
Entropy (8bit):	5.706810797942289
Encrypted:	false
SSDEEP:	1536:NLuPGMI2JPgpnA1FZXG6Oi+BrFVjtqKgMuO2JOqmp:1iF5g2DF3uDYK3aJLq
MD5:	DACC98BC6722F30AC2EFAF7977198049
SHA1:	3423E1CEDCE651BC079223D5C850026FB884F58E
SHA-256:	8F168A18CED3C47A4C237ABCBC3850386CC8196BDC728BCFADE5450313869371
SHA-512:	B9772FBEE1666791A98736CEBEAAAC39085E32B352BFCE7589572BB2E964F0DC2C7BA2CC68894F78F9FF92B1EE6F38AB3D7813D8E0D1CC4ED501A61AAE0CE3BA
Malicious:	false
Reputation:	low
Preview:	0\r..m..........m..I...._keyhttps://www.visme.co/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4 .https://visme.co/..&ko(/........................e~Z.<..2.u-'......2l.OL'%~...A..Eo......\KWE.........A..Eo................................'.U&....O....P%..~..$....................`................(S.X..`f.....L`.....(S.d.`..... L`.....(S....`......L`\....).Rc............@.....Qb2I.....f.....Qb.`.,....D.....R....Qb"#.....k.....Qb........H.....Qb........O......S...Qb........P.........Qb"~d;....q.....QbN"m.....I.....Qb..p....U.....Qb.iQ.....o.....Qb.p......j.....Qb...s....r......M...Qb.*......G.....Qb...T....J.....Qb.O.$....K.....Qb...D....Q.....Qb.z.9....V.....Qbf..<....X.....Qb..R.....Y.....Qb>.......Z.....Qb6.lE....s.....QbRO_.....ee....QbbA......te....Qb:u......ae....Qb".......ie....Qb&.._....e.....QbF.......re....Qb...\|....t....$.......$...............................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\322756f7d9ac04d6_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	349
Entropy (8bit):	5.8852929647658305
Encrypted:	false
SSDEEP:	6:m2yEY7McM1Qy5qhZIJNIAjS4ShDUWOUeDK6tmZW+zUwU6NyCmE1m+RRoZShDUWOU:zy4cM1ba2J4PhDUW0qWe7yCm+Ro0hDUW
MD5:	13ACD9A35BDCE6D17700124C32B1AF6C
SHA1:	49B84FA4DC5A29C23C02EC3ACA79C675C19E5B34
SHA-256:	C48120EE308DB27CB8CAF722DBE84FFDC5635ED4736811C773D71F051BC9CA8C
SHA-512:	F84399BACB819B29E15AEE74400A3BBBAF22F416F707C37F2197165A1959AB7729957C9B1834DA8A8A1871E8AE3D41CE592ADC8AAB8FC98D7793C1B710DE345B
Malicious:	false
Reputation:	low
Preview:	0\r..m......U...^.\|....._keyhttps://scrollmagic.io/assets/js/lib/greensock/TweenMax.min.js .https://visme.co/c$#ko(/.....................l(.H.U...!~.j.<oK.'%1.nK.V....A..Eo...................A..Eo..................c$#ko(/.....A17B213331490B2D3B50DD253624CF3B431B59DF3AF6E3CFCEB76819847EA72A.l(.H.U...!~.j.<oK.'%1.nK.V....A..Eo.......k..L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43462a7ee86f274e_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2480
Entropy (8bit):	5.988421899913439
Encrypted:	false
SSDEEP:	48:d8KfJKdbJHxxhlrqJTIrJsqk8Kwkb22YNuaxludYzKEOF+1CtR6jmTKt:2u6bPrq+Jf3c22YjWYcF+4tR6/
MD5:	08339DBE0212189DEECC052F0254732F
SHA1:	D894E5EF910D3E0D6D9FBEE804094DCF2CC2D9C3
SHA-256:	B227FB8985532E313A6483E666C6E941913F1B71634955652FB89B8B9328FE59
SHA-512:	24D5A0D03A837443D07C1ECAA8CE9391BDD3303D052FBA42D1A870027E1439BCD9F14AFD5025BD7EE979489ED618D2426CD37EC29333F639888297480CAAD100
Malicious:	false
Reputation:	low
Preview:	0\r..m......`..."......._keyhttps://scrollmagic.io/scrollmagic/uncompressed/plugins/animation.gsap.js .https://visme.co/.w#ko(/....................gm\.:....M..9S.k.FLG.....C......A..Eo.......N.0.........A..Eo...................w#ko(/...................'../....O....H...g...............h................(S.<..`2.....L`.....(S...`$....<L`......Q.@...a....define....Qbnv......amd......`......M`......Q.P..*n....ScrollMagic...Q.@.'+.....TweenMax..Q.PF.......TimelineMax...Q.@J.e.....exports...Qc..F.....require...Qb.[......gsap..Qdj..U....scrollmagic...........Q...Q.@..'....jQuery....Q.P...[....TweenLite.....Q.P..=.....TimelineLite..K`....D... ................s......&.(........&.z..%&.^.....n...s../...&...&.]......&...&.]...&....&....&.[.....:(...'....(.....(...&.(...&.(.....(...&.(..!..(..#&.[...%...(Rc................I`....Da,...z....(..h'.........P..........................@.-....XP.Q.....I...https://scrollmagic.io/scrollmagic/uncompressed/plugins/animation.gsap.js...a........D`....D`....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\496d9e45f8604516_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	5.9343761800875505
Encrypted:	false
SSDEEP:	6:mnF6EYSHT8NWQAlKPUQyRNyOl7cnL2K6tMONkWQYW5VVbW9Hl7cnTY:kbz8NWQCUU9NALYiONkcWtW9FA8
MD5:	DD1C3B6ACFDB345621704C54DEC7EEA0
SHA1:	D4A996D02D9B38BCBC98CBC450F2F7B0FF2E6EEE
SHA-256:	81C785D8FEAD9ABC7EAB557352988DC2BBC49EEE61116D5EED9C36D557DFF631
SHA-512:	64205E7A6D813399EACF7A10C94D04E2987A45403257BD8F54B46A28CAA8B25240985B56C9D33FD64E8EDF5FB23C1C00734DD952847B7DBD0B786C5CB18BF1BA
Malicious:	false
Reputation:	low
Preview:	0\r..m......Z...{......._keyhttps://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js .https://windows.net/:..ko(/.......................v0.v3..18I....J......TLB..A..Eo.......r1$.........A..Eo..................:..ko(/.Po..C0A5FB960AEC9AC488DDB36687E62FAC8AD9F2FAF627B6F634568F76E7985932..v0.v3..18I....J......TLB..A..Eo..........L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4eb0f0604fdb4b2d_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8883
Entropy (8bit):	5.6904917330329665
Encrypted:	false
SSDEEP:	192:qlq65o9oGPbh3tLlt8Jhzm90hphBIKor9L/BB:Wq2o9o8l9OfWjBB
MD5:	9E5782F6036FBC150C9AFDFA9E070300
SHA1:	A29C202125FEC65322940790ED37E87ED174BDE2
SHA-256:	6AFCC730B12F3917C515DCE0BF51070D820694A4B36DB732F223A175DAC61CDE
SHA-512:	44395526011FFC8F50FCB6A5EDECF6689F3BACAE645366DCCE23B23B2B235B9E3654BE2FAEBE044A9ED1FFC79C8F7651EC39A9DDD6C2C979669056E36A49A540
Malicious:	false
Reputation:	low
Preview:	0\r..m......;......]...._keyhttps://cdn.firstpromoter.com/fpr.js .https://visme.co/X.)ko(/.............H.......rz.\.h/3.p......8....jv.#.....A..Eo.......Zq^.........A..Eo................................'.L.....O....P!...........................................(S.\..`p.... L`......L`......Qc.D>H....FPROM....(S.9..`,.....L`b......Rc............:.....Qb...'....c.....Qb..Y_....r.....Qb~.:.....n......M....S...Qbb2V~....e.....Qb..n.....t.....Qb^/......o.....Qb.'....f.....R....Qb........d.....Qb.D2.....l.....Qb"Et.....s.....Qb........_.....Qbj..C....p.....Qb>..i....x.....Qb.^m.....h.....Qb.]B....w.....Qb.B......m..........Qb6.......y.....Qb".......v.....Qbv.^....k.....Qb.C......O.....Qb..+.....R.....Qbz.......S.....Qb:.._....F.....Qb...M....P......O.\|....................................................................................................................I`....Da$...X$...(S.,.`......L`......Q.@.G:.....window....Q.P.d......fprom_loaded..K`....De.................&.(.....,Rc...

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4f4a3d05c542d732_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	178
Entropy (8bit):	5.280097091534821
Encrypted:	false
SSDEEP:	3:m+lDkw8RzY9KIRsIJK3stHtlHCmtDo6FESOQPRkZm3pK5kt:mkkpY9tiIJ3wiJFESOQph5K6t
MD5:	A81171DD6C425DA0B365C352DBA6EFCE
SHA1:	3720654FE5A8AB31663BD27AD26656E859F659AC
SHA-256:	6AE1E9FE151951C3CD0641D73FFF1C2D939EE08CF8B906C180399CC44EB09186
SHA-512:	983DFDB58E75D7F4B430E84E4BC6725DFFD5E9942C797A12386DB89DBD5A5A51A8A6ED165C5907AAB1CA3542A2123514AF658A7DC87949727D8EE9AB91BA0285
Malicious:	false
Reputation:	low
Preview:	0\r..m...........L\...._keyhttps://a.visme.co/a.js .https://visme.co/...jo(/....................<IU.-RZ.\.\|.....D^NmA\|..}.\i.J..A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5a15cdcdf5e4a1f1_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	176416
Entropy (8bit):	5.733903829430383
Encrypted:	false
SSDEEP:	3072:abTfXd1uvFKrBKOP+IbSMRZkSnkg3j1ajeKsAp7v:oTvdW8rBKQ+ESMRqSkcgL9p7v
MD5:	95CC07018EDB327A6B0205B6E7883331
SHA1:	C4CE26E440FF53133F29BC8F8382FB9267DA70A3
SHA-256:	1A2FB517A5CE238114AF970081F354941A30062243ECC6037D1F3AB083FB4D90
SHA-512:	4A0EC941D470778810F420C061D7E8DE3CBD267B1EB0CFCAF264961565BC9DC0ED23DAA9D3940DA22336D3DDD55EC457306532B7DECD1B82DC74BD57E02B619F
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...$..1....9AF7DA6EC9CF58AF5CD9F987F0504E17BD80CD70CA13E4C1279E56545BAFDB84..............'.......O9...h...H-@$.................!..............................................................................................................................................................................................`............................(S.....`r....dL`.....(S.P.`\.....L`.....PRc$.................Qb........d.....Qb...'....c......O....M...Qbb2V~....e...d....$.......$.......I`....Dad...........a..........Q.@J.e.....exports....a..........1..(S....`.....E.L`.....\Rc*................Qb.'....f..........Qb.^m.....h......S...Qb&.t.....j.....Qbv.^....k...e........................I`....Da.............(S.....Ia...........&...$.@.-....\P.a.....M...https://connect.facebook.net/signals/config/734022223348259?v=2.9.44&r=stable...a........D`....D`p...D`........!...`....&...&....&....&...(S.l..`.....$L`......Qd.VO....postMessage..(S........O.a........I...$...(d...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5dbb9ed6240a7934_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8934
Entropy (8bit):	5.711536873095815
Encrypted:	false
SSDEEP:	96:H4SE9c/fFHBQPCRYhs/2Hg3AHaHzyFXAKQ6V+4w8BvH1CIOAp/i/ukiPybEmBzcV:H4S5XFHqPAF3Qac5VZHQJAkB76sK
MD5:	8D0BC87974D4085B3CE39F0B92AC0639
SHA1:	6FDAB7D463CEF75B4F83D0C7AB3121F7C0CC2981
SHA-256:	15362206E1434FEAAF679ECBA5FEE11268BA648AEEFC4AE0B8C4D26058406A6D
SHA-512:	245B0D10FB9B159FB9750DB16E25892FB0DCF10F462DCC3DF966F52429CCB147717AA9891C2C5205B92DFF3C7197C08A8433A4FD712E39097A01B124A091B16F
Malicious:	false
Reputation:	low
Preview:	0\r..m......N...D..w...._keyhttps://prinzhorn.github.io/skrollr/dist/skrollr.min.js .https://visme.co/..Loo(/.............6..........:.bx.......a/.S%...t-.S;$...A..Eo.......L...........A..Eo................................'..1....O....p!...L......................\|................(S.<..`0.....L`.....(S....`X......L`.....I.Rc..................Qbv\p.....r.....Qb.y.M....t.....Qb.......e.....Qb.{`....n.....Qb........o......M....S...Qb&.......l.....Qb..w....s.....QbF.z....c.....Qb........f.....R....Qb.u......m.....Qb~.J.....p.....QbVc......d..........Qb........v.....Qb.(p.....h.....Qb.&.....y.....Qb.I.4....T......O...Qb.t.....S.....QbvDG2....k.....QbR.[P....w.....Qb.2.)....x.....Qb.R.....E.....Qb........A.....Qb..`.....F.....Qb...T....C.....Qb.!8.....D.....Qb..\|....H.....Qb.j......I.....Qb.a......P.....Qb.E.3....N.....QbV.C{....O.....QbZ.I{....V.....Qb........z.....QbRI......q.....Qbn.R.....L.....Qb.Jc5....M.........Qb..W....._.....Qb2.......B.....Qb&A.0....G.....Qb.*......K.....Q

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6204a4e16982f9db_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	478
Entropy (8bit):	5.529009449063677
Encrypted:	false
SSDEEP:	12:pAN9ypoGg9MClJN4zAN9ypoGg9MClJ0tqTf:pALyNUMyN4zALyNUMyP7
MD5:	335EE695F97F18072BC95C17E7BAA087
SHA1:	75C5D499400452F8AB47EDAD0972FDA323C7383C
SHA-256:	EF8D0467E248E3CAF845AE1C6182703C14AA98DEC2F6200E4D0FE19B86092662
SHA-512:	91B187467A26D15B9DB7044BCD08306A287DED8275C30626B305D4ED1A95A80270F3E3C6B5622593ED0B677333F3CFEAF3D66FD8651233C6F61AFE1C7E1E3248
Malicious:	false
Reputation:	low
Preview:	0\r..m......k...?......_keyhttps://www.visme.co/wp-content/themes/visme/js/functions-parallax-live.js?ver=1.123 .https://visme.co/M..ko(/.....................-.VZ...p....VE6%..`..6...\|..<...A..Eo.........3.........A..Eo..................0\r..m......k...?......_keyhttps://www.visme.co/wp-content/themes/visme/js/functions-parallax-live.js?ver=1.123 .https://visme.co/..ono(/..............Y.......-.VZ...p....VE6%..`..6...\|..<...A..Eo......,]Z .........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\636288cf69f73793_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	207
Entropy (8bit):	5.476635749841881
Encrypted:	false
SSDEEP:	6:mxYEAtTtyrEzONwIJWrLtwy4FaIAKRK6t:oeYrdN9JWytaIt
MD5:	66AFF9A38F2E7D87A0DD760109BFBC53
SHA1:	CBFE7295DA3754A2F6F43F540955DD9EFDA1216C
SHA-256:	6560D3DC1DB7638274D6BA26000D9B31688FABA716387592FD654D5CC8218390
SHA-512:	86E0B6A8F106C5BF9472BB0FF3E815923B09F3BEB5DCB0C9D19466A3DF656029BA0F3DBC6B12AA613CEE5462F9941CACEA21CFD6D5DB98BE7770BC323A18B3A3
Malicious:	false
Reputation:	low
Preview:	0\r..m......K...UW.j...._keyhttps://dashboard.visme.co/api/auth.js?1629309302893 .https://visme.co/.u.jo(/......................~r.N.^s.....)....Nk.0.S..g..'3.A..Eo..................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64100df6aa7908ac_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	72600
Entropy (8bit):	6.0933642029097905
Encrypted:	false
SSDEEP:	1536:fVJ/2gyYj71//xQ6a5n4OzjCsHPMOf+fV1OA5Sky://2gTC6dOPdHPMqcrOA5S
MD5:	5CFB5DAE489FCF2AA252F969F107E914
SHA1:	118C8000DE219FA76D70436DFBF0E398A2730299
SHA-256:	98CF94CBFE129EC71725EEF11B2ECD4EC1C277A0086D1812C176B748A701A8A8
SHA-512:	8A17D5C5715B89DE2149FF3358373F5C4B2E5F724398F4025A88F14639B6960717AF2169C4A59D57DC990EDE2B6B021D76CEF96B5C778F3068C78B9CCD1E54FE
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...h.<m....A17B213331490B2D3B50DD253624CF3B431B59DF3AF6E3CFCEB76819847EA72A..............'.j.....O....X...Bm."................................x...................................D...l...................(........................(S....`.....@L`......L`......Qc........_gsScope..Q.@.f.$....module....Q.@J.e.....exports.........Qc.G:.....window....a...Q.@&.p....._gsQueue..QbNj......push.(S.%..`.....tL`6......Q.P...~...._gsDefine.....Q.@.'+.....TweenMax.....`......M`......Qev)......core.Animation... Qf2,.....core.SimpleTimeline...Q.P...[....TweenLite....(S.U..`b....=.L`......RcH.................Qb...'....c......O....M...Qb........d.....Qbb2V~....e.....Qb.'....f..........Qb.^m.....h......S...Qb&.t.....j.....Qb.D2.....l.....Qb.B......m.....Qb~.:.....n.....Qb^/......o...m$.......$...............................................I`....Daz....P...(S.......1"aS.............@.-....LP.!.....>...https://scrollmagic.io/assets/js/lib/greensock/TweenMax.min.js..a........D`....D`....D`.....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b71c6b04690002a_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	144352
Entropy (8bit):	5.750340109245482
Encrypted:	false
SSDEEP:	1536:igeh+FiNnC3L0PZEknLGxIqdvwbL3t5qIITjINK477qssAzCEpmDzh95I8:igctC3eLMZwn3XqxTjIEG7Ps4yz5T
MD5:	8DE82FAEB818457EA93891AB61ED6B9F
SHA1:	E2CA71B6E83B3EFF10B58C7C7A97FB221B6F1258
SHA-256:	3E071F6C46A99ED3806C56969AF62948408C889E4B675BB0D94239BA044B4EFD
SHA-512:	D394C7CF51F4DD96C8FE9EE61286E1A00E8CCED6E33C4B54AB8B39F27900DEA87281DCA592806E5F4CDF77CC6595401222340AC241831A548905759C2CED2DF5
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...n..u....1FDA02BEFC3633CEEC7A6DBC6A0CD494B91BDD6F0D66BC91A18203386E3F7CE7..............'.......O/...P2...1..............................................................................\.......................0...............\|........................................................... ....................(S....`.....`L`,.....Qb........fbq...Qc.`.....2.9.44....QcvSp.....version...Qc.t......stable....Qe.\|`L...._releaseSegment......`......M`......Qe........global_config.....Qe&.......pendingConfigs....Xa.......?. Qfb.......__openBridgeRollout..(S.P.`\.....L`.....PRc$.................Qb........d.....Qb...'....c......O....M...Qbb2V~....e...d....$.......$.......I`....Dad...Ro......a..........Q.@J.e.....exports....a.............(S....`,......L`X....tRc6................Qb.'....f..........Qb.^m.....h......S...Qb&.t.....j.....Qbv.^....k.....Qb.D2.....l.......Qb.B......m.....Qb~.:.....n...h....................................I`....Da....Jo.......(S.P..`X.....L`........HQp...9

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6cdda5703ec85cc3_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	619
Entropy (8bit):	5.862656131304895
Encrypted:	false
SSDEEP:	12:c8E32pLSudaPux2pdyyQL13CMluU9yzHvXdA5CuqqW9AOfJoQB10+ftT:9EmpLSudaPuydyyQL1SKtyzOVOBh++1
MD5:	BAD4AB5C41BF5001AF47F87D4B943D85
SHA1:	790063CA75051649F666C69C871B44B5DE355D56
SHA-256:	280DEAC53739C9516F2204167451DAAA547DE311D55BF9455176FB9904D9614C
SHA-512:	1CCE7D2A01D52CCAE0BDEB90FA4962C8ADCAF6C6E49B5862F076AB0DB769B5527E2E40F3E7601ED9D0B3F38BE44AE077894555EBEF3962BC0A8062BEF8D9790E
Malicious:	false
Reputation:	low
Preview:	0\r..m.............L...._keyhttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309310705&cv=9&fst=1629309310705&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.visme.co%2F%3Fvc%3DTop-Bar-CTA&tiba=Create%20Presentations%2C%20Infographics%2C%20Design%20%26%20Video%20%7C%20Visme&hn=www.googleadservices.com&rfmt=3&fmt=4 .https://visme.co/p.=ko(/..........................q~..'6.D.2Mq.}..T........A..Eo.........a.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6deebb808db06934_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	4302
Entropy (8bit):	5.8321650274948444
Encrypted:	false
SSDEEP:	48:1AUV2nMsR2JnA+dHXG/kg50CG9oTIYaT8uxfYql9CsXF35rhFQb030ZLP8O6o09G:0M+2fG0CGGaT8uxAqT155lF6LAU3
MD5:	9EAAA1B05B95AFA2A1D1A1E3791E0153
SHA1:	A75FE82BFEACC5FFC2682AE1672A5EDF4C9AD14E
SHA-256:	D5FA7ED214229CC753767D971A243F4E936A79BB88E5D4BA7CAF1A79B0E81700
SHA-512:	3C0E09CDC8733ABEE3B88B83F8141CE6687D3E760EBD53C08D5D4846858A03F4821085533487FADD67D7F848729D51D86A26FDE624A6EC023C61C529D7EBAE18
Malicious:	false
Reputation:	low
Preview:	0\r..m......~....\......_keyhttps://www.visme.co/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.4.6 .https://visme.co/(.!ko(/.........................q...U....A@.B6.X.....<."...A..Eo.......`W..........A..Eo..................(.!ko(/...................'.......O....@...+........................................(S....`.....$L`.....(S....`......L`J.....Rct...........2.....Qb^/......o.....Qbb2V~....e.....Qb6.......y.....Qb.B......m.....Qbj..C....p.....Qb.]B....w.....QbB..A....z.....Qb..C[....C......O...Qb~.:.....n......M...Qb........d.....Qb.I......E.....QbN.xi....T.....Qb..*....L.....Qb..Y_....r.....Qb...'....c.....Qbv.i.....I.....Qb.}&.....X.....Qbf..%....B......S...Qb.D2.....l.....R....Qb"Et.....s.....Qb.'....f...x....$.......$.......................................................................................I`....Da`...h....(S.....Ia.................@.-....tP.......g...https://www.visme.co/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyload

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7222a50007eb25d7_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	7378
Entropy (8bit):	5.712764014424752
Encrypted:	false
SSDEEP:	192:YM4pN/yevQS0Bf7fUobPzNUnnd+WmJtueLZBXcSYKCew:Y5RybLbjzGd+WmXFZBMSYKw
MD5:	17E76C379122FF88F081F006A68D6A65
SHA1:	C3B85F43B937530F3D903ACE1E9A3C16D64B4DB7
SHA-256:	9DE596CE7F8734C83EF566F155113943A0E2369EA154F8C7FD132EDF44B4D395
SHA-512:	82992960B9D99EADA8F4355B3EEE6766439D84E00E33632A5D8316802377934ABE0F7D303358ADD0BBB3C13A3501E8B77EA7BB734DDAEFB46E96F3BABCFF04BD
Malicious:	false
Reputation:	low
Preview:	0\r..m......b....<......_keyhttps://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/ScrollMagic.min.js .https://visme.co/.5#ko(/.......................n=...B.x)~..~)~`P/.Oy....A..Eo...................A..Eo................................'..D....O....H..._..B.....................................(S.<..`4.....L`.....(S.h.`......L`......Q.@...a....define....Qbnv......amd...Q.@J.e.....exports...Q.@.f.$....module....Q.P..n....ScrollMagic...K`....Dt.................s......&.(........&.]....&...s......&.\..&.-...%...\..&.-...%.......(Rc................I`....Da............e..........P...`...@......@.-....XP.Q.....K...https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/ScrollMagic.min.js.a........D`....D`,...D`..........`....&...&....&.(S.M..`N.....L`N....PRc$.................Qb........_.....Qb...M....P.....QbB..A....z.....Qb.......D.....Qb..+.....R...d....................I`....Da....(....(S.......1.a...............Q.d........@.............Qcj..%....2.0.7.....QcvSp.....version...Q

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\731b8de554f7b803_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2591
Entropy (8bit):	5.842869247653473
Encrypted:	false
SSDEEP:	48:NAbQfyTi3Z9LUAbJZGFB0SrQKfKSXjqpbAHDx6FgGUlNKG:E23Z9LDGFB0SrQKKejTHl6FNGNB
MD5:	3A88261B282193B002DF719BD5B2AD90
SHA1:	E004A0CC417F1E1DFD571F46A5DF456835E59173
SHA-256:	8A3DAC1929587AD78906313FA9DB9BB1AD796CA5ED004ED81F1E39C8A612C8F7
SHA-512:	DF1D1CA07A06618E712B1A5FAA60C8BAFA38974953F7D5FFE685D306F32FE4FC41204E5AD1791C408BA9FA4519F89F958AEAB668A2E702038FCD7CB4DED16F34
Malicious:	false
Reputation:	low
Preview:	0\r..m.............9...._keyhttps://www.visme.co/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.4.6 .https://visme.co/.!ko(/.......................E0.....I...%.....A...so5H.Z.9.A..Eo......h.oF.........A..Eo...................!ko(/...................'.%.....O...........b.............................(S.\..`t.... L`.....(S.i..`.....tL`6.....RcX...........$.....Qbb2V~....e.....Qb..Y_....r.....Qb..n.....t.....Qb~.:.....n......M...Qb...'....c......S...Qb^/......o.....Qb........d.....R....Qb.D2.....l.....Qb>..i....x.....Qb.]B....w.....Qb.'....f.....Qbj..C....p.....Qb...n....A.....Qb.B......m........q$.......$...............................................................I`....Da`........(S.....Iam...........d......................A......@.-....tP.......h...https://www.visme.co/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.4.6a........D`....D`N...D`.....0...`....&...&....&....D&.(S.....Ia...............Q.d...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\74a20469eab3072d_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	218
Entropy (8bit):	5.483447870510294
Encrypted:	false
SSDEEP:	6:m6z/VYqiMiM6N3Ef2IJfiBGxsiCViur7lthK6t:pQzTNUfvJfiGKcu3lt7
MD5:	8902C76894EC8F55E01CD7C95F30DE72
SHA1:	A0DA4198D21CFC791D6E7B121CC5257053BCE0ED
SHA-256:	B8045F85073B3017D6A8BE53681C4DDFC59F78E8ADECBB3043A362A37E755D4A
SHA-512:	7712B48208337D98E18CB48507BF8128302B63592F8BF1BCAEA807153327E3ECDFBF1C9121CC43255EEB3A3E2BE5B8870D6D1AC1A7078C6C4A0EB36396254934
Malicious:	false
Reputation:	low
Preview:	0\r..m......V...~.D...._keyhttps://z.moatads.com/addthismoatframe568911941483/moatframe.js .https://visme.co/...jo(/............................=>..x/.n.t..WG..S..&A._...A..Eo........h..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\768ca039773876de_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2252
Entropy (8bit):	5.3534712036854115
Encrypted:	false
SSDEEP:	48:0YSmOfvxuDwYSDdbbnmpA1tf7axK+Zn+lY/FEfY:aPuDuxKpokK+Zyqh
MD5:	B2EEC41E3E6E34F24EB58E0E3A5D8749
SHA1:	09D8CC7C499714D129914A0E5D3892E8E346E3E5
SHA-256:	B82AA5B024A70F9E9B527C7ECEC9044BFB167E01DBEDE4B60E7A9A475E48B0FE
SHA-512:	BA2EE89528EF16297CD6D24F13998720EED6ED363157A0EA8382B5538BA2A75286548D227187C2F971725A42C4ABAC65839163350342DE68437BF75017E7A2DB
Malicious:	false
Reputation:	low
Preview:	0\r..m......D...G..;...._keyhttps://dashboard.visme.co/register-visme3.js .https://visme.co/A.&ko(/............. ..........l..%(.."...\2k G.....1...'7@S.A..Eo.........}.........A..Eo..................A.&ko(/...................'.......O.........i..............................(S.P..`\.....L`......L`.....(S.....Ia..........Qe.6.\|....EWCTriggerPopup.E.@.-....<P......-...https://dashboard.visme.co/register-visme3.js...a........D`....D`^...D`.....L...`"...&...&.(S...`.....,L`.....8Rc..................Qd..r.....OldCookies....QbB.......api.a........I`....Da....(.....Q.@...a....define....Qbnv......amd...Q.@J.e.....exports...Q.@.f.$....module....Q.@.G:.....window....Q.@6[......Cookies..(S......5.a..............Pd.........noConflict.a........I..a.....d......................Qd./......noConflict....K`....D{......................s......&.(........&.]....@...s......&.\..-....+...&.(........&.\..&.-...%.....&.....-....... ..f..........P...`...`... ......d........... ........&....&.(S.D..`@.....L`...

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7ce3b9db28f2de50_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	612
Entropy (8bit):	5.835885822879109
Encrypted:	false
SSDEEP:	12:HE32pLSpdDaIux2pdyyQL13CMluU9yzXAKLX8/wDs9AOfJfmX:HEmpLSpdWIuydyyQL1SKtyzXAexOBfmX
MD5:	78E4D7D8DC4E1CAFC40E1D635879D1C3
SHA1:	B95A81B064AB797EE04F2A049D33B5C957D5CD5D
SHA-256:	91A33EC30AE7FD4D79BEFEF57B95C3C052D910C178EC521B3FF507652A4A1E94
SHA-512:	8A6A57EE59D503DFE70D13152577376FDBF77F4D7F4AC2083C8973CFDF0CFEDAE66BCB9F19CF47ED9B2BDD50285E5483CCC24838FA1EFEE7620351A769B70412
Malicious:	false
Reputation:	low
Preview:	0\r..m..........Xh......_keyhttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309356553&cv=9&fst=1629309356553&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.visme.co%2Fvideo-maker%2F&tiba=Free%20Video%20Maker%20-%20Create%20%26%20Edit%20Videos%20Online%20%7C%20Visme&hn=www.googleadservices.com&rfmt=3&fmt=4 .https://visme.co/..oo(/............................kj...8..W+^~.....].7v...*.A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\87e88ff7ccbbe6a8_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	215
Entropy (8bit):	5.50934357781364
Encrypted:	false
SSDEEP:	6:msCYwBsNRN4WyMRIJkMrGj4Hb/pk+4r+K6t:BmWybJ3C4Hb6Dg
MD5:	5258A9D0B043B4D170B374B656D3EAD2
SHA1:	FDDFCFED7051EE53DC1DC9F0B52D71587560C95C
SHA-256:	0704EF9B8C0804DF274905998987BD0DB7B0EEB6A6423207694AE66EF5505316
SHA-512:	2CED9F787D541DB6DFFF9DBEF299A52ABFB51B4C098AA7E3E9C2F47F8CAF9578FD4D4DD190E4874D302E82909DC3964E719F7BF1C081386F86A4796A71E63A15
Malicious:	false
Reputation:	low
Preview:	0\r..m......S......}...._keyhttps://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js .https://visme.co/h..jo(/......................+..B.......{....6.O..;.[.G..o0..A..Eo........W..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8ae9cc7827d4bf2a_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	202
Entropy (8bit):	5.353669945780593
Encrypted:	false
SSDEEP:	3:m+llgOs8RzYwBNX2UEVgoBRJpRsIJKeAtNHtlHCFtZGSPNjfLevRmmPXllpK5kt:mCgmYwBsFVgcR7iIJjiQ34PAMRK6t
MD5:	963E4A62E2A39CB335A5A2650963EC86
SHA1:	7F47328312BEEE1501F528E6F9E759EE2354883E
SHA-256:	00F1C627945D5CD0545ADFF90514146E1E4FE6A24EE7B4DAE4DB78982F7D9CDA
SHA-512:	0DD2D4551CA1367C0D8C861200BC782A7C6FAA5B6A2EFE2D3969F14F8C84DA05994C8436528AB8EDBC2F930AB2C5DDFEF48EFE6DF89C1CA865F70D71CAFBC929
Malicious:	false
Reputation:	low
Preview:	0\r..m......F......_...._keyhttps://s7.addthis.com/js/300/addthis_widget.js .https://visme.co/.%.jo(/.....................4.U...O&.....U..).F:..'y...}].A..Eo.........z.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\90fe993920a17793_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	364
Entropy (8bit):	5.926389974505584
Encrypted:	false
SSDEEP:	6:mK/j9YAWGUJ381NXJJ6NYyFvNyIJrXoaSiiBekgK4bZK6t/XAcDje0cC1j9siBe+:AdoNXJAYWv9Jkji7kgvTpAc3e0Jji7kf
MD5:	BA017136364A9370D2F620D7A02ECBF7
SHA1:	54863159C71752CEA8D9AAFDCA24F4600C64E785
SHA-256:	69070B0972B671963AC62E92D141C298E6832AA5DFA69BE283D18E4189C39837
SHA-512:	83D75DFADADC18B19502529B9E0FDFF3B5B9207BA344D689A11FC69BF5E57151E150856814F40F7B1A27761C76AD5E966EA6611AC81231B410A4AF409BC9C9D2
Malicious:	false
Reputation:	low
Preview:	0\r..m......d...)......._keyhttps://connect.facebook.net/signals/config/734022223348259?v=2.9.44&r=stable .https://visme.co/.Vyko(/...............................e.4.....OX......\.{..A..Eo........z..........A..Eo...................Vyko(/.x...9AF7DA6EC9CF58AF5CD9F987F0504E17BD80CD70CA13E4C1279E56545BAFDB84..........e.4.....OX......\.{..A..Eo.......C2.L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\93369d9bc9a3da44_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	235
Entropy (8bit):	5.578930287928298
Encrypted:	false
SSDEEP:	6:m3gYeVI/HzOW6IJL5z/J1q61C1nMmnK6t:AmIfSkJNnnCqG
MD5:	E0F437063BC62607F922D5AAD2059A85
SHA1:	7B20FD49624E9AA0E358E4DB5401D49A05000164
SHA-256:	24A13E8A5CAAFDA878E8631B4377FCD7B54D788055BD1E98294AAB1A949F48AA
SHA-512:	B52ACF46C7B2C24A60475BC44C77E9BEDD68A1D584BEC4FC6FE08E4243E4C63B1F07BBDA08BE06780BE619375B054FD21C1D45F3F239A0523C79E49AC7534DC6
Malicious:	false
Reputation:	low
Preview:	0\r..m......g....(......_keyhttps://v1.addthisedge.com/live/boost/ra-5411da2048bc494d/_ate.track.config_resp .https://visme.co/u$.jo(/.....................G.....ZZ..-.[\|..s..n.vKY.'.HKi.A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\93f88bfdbddae738_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	600
Entropy (8bit):	5.807310295360964
Encrypted:	false
SSDEEP:	12:NQjE32pLSddnux2pdyyQL13CMluU9yzdvCuqqW9AOfJivlgFu3p:NmEmpLSddnuydyyQL1SKtyzdjOBmaF2p
MD5:	C5BC8263BFBFF8CE271BEC2AA609FD8E
SHA1:	006BEBE4B0AACCB86C9CC9C8D5DA4ABDA2F002DD
SHA-256:	73E1BE46A46AB64DBDE4F669F443A2A19F217A70103B7700CB4373D6E358E22A
SHA-512:	1380143A8E0322BE1FD798C101C15A22129BD4E27CBAE95877ADB1667EC7A16C5CF8CC4677EE00F809C90710AE73B4961322A116B157964BFEC0DF3E7DBBBA45
Malicious:	false
Reputation:	low
Preview:	0\r..m...........b......_keyhttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309335572&cv=9&fst=1629309335572&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.visme.co%2F&tiba=Create%20Presentations%2C%20Infographics%2C%20Design%20%26%20Video%20%7C%20Visme&hn=www.googleadservices.com&rfmt=3&fmt=4 .https://visme.co/..}no(/..............[.......r.e?L....A..uY.vX..8gq.6..P...A..Eo......,............A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\94507e6800935d69_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	47981
Entropy (8bit):	5.92633536766037
Encrypted:	false
SSDEEP:	768:uMVFxwQ1PkUaj/DmqjXOzSzZEUMaehdtyRnPQZ7QsE5:uAx+jrf/dEUFWDiPQxM5
MD5:	F3F7FE37A904B4240357209A1672BD9B
SHA1:	E5713C16BAC4A9321DC3D8115865F218DEBBD71F
SHA-256:	8478C7B2BE5A85B4E4AEF00A47869634BCF49FA6A62B9EECBDA53F795B1C128A
SHA-512:	B46D0CAF2BD301307301AF4F55355AC7A3D518672F1C4F4BBB3D57310DC1E3A12652458EE3F8EA77BABA7C73CD88AD0C27AD3DFA42E3197E3463C061FF53F07E
Malicious:	false
Reputation:	low
Preview:	0\r..m......]...`0......_keyhttps://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js .https://visme.co/.."ko(/....................P..o\..k .>W.qJ...-FM...&/Ze...A..Eo......K............A..Eo................................'.......O................................................................................4................(S.<..`4.....L`.....(S...`.....8L`......Q.@J.e.....exports...Q.@.f.$....module....Qc..F.....require...Qcz......jquery....Qd.t$.....popper.js.....Q.@...a....define....Qbnv......amd......`......M`..............A...Qb...J....self..Q.P.`......bootstrap.....Q.@..'....jQuery....Q.@>(.i....Popper....K`....D.Q.(................s..3...s..,...&....&...&.]...&....&...&.]...&.[.....M...s......&.(........&.z..%&.^.....)%.'.......&.~&.-...'..(...&.(...&.[........(Rc................I`....Da.........$..g!.........`...@...`..L..@........@.-....TP.A.....F...https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js..a........D`....D`....D`..........`

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\947fcc35c78613d8_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1338
Entropy (8bit):	5.461524327751117
Encrypted:	false
SSDEEP:	24:HyNF8Rlq9yNF4VRl/9yNFMRl+9yNFUnRlY9yNF2Rlp9yNF4nRlp:SNFqqoNFc/oNF6+oNFmYoNFMpoNF4Lp
MD5:	D30B4498F376096A87A85DA0BCA7B2B9
SHA1:	44AABC257BD8B3B243E64D94ACCC25EC1E9FB787
SHA-256:	1F67C29D20D19D7A5A52EB3E5746E26CE6BA8F352E14972A0712CFABD9CA0906
SHA-512:	7D1E3824C45AB01DDC965292CF19C2215E0E75C38E0D5E4BE282465390FD76FDE89F997EB9C6A3B777FE6232A0CBC3123B3852B4C59A3A9E1CD0BE46499311AD
Malicious:	false
Reputation:	low
Preview:	0\r..m......[....Q......_keyhttps://www.visme.co/wp-content/themes/visme/js/svg-animation-lib.js .https://visme.co/.k1ko(/.............{........o....b%........:0J.V.^]O.....A..Eo......x.I^.........A..Eo..................0\r..m......[....Q......_keyhttps://www.visme.co/wp-content/themes/visme/js/svg-animation-lib.js .https://visme.co/..wno(/.............Z.......o....b%........:0J.V.^]O.....A..Eo......E............A..Eo..................0\r..m......[....Q......_keyhttps://www.visme.co/wp-content/themes/visme/js/svg-animation-lib.js .https://visme.co/RJ.no(/..............j.......o....b%........:0J.V.^]O.....A..Eo...................A..Eo..................0\r..m......[....Q......_keyhttps://www.visme.co/wp-content/themes/visme/js/svg-animation-lib.js .https://visme.co/..Xoo(/......................o....b%........:0J.V.^]O.....A..Eo......@.f..........A..Eo..................0\r..m......[....Q......_keyhttps://www.visme.co/wp-content/themes/visme/js/svg-animation-lib.js .https://vi

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a5a492f128722e8_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	62892
Entropy (8bit):	6.157239290753026
Encrypted:	false
SSDEEP:	1536:GYuHU21qLydAWhCXb2vGVpEYyoegaw+4yo+wqA+YSofH7bpgxU6LuVF+FGhI/:GfxqLyiM6b2v6pEYyoegaw+4yo+wqA+V
MD5:	3DFED791B58FFBE6635286BFB038043F
SHA1:	A3CB358A15A2B49F0E8FB4199378895E23D15CD5
SHA-256:	2F9A7EC202B7909C914597B3B2BB404C2EF4F0BEBEFA444BFB7EF8ED4FEEE908
SHA-512:	97723A5479F68B02F59119C7EE791010053EB885F32C2C588F474DC5D4624E9D4987073AA7D11466CB2C31774E6DA092EF0345A660C4D1D6D95A0DD68BDBA7CD
Malicious:	false
Reputation:	low
Preview:	0\r..m......L...$.:....._keyhttps://www.googleadservices.com/pagead/conversion.js .https://visme.co/A.%ko(/......................).`{..`.9v.......3.6[V.9[=....A..Eo......H..>.........A..Eo................................'.......O..........a.............0...................................`...........0...P....................................(S.<..`2.....L`.....(S....`.........L`>....u.Rc..................QbRM.@....aa....Qb........ba....Qb........da....Qb2.......ea....Qbv.^....k.....Qb:d......fa....Qb..Y_....r.....Qb........ha....Qb...\....pa....Qb.]B....w.....Qb.......ra....Qb>..i....x.....Qbjf<.....ta....QbB..A....z.....Qb.......wa....Qb..,.....va....Qb........ua....Qb.l......xa....Qb........ya....Qb.N.V....za....QbZ..*....Aa....Qbf..%....B.....Qb..C[....C.....Qb.'......Da....Qb...x....Ha....QbRU......Ia....Qb...1....Ja....Qb..;.....Ka....Qb.......D.....Qb.).%....Ma....Qb...1....La....Qb..K.....Na....Qb:.+.....Oa....Qb..1W....Qa....Qb........Ra....Qb6O'.....Sa....Qb........Ta..

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a379b12a49028f81_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2426
Entropy (8bit):	5.705025824802448
Encrypted:	false
SSDEEP:	48:bUhKzBtWlF60HirCVcqI0UkyzD0rquiU1MBMU6KpUW+iWXu48zBQ:bdzM60HycI0gzD0uuiVUHn+z+
MD5:	35C9BC2EA9F6D2157EFDA2B4D09E0055
SHA1:	DF0282A5CA74CCEE80967B226728658ABD71513B
SHA-256:	7563DFAEE4C495F12E8BF299EBF85DBC0C50A276CC6813BBE4B48C4DEE6107A6
SHA-512:	695F9B1E8CA9807AF06DFC8D60D1CCB63A4950DC95F9308E7BB4F329AA22201C75A1D810E8CAC4372767945D4EEBE4AF32A6446E31F85FAC78000A022D94FADF
Malicious:	false
Reputation:	low
Preview:	0\r..m......r... ..F...._keyhttps://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/plugins/debug.addIndicators.min.js .https://visme.co/.7#ko(/....................(....$..w<....V..............l.A..Eo.........!.........A..Eo...................7#ko(/.@.................'.......O........^................................(S.<..`4.....L`.....(S...`.....(L`......Q.@...a....define....Qbnv......amd......`......M`......Q.P..n....ScrollMagic...Q.@J.e.....exports...Qc..F.....require...Qdj..U....scrollmagic...!...Q.@..'....jQuery....K`....D{.................s......&.(........&.z..%&.^.....=...s......&...&.]...&.]....!(...'....(.....(...&.(...&.].......(Rc................I`....Da....0.... ..f..........P..................@.-....hP.......[...https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/plugins/debug.addIndicators.min.js.a........D`....D`0...D`.....\|...`:...&...&....&.(S..`F....\L`....`Rc,..................S...Qb^/......o.....Qb~.:.....n.....Qb".......v.....Qb.^m.....h.....Qb"Et...

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a84326ff637d7068_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	12224
Entropy (8bit):	5.599920192731006
Encrypted:	false
SSDEEP:	192:4JCeSz9jZSnPeKa0W4kZTIaerjTVBNw0/5aWw72ZWyR:4JjO9jIXaIDJr5aWwasQ
MD5:	B6DC82F46D29FB89C8C85FD246EAB1FE
SHA1:	B5A82D51B3AF57853FDA1B4701F8116701F5CB91
SHA-256:	66634CED40B843354EACDDC0CCEB0C9EE6B9279C402D6F50B42E6F24FD8E460F
SHA-512:	E27CF7101D523640FD408650775F887B3AA7911F3F83607A0ADD1530FBC61D13A84B8AAC5E7FE61A10609490814B55562DE44D9B4F0D6FC767E65616825737C9
Malicious:	false
Reputation:	low
Preview:	0\r..m......`..........._keyhttps://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js .https://visme.co/.2#ko(/.............y.........'-.n,..L".O.y..}..i..lp.BW..A..Eo.......g..........A..Eo................................'..R....O....0......K........................L....................(S.<..`2.....L`.....(S.l.`......L`......Q.@J.e.....exports...Q.@.f.$....module....Q.@...a....define....Qbnv......amd...Q.@>(.i....Popper....K`....Du.................s......s......&.\..&.-...%..*...s......&.(........&.].....\..&.-...%....(Rc................I`....Da"...8.......e..........`...p...@......@.-....XP.Q.....I...https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js...a........D`....D`(...D`..........`....&...&....&.(S....`P......L`.....).Rc..................Qbb2V~....e.....Qb..n.....t.....Qb^/......o.....Qb~.:.....n.....Qb..Y_....r.....Qbj..C....p.....Qb"Et.....s.....Qb........d......M...Qb.D2.....l.....Qb.'....f.....Qb.B......m.....Qb.^m.....h.....Qb..

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a84f12098c73714f_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	225
Entropy (8bit):	5.410203115618059
Encrypted:	false
SSDEEP:	6:mkqEY68E9xEEUgLErAsbbi/OxMZZ4XS2/lhK6t:xqQYgY/i++W1t7
MD5:	00C760CE3D3B10E53CF83AF29722066F
SHA1:	5DC341A7DAC078550FAA627BFED2462AC5A1F692
SHA-256:	C674B16B085CE8423772194F9699B3F1991A33F3426F2B5CEB2000D52A6A97FE
SHA-512:	E59832550EE5A0B3ADF45920396C8B03DBFD821103871AFEBC8FD0353FF29ACC93B1EB0A8FEBBE16EF753B026D7077F97017AE6A5B4A976B4456FA98C86217BB
Malicious:	false
Reputation:	low
Preview:	0\r..m......]..........._keyhttps://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js .https://windows.net/.,~mo(/.............u.......{>G...;......p.A...WH.....Rp.S'..A..Eo.......w..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ab06e7a083a72fae_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	604
Entropy (8bit):	5.777629417683385
Encrypted:	false
SSDEEP:	12:yE32pLSgdyNux2pcFyyQL13CMluU9yz5uJu8Xms9AOfJL9xVBJJ:yEmpLSgdEuycFyyQL1SKtyz5uo88OBhl
MD5:	B7536566EAD8311CC0AEA801FC8A4312
SHA1:	78486391D7AC5B443716B675D18E0928BCD81793
SHA-256:	B46F55101DFF4BE938C2C20A354A34F251AF966279055014E5C8A6C222B4DD57
SHA-512:	3E843F516937E89E8DA30542E01DD08733CF625B7EEC2E43A16700CDF5D6F462DF10D3E6F4E576D2F8778FD99DDF8C5FF0F959C7A5A20E2D87FD7659B5DA7E1E
Malicious:	false
Reputation:	low
Preview:	0\r..m............wh...._keyhttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309343790&cv=9&fst=1629309343790&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.visme.co%2Fpresentation-software%2F&tiba=Best%20Free%20Online%20Presentation%20Software%20%7C%20Visme&hn=www.googleadservices.com&rfmt=3&fmt=4 .https://visme.co/.1.no(/.............8~......H...6..w.A..F:...1?..X...D......A..Eo..................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b37cfd925151de17_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	209
Entropy (8bit):	5.4272780771677995
Encrypted:	false
SSDEEP:	6:meCltXYcDYYtPKzvwIJgrTTsLsQyVL27drzkZK6t:6ltXt4zlJPLxGL27mT
MD5:	2748A15F7FE549F4F5DB330EAA2524ED
SHA1:	9EEA6838F789801E4F20AF01971D10E111DAA913
SHA-256:	DC9E84FC9A57F2C9952100C1AE466FD132F53CCC38EC41374229D7D9F85D0D68
SHA-512:	6A825918A38251D7A0570DFE4EEB5FF46DA018375F1DF4A40247D6832F028A6553BECB1C2C77F897496721818378AFF78C76C27F4E0D6B75AA560E987694F7E5
Malicious:	false
Reputation:	low
Preview:	0\r..m......M....ni....._keyhttps://my.visme.co/static/js/player.4.2.187.bundle.js .https://visme.co/..jo(/..........................`.p..G..[..TL....G.c&.-.....A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b49c05c509033192_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	94200
Entropy (8bit):	5.771001292316491
Encrypted:	false
SSDEEP:	1536:OXQFElRiIh223kmjcpzLvjwUkGdpsEQJWY3xb0MoiGL/rgGol9G1qvSPi:olRi+cdJbkqpsNwYBb0PiGbTF1qh
MD5:	BA3637D555C63BF284A82981C86CC43E
SHA1:	E6AB10A65A782A73205E96CE15B35EF70CDC1357
SHA-256:	45B2B9A3454D2B7999182E1E003D92A8DE2D3B1C7A8076EA99A40E6C265D99E7
SHA-512:	9B71E2FEB2F881BCCE13289A4CC62A95AEE15D490DC38F63FBAA9DC5CDCCA13E0D2E67A5D17546840E8E20EC0B911AB745077E01744CEC59F58D5450CFDE2B82
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...d.......C0A5FB960AEC9AC488DDB36687E62FAC8AD9F2FAF627B6F634568F76E7985932..............'.JN....O ....n..9....................!...................................................................................................................(S.H..`L.....L`.....(S.p.`......L`.....0Rc...................O.`....I`....Da....*.....Q.@.LA.....module....Q.@.`......exports...Qc..!d....document.(S........5.a...............a..............a...............a............a...........Pc.........exportsa........I.....@.-....LP.!.....@...https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.jsa........D`....D`....D`..........`z...&...&..!.&....&.(S....!..`.C.....q.L`.......Rc@..................M.....Qb........d.....Qb........e.....QbF.q.....f..........Qbj..?....h......S...Qb..+.....j.....Qb.2......k.....Qb..\[....l.....Qb...x....n.....Qb.......o.....Qb.5......p.....Qb..A....q.....QbNP......r.....Qb........s.....R....Qb.f.....v.....Qb..K.....w.....Qb........x.....Qb...f....y....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b5a47af98ee28895_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2182
Entropy (8bit):	5.417641677250831
Encrypted:	false
SSDEEP:	48:6NIUS/yNwQifunCu+WKNI9RxKb4uUMe6bV/BxtG0ALZbec0U:XHnQiUCu+WH9GtZBJALU0
MD5:	F3B74093E920ECE45F4E25189227F8B9
SHA1:	E6F88607E81465AAB80A862734320FABDA0D68D6
SHA-256:	2D7998ABA1407CF15507A40586971DC240696433F83024A3094E8B5746E6E4E3
SHA-512:	144E9D6A8A8A4FC1F325F0102B7DB94808ECA3A0768B815F8FBC7A43F31F11E4A174DDE285EC582F82A3E846C07C96B08BF179AE23863B93C97735EE1F822CA7
Malicious:	false
Reputation:	low
Preview:	0\r..m......V...LY.r...._keyhttps://www.visme.co/wp-content/themes/visme/js/paroller-lib.js .https://visme.co/..'ko(/.......................GM....F...S....v.Ax....TF.:...A..Eo......cY.t.........A..Eo....................'ko(/.h.................'.$.....O....(....Wn\.............................(S.8..`(.....L`.....(S...`.....,L`......Q.@...a....define....Qbnv......amd...Qdr.`.....parollerjs.......`......M`......Qcz......jquery....Q.@.f.$....module....Q.@J.e.....exports...Qc..F.....require.......Q.@..'....jQuery....K`....D~ ................s..&...&.(........&...&.z..%&.'..[.....A...s..1...&.(...s..$...&....&...&.]...&.]...&.-...%......&.]........(Rc................I`....Da......... ..f..........P..................@.-....LP.!.....?...https://www.visme.co/wp-content/themes/visme/js/paroller-lib.js.a........D`....D`:...D`.....L...`"...&...&....&.(S...`.....@L`......Rc@......................Qb".......v.....Qb>..i....x......O...Qbv.^....k.....Qb6.......y.....QbB..A....z.....Qb.[......M....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c0c506559f4d2ade_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	15786
Entropy (8bit):	5.7554562583662054
Encrypted:	false
SSDEEP:	384:qdWksQKZ0/wAiJga6QnvR901xR23B5LCPnDtIkNYU:qdW9QKZ0/taWQnMSRtE
MD5:	34A7DBD716DDA6E7262C47E06ADE8DBB
SHA1:	D0A354AEE9132351AEC1717EEDF24709E8ECDA7C
SHA-256:	523D0A87E5DAC4E36F136ACD7F393F6C2B9422320E23E7C66AB35AFF46D7589F
SHA-512:	455B93D104FDC8392F763EB7B56136B506462CA5E0A58FBC839393CF62F23CB5261AB3747B0A3E92A14D771566DF5BA20BC8FED8121BAB0F15A92DE02DD04843
Malicious:	false
Reputation:	low
Preview:	0\r..m......J..."HB<...._keyhttps://static.cloudflareinsights.com/beacon.min.js .https://visme.co/..jo(/............._.......L.V.U=.;.....mL..d....=<..?...&V.A..Eo......X...........A..Eo....................jo(/.....................L.V.U=.;.....mL..d....=<..?...&V.A..Eo......}}............jo(/.............&.......L.V.U=.;.....mL..d....=<..?...&V.A..Eo.......%@......................'..5....O.....;...e.K............D................................(S....`.....,L`.....(S...`.....<L`.....@Rc..................Qbb2V~....e.....Qb..n.....t.....Qb~.:.....n...b$...........I`....Da.........(S...`......L`......Q.@J.e.....exports..$..a...........S.C..Qb.D2.....l...H..A....a...........Qb2.A.....call..!...K`....D}8...............&.%.......&.%...&.(......&.}...&.%./...%.0...'....&.%.*..&.(...&.(...&.(...&...&.'..W.....-...(........,Rc...................`....Da....&.....A.....e......... P.........@....@.-....@P......3...https://static.cloudflareinsights.com/beacon.min.js.a........D`....D`Z...D`

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c9603f0f37418e30_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	199
Entropy (8bit):	5.4342375756541905
Encrypted:	false
SSDEEP:	3:m+lvOUA8RzYRtMxANIhpSV+nRWFVW+9tlHC/g/9M79jcBA+QJxJ/yygK5mAlpK5M:mWYlNYpSVkCVW+Aou79jUexxt4aK6t
MD5:	002FF7AD1AA159E81180DF72D22BE120
SHA1:	D4D199664FA89628FC0D336596AE4DDFF7A06DCD
SHA-256:	82E4BA98B1D9E5E0B43DBA510EA48B8E5CF5BA294DCBB5FEFBC1B09DAE4AEDFD
SHA-512:	EB3B21BA27931DEEB6CB82D94E9CBB56E6506480201BFA1E8D4CE5D495F997E32199A551D9AA80099AF4175819166D0C7B45D497CF4E397381DFC088DC20D985
Malicious:	false
Reputation:	low
Preview:	0\r..m......C...<k ....._keyhttps://kit.fontawesome.com/585b051251.js .https://windows.net/k..ko(/......................>.T...s.*...........)../7Zy.A..Eo........O..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ca7fe54def9628fa_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	332
Entropy (8bit):	5.842188306191092
Encrypted:	false
SSDEEP:	6:miFqEYGL+MIwJJ/IJMKrLYoMYRk4rzbK6tL25G0DbWXX8lVpMYRk4gt:TFDIwvAJMKRfkGzNo80DyH8xfk
MD5:	DA7494CA52620F8CE93AC8A362C1DAE4
SHA1:	B850AD42CC569AC08F9FB719B81E7380FF9BF7AD
SHA-256:	E972381DBE5327DD2FD3F08DAA17A01EABEF890EDF9BAFC533EEB3817758E2EF
SHA-512:	58BF65D52CE6EEC9E15A86AE2F7B5BD4B71A893E2EC491518F5DB2ADC233CE9865E342CD3454902232AD614D03F20278D56EF1F7E85B4357BF9D06BFF7C90C79
Malicious:	false
Reputation:	low
Preview:	0\r..m......D...*i ....._keyhttps://www.google-analytics.com/analytics.js .https://visme.co/..jo(/.............O........V../.\I...._@.S....MR.C.+...p.U.A..Eo..................A..Eo....................jo(/.84..17710C9374A2C7617DF5F22AC074609F0F10F86631E8C12F2C980BFDF0E9E790.V../.\I...._@.S....MR.C.+...p.U.A..Eo.........=L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d217b36d75e6979c_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	37198
Entropy (8bit):	5.996380943851443
Encrypted:	false
SSDEEP:	768:cf6/7hzlTQJunng8/JAE0M1EAGezUu0WHTwvMwFe3IolxaKGxEezWHclDGFYERMZ:XjBxcunng+JAELuAdzUpeYSfW
MD5:	1522CC5A935C79A745B4ED685FB91EDA
SHA1:	158856BE01063E7B1AD83EE9CC40004DA69E7A38
SHA-256:	F6152298D152B573130D3F5751C5473E54CCA94889B255CE4EF6AC6AB4B3171C
SHA-512:	74AA170E7D6E04C7CD097858197ABD2956B474AF7DD5B715DF2458AE021B1C58ED1DE6D32249C51DFBFF4BE696C2BBB635B1CA17C5D28963D898238C0D0C0895
Malicious:	false
Reputation:	low
Preview:	0\r..m......f...h......._keyhttps://www.visme.co/wp-content/themes/visme/js/functions-live.js?ver=3.3999993 .https://visme.co//.!ko(/......................6.........n.=..&...e..F.&d....A..Eo......-^k..........A..Eo................................'.6.....O..........ml............(....7..........................@................(S....7..`.n.......L`.......L`......Qc.......liname....Qc.......linumber..Qc.w` ....liwidth...Qc...&....ulsize... Qf.c.....mibNewsleeterClosed...Qe........getUrlParameter...Qb.b,.....arr......Qd..;:....controller... QfN..,....positioniconchart.... Qf.v]u....percentTopiconchart..$Qg.......percentTopiconchartfinal..Qe2..J....positionicongirl. Qf.......percentTopicongirl...$Qg.&S.....percentTopicongirlfinal...Qc3C_....scene......+.....Qc".......scened.......Qcjh.\|....scene2.....,.........Qc._......sceneee....,............q(......Qc".U.....scene3....Qc^.s.....scene4............Qc.]O.....typei.....Qc.XU.....typea.....Qez.......isBackspacing.....QdV..b....isPar

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d3c2b4b4519f0c48_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	232
Entropy (8bit):	5.41968671835323
Encrypted:	false
SSDEEP:	6:mOvPYGLAWIAypdlAkFdG7LE2vOH4IJbyDKPS3VK6t:J9ypoGgWJWGO
MD5:	C1F2844E440FE1B747821B4B26C6D210
SHA1:	36964F790200AD0AA7423A23C0C896BC6453A3E6
SHA-256:	6D167BD07555BE4954562737256719D0B3DAA1586F0112F6CB181227B6283586
SHA-512:	FFFC9E729C4AF46E1A93CEE2E3F6C33B6ACC63E53DFBC70826271DACAF26EE901B97868AACD61F7432775703FB4D0A8C98EA07DED5A6E9ED848F0DEC67B40FDD
Malicious:	false
Reputation:	low
Preview:	0\r..m......d....]......_keyhttps://www.visme.co/wp-content/themes/visme/js/bootstrap.youtubepopup.min.js .https://visme.co/.-.no(/.............lz.............4.*=...4e.d..#...7...N...A..Eo.......Tdn.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d4a01e854b42e407_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	333
Entropy (8bit):	5.868631433233985
Encrypted:	false
SSDEEP:	6:mSYAWQf257ZIJLBROh/KppO6A1aK6tzlxdXgauJpZyjGxBAOh/KppO6Abe:1e5iJliSv/lFlHgauJpMK9Sv/u
MD5:	B24C8804FD99C87AA5BAA0FD40408F03
SHA1:	09AA722880F89B90A2D57CA762C3C979EA20C56E
SHA-256:	35057C54CB0D62A9336C60C8A475D904FDD5BF6A8E9EA420E8682D5385E12C40
SHA-512:	8D10E76ACAF7EFAD909C8272290D98F6E2B34C4DA84AEB9169BAA9DCE150F94C59C19954EA365B91D280BA45A7A43011C8AD4CF706BE1DB14F60E9CF9AB2707E
Malicious:	false
Reputation:	low
Preview:	0\r..m......E......u...._keyhttps://connect.facebook.net/en_US/fbevents.js .https://visme.co/..tko(/..........................+MFz..=.......M........A..Eo.......t...........A..Eo....................tko(/.83..1FDA02BEFC3633CEEC7A6DBC6A0CD494B91BDD6F0D66BC91A18203386E3F7CE7......+MFz..=.......M........A..Eo...... ..L.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d890b4e6eafa49c4_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	611
Entropy (8bit):	5.763128702584873
Encrypted:	false
SSDEEP:	12:gE32pLSCd/Oux2pcFyyQL13CMluU9yzkpEp34AXW4Ws9AOfJTmI7:gEmpLSCdmuycFyyQL1SKtyzkpG3FAOBV
MD5:	650122B80CCB46B2E9C2CEB66EFEA250
SHA1:	85322997ACE08C5737C9F7ABC905CF092E90EBAD
SHA-256:	749E91E2E94C5D1C3A426DDD7E10B074B9E95F35DC176ECB171444155AB79543
SHA-512:	742399572F747660B4EB856495736B770EC9B104B922B64AC118FF41037A6D206ADA5DFD033292EF89B1A01446DA840FAA5D509F727500633325BAB359180DC1
Malicious:	false
Reputation:	low
Preview:	0\r..m...........s......_keyhttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309339630&cv=9&fst=1629309339630&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.visme.co%2Fjobs%2F&tiba=Careers%20-%20Available%20Jobs%20at%20Visme%20(Remote%20and%20On-site)%20%7C%20Visme&hn=www.googleadservices.com&rfmt=3&fmt=4 .https://visme.co/...no(/.............kk.........=._..ze..a.7"....} .e.5..OR&.A..Eo......v.._.........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dbc8feedb595f1fd_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	629
Entropy (8bit):	5.790644576681822
Encrypted:	false
SSDEEP:	12:ir3E32pLSea5Idenux2pdyyQL13CMluU9yz5XWt5aws9AOfJZKFhuxkei9:CEmpLSeEIdenuydyyQL1SKtyz52HlOBW
MD5:	D4ADEF691B713F67E15A657497BD2A91
SHA1:	6FFB6586144E2B9E789A566723814736ADF53F35
SHA-256:	0AD1E9FBC59E4E49849046F25788B22BCA41F7EC9F8F1FF37103289D0313B807
SHA-512:	7A7F626CDEED8DD75F139734D1771211ADE6DAEC11EB7E07DB8157F0B287FAD9C6A283CE1F90833B22B1933DD343298DE38FF080E02F2825EE49FE9DF7CE301E
Malicious:	false
Reputation:	low
Preview:	0\r..m..........\|.y....._keyhttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309350248&cv=9&fst=1629309350248&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.visme.co%2Fprofessional-document-creator%2F&tiba=Online%20Document%20Creator%20-%20Create%20Docs%20%26%20Reports%20%7C%20Visme&hn=www.googleadservices.com&rfmt=3&fmt=4 .https://visme.co/s.\oo(/..................../.....h.........k..Lm...w.s.(E.A..Eo......F.;..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\de9027b1817f4760_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	79072
Entropy (8bit):	6.079781215343521
Encrypted:	false
SSDEEP:	1536:uG9EibDPQYpCmvTKEL/o4VEaozovoK/PPIs1gt/F9dztl:V9EinQYQ8TKEoRaokwKnQs1S/F9F
MD5:	045CFAD43D8D9B4ED6B51E4F29FAF1C5
SHA1:	11E07461E5A2DE076232E64B0276F211A2A8BBBD
SHA-256:	F519338DCD6435DDB83AB5EBDA1EBF7D3621CB0C62DE7DC12648C3180C002D1F
SHA-512:	5510113B0507F158B3B24C293964769248C03A32F0A21894950E672E2706D0FF04107361E05E6096F83BEACE63A554405C2937BDC971B6E50AECA5210AF57224
Malicious:	false
Reputation:	low
Preview:	0\r..m......@...s.{K....17710C9374A2C7617DF5F22AC074609F0F10F86631E8C12F2C980BFDF0E9E790..............'.......O.....3...-A.............8.......`.......D.......................4...............................................(................(S.D..`B.....L`.....(S.]..`p.....L``....u.Rc............R.....Qb..,P....n.....Qb"~d;....q.....Qb...s....r.....Qb...\|....t.....Qb........v.....Qbv6......x.....Qb2.g.....y.....Qb"X`(....z.....Qb........A.....QbFDm.....B.....Qb...j....C.....Qb...K....F.....Qb:.e.....E.....Qb.`.,....D.....Qb.......G.....Qb........H.....Qb...T....J.....QbN"m.....I.....Qb.O.$....K.....Qbr.......aa....Qb..#.....L.....Qb^.......N.....Qb........O.....Qb........P.....Qb.z......M.....Qbn.......da....Qb:.eG....ea....Qb...D....Q.....Qb6.[.....S.....Qb#......R.....QbzW......ia....Qb..p....U.....Qb..2.....ha....Qb.HG.....T.....Qb.z.9....V.....Qbn......W.....Qb>.......Z.....Qb..R.....Y.....Qbf..<....X.....QbJG.r....ba....Qb.P3~....ca.............................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e494ebaace04c0ea_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	617
Entropy (8bit):	5.788490503260246
Encrypted:	false
SSDEEP:	12:+kgE32pLSxdTux2pdyyQL13CMluU9yzsU4tW9CXoNAExms9AOfJiShm6N:+fEmpLSxdTuydyyQL1SKtyzlAW9ZNKlA
MD5:	FEF453DFD747C10B38EE7323B2796A01
SHA1:	03DA9584B65F65B61545C76A747CCA0F688D3CDD
SHA-256:	1BE1D4F3FF5D6A18B476B65F6D326CD80C4726350B7434CCDA23DE5D08CD07F0
SHA-512:	9D6C4FE17A8FF108A7D95B29A415697DADB71A520ABB94F01762F60D67AD257471B0389CC62547F67298D9518BC594161A69F00693FDED488533E911C454CE91
Malicious:	false
Reputation:	low
Preview:	0\r..m..........1d.d...._keyhttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053096647/?random=1629309365766&cv=9&fst=1629309365766&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=1&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.visme.co%2Fmake-infographics%2F&tiba=Free%20Infographic%20Maker%20-%20700%2B%20Beautiful%20Templates%20%7C%20Visme&hn=www.googleadservices.com&rfmt=3&fmt=4 .https://visme.co/?.Hpo(/.....................R.ryW...h..T.L.U(..#w.t...N:?..A..Eo.......a..........A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f2813b7942d10c39_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1332
Entropy (8bit):	5.438045372477637
Encrypted:	false
SSDEEP:	24:HFyN3GB/qiMippFyN3rn/qiMLpFyN3w/qiMDpFyN33e/qiMmpFyN34/qiMLpFyNf:HAN3GB/qiMippAN3rn/qiMLpAN3w/qi4
MD5:	46B8388F178B582A7DE7F20638800249
SHA1:	F6A2EC3A57542FA3E8B95D2AEDF01FDC66C5AAC0
SHA-256:	AF845BEA0E91B64F11A6B76A6DB596EB72C2F1CBF27BC5B96A3F7DAF0F559219
SHA-512:	286C9D0F0ECC8D98CB6E735F19DD786A379124C6011ED3CE1BC8E9952E087A38CF11F825EF542CDD86765977849D1E207CB85B6D16EE3C409BC547294158EC4F
Malicious:	false
Reputation:	low
Preview:	0\r..m......Z.....9....._keyhttps://www.visme.co/wp-content/themes/visme/js/masonry.pkgd.min.js .https://visme.co/...ko(/....................+9...C.o.....7E.s;..../..:d...A..Eo.......\|^5.........A..Eo..................0\r..m......Z.....9....._keyhttps://www.visme.co/wp-content/themes/visme/js/masonry.pkgd.min.js .https://visme.co/..ono(/..............Y......+9...C.o.....7E.s;..../..:d...A..Eo.......hQ..........A..Eo..................0\r..m......Z.....9....._keyhttps://www.visme.co/wp-content/themes/visme/js/masonry.pkgd.min.js .https://visme.co/a.no(/..............i......+9...C.o.....7E.s;..../..:d...A..Eo...................A..Eo..................0\r..m......Z.....9....._keyhttps://www.visme.co/wp-content/themes/visme/js/masonry.pkgd.min.js .https://visme.co/.CJoo(/.....................+9...C.o.....7E.s;..../..:d...A..Eo........l..........A..Eo..................0\r..m......Z.....9....._keyhttps://www.visme.co/wp-content/themes/visme/js/masonry.pkgd.min.js .https://visme.c

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f31f33ae619631da_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	231
Entropy (8bit):	5.431297582628344
Encrypted:	false
SSDEEP:	6:m9nYET08NaYWbVOqZjtymglNWefrAhw5XhK6t:sDg8NaY8Zjt8lcefrv5X7
MD5:	D27A1BE7EA813897D24F86B8624FD747
SHA1:	FB74CCB533690C2A309957CDC2311E4A734C98BD
SHA-256:	50C3494AA4257D6CA0933CD4E3E50108AF9FEF668408B7DAC75F3992B9362BD1
SHA-512:	D0BAA4CEA828398A46711E75A3CD17F52BAFCFECAD75E2D57DEC834BEE441E026B995D65C6E39BC8D16DE2D053EE1F776902847607D6D2F8AD28028943A7D561
Malicious:	false
Reputation:	low
Preview:	0\r..m......c...a......._keyhttps://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js .https://windows.net/=.~mo(/.............n................s...V....p...:..<VV....A..Eo...................A..Eo..................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f6dbe2b0af0cc202_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	97840
Entropy (8bit):	5.831024534624953
Encrypted:	false
SSDEEP:	1536:lp2SKlksOHtrhqQNIWTo0Xvlox9xk7eQTwbwG/oZ96oubR1wpRVamJ:OTlkscaes9x4JW6J
MD5:	8183DDDA51C96D37D871D10365676B42
SHA1:	7A41C69F76172B5F8E54319E7CEAD879E589384E
SHA-256:	8ECB61E55B425CA7C3910D75D37E3327D764C455BCD1A1D220C71E899DC81170
SHA-512:	34759C64DDCA9B18D2FEA88FCE1F05DA9A674D34582F7B2724CC6F35484BE86A0BABCE4EE0E7F17837F1EED9292218B729D2AD9CA272934ED6B86EDE965BCF36
Malicious:	false
Reputation:	low
Preview:	0\r..m......@.....-.....93EEECF2EFB948B8B406C2DA3E003D865C698C6E77F02911AAF68E50F2FB8D44..............'..]....O!....\|......................`&......................................................................................................`....................(S.H..`L.....L`.....(S.p.`......L`.....0Rc..................Qb..n.....t...`....I`....Da....j.....Q.@.f.$....module....QcJ.e.....exports...Qc...7....document.(S........5.a...............a..............a..........A....a............a...........Pc.........exportsa..../...I.....@.-....LP.!.....@...https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.jsa........D`....D`....D`..........`....&...&..!.&....&.(S...a&..`\|L.......L`.........Rcd...........*.....Qb..C[....C.........Qb..Y_....r.....Qb"Et.....s..........R.....S...Qb~.:.....n.....Qb^/......o.....Qb".......v......M...Qb.D2.....l.....Qb6.......y.....Qb.B......m.....Qb>..i....x.....Qb.I......E.....Qb...'....c......O...Qb.]B....w.....Qbz.......S.....Qbj..C....p.....Qb.^

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fbd400e3d3d24fc3_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2247
Entropy (8bit):	5.826331217452391
Encrypted:	false
SSDEEP:	48:XYNjK3aqA4ezx3YqObhS40BYWnTja0kUlYotLLhElWLMo3k:eqZQxKifjRxhIWL3k
MD5:	53DD6A755BD07947871CF479A7423C4B
SHA1:	81049E28414BF30AE55D031E745F0DCA267ED077
SHA-256:	D63CEEAF7A9CA6AC8AD0AF06EB2D4C34637C4F0D3BC5063CAF5864B3C5F1C286
SHA-512:	4677C47B741744269E3165EBB619F8923CC75AD28A59301786D60A585843591782C76639E941EEF5967EA8B59738CE9673B124E84008C37735AE1FFD07538F1F
Malicious:	false
Reputation:	low
Preview:	0\r..m......?......>...._keyhttps://dashboard.visme.co/js/channel.js .https://visme.co/..&ko(/.............-.........&.W...^..`...'o....o..../..o..A..Eo......P.(..........A..Eo....................&ko(/...................'.X.....O........................................(S.0..`......L`.....(S.}..`.....xL`8....(S.d.`..... L`......Qc...7....document..Qc.:>.....cookie....Q.@~.......match........Qc...v....=([^;]+)I..K`....Ds ................&.(...&.(...&....&...4..&.%.e....&.Y...............&...*........(Rc..................Qd........getCookie...`....Da<...........e..........P..<.. ........@.-....4P......(...https://dashboard.visme.co/js/channel.jsa........D`....D``...D`.....$...`....&...&....&....&.(S.....Ia........IE....d....................&.(S...Ia(...l...IE.d....................&.(S...Ial.......IE.d....................&.(S...Ia....O...IE.d....................`$...DI]d......................Qc......FormData..Qc...(....append....Q.@.......referrer......Qbf.<.....pageI..Qc..x.....loca

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fbeef185f77778d5_0 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	351
Entropy (8bit):	5.873601665907912
Encrypted:	false
SSDEEP:	6:mrtlXYSHT8NWQAJ5IJHNNK6lVgPk45itbK6t4r6P8uqen/EG5bnpgPk4rM:Qz8NWQKWJHfKqVaCGr6PrnsGFp
MD5:	A9B4DC942EEBECAEC0010CAB7EE7D4E2
SHA1:	33CDB1CDB6472B3A5B91A701084146BA0BDFE00E
SHA-256:	ED4B388657D724C3E312C0DC3560DA8ED3834A7136B98C88DE299EF338088410
SHA-512:	DD3A8F023D0594A1BE70FD3BB37C7398E5D8CD4D5C0E7132872477C81D7F71B744170E5DE53E9AF053548C4FB09714E63CAFFEF384480A9EA9E8E6EC86A4334D
Malicious:	false
Reputation:	low
Preview:	0\r..m......W..........._keyhttps://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js .https://visme.co/.."ko(/.............u.......x....x.~aH.?.7:~.....^M..e.7..F.A..Eo..................A..Eo...................."ko(/..}..93EEECF2EFB948B8B406C2DA3E003D865C698C6E77F02911AAF68E50F2FB8D44x....x.~aH.?.7:~.....^M..e.7..F.A..Eo......u.9eL.......

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	24576
Entropy (8bit):	2.3467951376905947
Encrypted:	false
SSDEEP:	96:dNwsTgKqQ7Noj2zya8T3KNZtuM8WNwPjYEHXzypONQqI8T3KNZaMmS:dusQQ7NoCzy5M8WuPcszyIasM5
MD5:	6CC40ED7A8037A8141822DB027DA8EA1
SHA1:	EC1384D87AF0CFB284F51405067A04698C1CA947
SHA-256:	BE8C2834DDCCC2CD41FA801C6AE659200CEDEB605E78E5DE6CE3F394B78DFF1E
SHA-512:	37158E89C82CEDC45EDAAFBF486D49E3E1CCEA821004B0118D0E11D58BB5EFCA52749D7D218E90D524555355009FB1AB416A4E2664389829AB682C2E9004ECDF
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	25672
Entropy (8bit):	1.597168792743927
Encrypted:	false
SSDEEP:	96:eNecNwvM8BTgKqQ7Noj2zya8T3KNZKpMNwf:eNecuvM8BQQ7NoCzyrpMuf
MD5:	DA7524B11C4AD74333E7E639A1605B26
SHA1:	148ACAAC912759D03F0A2986AD3D2562FD87B0CE
SHA-256:	1769067D51EC67EA480FB5D257953DAA0ADB5A72D7CCDCC790EBF3ED9BDA3B92
SHA-512:	F2EDBFFCD5FC7EE0672B2E98FE4BD7497A312DB232AB370A0E59881B498B4AA048F45B42A669DA27887C2106A68156064E91BDFFAF44F8BC8E6CCC4CF93BC1A3
Malicious:	false
Reputation:	low
Preview:	..............k........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	85233
Entropy (8bit):	4.53570152989821
Encrypted:	false
SSDEEP:	768:y1YI7Bi0GFakBNAtF3uRgY3BwUBud9SQgLdr0GFakBNAtFNEGha:y1YI7U0IakBN0F2/0IakBN0FNEGha
MD5:	442DEDF44C458182CEC029EF8E58BD0B
SHA1:	1912F2B49C5B52F8F11711BAC48DA5BA8C021B87
SHA-256:	1B674AD2D66B97C8522566623D256FC1ACE160A4BB71E0E7DFCFDC44C4687147
SHA-512:	5EA91CCD25C7A5E51CF395FDE7271ADDEC8C2523412ECA04CD93203CF0ACBE1B2F853A92F654D2A97DDCEAAD74982515E2D7418787AEA783D3413ED0A4E5C451
Malicious:	false
Reputation:	low
Preview:	SNSS....................................................!.............................................1..,.......$...f3824aac_1e7a_4aab_9972_05b9ed240f6c......................]..F................................................................................5..0.......&...{730C75E3-B87A-4292-818B-DC8F984D08AE}.............u..p...........8...https://my.visme.co/view/y4mrjzjj-rolling-components-ltd....R.o.l.l.i.n.g. .C.o.m.p.o.n.e.n.t.s. .L.t.d.t...p.......h...................................h.......`.........................................................-"......-"............................................x...8...h.t.t.p.s.:././.m.y...v.i.s.m.e...c.o./.v.i.e.w./.y.4.m.r.j.z.j.j.-.r.o.l.l.i.n.g.-.c.o.m.p.o.n.e.n.t.s.-.l.t.d.........................P.......H...............................................0.......@.......X.......................h...0.......?.%. .B.l.i.n.k. .s.e.r.i.a.l.i.z.e.d. .f.o.r.m. .s.t.a.t.e. .v.e.r.s.i.o.n. .1.0. .....=.&.........................N.o. .o.w.n.e.r.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.8112781244591325
Encrypted:	false
SSDEEP:	3:3Dtn:3h
MD5:	0686D6159557E1162D04C44240103333
SHA1:	053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256:	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512:	884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious:	false
Reputation:	low
Preview:	SNSS....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	164
Entropy (8bit):	4.391736045892206
Encrypted:	false
SSDEEP:	3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+Gg:qT5z/t2qoEwhXeLKB
MD5:	0A906A9A542CDF08FF50DAAF1D1E596E
SHA1:	B97D6274196F40874A368C265799F5FA78C52893
SHA-256:	EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
SHA-512:	8795E905B711ADE6B1C4B402D50AF491B64D157AA738669482DDBFC30E857DF970BFFB774A925F3F4A0802BD27AFAF939CE140894FF09B67FB9C0BB83ED4491A
Malicious:	false
Reputation:	low
Preview:	.f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.221835394660744
Encrypted:	false
SSDEEP:	6:myfC+q2Pwkn23iKKdK8aPrqIFUtpbfoZmwPbfrVkwOwkn23iKKdK8amLJ:rfTvYf5KkL3FUtpbfo/Pbfx5Jf5KkQJ
MD5:	AFDFC60FF7C24B5D686E3C6EB2D0868A
SHA1:	B400D99DF35A1FDA28AD60D8F18E7645EB63CE39
SHA-256:	70D56CEA63AF99E20AABDF10D82E3FB40AB57E774D7BDB9D1C1E237778025831
SHA-512:	79ABCC63A0E360F165FB2AA1BC49EB7EFFCCE3C9FAC299F4DE5C44B5C8FE120284C079D7EA68EFB43BAC7A4C1F7CDF9BB0E2EE924BC7B8BEBBBD39E2124BC590
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.370 1a88 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/08/18-19:54:58.372 1a88 Recovering log #3.2021/08/18-19:54:58.373 1a88 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.221835394660744
Encrypted:	false
SSDEEP:	6:myfC+q2Pwkn23iKKdK8aPrqIFUtpbfoZmwPbfrVkwOwkn23iKKdK8amLJ:rfTvYf5KkL3FUtpbfo/Pbfx5Jf5KkQJ
MD5:	AFDFC60FF7C24B5D686E3C6EB2D0868A
SHA1:	B400D99DF35A1FDA28AD60D8F18E7645EB63CE39
SHA-256:	70D56CEA63AF99E20AABDF10D82E3FB40AB57E774D7BDB9D1C1E237778025831
SHA-512:	79ABCC63A0E360F165FB2AA1BC49EB7EFFCCE3C9FAC299F4DE5C44B5C8FE120284C079D7EA68EFB43BAC7A4C1F7CDF9BB0E2EE924BC7B8BEBBBD39E2124BC590
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.370 1a88 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/08/18-19:54:58.372 1a88 Recovering log #3.2021/08/18-19:54:58.373 1a88 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	570
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
MD5:	D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A
SHA1:	FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7
SHA-256:	99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
SHA-512:	86FD07C34B9ABD4C52BA19EAE291936F92BC6D38A75C021EDC1DEDBC15617669876180CD99F959C62476D82EC6BB9F5FE4C6CB4D82CB037EFB76D99A4D3D9C51
Malicious:	false
Reputation:	low
Preview:	.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.166778594790618
Encrypted:	false
SSDEEP:	6:mLnZ3+q2Pwkn23iKKdK8NIFUtpUnwXZmwPUn+VkwOwkn23iKKdK8+eLJ:1vYf5KkpFUtp9X/PR5Jf5KkqJ
MD5:	E43AB8FA56EDFBCAF6DC5B35C703476C
SHA1:	6E3B6F3C31851AACAB90BE382225B0D5FFA499B0
SHA-256:	2888D3CA70A0341604410AD0F4C28065DAA09ED611A73BA44D9ACC1F31F9A2BD
SHA-512:	8E7E4BE27865F7E9094C287D5E126FE2C407EA6CD7B70E1D3585B0D6D18AB4E2FD6C4053F67DF7987A41C588E1FEA54D2600B8D716F7C404C86AF32F2B1B40C5
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:00.688 1a28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/08/18-19:55:00.690 1a28 Recovering log #3.2021/08/18-19:55:00.692 1a28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.166778594790618
Encrypted:	false
SSDEEP:	6:mLnZ3+q2Pwkn23iKKdK8NIFUtpUnwXZmwPUn+VkwOwkn23iKKdK8+eLJ:1vYf5KkpFUtp9X/PR5Jf5KkqJ
MD5:	E43AB8FA56EDFBCAF6DC5B35C703476C
SHA1:	6E3B6F3C31851AACAB90BE382225B0D5FFA499B0
SHA-256:	2888D3CA70A0341604410AD0F4C28065DAA09ED611A73BA44D9ACC1F31F9A2BD
SHA-512:	8E7E4BE27865F7E9094C287D5E126FE2C407EA6CD7B70E1D3585B0D6D18AB4E2FD6C4053F67DF7987A41C588E1FEA54D2600B8D716F7C404C86AF32F2B1B40C5
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:00.688 1a28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/08/18-19:55:00.690 1a28 Recovering log #3.2021/08/18-19:55:00.692 1a28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	11217
Entropy (8bit):	6.069602775336632
Encrypted:	false
SSDEEP:	192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
MD5:	90F880064A42B29CCFF51FE5425BF1A3
SHA1:	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
SHA-256:	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
SHA-512:	D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	23474
Entropy (8bit):	6.059847580419268
Encrypted:	false
SSDEEP:	384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
MD5:	6AE2135EA4583C2F06CDEBEA4AE70FA4
SHA1:	DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
SHA-256:	03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
SHA-512:	B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	57344
Entropy (8bit):	2.0291971576454433
Encrypted:	false
SSDEEP:	192:7B+7LvIFlv+3qiJgI7LvIFlv+Ztpg1tTAQbRUYfmUlraUeXD:1+77I7vE/77I7vNtT/hz4D
MD5:	DFC6CDCB13A9E259D3A9E7C67D2FFBB6
SHA1:	DF89CAF310B60104AAE99D150C30F944B525B879
SHA-256:	2A3B3FC5439EDDA0592D693C2D7ECA877AD0AA279A71685E49D7FFB2C709D664
SHA-512:	72C7843645F47B83C70D9E06C1423261795C2D9064FB92698F044BC04F2B9C1CFFEB0D739860FB3B4FC931B04968CC41AF319E49081FB88489F267170BFE1B77
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	62756
Entropy (8bit):	1.2630514547835718
Encrypted:	false
SSDEEP:	96:FM1KvCBCp+UsFLZhfIfNmC1Rl+QSBCoQdIdhLGchh6+4RZVhvm6zrXcVhzpS6c:FMkv4q+7LvIFlv+Qod34LmKd1
MD5:	878BA4B12F69B713DD3CDC1E5FE56E48
SHA1:	1675614230FFAF9B7B762287B13585C15450B303
SHA-256:	06457CCE10C8EEBFA77A0319FFE1FD3EE966CE466C5962B4656B95AE699DA515
SHA-512:	D1145CBEC2B78CFEA8ED4965B6F731808CDE6D62FFAAC19F8AF7F56879FD7BFB8653A8740BFF6DA6D917233AA35D6B30740A8AC0CFC3D76D06681EF55C1EA699
Malicious:	false
Reputation:	low
Preview:	............2..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	3:FQxlX:qT
MD5:	0407B455F23E3655661BA46A574CFCA4
SHA1:	855CB7CC8EAC30458B4207614D046CB09EE3A591
SHA-256:	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
SHA-512:	3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
Malicious:	false
Reputation:	low
Preview:	.f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	372
Entropy (8bit):	5.255487218000985
Encrypted:	false
SSDEEP:	6:mEN+q2Pwkn23iKKdK25+Xqx8chI+IFUtpIdkmWZmwPQ3VkwOwkn23iKKdK25+Xqp:F+vYf5KkTXfchI3FUtpg4/P8V5Jf5KkI
MD5:	02F126C392C1E5E4C81DAE27784728F7
SHA1:	7E7AA5ABCD80345814E74911A56BE518115665DF
SHA-256:	66AD3BFD4C3BC538351AED2AA613F0A204CEB009C4FF25400E62CCCAC87EEF18
SHA-512:	426C0AB0E891E3CD5F600D1FCE1FD6A30E9A368CB3F602656B63A8F47A8735998CAFF0AC9F569A3A3FC3744746D24922890FF6A37EA67B259AFEFA7BAB23B819
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.620 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/08/18-19:55:16.622 180c Recovering log #3.2021/08/18-19:55:16.623 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldit (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	372
Entropy (8bit):	5.255487218000985
Encrypted:	false
SSDEEP:	6:mEN+q2Pwkn23iKKdK25+Xqx8chI+IFUtpIdkmWZmwPQ3VkwOwkn23iKKdK25+Xqp:F+vYf5KkTXfchI3FUtpg4/P8V5Jf5KkI
MD5:	02F126C392C1E5E4C81DAE27784728F7
SHA1:	7E7AA5ABCD80345814E74911A56BE518115665DF
SHA-256:	66AD3BFD4C3BC538351AED2AA613F0A204CEB009C4FF25400E62CCCAC87EEF18
SHA-512:	426C0AB0E891E3CD5F600D1FCE1FD6A30E9A368CB3F602656B63A8F47A8735998CAFF0AC9F569A3A3FC3744746D24922890FF6A37EA67B259AFEFA7BAB23B819
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.620 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/08/18-19:55:16.622 180c Recovering log #3.2021/08/18-19:55:16.623 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	358
Entropy (8bit):	5.199404861989519
Encrypted:	false
SSDEEP:	6:mPI+q2Pwkn23iKKdK25+XuoIFUtpUWZmwPQUW3VkwOwkn23iKKdK25+XuxWLJ:6I+vYf5KkTXYFUtpz/Pw3V5Jf5KkTXHJ
MD5:	8842EB85C736C576D321369A97532086
SHA1:	1A91117C04BA855EB28640875AD3EE164C849EDC
SHA-256:	F6AB4362D2507F4D678A3D92DAE433D064BE024B64C60C7C31B64259B027823B
SHA-512:	29CB09CFAB45BFD428951F8A21F1F8072BB07DDC51E7BE1D5C590FECFCEEEB7DA8CC30C8208F22B73EEB5ECC36A51D75934B66B81803939D47CDFEB70BD03172
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.606 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/08/18-19:55:16.608 180c Recovering log #3.2021/08/18-19:55:16.609 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	358
Entropy (8bit):	5.199404861989519
Encrypted:	false
SSDEEP:	6:mPI+q2Pwkn23iKKdK25+XuoIFUtpUWZmwPQUW3VkwOwkn23iKKdK25+XuxWLJ:6I+vYf5KkTXYFUtpz/Pw3V5Jf5KkTXHJ
MD5:	8842EB85C736C576D321369A97532086
SHA1:	1A91117C04BA855EB28640875AD3EE164C849EDC
SHA-256:	F6AB4362D2507F4D678A3D92DAE433D064BE024B64C60C7C31B64259B027823B
SHA-512:	29CB09CFAB45BFD428951F8A21F1F8072BB07DDC51E7BE1D5C590FECFCEEEB7DA8CC30C8208F22B73EEB5ECC36A51D75934B66B81803939D47CDFEB70BD03172
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.606 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/08/18-19:55:16.608 180c Recovering log #3.2021/08/18-19:55:16.609 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	330
Entropy (8bit):	5.254807921446507
Encrypted:	false
SSDEEP:	6:mJH+q2Pwkn23iKKdKWT5g1IdqIFUtpSWZmwPxVkwOwkn23iKKdKWT5g1I3ULJ:s+vYf5Kkg5gSRFUtpt/PxV5Jf5Kkg5gZ
MD5:	EF6A9634BF6D6B2443189B1B761ED95D
SHA1:	1E8C9E4180DFA347A5938778BB3CDAEEBB72095C
SHA-256:	E5BD556C73782EDF374781ED5DE913DE37435B4E660835B714730D55845A60A8
SHA-512:	ED8E0047EDBF862F8141A992BA39388E8D191B89151666BE4B48B7CD550151595D02D3E676369FFDB45BB91D6E4D15D24072A64966971FD7F990D4C375359D2E
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.483 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/08/18-19:55:16.484 180c Recovering log #3.2021/08/18-19:55:16.484 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old79 (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	330
Entropy (8bit):	5.254807921446507
Encrypted:	false
SSDEEP:	6:mJH+q2Pwkn23iKKdKWT5g1IdqIFUtpSWZmwPxVkwOwkn23iKKdKWT5g1I3ULJ:s+vYf5Kkg5gSRFUtpt/PxV5Jf5Kkg5gZ
MD5:	EF6A9634BF6D6B2443189B1B761ED95D
SHA1:	1E8C9E4180DFA347A5938778BB3CDAEEBB72095C
SHA-256:	E5BD556C73782EDF374781ED5DE913DE37435B4E660835B714730D55845A60A8
SHA-512:	ED8E0047EDBF862F8141A992BA39388E8D191B89151666BE4B48B7CD550151595D02D3E676369FFDB45BB91D6E4D15D24072A64966971FD7F990D4C375359D2E
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.483 180c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/08/18-19:55:16.484 180c Recovering log #3.2021/08/18-19:55:16.484 180c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	155648
Entropy (8bit):	0.6325924447910437
Encrypted:	false
SSDEEP:	384:vq+nOUNmNUKVnOcNmEUxVnOuNmvXU3VnOHNm/UC:vyH8d8f28s
MD5:	80E1DB272519B41FF66A4CE1DFC1A643
SHA1:	EC5D82D9477A0B9A54BBA500EE7307AE613E7770
SHA-256:	C928CF3DB79F8224B19CF5730E1FA486C06FE4ABCFB0E4D1E23B9BFA9505CE5D
SHA-512:	0EBF0135B23B30AB4DD0AEAEDF79B58FE511119BB05F75DA6838ABB89874495596E9F5110DD9814C80058069718D390D42586E15B630567804ABFC5D782EA903
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	981
Entropy (8bit):	5.61696779657851
Encrypted:	false
SSDEEP:	24:ImXUDIKWFt6CxCRngr8RduyNBDOxo73cyjebtKrfHmPyjetJ:vXEIKstjxungrQ/thr/mqO
MD5:	F40E3D7E49962E949B2140DE1B53EF76
SHA1:	0DABC80E4FB979CDFBE4348FA16EC42329CAD76D
SHA-256:	A56CA6C873CD0D231FACB39CC239AD92F5C9D4B61F458C9BBB7BC9C82B866892
SHA-512:	CD4458D9773BB94329951AA370CE12C5ECC8B124A2D0DAB881916BCE2AF2A89D76A55841B9FBCBEF3031E20A074E2C6A87BF91BAB9357DFDB462F2F4930F2D47
Malicious:	false
Reputation:	low
Preview:	............."`....bar..co..cta..http..top..vc..visme..www..https..components..ltd..my..rolling..view..y4mrjzjj........bar......co......components......cta......http......https......ltd......my......rolling......top......vc......view......visme......www......y4mrjzjj..2.........4........a.........b........c...........d........e..........g........h.........i..........j........l.........m...........n.........o...........p...........r..........s..........t.............v..........w.........y.........z...:.....................................................................................................................................................B.....G...... ........#http://www.visme.co/?vc=Top-Bar-CTA2.:.................r...... .......8https://my.visme.co/view/y4mrjzjj-rolling-components-ltd2.Rolling Components Ltd:................M...... ........$https://www.visme.co/?vc=Top-Bar-CTA2.:.....................J2.............."*5.................. .............!

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	187812
Entropy (8bit):	0.5595458739555648
Encrypted:	false
SSDEEP:	384:+TryLnOMUWNmAVnOAU0NmZVnOlUGKNmS4VnORUENmD:+HC8B8dW482
MD5:	5AF5C67F5526D751D7023F580A63D32F
SHA1:	84DC4A84E347E926D82C16B0793D5C0B9A7833CE
SHA-256:	015B0A67A920C559AAEAE5FDCFBF1A487BF3416AB27029581A6F368C42792509
SHA-512:	B4CB5783507F549F6514A4C119194E3C571315DD6DA7E48E7D0D91AEF5EF809111DF710BA5CC967FD9F00954A0E3BB73E5396C230104FB3210D081053C847B76
Malicious:	false
Reputation:	low
Preview:	.............[.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	85233
Entropy (8bit):	4.53570152989821
Encrypted:	false
SSDEEP:	768:y1YI7Bi0GFakBNAtF3uRgY3BwUBud9SQgLdr0GFakBNAtFNEGha:y1YI7U0IakBN0F2/0IakBN0FNEGha
MD5:	442DEDF44C458182CEC029EF8E58BD0B
SHA1:	1912F2B49C5B52F8F11711BAC48DA5BA8C021B87
SHA-256:	1B674AD2D66B97C8522566623D256FC1ACE160A4BB71E0E7DFCFDC44C4687147
SHA-512:	5EA91CCD25C7A5E51CF395FDE7271ADDEC8C2523412ECA04CD93203CF0ACBE1B2F853A92F654D2A97DDCEAAD74982515E2D7418787AEA783D3413ED0A4E5C451
Malicious:	false
Reputation:	low
Preview:	SNSS....................................................!.............................................1..,.......$...f3824aac_1e7a_4aab_9972_05b9ed240f6c......................]..F................................................................................5..0.......&...{730C75E3-B87A-4292-818B-DC8F984D08AE}.............u..p...........8...https://my.visme.co/view/y4mrjzjj-rolling-components-ltd....R.o.l.l.i.n.g. .C.o.m.p.o.n.e.n.t.s. .L.t.d.t...p.......h...................................h.......`.........................................................-"......-"............................................x...8...h.t.t.p.s.:././.m.y...v.i.s.m.e...c.o./.v.i.e.w./.y.4.m.r.j.z.j.j.-.r.o.l.l.i.n.g.-.c.o.m.p.o.n.e.n.t.s.-.l.t.d.........................P.......H...............................................0.......@.......X.......................h...0.......?.%. .B.l.i.n.k. .s.e.r.i.a.l.i.z.e.d. .f.o.r.m. .s.t.a.t.e. .v.e.r.s.i.o.n. .1.0. .....=.&.........................N.o. .o.w.n.e.r.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsn (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.8112781244591325
Encrypted:	false
SSDEEP:	3:3Dtn:3h
MD5:	0686D6159557E1162D04C44240103333
SHA1:	053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256:	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512:	884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious:	false
Reputation:	low
Preview:	SNSS....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PGP\011Secret Key -
Category:	dropped
Size (bytes):	4975
Entropy (8bit):	5.521508643119635
Encrypted:	false
SSDEEP:	96:LTBuEk/Yeb2kYo80a79MWdbA1F9bQ5fgGjrS0BReHd:fMEeCey9tdM1F9E5fgiyd
MD5:	3D0C6C2EA5F3059BAB26613CED2579A3
SHA1:	DDC83883C7BA09C03FBACFA989E46C04EFCB49AE
SHA-256:	ACC7072D69D53A26E200C9F7E1984D2C232B22B776567D49CBCCCC29A7B69CCF
SHA-512:	E7EFD29E32F5695B68313D4D4B300FC2D8161AD62F7E0A06EFC94A2207416F07621AD1EEA86114BF1F8A06B1A31F8E53705891CA1BDD0273204BB1ADF08CBBDE
Malicious:	false
Reputation:	low
Preview:	.."....*.............META:https://my.visme.co.............._https://my.visme.co.._at.cww'.{"value":true,"expires":1629311106264}.9_https://my.visme.co..at-lojson-cache-ra-5411da2048bc494d...{"pc":"shin","subscription":{"active":true,"edition":"BASIC","tier":"basic","reducedBranding":false,"insightsEnabled":false},"customMessageTemplates":[],"config":{"_default":{"widgets":{"shin":{"countsFontSize":"60px","hideEmailSharingConfirmation":false,"counts":"one","widgetId":"t3nv","shareCountThreshold":0,"originalServices":"facebook_like,tweet,pinterest_pinit,counter","services":"slack","label":"SHARES","__hideOnHomepage":false,"numPreferredServices":3,"borderRadius":"0px","size":"32px","titleFontSize":"18px","elements":".addthis_inline_share_toolbox","responsive":"979px","creationTimestamp":1612819856949,"iconColor":"#FFFFFF","counterColor":"#666666","hideDevice":"none","style":"responsive","id":"shin"},"8shr":{"hideEmailSharingConfirmation":false,"counts":"one","shareCountThreshold":0,"orig

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	332
Entropy (8bit):	5.178048543093657
Encrypted:	false
SSDEEP:	6:myfMFd/+q2Pwkn23iKKdK8a2jMGIFUtpbfOFBZmwPbfAFPNVkwOwkn23iKKdK8as:rfEgvYf5Kk8EFUtpbfOz/PbfgPz5Jf5i
MD5:	E5FFADD6C265A6134D30ABCEB142D34E
SHA1:	BA65CD6C1D359AEA926829C102FEEAAC05C7FB8D
SHA-256:	2B8DCD24BF89D12D0F2579D3EB900C957966537E586A5D18E599E0203E169B5D
SHA-512:	F933C23357E765D8B1B4965C3993C05F7100558EB80008FAD066C4FD1D2C2A53AC279EB0C665BE5A80DEDB41A9A5746BB5ACADF29770E56D559529EDC046B561
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.055 1a88 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/08/18-19:54:58.057 1a88 Recovering log #3.2021/08/18-19:54:58.059 1a88 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	332
Entropy (8bit):	5.178048543093657
Encrypted:	false
SSDEEP:	6:myfMFd/+q2Pwkn23iKKdK8a2jMGIFUtpbfOFBZmwPbfAFPNVkwOwkn23iKKdK8as:rfEgvYf5Kk8EFUtpbfOz/PbfgPz5Jf5i
MD5:	E5FFADD6C265A6134D30ABCEB142D34E
SHA1:	BA65CD6C1D359AEA926829C102FEEAAC05C7FB8D
SHA-256:	2B8DCD24BF89D12D0F2579D3EB900C957966537E586A5D18E599E0203E169B5D
SHA-512:	F933C23357E765D8B1B4965C3993C05F7100558EB80008FAD066C4FD1D2C2A53AC279EB0C665BE5A80DEDB41A9A5746BB5ACADF29770E56D559529EDC046B561
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.055 1a88 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/08/18-19:54:58.057 1a88 Recovering log #3.2021/08/18-19:54:58.059 1a88 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	49152
Entropy (8bit):	1.3401916791597155
Encrypted:	false
SSDEEP:	96:vOqAuhjspnWOXOqAuhjspnWOYXJOqAuhjspnWOOYEnOqAuhjspnWOvnb8BzWL8VD:H+hNmEvzVNE4
MD5:	7B552C21D929D54803228D4488D944FD
SHA1:	51A174C8E7A7A1037B6CE76DC474BC62A8D5D2C0
SHA-256:	7FADAD0CAA07383F326D3225F7225EE6E91A45BD8FA87079BB18CBD14D2E8286
SHA-512:	52FACEC4054EBF88ECD66433C3F69F3C20B993BD96B22C38A34481773F0629040A78AEC3E523519C85FCA5EB4461B7BD8BCDD581ED539C98CA676C120AB413CA
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C.......,......\.t.+.>...,............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	51344
Entropy (8bit):	1.1227056682651047
Encrypted:	false
SSDEEP:	96:rkUOqAuhjspnWODPkOqAuhjspnWO70OqAuhjspnWOWYEzEOqAuhjspnWOe:IyeiOSSEzCV
MD5:	C7E7DC9D59ED56DECD097817CCC9E4BC
SHA1:	6C705B3D7050DD8C2A7901B7EC3E3C5A068A24B4
SHA-256:	FA5FCB9E607109C528859412A0B1FA77ECC7918BA3B1A57AA52B617EE65DE157
SHA-512:	5DAB65D5FBE116F2D8310136BE44C7C06A043D02849F8C9B4E0C5DD9FE1A9A91E5369DF4C440D645A24C914903189A47DBBC55819B96142B49DE60E1D5EB57DA
Malicious:	false
Reputation:	low
Preview:	............).^.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State21 (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5053
Entropy (8bit):	4.847047183793815
Encrypted:	false
SSDEEP:	96:JzMKDHGXOb0AgAI66oG6KKl6j+6h1EFNJatroUjacGFGeGdGl6NCo06MLwhM:JzMKDHGXOb0AgAI66oG6Ke6j+6hKFNJ7
MD5:	0ABCB9B43BF7A7632587C582D5C1124D
SHA1:	B9C1331B0AF2ECF6869CAEC26A0A6ECE70D10C5A
SHA-256:	03BD90BA82CF319F437BC714461E75BF0D6312BC4780E162E4EDCEF2EF7AE092
SHA-512:	B6BF06F91D6EA92CCBD92EB82333C610F36A0F14CD4F1440D5789D35C97570BE863BF429B947B5C7D5DFDC632B3AF355D47B401BFF897112A00881592F3DF7EA
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13276374901658576","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"isolation":[],"server":"https://z.moatads.com","supports_spdy":true},{"isolation":[],"server":"https://a.nel.cloudflare.com","supports_spdy":true},{"isolation":[],"server":"https://s7.addthis.com","supports_spdy":true},{"isolation":[],"server":"htt

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateC6 (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3473
Entropy (8bit):	4.884843136744451
Encrypted:	false
SSDEEP:	96:6FGX0G70GhIGpyGzRDYLiEHYDBKGzUGaCGjHGESHG/OG6mhM:6Fe0i0sIIyGzRDYLiEHYDBKSUpCQHrSP
MD5:	494384A177157C36E9017D1FFB39F0BF
SHA1:	CE5D9754A70CD84CEE77C9180DB92C69715BE105
SHA-256:	07CF0A5189FAD30A4AA721F4F6DA1B15100991115833EACFA1E2DC84A1B54337
SHA-512:	BFB80EEC0C0B5D9E487047703BE49826321A4D249422E0C81E978E6C8A310F41C7B4B8F849229BA87484FDF4831DD6A98FF994D0FDA5CE3D341CE615C15F2F1C
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607497410","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":27387},"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607334226","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34287},"server":"https://ssl.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607463627","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31787},"server":"https://fonts.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607318875","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":23359},"server":"https://apis.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	334
Entropy (8bit):	5.210696749021486
Encrypted:	false
SSDEEP:	6:myfIn+q2Pwkn23iKKdKgXz4rRIFUtpbfuHZmwPbfunVkwOwkn23iKKdKgXz4q8LJ:rfI+vYf5KkgXiuFUtpbf+/Pbfy5Jf5K2
MD5:	6B07938B90AF48798EAB69BA0B3DD498
SHA1:	B6525924B95A8C959AEDAAD0ABC12A0F5DDB4836
SHA-256:	930D88AB14F2D51C18DB11DA22C8F05C38C8B6A4CBE368F4DBE10F83BE846336
SHA-512:	37298AAC8C78EF944B2965D0531743AD06F6B6D98D770887296C4DF629F0BCD55E3D4E15FFB3B03EE4CEE69569F016694590ED4B49F6838077E93504B9209956
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.411 1a28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/08/18-19:54:58.413 1a28 Recovering log #3.2021/08/18-19:54:58.413 1a28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	334
Entropy (8bit):	5.210696749021486
Encrypted:	false
SSDEEP:	6:myfIn+q2Pwkn23iKKdKgXz4rRIFUtpbfuHZmwPbfunVkwOwkn23iKKdKgXz4q8LJ:rfI+vYf5KkgXiuFUtpbf+/Pbfy5Jf5K2
MD5:	6B07938B90AF48798EAB69BA0B3DD498
SHA1:	B6525924B95A8C959AEDAAD0ABC12A0F5DDB4836
SHA-256:	930D88AB14F2D51C18DB11DA22C8F05C38C8B6A4CBE368F4DBE10F83BE846336
SHA-512:	37298AAC8C78EF944B2965D0531743AD06F6B6D98D770887296C4DF629F0BCD55E3D4E15FFB3B03EE4CEE69569F016694590ED4B49F6838077E93504B9209956
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.411 1a28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/08/18-19:54:58.413 1a28 Recovering log #3.2021/08/18-19:54:58.413 1a28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesTM (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	6052
Entropy (8bit):	5.178327473922027
Encrypted:	false
SSDEEP:	96:niFLzC9NitQroIKIg5k0JCKL8vkU11kr1UIbOTlVuHn:nULe9NSIWh4KWkUDkreI
MD5:	383099B3F371D4F69DA16381788B82F8
SHA1:	9ACC755A8D178EE66F596E45450B73A94BAF0262
SHA-256:	CDB3559CEE43F40360190084C629F68DA791A4B4AFBD502CF48D6F3C15C93180
SHA-512:	F5DDFA94B882093FACCFC89A4B41815E217A822864E6863B58FA3CFDABCB8FFF608D241270D3D2EE110B556F5763827A2CF8BFD2AFECC4DED307B8F180175818
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13273782898362966","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences_8 (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5807
Entropy (8bit):	5.163354248271513
Encrypted:	false
SSDEEP:	96:niFLXC9NitQroIKIJ5k0JCKL8vkU1lbOTlVuHn:nULy9NSIfh4KWkUB
MD5:	79678D80A5C1CBF7C2952ECC894C328B
SHA1:	D54765D4D0D8146A8E905381A35841A202815D1A
SHA-256:	C6C12614824F42600CA59D5B6F76840890749678BE9BAED04806CB53176E354E
SHA-512:	98AFA05C07D2B0F14D8EA50673F7DA15E28CE310C4C237C097EF28C341A281BEE1AD9BE019896C6269A98FCEBFA54E2DB76D745F1C2FC3A00C8BC4C3887E00AA
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13273782898362966","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesr (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5211
Entropy (8bit):	4.963459246149448
Encrypted:	false
SSDEEP:	96:niFLLt9pIKIa5k0JCKL8vkU1lbOTlVuHn:nUL59pIEh4KWkUB
MD5:	4221627636DBD65D2D9FD53FAD225A12
SHA1:	3DEB5BA8AFA33FF4597427E0DDD54EB37BD5F416
SHA-256:	13AEA7D8CB4311330A4F1DF413606FFA43626969C1D270EA37FC68A7DF6E2999
SHA-512:	705BC4929477DE7821FCFC82C74ACFD9D4AD6E6B519B20DC2171DAC2AA8BDD52D4A43B6005F27C74DA0B41F56673B913367982996BB1EC1F661A5BE9294A47CA
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13273782898362966","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	81920
Entropy (8bit):	2.399778447268279
Encrypted:	false
SSDEEP:	192:wIElwQF8mpcSkk6Ypz9QvQw/pz9QqAhVIUStiIElwQF8mpcSvempz9QuNhxis1pu:wQ1cVot2vkk65ptbvkKc0
MD5:	2B1BFBA21DAF55B839EA7F62CFEE32F2
SHA1:	5F143FD8182BD8BB56BB88C655C414A39B802F5E
SHA-256:	B6B445FBF57145B09CEB5D0C050C8A53F13B68DEF359F0979B5FD2FAC075ED02
SHA-512:	30E16CC9E18E1D660480C50EF354698AA12B1F13C110DCC73ADF5EE3E95CF85E8E2B062CC275F459AC38087398BC6FEEFF9FF7FB5EEDEC2409B6E90E67FFA2E3
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C..........g...^.........j............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	83652
Entropy (8bit):	1.8255743092922778
Encrypted:	false
SSDEEP:	192:dhIElwQF8mpcSv7jYpz9QvQb/pz9QqAyxIUStixIElwQF8mpcSFWmpz9QuNhxiSn:d7rgfxotinvkmz/B
MD5:	758E1B2673D4CA3530AF0280AE6F829C
SHA1:	37A7FE493B3A8DA10CA798DC0817E3005080C638
SHA-256:	CD35B51B3CE97540B19E97353E8F1AC4F3B0EAA636103B0BA2E17C2EF294FFC4
SHA-512:	28E2FA3C8CF2A1AA8636D76D90DC1887934D976A019262E459C3D9FF466C67F69616237169E252989CC494BB927223D9870098D67F67D1C5CD0EEC05C91BB0E3
Malicious:	false
Reputation:	low
Preview:	............v...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	22602
Entropy (8bit):	5.536699083748547
Encrypted:	false
SSDEEP:	384:bUKtKLlLvX11kXqKf/pUZNCgVLH2HfDhrUKHGYnZV9w/Lg4Y:kLlj11kXqKf/pUZNCgVLH2HfFrUaGYn9
MD5:	7EB2B4DDC5E9FC9D7ABBADB264200B91
SHA1:	9AF68A115A035A06606CB7B0A67AB9C39CFFA8DB
SHA-256:	983779D85698D046C5F90493D9D949677AB37F9AACD1614F84C9263214A8BE50
SHA-512:	AB14615A59501551BEBFF7C820B02DB6C468E8E42A3459DB157C368C1D39BD9B2C2A0BE0212FF2FF839B944510EABA54E94DC986077BEB6A3CA01B1E744293FA
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13273782897981753","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	943
Entropy (8bit):	5.127756100233243
Encrypted:	false
SSDEEP:	24:7ZZZHguNPLyJursyKkuUy4fljuZuyen0uTqA5yDuj76Dy7KLuPqpVyOWuLXyR:7ZZZH7OMI5ex8M76W7KAjYiR
MD5:	25F0C0C8D9EB895457DA460CEB006FC4
SHA1:	D31EAC05226BE0AE165B0E8B81F516C3D4B54C97
SHA-256:	A62B6D019A65572D0F75146CC04B8F2B4A782F306C814752787EF1F749E214A0
SHA-512:	C0F8A5328442A3A284B94436299ED46A688582769C48F82F12FEBB19FF1AD1EDF429B44E6DBFF0DD21C4BF9F4EBD83F48BE8AFE5D5CD7C0792760CCD643151BF
Malicious:	false
Reputation:	low
Preview:	..&f.................&f.................&f.................&f..................Ec................next-map-id.1.Dnamespace-5ac1d192_159d_4cdc_9f2f_cb23bbefae09-https://www.visme.co/.0V.e................g!..c................next-map-id.2.Dnamespace-07ff2795_1e88_460e_9c2f_d78e5a580742-https://www.visme.co/.1....c................next-map-id.3.Dnamespace-4c93dac4_e14f_4e3e_b313_429ecaaf112c-https://www.visme.co/.2...wc................next-map-id.4.Dnamespace-4032d017_fabe_4662_a987_3f7f3da769dc-https://www.visme.co/.3..S.c................next-map-id.5.Dnamespace-91e26fec_7a68_48b4_8c7e_cb9da8a0072a-https://www.visme.co/.4...c................next-map-id.6.Dnamespace-ce6777af_abec_48dc_8dbf_43d3dc8c1ef5-https://www.visme.co/.5x.:.c................next-map-id.7.Dnamespace-29795bee_fe41_4d91_90f5_7f1dfb3a1583-https://www.visme.co/.6Yw.Vc................next-map-id.8.Dnamespace-366c473d_1d80_41fe_bb54_159590bbf2c0-https://www.visme.co/.7

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.156596078368519
Encrypted:	false
SSDEEP:	6:myfZHN+q2Pwkn23iKKdKrQMxIFUtpbfrZmwPbfbNVkwOwkn23iKKdKrQMFLJ:rfZHIvYf5KkCFUtpbfr/PbfH5Jf5KktJ
MD5:	E26C8DC18DDFE2B2B5109F94EF5F5206
SHA1:	8E2D7394B8A0FC09F94C1877071A22085264FFC5
SHA-256:	C5E9FCA615FBBD5A21F6612F27F4C754D5F222994D9B33FEE399E852D7DA14F1
SHA-512:	69ABDAD9A0723D60D9B02408519B2ABA68A5B2FA4DAB3549C43B6C90FB66254339610C120FE0312D6BA7BC4D2DE70FE0CD4183363B6CB8B0C3734CA0E4F914C9
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.289 1a28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/08/18-19:54:58.292 1a28 Recovering log #3.2021/08/18-19:54:58.294 1a28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.156596078368519
Encrypted:	false
SSDEEP:	6:myfZHN+q2Pwkn23iKKdKrQMxIFUtpbfrZmwPbfbNVkwOwkn23iKKdKrQMFLJ:rfZHIvYf5KkCFUtpbfr/PbfH5Jf5KktJ
MD5:	E26C8DC18DDFE2B2B5109F94EF5F5206
SHA1:	8E2D7394B8A0FC09F94C1877071A22085264FFC5
SHA-256:	C5E9FCA615FBBD5A21F6612F27F4C754D5F222994D9B33FEE399E852D7DA14F1
SHA-512:	69ABDAD9A0723D60D9B02408519B2ABA68A5B2FA4DAB3549C43B6C90FB66254339610C120FE0312D6BA7BC4D2DE70FE0CD4183363B6CB8B0C3734CA0E4F914C9
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.289 1a28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/08/18-19:54:58.292 1a28 Recovering log #3.2021/08/18-19:54:58.294 1a28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	348
Entropy (8bit):	5.187956436767319
Encrypted:	false
SSDEEP:	6:myfW+q2Pwkn23iKKdK7Uh2ghZIFUtpbfbZmwPbfxIVkwOwkn23iKKdK7Uh2gnLJ:rfW+vYf5KkIhHh2FUtpbfb/PbfiV5JfI
MD5:	B0D7A021540999EE71FC38441DD29DFE
SHA1:	5F22E92C2BB71F721D6D52FCEBDCB583D5717D21
SHA-256:	963CEC7DD860269754A5D1EB6F83B9C17DD4F583981052873027D225AB2B5B33
SHA-512:	BDB70D65373184ED1CF62D4077B3C84482EBC3410B918377CC88A763EB2D99E24AB93CC55D7BD04A25A69DE003127F4BADD58322D55692705DEEE2E10C3935A5
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:57.987 1a2c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/08/18-19:54:58.006 1a2c Recovering log #3.2021/08/18-19:54:58.009 1a2c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	348
Entropy (8bit):	5.187956436767319
Encrypted:	false
SSDEEP:	6:myfW+q2Pwkn23iKKdK7Uh2ghZIFUtpbfbZmwPbfxIVkwOwkn23iKKdK7Uh2gnLJ:rfW+vYf5KkIhHh2FUtpbfb/PbfiV5JfI
MD5:	B0D7A021540999EE71FC38441DD29DFE
SHA1:	5F22E92C2BB71F721D6D52FCEBDCB583D5717D21
SHA-256:	963CEC7DD860269754A5D1EB6F83B9C17DD4F583981052873027D225AB2B5B33
SHA-512:	BDB70D65373184ED1CF62D4077B3C84482EBC3410B918377CC88A763EB2D99E24AB93CC55D7BD04A25A69DE003127F4BADD58322D55692705DEEE2E10C3935A5
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:57.987 1a2c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/08/18-19:54:58.006 1a2c Recovering log #3.2021/08/18-19:54:58.009 1a2c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\7e94a541-1111-47e0-b4ba-76fc92a8fe6d.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.971623449303805
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5p7DHJShsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHfHYhsBdLJlyH7E4f3K33y
MD5:	8CA9278965B437DFC789E755E4C61B82
SHA1:	5776B6C90CA1D2DDC765ED673B5E6DC8E167F0D6
SHA-256:	A57D9231244C1FBDE58A1BF50CAD3A1E3EA28D042BFA272782B65139446E7C51
SHA-512:	3065FE0743AD88E02F8C8FF6CF03B832B616DD08061EAE25A5106422228D45EB999EE2CBE4E9C96D5FFC108CB817766240E27BF97E3E5C2A58081D369E2968F8
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516514667526","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	296
Entropy (8bit):	0.19535324365485862
Encrypted:	false
SSDEEP:	3:8E:8
MD5:	C4DF0FB10C4332150B2C336396CE1B66
SHA1:	780A76E101DE3DE2E68D23E64AB1A44D47A73207
SHA-256:	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
SHA-512:	51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
Malicious:	false
Reputation:	low
Preview:	.'..(...................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	430
Entropy (8bit):	5.259192827842552
Encrypted:	false
SSDEEP:	6:myfi9+q2Pwkn23iKKdKusNpV/2jMGIFUtpbfDZmwPbf23VkwOwkn23iKKdKusNp+:rfVvYf5KkFFUtpbfD/PbfK5Jf5KkOJ
MD5:	B837C2C4D37E6C89A4657B7D842A6C01
SHA1:	88734C57FA5D6B2FE5949EB4861601F7F025B092
SHA-256:	CD223FCB9540727867CE951CAE638A17F3AB1ED8EEB05270B35E8FBA6AF59771
SHA-512:	DD78D677928E959CF917AD9F8AD3D1310EFAC02F84C303CE36CC0F6E1F2ABAD1C0370423904A45BCFE7ED5D6B13EB300F545D8DDCB911AF60C0B0BD9394C084D
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.330 1a28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/08/18-19:54:58.331 1a28 Recovering log #3.2021/08/18-19:54:58.332 1a28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	430
Entropy (8bit):	5.259192827842552
Encrypted:	false
SSDEEP:	6:myfi9+q2Pwkn23iKKdKusNpV/2jMGIFUtpbfDZmwPbf23VkwOwkn23iKKdKusNp+:rfVvYf5KkFFUtpbfD/PbfK5Jf5KkOJ
MD5:	B837C2C4D37E6C89A4657B7D842A6C01
SHA1:	88734C57FA5D6B2FE5949EB4861601F7F025B092
SHA-256:	CD223FCB9540727867CE951CAE638A17F3AB1ED8EEB05270B35E8FBA6AF59771
SHA-512:	DD78D677928E959CF917AD9F8AD3D1310EFAC02F84C303CE36CC0F6E1F2ABAD1C0370423904A45BCFE7ED5D6B13EB300F545D8DDCB911AF60C0B0BD9394C084D
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.330 1a28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/08/18-19:54:58.331 1a28 Recovering log #3.2021/08/18-19:54:58.332 1a28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent StateTM (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.971623449303805
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5p7DHJShsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHfHYhsBdLJlyH7E4f3K33y
MD5:	8CA9278965B437DFC789E755E4C61B82
SHA1:	5776B6C90CA1D2DDC765ED673B5E6DC8E167F0D6
SHA-256:	A57D9231244C1FBDE58A1BF50CAD3A1E3EA28D042BFA272782B65139446E7C51
SHA-512:	3065FE0743AD88E02F8C8FF6CF03B832B616DD08061EAE25A5106422228D45EB999EE2CBE4E9C96D5FFC108CB817766240E27BF97E3E5C2A58081D369E2968F8
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516514667526","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.295056673357647
Encrypted:	false
SSDEEP:	12:rfbvYf5KkmiuFUtpbfy/Pbf+5Jf5Kkm2J:L7Yf5KkSgdSoJf5Kkr
MD5:	4D54E2BEF25184ED6CE92DC3D1A5100D
SHA1:	F622A1B31D9520ABD3E2DE649B52ECD555C8AD11
SHA-256:	4278E082D20DE9A1B69071C0CBB784FE743C9E8AD553692AADADB836CA4E9DEF
SHA-512:	0E81BE938EE54B00727A5CDCAB1894C999023C1114C1D6943865EAED64CDB99E25861A40A49D2227B4733644CC6DCA86F24EC2A620331930C2A4ACB3E733CBCF
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.404 1a64 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/08/18-19:54:58.408 1a64 Recovering log #3.2021/08/18-19:54:58.408 1a64 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.295056673357647
Encrypted:	false
SSDEEP:	12:rfbvYf5KkmiuFUtpbfy/Pbf+5Jf5Kkm2J:L7Yf5KkSgdSoJf5Kkr
MD5:	4D54E2BEF25184ED6CE92DC3D1A5100D
SHA1:	F622A1B31D9520ABD3E2DE649B52ECD555C8AD11
SHA-256:	4278E082D20DE9A1B69071C0CBB784FE743C9E8AD553692AADADB836CA4E9DEF
SHA-512:	0E81BE938EE54B00727A5CDCAB1894C999023C1114C1D6943865EAED64CDB99E25861A40A49D2227B4733644CC6DCA86F24EC2A620331930C2A4ACB3E733CBCF
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:58.404 1a64 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/08/18-19:54:58.408 1a64 Recovering log #3.2021/08/18-19:54:58.408 1a64 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5l:5l
MD5:	E556F26DF3E95C19DBAECA8F5DF0C341
SHA1:	247A89F0557FC3666B5173833DB198B188F3AA2E
SHA-256:	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
SHA-512:	055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
Malicious:	false
Reputation:	low
Preview:	..&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.288145300191073
Encrypted:	false
SSDEEP:	6:mHAq2Pwkn23iKKdKusNpZQMxIFUtptvZZmwPRzkwOwkn23iKKdKusNpZQMFLJ:AAvYf5KkMFUtpth/PRz5Jf5KkTJ
MD5:	B374B90B87A9F9E2865D0606AFDC89AD
SHA1:	D6A9118431C8E724EA5B060FFA1B7852F597B214
SHA-256:	C2A29649C3226EAE3ED911D0916DFDBB382028886ECFD9ED21E3E98FC54D2B4C
SHA-512:	0E6070BCD0D0ED36FCABC96646D16B450E7B9775F3DC3107403B5AF98E4760F1BF3C0B16AC5DD218E0084CE7CAE9A9948F4AEC27E1F2340C0E5A376EB48126D4
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:14.736 1a30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/08/18-19:55:14.737 1a30 Recovering log #3.2021/08/18-19:55:14.742 1a30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old. (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.288145300191073
Encrypted:	false
SSDEEP:	6:mHAq2Pwkn23iKKdKusNpZQMxIFUtptvZZmwPRzkwOwkn23iKKdKusNpZQMFLJ:AAvYf5KkMFUtpth/PRz5Jf5KkTJ
MD5:	B374B90B87A9F9E2865D0606AFDC89AD
SHA1:	D6A9118431C8E724EA5B060FFA1B7852F597B214
SHA-256:	C2A29649C3226EAE3ED911D0916DFDBB382028886ECFD9ED21E3E98FC54D2B4C
SHA-512:	0E6070BCD0D0ED36FCABC96646D16B450E7B9775F3DC3107403B5AF98E4760F1BF3C0B16AC5DD218E0084CE7CAE9A9948F4AEC27E1F2340C0E5A376EB48126D4
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:14.736 1a30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/08/18-19:55:14.737 1a30 Recovering log #3.2021/08/18-19:55:14.742 1a30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	296
Entropy (8bit):	0.19535324365485862
Encrypted:	false
SSDEEP:	3:8E:8
MD5:	C4DF0FB10C4332150B2C336396CE1B66
SHA1:	780A76E101DE3DE2E68D23E64AB1A44D47A73207
SHA-256:	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
SHA-512:	51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
Malicious:	false
Reputation:	low
Preview:	.'..(...................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	430
Entropy (8bit):	5.180944224789127
Encrypted:	false
SSDEEP:	12:VM+vYf5KkkGHArBFUtp5/PrpMV5Jf5KkkGHAryJ:vYf5KkkGgPgYJf5KkkGga
MD5:	D00AA896A9713D1D5B724FD68B6D7399
SHA1:	6A12CAA119B65D63F4DBA02843505DAAA91D7E5E
SHA-256:	00F59AB829E867044F815F70D3DBB7EB2915C038C19201892E26F273643B35B3
SHA-512:	CF748C914B33FB0DF11E8C84631F9E5C2EEDD9E4F3CEB6A7B7FBFA0E980E3976BACC7241221782D495153322F4A5906CF3CD22B9FDEE045C55E3526DF070098F
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:10.815 1a6c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/08/18-19:55:10.818 1a6c Recovering log #3.2021/08/18-19:55:10.820 1a6c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old. (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	430
Entropy (8bit):	5.180944224789127
Encrypted:	false
SSDEEP:	12:VM+vYf5KkkGHArBFUtp5/PrpMV5Jf5KkkGHAryJ:vYf5KkkGgPgYJf5KkkGga
MD5:	D00AA896A9713D1D5B724FD68B6D7399
SHA1:	6A12CAA119B65D63F4DBA02843505DAAA91D7E5E
SHA-256:	00F59AB829E867044F815F70D3DBB7EB2915C038C19201892E26F273643B35B3
SHA-512:	CF748C914B33FB0DF11E8C84631F9E5C2EEDD9E4F3CEB6A7B7FBFA0E980E3976BACC7241221782D495153322F4A5906CF3CD22B9FDEE045C55E3526DF070098F
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:10.815 1a6c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/08/18-19:55:10.818 1a6c Recovering log #3.2021/08/18-19:55:10.820 1a6c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State\|. (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.9616384877719995
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5pirhsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHirhsBdLJlyH7E4f3K33y
MD5:	B0429187E1BE99DE4D548DC5B2EDEA0A
SHA1:	B3E07BEE5D753BF1B613BD2DE665C7C21E8184F6
SHA-256:	D8DABBF936DAB4F17437ECA255020EA847D76D6B789F9486010C95E995CFED03
SHA-512:	233F7BDAA848A295E9F58CA52761829FE1044DA1DE1FBCAC407FADC8C7ABA1E4FFD7CA7A4FBE649E83FD1815DC2E3619ACB2A22CE5B2C7241E474CDB9AF2F7ED
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516523181804","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.198702075075622
Encrypted:	false
SSDEEP:	12:gAvYf5KkkGHArqiuFUtpG/Pwz5Jf5KkkGHArq2J:gyYf5KkkGgCg/lJf5KkkGg7
MD5:	222E3FA0188D75204ADB90D1FE327151
SHA1:	E03CD866AFA0A496FDF52E82FC0FAB231360D0F0
SHA-256:	B15483EFBCF62D4E31ED1DD126B7B1F041EBD2AC27C3306AD9CD12405E6F0BA2
SHA-512:	DD56631B7760C9A0F6B902F7F6622F2A3CC139AC8F1BB8163C4EFD1F3AE2CA4FC6D993B529D8C6871239076773E722DA129353BECC3B4282FFEE16EE068EEEF8
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:10.817 1a30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/08/18-19:55:10.819 1a30 Recovering log #3.2021/08/18-19:55:10.822 1a30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old.u (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.198702075075622
Encrypted:	false
SSDEEP:	12:gAvYf5KkkGHArqiuFUtpG/Pwz5Jf5KkkGHArq2J:gyYf5KkkGgCg/lJf5KkkGg7
MD5:	222E3FA0188D75204ADB90D1FE327151
SHA1:	E03CD866AFA0A496FDF52E82FC0FAB231360D0F0
SHA-256:	B15483EFBCF62D4E31ED1DD126B7B1F041EBD2AC27C3306AD9CD12405E6F0BA2
SHA-512:	DD56631B7760C9A0F6B902F7F6622F2A3CC139AC8F1BB8163C4EFD1F3AE2CA4FC6D993B529D8C6871239076773E722DA129353BECC3B4282FFEE16EE068EEEF8
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:10.817 1a30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/08/18-19:55:10.819 1a30 Recovering log #3.2021/08/18-19:55:10.822 1a30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5l:5l
MD5:	E556F26DF3E95C19DBAECA8F5DF0C341
SHA1:	247A89F0557FC3666B5173833DB198B188F3AA2E
SHA-256:	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
SHA-512:	055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
Malicious:	false
Reputation:	low
Preview:	..&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.23874875662933
Encrypted:	false
SSDEEP:	12:GlyvYf5KkkGHArAFUtpqG/PIR5Jf5KkkGHArfJ:XYf5KkkGgkgiJf5KkkGgV
MD5:	57F9DF1C4EC9DA4726934C4226FA1E8F
SHA1:	A0994A4641946325705E5D0E1294CB6A9F41BF8A
SHA-256:	22DA4BE1A921F296DD48A00752796B6CC8AF7A1F24F7651F4D06AC4577981F22
SHA-512:	4C37738921E3047BA6822F7D1E89FA7EB7AE0E3200C7D9922A042F29BB3D3B81CD643207C14A4BD385828A00B94AC58B105548BA62DEB51612ADC786A7D69F51
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:27.246 1a74 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/08/18-19:55:27.247 1a74 Recovering log #3.2021/08/18-19:55:27.248 1a74 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.23874875662933
Encrypted:	false
SSDEEP:	12:GlyvYf5KkkGHArAFUtpqG/PIR5Jf5KkkGHArfJ:XYf5KkkGgkgiJf5KkkGgV
MD5:	57F9DF1C4EC9DA4726934C4226FA1E8F
SHA1:	A0994A4641946325705E5D0E1294CB6A9F41BF8A
SHA-256:	22DA4BE1A921F296DD48A00752796B6CC8AF7A1F24F7651F4D06AC4577981F22
SHA-512:	4C37738921E3047BA6822F7D1E89FA7EB7AE0E3200C7D9922A042F29BB3D3B81CD643207C14A4BD385828A00B94AC58B105548BA62DEB51612ADC786A7D69F51
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:27.246 1a74 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/08/18-19:55:27.247 1a74 Recovering log #3.2021/08/18-19:55:27.248 1a74 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\ab8f89e2-af65-4efa-a6e7-fd2d6b890530.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.9616384877719995
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5pirhsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHirhsBdLJlyH7E4f3K33y
MD5:	B0429187E1BE99DE4D548DC5B2EDEA0A
SHA1:	B3E07BEE5D753BF1B613BD2DE665C7C21E8184F6
SHA-256:	D8DABBF936DAB4F17437ECA255020EA847D76D6B789F9486010C95E995CFED03
SHA-512:	233F7BDAA848A295E9F58CA52761829FE1044DA1DE1FBCAC407FADC8C7ABA1E4FFD7CA7A4FBE649E83FD1815DC2E3619ACB2A22CE5B2C7241E474CDB9AF2F7ED
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516523181804","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	38
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:sgGg:st
MD5:	45A8ECA4E5C4A6B1395080C1B728B6C9
SHA1:	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
SHA-256:	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
SHA-512:	8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
Malicious:	false
Reputation:	low
Preview:	..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	324
Entropy (8bit):	5.24840854284108
Encrypted:	false
SSDEEP:	6:myfX4q2Pwkn23iKKdKpIFUtpbfzBJZmwPbfxB3DkwOwkn23iKKdKa/WLJ:rfX4vYf5KkmFUtpbfzBJ/Pbfj3D5Jf55
MD5:	A29921357B3F6AC6849889A2D83CCE1B
SHA1:	21C805245BE77BBC71F9D469A78821AE8F5CE034
SHA-256:	7681838E05C23F424ACE7F9820B1381F0ACD5C024B8DE49C61A1C9D97FEF12B3
SHA-512:	36A73760E2109A6006768E37DA5DEA07176307B9791C3224C649186BEF7E0103AEA9CF624B6B4A20054E86B1CCBD4059DDDA4FE1F8953C32E45899407638B148
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:57.987 1a24 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/08/18-19:54:58.003 1a24 Recovering log #3.2021/08/18-19:54:58.009 1a24 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	324
Entropy (8bit):	5.24840854284108
Encrypted:	false
SSDEEP:	6:myfX4q2Pwkn23iKKdKpIFUtpbfzBJZmwPbfxB3DkwOwkn23iKKdKa/WLJ:rfX4vYf5KkmFUtpbfzBJ/Pbfj3D5Jf55
MD5:	A29921357B3F6AC6849889A2D83CCE1B
SHA1:	21C805245BE77BBC71F9D469A78821AE8F5CE034
SHA-256:	7681838E05C23F424ACE7F9820B1381F0ACD5C024B8DE49C61A1C9D97FEF12B3
SHA-512:	36A73760E2109A6006768E37DA5DEA07176307B9791C3224C649186BEF7E0103AEA9CF624B6B4A20054E86B1CCBD4059DDDA4FE1F8953C32E45899407638B148
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:54:57.987 1a24 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/08/18-19:54:58.003 1a24 Recovering log #3.2021/08/18-19:54:58.009 1a24 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	402
Entropy (8bit):	5.305042977500862
Encrypted:	false
SSDEEP:	12:lEIvYf5KkkOrsFUtpUSX/PE5Jf5KkkOrzJ:C6Yf5Kk+gGvJf5Kkn
MD5:	357839557C54D8C8B80CC63628018FCE
SHA1:	B63D2E09BDD484A855172657C249422DC425FEB0
SHA-256:	337E081B44C371ED409AC6CC9F0AA170C8B2D7D76D09A839C9B02A5D0B0A132F
SHA-512:	39CEB437BEF29CC8129A278033302194C0042FDE2A4AC9F4C172DF61579D87DAD302117BAE2371D94F4D636F98477C68587563940F82BF1DF296FB63E5C502B4
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:17.812 1a30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/08/18-19:55:17.813 1a30 Recovering log #3.2021/08/18-19:55:17.814 1a30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldpt (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	402
Entropy (8bit):	5.305042977500862
Encrypted:	false
SSDEEP:	12:lEIvYf5KkkOrsFUtpUSX/PE5Jf5KkkOrzJ:C6Yf5Kk+gGvJf5Kkn
MD5:	357839557C54D8C8B80CC63628018FCE
SHA1:	B63D2E09BDD484A855172657C249422DC425FEB0
SHA-256:	337E081B44C371ED409AC6CC9F0AA170C8B2D7D76D09A839C9B02A5D0B0A132F
SHA-512:	39CEB437BEF29CC8129A278033302194C0042FDE2A4AC9F4C172DF61579D87DAD302117BAE2371D94F4D636F98477C68587563940F82BF1DF296FB63E5C502B4
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:17.812 1a30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/08/18-19:55:17.813 1a30 Recovering log #3.2021/08/18-19:55:17.814 1a30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3044
Entropy (8bit):	5.604100867391449
Encrypted:	false
SSDEEP:	48:YXcRUAAEVwURd1UAJeUAUc6UUhaeURASEUAoUA8vUAFuKURZqPeUekUen4UAgwUK:TRUA+URzUAJeUAqUURURAjUAoUA8vUAc
MD5:	EAA694F448345FE83774325AC2D2AA89
SHA1:	FCF288C48D0EE673E779376AE932B04DF5EECBCA
SHA-256:	4110B88E60F7CDCAC31B297E24A686D0969482D28EED84DBFFBA1AE9C95E5D2A
SHA-512:	13F3EE690115D2A3E835A936BE4F7E206795FFDCAA0C15FF1869797389693485072A0F4A798E0F8AA388C5CA83BF6A77D4E04C7A4D0236A7D430B896EC30850C
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089348.918877,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309348.918884},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1640195765.921566,"host":"LAZkYS46RVRcFiZAzmUJrz6TJHBd4nwE6VxPWfPLYHs=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309365.921573},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845318.547056,"host":"PmHKo9+NfFu9AjQSxw3MoTtfuXIu9G3fM8KGQt4xie4=","mode":"force-https","sts_include_subdomains":false,"sts_obs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity64 (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3043
Entropy (8bit):	5.602270512753649
Encrypted:	false
SSDEEP:	48:YXcRUAAEVwURd1UA5eUAu6UUhaeURGEUAXYUAhvUAFuKURZqPeUekUen4UAgwURn:TRUA+URzUA5eUAzUURURfUAIUAhvUAkc
MD5:	FFB2C8A5E15A9085C96E2EFF982BD11A
SHA1:	7F98A63E289C05DFE0478C02B17C1748AFDF0D45
SHA-256:	E842CE51FADE06E40A2DC2027782278377D5A9E12C6636826A280AAE134138F7
SHA-512:	EA327C78355FB6DCF8FB156C61823328D45A7292DA14454E32881BB601EB6D6FFA99FEEE12E6D21775CA7D381614C853064080BEDB76394761E543846B9CD2E1
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089348.918877,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309348.918884},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1640195795.960856,"host":"LAZkYS46RVRcFiZAzmUJrz6TJHBd4nwE6VxPWfPLYHs=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309395.960862},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845318.547056,"host":"PmHKo9+NfFu9AjQSxw3MoTtfuXIu9G3fM8KGQt4xie4=","mode":"force-https","sts_include_subdomains":false,"sts_obs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurityTM (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2041
Entropy (8bit):	5.583931524843795
Encrypted:	false
SSDEEP:	48:YXcRUA9VwUR5kUAq6UUhgUA+vUAFtmKUR7AqPeUekUen4UAgwURsUeP:TRUAAUR+UA/UUuUA+vUA2KURLPeU3UkS
MD5:	08632E02DEE167534CD4CB5C14F61856
SHA1:	25F028E99FDEDFBD6F2BE099B0E5DFA9329A5C21
SHA-256:	4F5D7601689C1221E832874DB671FCA6ACD33B8C3536011E5A61F3AA53E60043
SHA-512:	F15638F5AC2DAA0FA2A0837A690757CE48430839395FD0F3DEE743E9E7FB521B2B76B153059C9704E6401897CB1804075B55B9A99B57822D371725416FFAC8C7
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1660845309.394964,"host":"AKBA0EXj1W1QmJumkxUOTpibibkAwoUEp1CDrh5UFWY=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.394971},{"expiry":1645089309.423631,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1629309309.423636},{"expiry":1645034106.32826,"host":"Hb3xV9FSRT1oJ9TRTDTKLcNPjaOSk7YHyRHs4a5NR/A=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309306.328266},{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1660845309.593692,"host":"cwmRhK2n8/9JLx+ZaK3dUYNlvHvwWVT/mRZVJ0bFLcQ=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1629309309.593696},{"expiry":1640195702.3869,"host":"fJjUrPqhktMfiTHJX3Q0pJi/P12Q72DBgzzJqjlNC4o=","mode":"force-https","sts_include_subdomains":true,"sts_observ

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	144
Entropy (8bit):	5.594423698983383
Encrypted:	false
SSDEEP:	3:QvEZsmnlllLil5Ml/tiJBB6lU2JElujg/lboAGK9g0cIpAWo/lxAmn:fSmlllyGlliJ36xS5/mwA/xDn
MD5:	4169FAE90BB59F009AB6ED4DE20D38A3
SHA1:	35AA69DE978AAFB9ED217D1B8DD5410916F4C1D0
SHA-256:	FB1B02AD5E2581EE78E38A9FDA772063B74A16FA4751DB27DDF984FD43AA3D9F
SHA-512:	528B430B8DBCF9AF7E03D79D61829DD54A6419752C62D7FC77A3A6E63AAD816406EFD62BE23CCB061812272F8FE6F9BD861FF9740BC90619CC1E425DB9E1FC4D
Malicious:	false
Reputation:	low
Preview:	........VF......h.Z..D....u..S-..'.....!ZOY..........I.$$.......H.g..l.......D>.........6.e........<:.........K.q+..^L.........!.i.....f.qC@%.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a6ebeda6-4d45-4afb-8a00-326ad6a974dc.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	6026
Entropy (8bit):	5.1752779448192845
Encrypted:	false
SSDEEP:	96:niFLXC9NitQroIKI+5k0JCKL8vkU1wkqJrbOTlVuHn:nULy9NSIYh4KWkUikq7
MD5:	3D0A5D8EFE50FC60FC686F1F8F258B67
SHA1:	499A37DE2E8471E259F604CFB9FA956609188BD2
SHA-256:	5034B97D9E2F3B0B15DD6B0564B9DE80D863C411CD1D1BC4F5254FAB83969C3A
SHA-512:	F98CA8AA963BB936E14359C881F4C57B4C6D18CA58937EAB6098BF439E6E0D7D787DB111496C0A63FDAA44C3138101737B5BD408C26969E367B21F7813BAECFA
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13273782898362966","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b57bf87b-f646-4df7-a3db-f13b04c6bd56.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3473
Entropy (8bit):	4.884843136744451
Encrypted:	false
SSDEEP:	96:6FGX0G70GhIGpyGzRDYLiEHYDBKGzUGaCGjHGESHG/OG6mhM:6Fe0i0sIIyGzRDYLiEHYDBKSUpCQHrSP
MD5:	494384A177157C36E9017D1FFB39F0BF
SHA1:	CE5D9754A70CD84CEE77C9180DB92C69715BE105
SHA-256:	07CF0A5189FAD30A4AA721F4F6DA1B15100991115833EACFA1E2DC84A1B54337
SHA-512:	BFB80EEC0C0B5D9E487047703BE49826321A4D249422E0C81E978E6C8A310F41C7B4B8F849229BA87484FDF4831DD6A98FF994D0FDA5CE3D341CE615C15F2F1C
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607497410","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":27387},"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607334226","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34287},"server":"https://ssl.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607463627","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31787},"server":"https://fonts.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607318875","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":23359},"server":"https://apis.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bd275ae6-5798-4943-8ee0-c49513bb308e.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	16745
Entropy (8bit):	5.577516390008511
Encrypted:	false
SSDEEP:	384:bUKtDLlLvX11kXqKf/pUZNCgVLH2HfDhrUY9w/7g4i:9Llj11kXqKf/pUZNCgVLH2HfFrUYSTgx
MD5:	3CE127EB5929B9B12181B70EC41E809C
SHA1:	BE943A5374119AA2C14A246919DC9AF1C97C56DF
SHA-256:	0ACE036E02272E68446C6E98EF7C16AA105CCCAABCDAED09D3F1F6C35CC813CE
SHA-512:	2DBADFBD98F5EB86783206729D5B99784AADF72714EF379F1EEB691094E6EFCDB21D86D985088E382006DB63A13C803EBB9B83DDA7A4E9FA3ABED2D5A5D843E5
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13273782897981753","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:	3:1sjgWIV//Rv:1qIFJ
MD5:	6752A1D65B201C13B62EA44016EB221F
SHA1:	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
SHA-256:	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
SHA-512:	9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
Malicious:	false
Reputation:	low
Preview:	MANIFEST-000004.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:	3:1sjgWIV//Rv:1qIFJ
MD5:	6752A1D65B201C13B62EA44016EB221F
SHA1:	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
SHA-256:	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
SHA-512:	9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
Malicious:	false
Reputation:	low
Preview:	MANIFEST-000004.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	139
Entropy (8bit):	4.499533433759448
Encrypted:	false
SSDEEP:	3:tUK6E2/5c+Nj1Zmwv3IE2/UbVV8sIE2/JvhVWGv:mDC+NJZmwPcQVVvcPVtv
MD5:	E6BAF14E2FA074F39A7F0BD1C4524D53
SHA1:	2F50A7DDDA1CC5935F9EDA01E9D3444E7912273A
SHA-256:	39AA46CB3BD726ABA75D9E234A4D99E9F4FB5E2B77C684597DA2B9458A37148B
SHA-512:	C107426D9AACB605993ED62EF40A089DD9A7B233ADDDCC9229783165E40925E678E66807F8A375F484CCCFF495D300F0EC80C4FDE4B2570BBDE09A70674ABCCD
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:08.829 19fc Recovering log #3.2021/08/18-19:55:08.912 19fc Delete type=0 #3.2021/08/18-19:55:08.913 19fc Delete type=3 #2.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.oldff (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	139
Entropy (8bit):	4.499533433759448
Encrypted:	false
SSDEEP:	3:tUK6E2/5c+Nj1Zmwv3IE2/UbVV8sIE2/JvhVWGv:mDC+NJZmwPcQVVvcPVtv
MD5:	E6BAF14E2FA074F39A7F0BD1C4524D53
SHA1:	2F50A7DDDA1CC5935F9EDA01E9D3444E7912273A
SHA-256:	39AA46CB3BD726ABA75D9E234A4D99E9F4FB5E2B77C684597DA2B9458A37148B
SHA-512:	C107426D9AACB605993ED62EF40A089DD9A7B233ADDDCC9229783165E40925E678E66807F8A375F484CCCFF495D300F0EC80C4FDE4B2570BBDE09A70674ABCCD
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:08.829 19fc Recovering log #3.2021/08/18-19:55:08.912 19fc Delete type=0 #3.2021/08/18-19:55:08.913 19fc Delete type=3 #2.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG-4 LOAS
Category:	dropped
Size (bytes):	50
Entropy (8bit):	5.028758439731456
Encrypted:	false
SSDEEP:	3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
MD5:	031D6D1E28FE41A9BDCBD8A21DA92DF1
SHA1:	38CEE81CB035A60A23D6E045E5D72116F2A58683
SHA-256:	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
SHA-512:	E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
Malicious:	false
Reputation:	low
Preview:	V........leveldb.BytewiseComparator...#...........

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e77c9816-435f-478f-befc-502b260413fe.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5211
Entropy (8bit):	4.963459246149448
Encrypted:	false
SSDEEP:	96:niFLLt9pIKIa5k0JCKL8vkU1lbOTlVuHn:nUL59pIEh4KWkUB
MD5:	4221627636DBD65D2D9FD53FAD225A12
SHA1:	3DEB5BA8AFA33FF4597427E0DDD54EB37BD5F416
SHA-256:	13AEA7D8CB4311330A4F1DF413606FFA43626969C1D270EA37FC68A7DF6E2999
SHA-512:	705BC4929477DE7821FCFC82C74ACFD9D4AD6E6B519B20DC2171DAC2AA8BDD52D4A43B6005F27C74DA0B41F56673B913367982996BB1EC1F661A5BE9294A47CA
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13273782898362966","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f947e191-1fc3-40e6-b4d6-6f893770e25a.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	22601
Entropy (8bit):	5.5366458093928905
Encrypted:	false
SSDEEP:	384:bUKtKLlLvX11kXqKf/pUZNCgVLH2HfDhrUKHGrnZV9w/3g4L:kLlj11kXqKf/pUZNCgVLH2HfFrUaGrnC
MD5:	E71E67D5CFB19D3E06BE6527E2B5147E
SHA1:	8DE51F819726F81CF30E057381CBEAFB2230E645
SHA-256:	CD69A9BA95B84A5CB1A50E89745C203BF436E528C82FFAB502AE01A689CB6486
SHA-512:	9E6C846873882D4D0E5170335869BB17FDA22EBEBD97BE4965183AC54F858BCF2DE0410FB35266BAD23A642E958CF83E2F7DF92B73D3DDC8226C1029CC40F642
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13273782897981753","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	338
Entropy (8bit):	5.216959580323357
Encrypted:	false
SSDEEP:	6:mm2Iq2Pwkn23iKKdKfrzAdIFUtplhZmwPl7kwOwkn23iKKdKfrzILJ:DfvYf5Kk9FUtplh/Pl75Jf5Kk2J
MD5:	CD87B9C746ECFF9CA98EB78B0BB4FE20
SHA1:	81C3D990FEDA83A4AC59DD4B657AD9B331753B8B
SHA-256:	B79E7E7ADE8ABF84414332E4C72F3275E3D04B40BAE2ED11C4BFBCFCE98B3CDF
SHA-512:	2533621D539174758C849AB83C35AC8F13E792F40E15CD59CE4E86955B423ED898D17108A9B4074411424594FABBD057BBCEAAD06A5111FC96146CA16267B367
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.857 1a30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/08/18-19:55:16.858 1a30 Recovering log #3.2021/08/18-19:55:16.858 1a30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldA (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	338
Entropy (8bit):	5.216959580323357
Encrypted:	false
SSDEEP:	6:mm2Iq2Pwkn23iKKdKfrzAdIFUtplhZmwPl7kwOwkn23iKKdKfrzILJ:DfvYf5Kk9FUtplh/Pl75Jf5Kk2J
MD5:	CD87B9C746ECFF9CA98EB78B0BB4FE20
SHA1:	81C3D990FEDA83A4AC59DD4B657AD9B331753B8B
SHA-256:	B79E7E7ADE8ABF84414332E4C72F3275E3D04B40BAE2ED11C4BFBCFCE98B3CDF
SHA-512:	2533621D539174758C849AB83C35AC8F13E792F40E15CD59CE4E86955B423ED898D17108A9B4074411424594FABBD057BBCEAAD06A5111FC96146CA16267B367
Malicious:	false
Reputation:	low
Preview:	2021/08/18-19:55:16.857 1a30 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/08/18-19:55:16.858 1a30 Recovering log #3.2021/08/18-19:55:16.858 1a30 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	106
Entropy (8bit):	3.138546519832722
Encrypted:	false
SSDEEP:	3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
MD5:	DE9EF0C5BCC012A3A1131988DEE272D8
SHA1:	FA9CCBDC969AC9E1474FCE773234B28D50951CD8
SHA-256:	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
SHA-512:	CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
Malicious:	false
Reputation:	low
Preview:	C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.8150724101159437
Encrypted:	false
SSDEEP:	3:Yx7:4
MD5:	C422F72BA41F662A919ED0B70E5C3289
SHA1:	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
SHA-256:	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
SHA-512:	86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
Malicious:	false
Reputation:	low
Preview:	85.0.4183.121

C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	177059
Entropy (8bit):	6.07909768055534
Encrypted:	false
SSDEEP:	3072:tMMAGSqNyk0PJiB3cATYU6m3gzICIVrRHwYop3YFcbXafIB0u1GOJmA3iuRR:6MgqR0hKMwX6ab9Hup3GaqfIlUOoSiuj
MD5:	3101B3F5A66ECCC922C43D81F777A2C5
SHA1:	BF365176F8801C842EBE18666B08C1796575D66D
SHA-256:	A090156A648B4A24EA9992D9114A515D7A7491EA6BD68FD280ED568CEC6A45C0
SHA-512:	59F6B813AB32F16B5A78760F702C56299E7873F8F177FDE27D0847E73EBA08F7C2A2AF018B7516EB0F8B6487917DB52DF68C52643B87310ACF117AFDF0BBB039
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.629309301179767e+12,"network":1.629309302e+12,"ticks":5488802020.0,"uncertainty":4349713.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715966470"},"plugins":{"metadata":{"adobe-flash-player":{"

C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Stater (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	168585
Entropy (8bit):	6.04941155716225
Encrypted:	false
SSDEEP:	3072:lAGSqNyk0PJiB3cATYU6m3gzICIVrRHwYop3YFcbXafIB0u1GOJmA3iuRR:lgqR0hKMwX6ab9Hup3GaqfIlUOoSiuRR
MD5:	2BA2E7C113607B18B18C07F5D5F784C0
SHA1:	DB66888E4AF0B6892468E5475CCE2DD97A64FAE9
SHA-256:	06CBA51F2CD422657CF880D0BBA449B3F04438EDBD3D5958B3CE9FE581D8F395
SHA-512:	D9CFB6EEE86EB35E7711CE35AA7E41E9E0913842565EA309E105CD6481B711A45B1B01E263D1C0D13A07FBA9C0D61D94335F1F71A70FAA22B2C9C7E15E62867A
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.629309301179767e+12,"network":1.629309302e+12,"ticks":5488802020.0,"uncertainty":4349713.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715966470"},"plugins":{"metadata":{"adobe-flash-player":{"

C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	92724
Entropy (8bit):	3.7507731925607715
Encrypted:	false
SSDEEP:	384:rTZaeA3xYYXeRNCrnv2O3NmclHQpGJArbIGYxVMcIvrH6mb4r4yieBOsACNP1Sr+:DiF5asJ98ez8G44vD26K8uWJh
MD5:	6A29CAA3A50F1B5D1954DB23CBEC7184
SHA1:	AC2E680CB77C6F7CA310C8F075FA1105CC4EE76B
SHA-256:	8F17C08D2F38AC1CF28BF2D88CA9C1A25A8F332A8BD00F77209A5419B2E66420
SHA-512:	C16EFF53C329D1D69075BB84A3013C9F913F3819E560A0A8F39F7F304EAB62270402C079A1242649D80D4586B83F7B7DB2581C64D46811B9E0D5D8BF434C776E
Malicious:	false
Reputation:	low
Preview:	0j.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....B8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Caches (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SysEx File -
Category:	dropped
Size (bytes):	94708
Entropy (8bit):	3.751250541033785
Encrypted:	false
SSDEEP:	384:FTZaeA3xkvYGVPheRNCrnv2O3NmclHQpGJArbIGYxVMcIvrH6mb4r4yieBOsACN5:RiiF5asJ98ez8G44vD26K8uWJN
MD5:	570FF682F9790043C35192FD7B54BCFB
SHA1:	68EB132E31017C0F0C449F1AEC83A48C4EE0D1FF
SHA-256:	8F6DE9B47F7059FB4616B2FC59DD21D42839AC4D66A0679559E3576771F5813E
SHA-512:	CF1DE9B59526A4B715DB42CD8F05BA607593121D2688590FBBB87296DE1A219D15BC795AD50A9620891A5BC24C6C890C1D73FBEC3C5FEAB95C0F0E5C3FFFB04F
Malicious:	false
Reputation:	low
Preview:	.q.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....B8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\d75e83b7-be28-4610-9154-7335d3fa2216.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SysEx File -
Category:	dropped
Size (bytes):	94708
Entropy (8bit):	3.751250541033785
Encrypted:	false
SSDEEP:	384:FTZaeA3xkvYGVPheRNCrnv2O3NmclHQpGJArbIGYxVMcIvrH6mb4r4yieBOsACN5:RiiF5asJ98ez8G44vD26K8uWJN
MD5:	570FF682F9790043C35192FD7B54BCFB
SHA1:	68EB132E31017C0F0C449F1AEC83A48C4EE0D1FF
SHA-256:	8F6DE9B47F7059FB4616B2FC59DD21D42839AC4D66A0679559E3576771F5813E
SHA-512:	CF1DE9B59526A4B715DB42CD8F05BA607593121D2688590FBBB87296DE1A219D15BC795AD50A9620891A5BC24C6C890C1D73FBEC3C5FEAB95C0F0E5C3FFFB04F
Malicious:	false
Reputation:	low
Preview:	.q.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....B8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\edc8732b-87c9-4bb5-82ec-58cb9bb279c4.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	168583
Entropy (8bit):	6.049413183560582
Encrypted:	false
SSDEEP:	3072:+AGSqNyk0PJiB3cATYU6m3gzICIVrRHwYop3YFcbXafIB0u1GOJmA3iuRR:+gqR0hKMwX6ab9Hup3GaqfIlUOoSiuRR
MD5:	369FB777D0FCDFB7E7DC372B080FD115
SHA1:	621CA2A80EC45C0B2275626482D0E759FC019960
SHA-256:	E7974C314D704CAE78DF9C244543EBC005704EE884CD58F00FEA8CF5C3ADE893
SHA-512:	26B927819B68A2E8633F056C1EC0A3260C86F7077B15FE9B8182F0B62FF73100F15EE784C99161018E9AD40792AD6EB54540AD9C3E5A9A9A1901BE6F88FE7DC7
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.629309301179767e+12,"network":1.629309302e+12,"ticks":5488802020.0,"uncertainty":4349713.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715966470"},"plugins":{"metadata":{"adobe-flash-player":{"

C:\Users\user\AppData\Local\Google\Chrome\User Data\f0e51d9b-1790-4284-9069-93e15e75751d.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	177059
Entropy (8bit):	6.0790953463609725
Encrypted:	false
SSDEEP:	3072:tL5AGSqNyk0PJiB3cATYU6m3gzICIVrRHwYop3YFcbXafIB0u1GOJmA3iuRR:J5gqR0hKMwX6ab9Hup3GaqfIlUOoSiuj
MD5:	886D0788407E775ECD5BB8267090A664
SHA1:	37CB05810CDABC585602037204D6E164EC135F7A
SHA-256:	95BC469E2B22E9A9CBED19D99BF64867AF5CBD175E23F8E293CD313310FF40E7
SHA-512:	5BBB09840B0EEC866A5405575493B2C628A3559D1E49506BA76179B8A2285B2D73A54A13BC92CABBAC7FC2B77BA0757244B20CE038B028D9879740CFD42B9F3F
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.629309301179767e+12,"network":1.629309302e+12,"ticks":5488802020.0,"uncertainty":4349713.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715966470"},"plugins":{"metadata":{"adobe-flash-player":{"

C:\Users\user\AppData\Local\Temp\8fe9e971-d001-4dce-8fad-ef0edc8d293d.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	248531
Entropy (8bit):	7.963657412635355
Encrypted:	false
SSDEEP:	3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
MD5:	541F52E24FE1EF9F8E12377A6CCAE0C0
SHA1:	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
SHA-256:	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
SHA-512:	D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f\|.~.c.4.E.......0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$\|..\|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0....H.=.....H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...\|!..A..L.+.=...kP.!.1..

C:\Users\user\AppData\Local\Temp\a4371ef0-7f56-475d-8256-d47c7a15c9a4.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Temp\browser-sslkeys.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	37386
Entropy (8bit):	4.642450959692149
Encrypted:	false
SSDEEP:	768:1ZrEIjRoE7903vsqZzWUi8d/CrfHZUZSrgyzbxQg6:vr/L7u31ZkrVbxQg6
MD5:	4EB8806E6C97FD4C6411F20D2BF59787
SHA1:	8879FE65FA072B6740EAC14F4FD4FC16A458FB2C
SHA-256:	5E10F96BE954719EBCBD1313667BF6260E09B0A31791D768066AEEDE630B5BED
SHA-512:	FE5D943A2FA5344B81A8348401EDBD920F75D755B016DC803AABC84D214F94CD7A91E96B038F8FEEF04A07C5B9145009F8712D304DFDD78917EAE5DE55A44F4A
Malicious:	false
Reputation:	low
Preview:	CLIENT_HANDSHAKE_TRAFFIC_SECRET c75c6bbefa7629150b4c861d9eb80a03644c5531ec70e0f1ef1d885eb43e6d60 46ef686a3d923f594534680980fa83bc7d47a7b6939307d716f920e3f3ec8e42.SERVER_HANDSHAKE_TRAFFIC_SECRET c75c6bbefa7629150b4c861d9eb80a03644c5531ec70e0f1ef1d885eb43e6d60 7d2278f43318795db0785d7ad5ab2c044456f3c618b479381df2d67db76a57cc.CLIENT_HANDSHAKE_TRAFFIC_SECRET 83bf2bbc762a55f913af03605968f7c1e2459495a0fd1765201a570af6454304 13b6c69630daea88eea5f4849e5577f869bb7dc813d2546f112abe83be6e30b6.SERVER_HANDSHAKE_TRAFFIC_SECRET 83bf2bbc762a55f913af03605968f7c1e2459495a0fd1765201a570af6454304 745358377d0297607b770dd0209b20ff3535ae2f408027a23933122d9ff351d4.CLIENT_HANDSHAKE_TRAFFIC_SECRET 0132c7bdb5c05c808b3202c0a9b4d69f697cbb951ef7b5d594cfd512abc886db 0f0c1ed3c8cccea7e8c062692b1cb8a6a2b0fcceb28f5d1be112208cbfd2dabf.SERVER_HANDSHAKE_TRAFFIC_SECRET 0132c7bdb5c05c808b3202c0a9b4d69f697cbb951ef7b5d594cfd512abc886db 43c8c89b7bbdee5494c55ae32b2447aae3f1f6326696ee11ced33884c5e39611.CLIENT_HANDSHAKE_TRAFFIC_SEC

C:\Users\user\AppData\Local\Temp\fe1708e6-efa6-4917-8c2e-1cfd3fd43cba.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Temp\ff109978-56c2-4f15-ae05-419eb20bc387.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	768843
Entropy (8bit):	7.992932603402907
Encrypted:	true
SSDEEP:	12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
MD5:	A11D5CAF6BF849AEB84B0C95B1C3B7CF
SHA1:	27F410CCBD75852C01C7464A1FD7EF8C29BE3916
SHA-256:	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
SHA-512:	086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0....H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;\|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\am\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17307
Entropy (8bit):	5.461848619761356
Encrypted:	false
SSDEEP:	384:arfbEVrFvMP4rMhuDopC3vUuFBYZV6uml:aHEVrFvMP4KuFvr6D6uml
MD5:	26330929DF0ED4E86F06C00C03F07CE3
SHA1:	478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C
SHA-256:	621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
SHA-512:	0BE6183A1BF12575C0F99960705D4249E79CDB8528C55FF132BE99A111F09494231AD6A36CD61B090A3B34C6971D68A29373BA346888E852C52E05DC14380682
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ... ..... .. ...... .... ... .... ......?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": ".... ......".. },.. "1522140683318860351": {.. "message": "..... ....... .... ..... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "... ...".. },.. "1802762746589457177": {.. "message": "...".. },.. "1850397500312020388": {.. "message": ".$START_LINK$Google Home .......$END_LINK$ ... ...... Chromecast ..... .....? $START_SPAN$*$END_SPAN$",.. "placeholde

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ar\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16809
Entropy (8bit):	5.458147730761559
Encrypted:	false
SSDEEP:	192:0IprKC78JmUjk8RkeryFOYPATxLZ8fsbE3/IFV6c8TEKdl:Jrp8JjA8RkerK0lc3wFV6uml
MD5:	44325A88063573A4C77F6EF943B0FC3E
SHA1:	78908D766F3E7A0E4545E7BD823C8ED47C7164EB
SHA-256:	67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
SHA-512:	889C02BC986794C58C76022E78F57F867DD1D5217687F12D679A33A2DB9E5A18F3A37CF94D8FE4585E747C78E4662EAB93361FF7D945990774C7CFCACCFB79D1
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": ".. .. ........ ....... .... .... ... .......".. },.. "128276876460319075": {.. "message": "...... .......".. },.. "1428448869078126731": {.. "message": "..... .......".. },.. "1522140683318860351": {.. "message": "..... ........ .... ........ ... .....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "..... .....".. },.. "1850397500312020388": {.. "message": "... ....... .. .... Chromecast .. $START_LINK$..... Google Home$END_LINK$. $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\bg\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	18086
Entropy (8bit):	5.408731329060678
Encrypted:	false
SSDEEP:	192:4jjpr342SIwPIasR9VhMkACVmrv8evj+3eXivOMbb2vVzCkwRV6V6c8TEKdl:4ZrYo+rxT+qOV6V6uml
MD5:	6911CE87E8C47223F33BEF9488272E40
SHA1:	980398F076BB7D451B18D7FDE2DE09041B1F55AD
SHA-256:	273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
SHA-512:	CDB69405BB553E46DCF02F71B1A394307D0051E7FA662DFFEBA7888F30DD933F13C7FD6E32F1D7AEAEE8746316873B6E1D92029724ABDC75E49DCC092172EA22
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": "... .. ........ ......... ...... ...-..... ....... ..?".. },.. "128276876460319075": {.. "message": "......... .. ..........".. },.. "1428448869078126731": {.. "message": "........ .. .........".. },.. "1522140683318860351": {.. "message": "........... .. .. ........ ...., ........ .......".. },.. "1550904064710828958": {.. "message": "......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": ".... .. .....".. },.. "1850397500312020388": {.. "message": "....... .. ............ .. Chromecast . $START_LINK$............ Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "p

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\bn\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19695
Entropy (8bit):	5.315564774032776
Encrypted:	false
SSDEEP:	384:PrUCrcTIOeswIW/Vre/sZn8TFfzheV6uml:lPswIWtoK8xfG6uml
MD5:	F9DDF525C07251282A3BFFCEE9A09ABB
SHA1:	A343A078E804AF400A8F3E1891E3390DA754A5CD
SHA-256:	C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
SHA-512:	EBD339C37162984672513019D470B92DF8B743DD69D4430361EF12D42FD1C208DBDE818A7BFE20BE8A7D63CD6E02B3F4344DEA1C4AEDB8719D789981A49DA44C
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".... ...".. },.. "1213957982723875920": {.. "message": "..... ....... ..... ........... ...... ....... ...... ...?".. },.. "128276876460319075": {.. "message": "...... ........".. },.. "1428448869078126731": {.. "message": "...... ......... ...".. },.. "1522140683318860351": {.. "message": "..... .... ...... ....... ... ... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "$START_LINK$ Google

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ca\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15518
Entropy (8bit):	5.242542310885
Encrypted:	false
SSDEEP:	384:drGUBKxMF2ayv8FrIccUVFmwf+7d9VKS3V6uml:dCUBKxMFBy0FE3UzmQ+zkSl6uml
MD5:	A90CF7930E7C3BEC61EE252DEFAD574A
SHA1:	F630CA01114A7BDD39607CB84B8280CCE218A5C6
SHA-256:	A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
SHA-512:	598F991B344FA6724617D6CE57BB0D6D64EF86B4F5317BF6AD5EDF43E6B0A385094E7885F7A8FA2B107405B31C3D9F76E92315BC1D9BB52ACD4ECAD342917DE1
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Es congela".. },.. "1213957982723875920": {.. "message": "Quina de les opcions.seg.ents descriu millor la vostra xarxa?".. },.. "128276876460319075": {.. "message": "Detecci. de dispositius".. },.. "1428448869078126731": {.. "message": "Flu.desa del v.deo".. },.. "1522140683318860351": {.. "message": "S'ha produ.t un error en la connexi.. Torneu-ho a provar.".. },.. "1550904064710828958": {.. "message": "Correcta".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Pots veure el Chromecast a l'$START_LINK$aplicaci. Google.Home$END_LINK$?$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\cs\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15552
Entropy (8bit):	5.406413558584244
Encrypted:	false
SSDEEP:	192:eVdprJrG5efiTk93ebrxZR1fdc8VDCwT9fTV6c8TEKdl:2rMqiQerxQ88W7V6uml
MD5:	17E753EE877FDED25886D5F7925CA652
SHA1:	8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678
SHA-256:	C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
SHA-512:	33D61F6327FC81D7A45AA2CC97922DC527F5F43E54AA1A1638DA6EE407024A2F10CFD82CC5C3C581C2E7B216276987CB26C3FA95198572E139ACF29CC5B7ADCB
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Video zamrz.".. },.. "1213957982723875920": {.. "message": "Kter. popis nejl.pe vystihuje va.i s..?".. },.. "128276876460319075": {.. "message": "Zji..ov.n. za..zen.".. },.. "1428448869078126731": {.. "message": "Plynulost videa".. },.. "1522140683318860351": {.. "message": "P.ipojen. se nezda.ilo. Zkuste to pros.m znovu.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "Perfektn.".. },.. "1802762746589457177": {.. "message": "Hlasitost".. },.. "1850397500312020388": {.. "message": "Vid.te sv.j Chromecast v.$START_LINK$aplikaci Google Home $END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\da\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15340
Entropy (8bit):	5.2479291792849105
Encrypted:	false
SSDEEP:	192:+Upr8XnI1MY2kPuir8j7Rd3kbTWc4QtV6c8TEKdl:FrJ1H9br8h6eZCV6uml
MD5:	F08A313C78454109B629B37521959B33
SHA1:	3D585D52EC8B4399F66D4BE88CED10F4A034FCCC
SHA-256:	23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
SHA-512:	9F2868AEBBF7F6167A7EA120FE65E752F9A65D1DC51072AA2413B2FDE374DA2D169D455A4788E341717F694179E6F1FA80413C080D9CD8CB397C3E84668CBFEC
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket af f.lgende udsagn beskriver bedst dit netv.rk?".. },.. "128276876460319075": {.. "message": "Enhedsregistrering".. },.. "1428448869078126731": {.. "message": "Videostabilitet".. },.. "1522140683318860351": {.. "message": "Forbindelsen blev afbrudt. Pr.v igen.".. },.. "1550904064710828958": {.. "message": "Problemfri".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lydstyrke".. },.. "1850397500312020388": {.. "message": "Kan du se din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "STAR

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\de\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15555
Entropy (8bit):	5.258022363187752
Encrypted:	false
SSDEEP:	192:AJprM71A4qyJSwlk5KR5rtXsmvL0xhVw921YV6c8TEKdl:2re3jJS5A5rt8msA2KV6uml
MD5:	980FB419ED6ED94AD75686AFFB4E4C2E
SHA1:	871BFBCA6BCBA9197811883A93C50C0716562D57
SHA-256:	585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
SHA-512:	1681FA9C3BA882250A5005FB807D759EB8A634F1AA011725B1C865C0028BE7AB7BC16DC821A7F5BBFBA84C91E7D663ADE715284798E7E84E8FFF2D254488882D
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "H.ngenbleiben".. },.. "1213957982723875920": {.. "message": "Welche dieser Aussagen beschreibt dein Netzwerk am besten?".. },.. "128276876460319075": {.. "message": "Ger.teerkennung".. },.. "1428448869078126731": {.. "message": "Videowiedergabequalit.t".. },.. "1522140683318860351": {.. "message": "Fehler beim Herstellen der Verbindung. Bitte versuche es noch einmal.".. },.. "1550904064710828958": {.. "message": "St.rungsfrei".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lautst.rke".. },.. "1850397500312020388": {.. "message": "Siehst du deinen Chromecast in der $START_LINK$Google Home App$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\el\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17941
Entropy (8bit):	5.465343004010711
Encrypted:	false
SSDEEP:	384:S0rDuhLh41cZrP3TzDBknbpgo6djIV6uml:S0fuBh46ZD3TzDinbpgoUK6uml
MD5:	40EB778339005A24FF9DA775D56E02B7
SHA1:	B00561CC7020F7FE717B5F692884253C689A7C61
SHA-256:	F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
SHA-512:	8BED281A33EC1E4E88A9F9D62BB13FE0266C0FAF8856D1DC2A843D26DD3CE5E7D1400FD3325ABD783B0364EC4FB1188AD941D56AEB9073BC365BE0D12DE6C013
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".... ... .. ........ .......... ........ .. ...... ...;".. },.. "128276876460319075": {.. "message": ".......... ........".. },.. "1428448869078126731": {.. "message": "......... ......".. },.. "1522140683318860351": {.. "message": "........ ......... ......... .....".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "...... ....".. },.. "1850397500312020388": {.. "message": "........ .. ..... .. Chromecast .... $START_LINK$........ Google Home$END_LINK$; $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\en\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	14897
Entropy (8bit):	5.197356586852831
Encrypted:	false
SSDEEP:	96:2MKUOp5N7GTNMRuv6M0bIt3FXGkW6/5NkkQ9NJKJhnH3t9F410sUA+ISN6cGDSyR:VKzprogudTGkWqrKcJhdIR+V6c8TEKdl
MD5:	8351AF4EA9BDD9C09019BC85D25B0016
SHA1:	F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF
SHA-256:	F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
SHA-512:	75672B57F21F38F97341AD76A199AD764E9FBAB2384D701BF6EB06CEFDE6C4F20F047F9051A4E30D99621E5C1FBBDB9E38E8D2B47470806704B38DA130A146CF
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Freezes".. },.. "1213957982723875920": {.. "message": "Which of the following best describes your network?".. },.. "128276876460319075": {.. "message": "Device Discovery".. },.. "1428448869078126731": {.. "message": "Video Smoothness".. },.. "1522140683318860351": {.. "message": "Connection failed. Please try again.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Are you able to see your Chromecast in the $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\es\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15560
Entropy (8bit):	5.236752363299121
Encrypted:	false
SSDEEP:	192:NAgprfy1pTCukFr+1DIyDRoanvV6c8TEKdl:KMrq6FrmvV6uml
MD5:	8A70C18BB1090AA4D500DE9E8E4A00EF
SHA1:	8AFC097FA956C1317DB0835348B2DA19F0789669
SHA-256:	FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
SHA-512:	140BAF40A4ABE9B8AF0855B0EBB7DFDF17869EDFC4EE1037C5EA7FDD8EDEBD4850E055B6A4D7B8782657618BCE1517813779BA01BA993CC838BB43E0BE71EEEE
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Congelaci.n de im.genes".. },.. "1213957982723875920": {.. "message": ".Cu.l de las siguientes respuestas describe mejor tu red?".. },.. "128276876460319075": {.. "message": "Detecci.n de dispositivo".. },.. "1428448869078126731": {.. "message": "Fluidez del v.deo".. },.. "1522140683318860351": {.. "message": "Error en la conexi.n. Vuelve a intentarlo.".. },.. "1550904064710828958": {.. "message": "V.deo fluido".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volumen".. },.. "1850397500312020388": {.. "message": ".Puedes ver tu Chromecast en la $START_LINK$aplicaci.n Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\et\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15139
Entropy (8bit):	5.228213017029721
Encrypted:	false
SSDEEP:	96:Z48bxhWYp5Ny5M63niwAKD4rrJSJ2RkPXh9P5NFP2+NBMU01jewUEVez3QOiSevy:ikxprot3lYkf/rHBc0KsUV6c8TEKdl
MD5:	A62F12BCBA6D2C579212CA2FF90F8266
SHA1:	F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E
SHA-256:	3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
SHA-512:	E300201245C00ADEC8F39D586875F8FA4607AB203572BF3CE353C1CA7CDCA05B8786810CA0CEE27E4EA54A5EFD53690F1EA7AA4148CFF472A66BB11202723566
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Hangub".. },.. "1213957982723875920": {.. "message": "Milline j.rgmistest v.idetest kirjeldab k.ige paremini teie v.rku?".. },.. "128276876460319075": {.. "message": "Seadme tuvastamine".. },.. "1428448869078126731": {.. "message": "Video sujuvus".. },.. "1522140683318860351": {.. "message": ".hendamine eba.nnestus. Proovige uuesti.".. },.. "1550904064710828958": {.. "message": ".htlane".. },.. "1636686747687494376": {.. "message": "T.iuslik".. },.. "1802762746589457177": {.. "message": "Helitugevus".. },.. "1850397500312020388": {.. "message": "Kas n.ete oma Chromecasti $START_LINK$rakenduses Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\fa\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17004
Entropy (8bit):	5.485874780010479
Encrypted:	false
SSDEEP:	192:rngaIprIX/t9wkjTJrs3hqaXxRQdiIMDnD+LhfHdoltV6c8TEKdl:4rin5rU1X7Qd0M9CtV6uml
MD5:	852BD3CFF960F1BC3A2AAB3CB3874EF9
SHA1:	C9F6F3C776542889FE3B67971D65ACFE048A3A0A
SHA-256:	D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
SHA-512:	2A7AE4D70E33E53EE31831CE2E61DD8DF103C4170EC483BDA14B8788E5DD536EEE84DBA340CACBDF16889C7E6465B48D82C4714E746E8A7B372D12CBDF371C95
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".... ... .......".. },.. "1213957982723875920": {.. "message": ".... .. .. ..... ... .... ... .. .. ...... ... ..... .......".. },.. "128276876460319075": {.. "message": "..... ......".. },.. "1428448869078126731": {.. "message": "..... .....".. },.. "1522140683318860351": {.. "message": "..... ...... .... ..... ...... ...... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..... ...".. },.. "1850397500312020388": {.. "message": ".... ......... Chromecast ... .. .. $START_LINK$ ...... Google Home$END_LINK$ ....... $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\fi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15268
Entropy (8bit):	5.268402902466895
Encrypted:	false
SSDEEP:	192:efMprYXiYUNpj5Coik1tXxrUhvUzSPWV6c8TEKdl:eIrjbjosdrU5WV6uml
MD5:	3902581B6170D0CEA9B1ECF6CC82D669
SHA1:	C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B
SHA-256:	D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
SHA-512:	612FDD8A3C5051F0A4F1E11E50B5D124B337C77D62D987D35C2AF9E08AFC6AFCEBAEE8D40FDFBCD1E1889F39758B96FAECBF6C6D1CF146C741A5261952050221
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Pys.htyy".. },.. "1213957982723875920": {.. "message": "Mik. seuraavista kuvaa parhaiten verkkoasi?".. },.. "128276876460319075": {.. "message": "Laitteiden tunnistaminen".. },.. "1428448869078126731": {.. "message": "Videon tasaisuus".. },.. "1522140683318860351": {.. "message": "Yhteys ep.onnistui. Yrit. uudelleen.".. },.. "1550904064710828958": {.. "message": "Tasainen".. },.. "1636686747687494376": {.. "message": "T.ydellinen".. },.. "1802762746589457177": {.. "message": "..nenvoimakkuus".. },.. "1850397500312020388": {.. "message": "N.etk. Chromecastisi $START_LINK$Google Home .sovelluksessa$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\fil\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15570
Entropy (8bit):	5.1924418176212646
Encrypted:	false
SSDEEP:	192:+esprzAsQp68wIJYkMyr2k0jR1/7Rr1uV6c8TEKdl:Gr78JDMyrR0tJuV6uml
MD5:	59483AD798347B291363327D446FA107
SHA1:	C069F29BB68FA7BA2631B0BF5BBF313346AC6736
SHA-256:	DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
SHA-512:	091595CA135E965ED3DE376873541117F0E7A8EBDEB4714833EFDD6C820234373891BE5DEC437BA85CCB79CCCA053D407E6ADA17EBDAE7D313324A48775C0010
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Hindi gumagalaw".. },.. "1213957982723875920": {.. "message": "Alin sa sumusunod ang pinakamahusay na naglalarawan sa iyong network?".. },.. "128276876460319075": {.. "message": "Pagtuklas ng Device".. },.. "1428448869078126731": {.. "message": "Pagka-smooth ng Video".. },.. "1522140683318860351": {.. "message": "Hindi nakakonekta. Pakisubukang muli.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perpekto".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Nakikita mo ba ang iyong Chromecast sa $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\fr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15826
Entropy (8bit):	5.277877116547859
Encrypted:	false
SSDEEP:	192:nLZprAZg3EkV3sjrICe8L/1Va7lt1rlxLAkoYHHavV6c8TEKdl:vrW+2jrI7TdLAk3MV6uml
MD5:	9B416146FE4F1403C2AACAC4DCF1A5C3
SHA1:	616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD
SHA-256:	7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
SHA-512:	6E8E70380A8C6E2C0587ADFF6AE36963EC76694904841CE1DFE4EEE215B917AD3E8AF727555627FBDF6B8BA6A4A0674D2B90AC4E9331B6628A32F4C4348FB51B
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Se fige".. },.. "1213957982723875920": {.. "message": "Parmi les propositions suivantes, laquelle d.crit le mieux votre r.seau.?".. },.. "128276876460319075": {.. "message": "D.tection d'appareils".. },.. "1428448869078126731": {.. "message": "Fluidit. de la vid.o".. },.. "1522140683318860351": {.. "message": ".chec de la connexion. Veuillez r.essayer.".. },.. "1550904064710828958": {.. "message": "Fluide".. },.. "1636686747687494376": {.. "message": "Parfaite".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Votre Chromecast est-il visible dans l'$START_LINK$application Google.Home$END_LINK$.? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\gu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19255
Entropy (8bit):	5.32628732852814
Encrypted:	false
SSDEEP:	384:Hq2Mr+qPlJKYMdzKgXr3dGsGF+yAK37Wf7Cy/V6uml:KxzTVgX7ykj6uml
MD5:	68B03519786F71A426BAC24DECA2DD52
SHA1:	B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D
SHA-256:	C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
SHA-512:	5FFE06A10774877AF25E05BA07F3032CC52F874896D67E320F4EF9D524A22E40B462CC6206700E9557EB354FA2730172DC6912EBCA49C671FB0EF155B17F9EFF
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "........... .... ..... .......... ....... ..... ... ..?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": "........ ......".. },.. "1522140683318860351": {.. "message": "....... ...... ..... .... ..... ..... ...... ....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".......".. },.. "1850397500312020388": {.. "message": "... ... $START_LINK$ Google Home ..$END_LINK$... Chromecast..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\hi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19381
Entropy (8bit):	5.328912995891658
Encrypted:	false
SSDEEP:	384:zrGrSmhKy7KyY+bNEDqlQdrMEPxtShJV6uml:zBqG6QdwEPrW6uml
MD5:	20C86E04B1833EA7F21C07361061420A
SHA1:	617C0D70E162CF380005E9780B61F650B7A39F9B
SHA-256:	C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
SHA-512:	9FB91AA8E0226519E298B1136E8A1A3C1879DB7F0E6052AF1BFD55921CD698346278D04602510680A9695A76DD5C96D9665380580044C50D81392BB2CB3E8E95
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "..... ... .. ... .... ....... .. .... ..... ..... .... ..?".. },.. "128276876460319075": {.. "message": "...... ...".. },.. "1428448869078126731": {.. "message": "...... .........".. },.. "1522140683318860351": {.. "message": "....... ..... ..... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": ".... .. $START_LINK$ Google Home .........$END_LINK$ ... .... Ch

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\hr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15507
Entropy (8bit):	5.290847699527565
Encrypted:	false
SSDEEP:	192:Pdapr6h85tRwVQgkvJryLkla5Kfndg/V6c8TEKdl:Arwot2Q7BryVce/V6uml
MD5:	3ED90E66789927D80B42346BB431431E
SHA1:	2B061E3271DF4255B1FFC47BDB207CDEC0D9724F
SHA-256:	0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
SHA-512:	92BE43F1FFC8EFBF5BBC50573AC4C65F6104416A5B6CD04404C3A9854CA3DCF2A43A4044C168590CDF83887D234495843572331ADCD5B020D2E48A3956F3C164
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Zamrzavanje".. },.. "1213957982723875920": {.. "message": "Koje od sljede.eg najbolje opisuje va.u mre.u?".. },.. "128276876460319075": {.. "message": "Otkrivanje ure.aja".. },.. "1428448869078126731": {.. "message": "Ujedna.enost videoreprodukcije".. },.. "1522140683318860351": {.. "message": "Povezivanje nije uspjelo. Poku.ajte ponovo.".. },.. "1550904064710828958": {.. "message": "Glatko".. },.. "1636686747687494376": {.. "message": "Savr.ena".. },.. "1802762746589457177": {.. "message": "Glasno.a".. },.. "1850397500312020388": {.. "message": "Vidite li svoj Chromecast u $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\hu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15682
Entropy (8bit):	5.354505633120392
Encrypted:	false
SSDEEP:	192:CCEAproS9fZv+JwkDMrC2NSxoSgbV6c8TEKdl:5r5VZv+RDMrazoV6uml
MD5:	8E9FF7E49473C5734A2F6F0812E12EB3
SHA1:	A4F10DDD1580582533D5EB59EDF6D8048F887C81
SHA-256:	6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
SHA-512:	E9A4AF31B1A276F395599BB620A3164CABF3459F3C102DD3F57DFEA734510BD985DE65CB409E1975559ACCC615075439A08E1DEBE22C90A0ABCAA3CAFEE79AC7
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Lefagy".. },.. "1213957982723875920": {.. "message": "Az al.bbiak k.z.l melyik jellemzi legjobban h.l.zat.t?".. },.. "128276876460319075": {.. "message": "Eszk.zfelfedez.s".. },.. "1428448869078126731": {.. "message": "Vide. folyamatoss.ga".. },.. "1522140683318860351": {.. "message": "Sikertelen kapcsol.d.s. K.rj.k, pr.b.lja .jra.".. },.. "1550904064710828958": {.. "message": "Folyamatos".. },.. "1636686747687494376": {.. "message": "T.k.letes".. },.. "1802762746589457177": {.. "message": "Hanger.".. },.. "1850397500312020388": {.. "message": "L.tja a Chromecastot a $START_LINK$Google Home alkalmaz.sban$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\id\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15070
Entropy (8bit):	5.190057470347349
Encrypted:	false
SSDEEP:	192:GsprMtChjkWfrEWL0KRCnEOWV6c8TEKdl:9rtAEr3LTRuWV6uml
MD5:	7ADF9F2048944821F93879336EB61A78
SHA1:	C3DA74FB544684D5B250767BB0CB66FFB7C58963
SHA-256:	3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
SHA-512:	1F28BB80E1839C5581106BEA3AE2501C7618249D7E3115819F5A9A87771D59F5DE346C1B9C87F7FFC390604D5B9888CE738E25F2F04A094002A0FB3B22CBEC95
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Membeku".. },.. "1213957982723875920": {.. "message": "Dari berikut ini, manakah yang paling mendeskripsikan jaringan Anda?".. },.. "128276876460319075": {.. "message": "Penemuan Perangkat".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Coba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Bisakah Anda melihat Chromecast di $START_LINK$aplikasi Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\it\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15256
Entropy (8bit):	5.210663765771143
Encrypted:	false
SSDEEP:	192:lYprk52dAaykVza8rE0QWBKD9+vq0hKEV6c8TEKdl:qrlA8r6DalV6uml
MD5:	BB3041A2B485B900F623E57459AE698A
SHA1:	502F5EA89F9FB0287E864B240EA39889D72053A4
SHA-256:	025737EF8FA06706B3F26D0F52B4844244A6D33DAE1D82FEF2931A14C003D57E
SHA-512:	BA51784073BEF82F3A116B33DA406FDB10EC823B9EE74375C46036DAD8BDCB4141F60845DE141ABE42CEEF9251572F6AB287CA5FC7669C60E4F68071D5AB8C2D
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Si blocca".. },.. "1213957982723875920": {.. "message": "Quale delle seguenti definizioni descrive meglio la tua rete?".. },.. "128276876460319075": {.. "message": "Rilevamento dispositivi".. },.. "1428448869078126731": {.. "message": "Uniformit. video".. },.. "1522140683318860351": {.. "message": "Connessione non riuscita. Riprova.".. },.. "1550904064710828958": {.. "message": "Fluido".. },.. "1636686747687494376": {.. "message": "Perfetta".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Riesci a vedere il tuo dispositivo Chromecast nell'$START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ja\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16519
Entropy (8bit):	5.675556017051063
Encrypted:	false
SSDEEP:	192:nkprPhQdxkRWrZe1wYpMR5wnAV6c8TEKdl:YrLRWri65wAV6uml
MD5:	6F2CC1A6B258DF45F519BA24149FABDC
SHA1:	8A58C7880C6D22765DCBB6BCE22A192C1B109AE1
SHA-256:	42ECFEE727CFC4F2845FEFDACE5EDC2E0A40AFAD69973A3B950CE653A7633342
SHA-512:	F7454F0E14301C59CC54361ACC0A1C6D072EF9BDF5DEA60646FB90B1CE47612785938C784A4CF1DE3E62648A14420374933B5F5DA43907BC00D3799FF163A3D0
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": "................................".. },.. "128276876460319075": {.. "message": "......".. },.. "1428448869078126731": {.. "message": ".......".. },.. "1522140683318860351": {.. "message": ".......................".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home ...$END_LINK$. Chromecast .........$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\kn\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20406
Entropy (8bit):	5.312117131662377
Encrypted:	false
SSDEEP:	384:a6C5rBSzvrZreGnla9ZBHRUDYr9yRwEcAa4rSeD5BSz0hJz8qbbM3gbr//Hkr44c:a6C5rBSzvFreGnla9ZBHRUDYr9yRwEcC
MD5:	2E3239FC277287810BC88D93A6691B09
SHA1:	FC5D585DA00ADC90BF79109C7377BD55E6653569
SHA-256:	5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
SHA-512:	DF8BC9E577D3ECB0E6C303E1D2C9E9A4A8317CAE810A9DFC88D91B373A4B665722C5A9AB5A589BB947FDA4C7CD9A6DF39DDD13EA47FE9EFF7E0AC43E49FF3479
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "....... .........".. },.. "1213957982723875920": {.. "message": "...... ...... ..... ........... ..... ......... ............?".. },.. "128276876460319075": {.. "message": "..... ........".. },.. "1428448869078126731": {.. "message": "........ .......".. },.. "1522140683318860351": {.. "message": "...... ........... ........ ..... ...........".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".... $

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ko\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	15480
Entropy (8bit):	5.617756574352461
Encrypted:	false
SSDEEP:	192:kWprGvSQtkxWffrnl5JuFBWVZV6c8TEKdl:TrkuxKfrlT4YVZV6uml
MD5:	E303CD63AD00EB3154431DED78E871C4
SHA1:	3B1E5B8E2CF5EBDF5D33656EF80A46563F751783
SHA-256:	FDE602BFDB1AFD282682DA5338C4F91D8A2F6CB5411DB8F62F4583D629CE67A6
SHA-512:	18BA1D5A25FBC1829AD957A531B0CC490AFCBD20AC22181021363AA3CFB916270B8732E824463C9B0897220E8AE86EB1BE561D6540E6C625F08F228F61DDFFA3
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": ".. . .. .. ..... .. . .... ... .....?".. },.. "128276876460319075": {.. "message": ".. ..".. },.. "1428448869078126731": {.. "message": "... ..".. },.. "1522140683318860351": {.. "message": ".... ...... .. ... ....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "...".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home .$END_LINK$. Chromecast. .....? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\lt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15802
Entropy (8bit):	5.354550839818046
Encrypted:	false
SSDEEP:	192:lGxSprfkiRR+2zJckS1khrnPI85+80p3DWReV6c8TEKdl:lG4rlq0OkSmhrwbpIeV6uml
MD5:	93BBBE82F024FBCB7FB18E203F253429
SHA1:	83F4D80F64FA2ADCE6C515C5F663BD38A76C51DB
SHA-256:	E7A8570922CCC4F2CA3721C4E61F426158C4E7BC90274FBC8BE4040FF8B6CA9B
SHA-512:	B7E7878106B466CE95069141DF1DE387E847348B62E9C4D548006452F3E164B3AD842E9673A56DC011A5ECC3346B5863E2034EE477A9D1F3E0ABD76B2D0F640A
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Stringa".. },.. "1213957982723875920": {.. "message": "Kuris i. toliau pateikt. teigini. geriausiai apib.dina j.s. tinkl.?".. },.. "128276876460319075": {.. "message": ".renginio suradimas".. },.. "1428448869078126731": {.. "message": "Vaizdo .ra.o sklandumas".. },.. "1522140683318860351": {.. "message": ".vyko ry.io klaida. Bandykite dar kart..".. },.. "1550904064710828958": {.. "message": "Leid.iama skland.iai".. },.. "1636686747687494376": {.. "message": "Puiki".. },.. "1802762746589457177": {.. "message": "Garsumas".. },.. "1850397500312020388": {.. "message": "Ar .Chromecast. rodomas $START_LINK$programoje .Google Home.$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\lv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15891
Entropy (8bit):	5.36794040601742
Encrypted:	false
SSDEEP:	192:y18prUkm15wkLDG2raqhnZDuvyI762V6c8TEKdl:RrAL7rte62V6uml
MD5:	388590CE5E144AE5467FD6585073BD11
SHA1:	61228673A400A98D5834389C06127589F19D3A30
SHA-256:	05CA14196CA5D90B228C0F03684E03EBE403A3E7B513AE0A059244AE12B51164
SHA-512:	BF83AC90BC56CEB1CA12DCB47BCE542FB8CFE0BC14E34DE4FE1A84F7CDB4B54E36C125CEA7EE06EA6244F7795A0957A8A20DB30CA4C60FC6E96EF2A735448521
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".Iesald.ts. att.ls".. },.. "1213957982723875920": {.. "message": "Kur. no t.l.k min.tajiem apgalvojumiem vislab.k raksturo j.su t.klu?".. },.. "128276876460319075": {.. "message": "Ier.ces atra.ana".. },.. "1428448869078126731": {.. "message": "Video vienm.r.ba".. },.. "1522140683318860351": {.. "message": "Neizdev.s izveidot savienojumu. L.dzu, m..iniet v.lreiz.".. },.. "1550904064710828958": {.. "message": "Vienm.r.gs att.ls".. },.. "1636686747687494376": {.. "message": "Nevainojama".. },.. "1802762746589457177": {.. "message": "Ska.ums".. },.. "1850397500312020388": {.. "message": "Vai j.su Chromecast ier.ce ir redzama $START_LINK$lietotn. Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2"..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ml\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20986
Entropy (8bit):	5.347122984404251
Encrypted:	false
SSDEEP:	384:6pQrdbhWHZ3wOn1HbxytQdroExFVRnTPV6uml:X5hUtz6uml
MD5:	2AF93901DE80CA49DA869188BCDA9495
SHA1:	E60DF4F2FB12BD3F1CA869DAD9F6BDE0C17CEB11
SHA-256:	329E80AEE1212F634E180DEF7E16D6E38D9C9FDA9AC9DB1D99B8AE1626EF304E
SHA-512:	DD1711B017DC65E1272972A1BEBD7A1B1769E1F22B37B20582573392CD432725D19DCE134145B3C031428BC0B5948B02A9AA93C8A651BEAA189B686B7BC2AD46
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...........".. },.. "1213957982723875920": {.. "message": "................ ..... ....... ...... ....... ......... ............. .................?".. },.. "128276876460319075": {.. "message": "...... .........".. },.. "1428448869078126731": {.. "message": "...... ...............".. },.. "1522140683318860351": {.. "message": "...... .............. ....... ...........".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message"

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\mr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19628
Entropy (8bit):	5.311054092888986
Encrypted:	false
SSDEEP:	192:PbrpprGy+RmIosTmidpzlF1Akk03LQYOkQrjNjP8hZYiEQ5z+excV6c8TEKdl:PbfrGUIos7dpzxbP7KrjNjaBEYuV6uml
MD5:	659F5B4ACA112D3ECBB6EC1613DDE824
SHA1:	5DEE35FCD260554999F8DDEC489FBA9F81FA8EEE
SHA-256:	C8B765E7A07578BC078A952E151E3B866506959E15E79E9E5E1DBB98F9C4008F
SHA-512:	F74B36C1B6160E444F4969D13788A9C60637BDC11DC5065B2518B668E8D638384E00557ACDC88B3EA225D9231B6BED4B227BFB2E12C92773073B256F62ADDE63
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "......".. },.. "1213957982723875920": {.. "message": "......... ..... ...... ......... ............ ..... ....?".. },.. "128276876460319075": {.. "message": "........ ...".. },.. "1428448869078126731": {.. "message": "....... .......".. },.. "1522140683318860351": {.. "message": "....... ....... ..... ..... ...... ....... ....".. },.. "1550904064710828958": {.. "message": ".... ..... .....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": ".........".. },.. "1850397500312020388": {.. "message": "...... $START_LINK$ Goo

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ms\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15330
Entropy (8bit):	5.193447909498091
Encrypted:	false
SSDEEP:	192:rCprBbx+Fkc4kYPr/pEt4EpXlIoV6c8TEKdl:CrYjer/mOE4oV6uml
MD5:	09D75141E0D80FBD3E9E92CE843DA986
SHA1:	B24EAB4B1242C31B69514D77BC1DB36A3F648F40
SHA-256:	8F1DBDEFD910AD88BEEC7956619CDB34391D6E69254C3A7497E8F87134AE8B5C
SHA-512:	935C69481F1555787FCB9A5490B3188B348284B600359239742A7D802ADD5CC8A30CC1F0942D52E620DFB388787FCD69B548BBAC590110245DF5763367A2DD5A
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Tidak bergerak".. },.. "1213957982723875920": {.. "message": "Antara yang berikut, manakah yang terbaik menggambarkan rangkaian anda?".. },.. "128276876460319075": {.. "message": "Penemuan Peranti".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Sila cuba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Kelantangan".. },.. "1850397500312020388": {.. "message": "Adakah anda dapat melihat Chromecast anda dalam $START_LINK$ apl Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\nb\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15155
Entropy (8bit):	5.2408655429422515
Encrypted:	false
SSDEEP:	192:5Pvl9prfckKJ+3kEUroBsL78Z4XyfhV6c8TEKdl:9vhrkDJ+UEUroE78OCJV6uml
MD5:	ED99169537909291BCC1ED1EA7BB63F0
SHA1:	5F72D51B6DBE8C622EF33D2B2AEBD7E9E20DAFB3
SHA-256:	65B6598225ADA1E14EE9CB76CA863708E8F9EE0724B4EDC8F9508532BD631BAB
SHA-512:	452704BFC109EEBDE7C9D83CFC9EADA7471989CA7D30F5C8754B6C2B026100A87C8D9ED49A09E398CEBA8B837829E2D9C6772EEEAF1AFA506F35BDDF25C20C23
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket av f.lgende eksempler beskriver nettverket ditt best?".. },.. "128276876460319075": {.. "message": "Enhetsgjenkjenning".. },.. "1428448869078126731": {.. "message": "Videojevnhet".. },.. "1522140683318860351": {.. "message": "Tilkoblingen mislyktes. Pr.v p. nytt.".. },.. "1550904064710828958": {.. "message": "Jevn".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Ser du Chromecasten din i $START_LINK$Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START_SPAN":

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\nl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15327
Entropy (8bit):	5.221212691380602
Encrypted:	false
SSDEEP:	192:0Yiepr1oh/Kd1sko8MrIpL72Izq8pXL2vVRmdKV6c8TEKdl:04r60Xo8MrIpLpRXL0G0V6uml
MD5:	E9236F0B36764D22EEC86B717602241E
SHA1:	DE82B804B18933907095DEF3F2EF164C1BB5F9B6
SHA-256:	300F4F7C45EBE39EAAF40776C28D0A399A710699AAB58E9A8D43A6FD2DD00376
SHA-512:	BB8A81D5D1C3FB3CA05149137852CAC213DEECB0437DA85472D5C03DAEFFE28D73007D7921740E56FE8B79544F529670600D47B86C4F27BF45C090B4D55F23F7
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Loopt vast".. },.. "1213957982723875920": {.. "message": "Welke beschrijving past het beste bij je netwerk?".. },.. "128276876460319075": {.. "message": "Apparaatdetectie".. },.. "1428448869078126731": {.. "message": "Vloeiendheid van de video".. },.. "1522140683318860351": {.. "message": "Kan geen verbinding maken. Probeer het opnieuw.".. },.. "1550904064710828958": {.. "message": "Vloeiend".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Zie je je Chromecast in de $START_LINK$Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\pl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15418
Entropy (8bit):	5.346020722930065
Encrypted:	false
SSDEEP:	192:PBUprktnFwP5GkzF0r2Q3SdIucDGGmPlTV6c8TEKdl:ur2CDur2kT9aGydV6uml
MD5:	8254020C39A5F6C1716639CC530BB0D6
SHA1:	A97A70427581ADA902CA73C898825F7B4B4FAC8F
SHA-256:	2F4E4FC6AEB4A8E7F0E0DCE220D66E763F4EBF1FA79985834D636C6692FEA3E8
SHA-512:	9A2CD0F061A943CE04789FF259ECE5B3CCA11EBB6C1DF16C703F70394A5F89415E8EFB79CFB4646FC07FD261170A74602644FFF02ABD38548895CDF7DAB68EB6
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Zatrzymuje si.".. },.. "1213957982723875920": {.. "message": "Kt.ra z tych opcji najlepiej opisuje Twoj. sie.?".. },.. "128276876460319075": {.. "message": "Wykrywanie urz.dze.".. },.. "1428448869078126731": {.. "message": "P.ynno.. obrazu".. },.. "1522140683318860351": {.. "message": "Nie uda.o si. nawi.za. po..czenia. Spr.buj ponownie.".. },.. "1550904064710828958": {.. "message": "P.ynna".. },.. "1636686747687494376": {.. "message": "Idealna".. },.. "1802762746589457177": {.. "message": "G.o.no..".. },.. "1850397500312020388": {.. "message": "Czy Chromecasta wida. w.$START_LINK$aplikacji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\pt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15475
Entropy (8bit):	5.239856689212255
Encrypted:	false
SSDEEP:	192:L9PpriI0RYHf8kfrvvI/99T+BEsV6c8TEKdl:LrkYPfrgsV6uml
MD5:	FABD5D64267F0E6D7BE6983AB8704F8C
SHA1:	D4DAAD0FF5C461C51E6C1FD22B86AFC5B13E123F
SHA-256:	D82DCA262FF005668B252B478DEDAAC4A5C1E417AF9DE57C22F169A6680183AE
SHA-512:	AD8B2129DCB4F232AEDD7A2B90AF2EFA43497F9118C27AB843D279F7B0EDF70AF95251B46C8098AA831FEC0B2AF6AB0308D3DCFD9AE87BEA8AD9E0D1032E0F8B
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Congela".. },.. "1213957982723875920": {.. "message": "Qual das seguintes alternativas melhor descreve sua rede?".. },.. "128276876460319075": {.. "message": "Detec..o de dispositivos".. },.. "1428448869078126731": {.. "message": "Suavidade da reprodu..o do v.deo".. },.. "1522140683318860351": {.. "message": "Falha na conex.o. Tente novamente.".. },.. "1550904064710828958": {.. "message": "Suave".. },.. "1636686747687494376": {.. "message": "Perfeita".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": ". poss.vel encontrar seu Chromecast no $START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ro\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15655
Entropy (8bit):	5.288239072087021
Encrypted:	false
SSDEEP:	192:rpzpr34BALdvonekYFJr2RlYh7YU95cep3AnjYCV6c8TEKdl:HrIqLdv0VYFJrT95c8VCV6uml
MD5:	75E16A8FB75A9A168CFF86388F190C99
SHA1:	C27CE4C1DB3DF2D232925C73DC9AC1FA24DAD396
SHA-256:	9C4716FF42A730F1E7725F0D9E703F311E79FDA31F85B4BB0B8863FC3C27AB9D
SHA-512:	9E0BF56560B1D73F9706FF6AA2D5628CBE58EFCE197899A7EE686B2395D0FA2F9927538DD9B7B152CE2DED4708A210DA3DD6F5350E62AF853E809782997B1922
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Redare cu bloc.ri".. },.. "1213957982723875920": {.. "message": "Care dintre urm.toarele descrie cel mai bine re.eaua ta?".. },.. "128276876460319075": {.. "message": "Descoperirea dispozitivelor".. },.. "1428448869078126731": {.. "message": "Calitatea red.rii videoclipului".. },.. "1522140683318860351": {.. "message": "Conexiunea nu s-a stabilit. .ncerca.i din nou.".. },.. "1550904064710828958": {.. "message": "Redare lin.".. },.. "1636686747687494376": {.. "message": "Redare perfect.".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Chromecastul dvs. apare .n $START_LINK$ aplica.ia Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ru\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17686
Entropy (8bit):	5.471928545648783
Encrypted:	false
SSDEEP:	192:Pu6PQpr19XtZkmVpFQkeVBSr/7Nq5k8TyIeBcrvV6c8TEKdl:ir7Q+LASrWk8CirvV6uml
MD5:	8EF94823972EA8D2FC9BB7EC09AB1846
SHA1:	4171DC9CE9D82FDA5A280517A1FE58C907D75CE3
SHA-256:	1009DB9FFA64E411B31E0780EBA43B9C9F8B05B5AC8CCA9A38514650261ABB0A
SHA-512:	83CEC6CF43F4A5A998B987DA6B6F236B36078C560F1CD79366AEBF2950ECD881F0B3ECC1C0769D911381B4A1D5901121E3620CA1AC2401BDE12642BE64EFD67A
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".........".. },.. "1213957982723875920": {.. "message": "..... .. ......... .... ........ ............. ..... ....?".. },.. "128276876460319075": {.. "message": "........ . ............ .........".. },.. "1428448869078126731": {.. "message": "............... .....".. },.. "1522140683318860351": {.. "message": ".. ....... .......... ........... ......... ........".. },.. "1550904064710828958": {.. "message": "....... ...............".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message": ".........".. },.. "1850397500312020388": {.. "message": ".. ...... .... .......... Chromecast . $START_LINK$........

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\sk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15740
Entropy (8bit):	5.409596551150113
Encrypted:	false
SSDEEP:	192:PIwprzrAXVZdrkF9PMZq6rTxnfKVSk7bVV6c8TEKdl:jrojd4F94q6rRsdVV6uml
MD5:	C314FAC15AFF6A2EE9C732C64AB5A66D
SHA1:	D51F3362B5FDD2F3756DE42D7D6227DC818C6344
SHA-256:	8EE2A25A09D6D0F89063FAA34BA2BC4DB505DD31FE6D5064C5D6E1E153721484
SHA-512:	C0387992BFD6D5EA7781A6A8112DDAF9759A3FCE0B0D954F024B4368EBAE132EB5FB6D59DE69F7C015E049339F6A170F1B41236E222D09FF41020F912E9DCD3C
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Zam.za".. },.. "1213957982723875920": {.. "message": "Ktor. z nasleduj.cich skuto.nost. najlep.ie popisuj. va.u sie.?".. },.. "128276876460319075": {.. "message": "Vyh.ad.vanie zariaden.".. },.. "1428448869078126731": {.. "message": "Plynulos. videa".. },.. "1522140683318860351": {.. "message": "Pripojenie zlyhalo. Sk.ste to znova.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "V.born.".. },.. "1802762746589457177": {.. "message": "Hlasitos.".. },.. "1850397500312020388": {.. "message": "Vid.te svoj Chromecast v.$START_LINK$aplik.cii Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\sl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15628
Entropy (8bit):	5.292871661441512
Encrypted:	false
SSDEEP:	192:Ppp0prwFOhNkcUw4kjkNOD7r31RdeYqakV6c8TEKdl:0rXjYwy4Xr34AkV6uml
MD5:	F60AB4E9A79FD6F32909AFAC226446B3
SHA1:	07C9E383D4488BEBE316CA86966FC728F55A2E32
SHA-256:	CDE581E6E7CF0136B003B45549E3BBEE7B67B74ADD786A8D5607BFDAD1DE7B87
SHA-512:	F6A7673A8EFDB7FF74D7B83DD4BCB3683031DB7FBFE6654F6311CBA53EC42F3E45CE2B42A6E385F868271BBDD348272ACF9CE304E2DB52A10B36D24C7B03114F
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Zamrzne".. },.. "1213957982723875920": {.. "message": "Kaj od tega najbolje opi.e va.e omre.je?".. },.. "128276876460319075": {.. "message": "Odkrivanje naprav".. },.. "1428448869078126731": {.. "message": "Teko.e predvajanje videoposnetka".. },.. "1522140683318860351": {.. "message": "Vzpostavitev povezave ni uspela. Poskusite znova.".. },.. "1550904064710828958": {.. "message": "Teko.e".. },.. "1636686747687494376": {.. "message": "Odli.no".. },.. "1802762746589457177": {.. "message": "Glasnost".. },.. "1850397500312020388": {.. "message": "Ali je Chromecast viden v $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\sr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17769
Entropy (8bit):	5.433657867664831
Encrypted:	false
SSDEEP:	192:AtUpr9riVEviVutkeV74ErILfWloyWR5Roxj2V6c8TEKdl:AGr1pvtuWDrS9Sj2V6uml
MD5:	4E233461D805CA7E54B0B394FFF42CAB
SHA1:	77F30833FC73A4C02C652C9E5A6EAFE9C3988A30
SHA-256:	E1E1C64213EBF2CFEB7BA83E51B697CEA449B3A8B279B1024B859228DE869879
SHA-512:	7288B11E9F46CF8138E0F8305E5E43CCCCCAD75F2D37EB2515C6BD54064FDC511A5872F0A940FA44A0B1B2355D2E0AED12A0D53267AC501B4E5CB6DDE43B000D
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "......... ..".. },.. "1213957982723875920": {.. "message": ".... .. ........ ...... ....... ....... .....?".. },.. "128276876460319075": {.. "message": "......... .......".. },.. "1428448869078126731": {.. "message": "........ ............ ..... ......".. },.. "1522140683318860351": {.. "message": ".......... .... ....... ........ .......".. },.. "1550904064710828958": {.. "message": "... .......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": "...... .....".. },.. "1850397500312020388": {.. "message": "...... .. .. ...... Chromecast . $START_LINK$.......... Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\sv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15135
Entropy (8bit):	5.258962752997426
Encrypted:	false
SSDEEP:	192:LY5pr2y3Lm3kONgMr6nxJNuyF5JTpg2NOV6c8TEKdl:Yr5DMrAfpOV6uml
MD5:	897DAE6B0CF0FDE42648F0B47CB26E06
SHA1:	E1F5F5F65AF34FF9484AB2B01E571EAF19BA23D0
SHA-256:	52656C24F6F6D0F3B3FC01E9504C4D5CEB85624F1B22E974CA675DD0E94EB82D
SHA-512:	399DEACFE61F4AF9B24AAA0357D30149CC49DA7825295933D3AE006714B5DE7AC5FCB9EC5340B0E3AB4ABF25641032BBBB5B7D578CD204F4EDEAFE6E08C55663
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Fastnar tillf.lligt".. },.. "1213957982723875920": {.. "message": "Vilket av f.ljande beskriver ditt n.tverk b.st?".. },.. "128276876460319075": {.. "message": "Enhetsidentifiering".. },.. "1428448869078126731": {.. "message": "J.mn videouppspelning".. },.. "1522140683318860351": {.. "message": "Det gick inte att ansluta. F.rs.k igen.".. },.. "1550904064710828958": {.. "message": "Flyter p.".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Volym".. },.. "1850397500312020388": {.. "message": "Visas din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\sw\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15156
Entropy (8bit):	5.216902945207334
Encrypted:	false
SSDEEP:	192:6GprWbq4takN4kbvrwJAV5HeY9NVUpnV6c8TEKdl:nrol7rRkpnV6uml
MD5:	EC233129047C1202D87DC140F7BA266D
SHA1:	537E4C887428081365D028F32C53E3C92F29AAA6
SHA-256:	28EDBC5C4858217811D45CAA215710E452C8926E4DE99F810001AD664D08BE0D
SHA-512:	2E3F9BA1EA9EEF921E76B46B5EF2404B3B77B61F18CF67CC78C23C62202227F678A3DBE9C730E42A310800914DC53F25E8B2FBF461839DE33D3501B0BCB4EC8D
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Inasita kucheza".. },.. "1213957982723875920": {.. "message": "Ni gani kati ya zifuatazo inaelezea mtandao wako vizuri?".. },.. "128276876460319075": {.. "message": "Kupata Kifaa".. },.. "1428448869078126731": {.. "message": "Ulaini wa Kutiririsha Video".. },.. "1522140683318860351": {.. "message": "Imeshindwa kuunganisha. Tafadhali jaribu tena.".. },.. "1550904064710828958": {.. "message": "Laini".. },.. "1636686747687494376": {.. "message": "Bora".. },.. "1802762746589457177": {.. "message": "Sauti".. },.. "1850397500312020388": {.. "message": "Je, unaweza kuona Chromecast yako katika $START_LINK$ programu ya Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\ta\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20531
Entropy (8bit):	5.2537196877590056
Encrypted:	false
SSDEEP:	192:I0N4prlczmbWIO0KISBZdMx4kLQ7rgEsZatRoFkJL+KJtjV6c8TEKdl:0r/TUrRVjV6uml
MD5:	C50C5D2EDFC79DBDCBD5A58A027A3231
SHA1:	14314D760A18C39F06CD072CF5843832AFB86689
SHA-256:	EEB0E89D5AD92B80FF08F88533A111DB3416D7C3860C64227D1CC8B7C2B58298
SHA-512:	A241084C44260C239CB8E6736AB7F7D1988142DDA6CAAD9F907FB42970BE56EC8DA6956BFBE97F926C6EFA32B750F1F57815980494BC31D27DF609C04421AD42
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "....... .........".. },.. "1213957982723875920": {.. "message": "................ ... ...... .............. ...... ........ ...........?".. },.. "128276876460319075": {.. "message": "...... .............".. },.. "1428448869078126731": {.. "message": ".......... ..... .....".. },.. "1522140683318860351": {.. "message": "...... ............ ........ .........".. },.. "1550904064710828958": {.. "message": "..... ......".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message": "......."

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\te\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20495
Entropy (8bit):	5.301590673598541
Encrypted:	false
SSDEEP:	384:hcFQcIrxhljbwSb4V6Icdbf1crfrCk0ODzB+relGZqsItV6uml:KcNbw4b2reSob26uml
MD5:	F740F25488BE253FCF5355D5A7022CEE
SHA1:	203A8DF19BA5A602A43DE18E99A6615D950C450E
SHA-256:	5B9C96CB5D62510836B321EB9CEEF23865BB9D4DC4DE7716E90A858E00701FDF
SHA-512:	3FB6E32D26EEAADB94D594A5B61930B003B4DA09C282A2ABF063A4502AA725FB88E4801F8A2443CD46137BEDAE5DFD2359DCA3506EE416713D08DF6430065725
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "........".. },.. "1213957982723875920": {.. "message": "..... .......... ... .. ........... ....... ........ ............?".. },.. "128276876460319075": {.. "message": "..... ..... ....".. },.. "1428448869078126731": {.. "message": "...... ...... ......".. },.. "1522140683318860351": {.. "message": "........ .......... ...... ..... ..............".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": "......... ....".. },.. "1802762746589457177": {.. "message": "........".. },.. "185039750031202038

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\th\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	18849
Entropy (8bit):	5.3815746250038305
Encrypted:	false
SSDEEP:	384:GhjwMfr4c/ey18Ym7ZepIfa1hea0KEr2ucpYxcixh8V6uml:GhjwMfccGy18Ym7ZiIfa1hea0KEKucp2
MD5:	9F926FCB8BAEA23453B99EA162CCDEA1
SHA1:	04D1E45591C0435A39DCA00A81E83E68585E8B64
SHA-256:	100463C587F549C964A4EB21EA38EA1B4ADEF11E927FAC8FF884623B77202C02
SHA-512:	F226278DDF2D1995961690895361AB7B5D221C5E36D7767BBA71F36716C27B28210F85DC7DB4D2FC61B048FE2D058EE76EFBF2AD2A9714375149C4D09E18BE2B
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "....".. },.. "1213957982723875920": {.. "message": ".............................................".. },.. "128276876460319075": {.. "message": "...............".. },.. "1428448869078126731": {.. "message": "....................".. },.. "1522140683318860351": {.. "message": "................... ...............".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": "..........".. },.. "1802762746589457177": {.. "message": "..........".. },.. "1850397500312020388": {.. "message": ".......... Chromecast ..... $

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\tr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15542
Entropy (8bit):	5.336342457334077
Encrypted:	false
SSDEEP:	192:OGNSbprOWklwIc3uk+zwr5a+qF6LtP2nFjYqcV6c8TEKdl:wrfNV9r5avYqcV6uml
MD5:	B0420F071E7C6C2DE11715A0BF026C63
SHA1:	F41CC696786B18805DB8DC9E1E476146C0D6BE90
SHA-256:	309F946F753DF6AF5C255D772EA0D429462152F78ABA4A96A2E369707A2C6B67
SHA-512:	67B42FC962AB70FFF86777E5057047EF4CFFDA4BED040F9D45BB5DB0275C3B5F21B17924AE5C51C71E8B078AB88AE3001C70CDB4E1994D4C8A20DEFC3A1D34FA
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Donuyor".. },.. "1213957982723875920": {.. "message": "A..n.z. a.a..dakilerden hangisi en iyi .ekilde tan.mlar?".. },.. "128276876460319075": {.. "message": "Cihaz Bulma".. },.. "1428448869078126731": {.. "message": "Videonun D.zg.n Oynat.lmas.".. },.. "1522140683318860351": {.. "message": "Ba.lant. ba.ar.s.z oldu. L.tfen tekrar deneyin.".. },.. "1550904064710828958": {.. "message": "D.zg.n".. },.. "1636686747687494376": {.. "message": "M.kemmel".. },.. "1802762746589457177": {.. "message": "Ses d.zeyi".. },.. "1850397500312020388": {.. "message": "Chromecast'inizi $START_LINK$Google Home uygulamas.nda$END_LINK$ g.rebiliyor musunuz? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\uk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17539
Entropy (8bit):	5.492873573147444
Encrypted:	false
SSDEEP:	384:vDBprzaoaqEv390hrTr6hlRU62cdV6uml:/BaFNe76GYX6uml
MD5:	FF06E78C06E8DFF4A422EA24F0AB3760
SHA1:	A434D1CE22DE0D2FD1842E94F5815F7B1972D1EE
SHA-256:	E209FDEF12CCEC03B4E0D5B9464F90D527E62C5BC4DD565C680661D7F282AB02
SHA-512:	8EADCC918F51A946A68AAF4D9DD7F3894BE470FD0A0550E4160D609F30C78BD55508B3DF4D62A28C0813D83C5C10F9A7BFE656A4CF519E4CC814FFB07F1E9F3B
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".. . ............ ..... ........ ...... .... ......?".. },.. "128276876460319075": {.. "message": "......... ........".. },.. "1428448869078126731": {.. "message": "......... ........... .....".. },.. "1522140683318860351": {.. "message": ".. ....... ............. ......... ........".. },.. "1550904064710828958": {.. "message": "...... ...........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".. ...... .. .... ........ Chromecast . $START_LINK$....... Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeho

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\vi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16001
Entropy (8bit):	5.46630477806648
Encrypted:	false
SSDEEP:	192:8xyKyprnBTF0cEW5xk0rdBrQBiaiNiw+3KrV6c8TEKdl:8ULrB5yW5C0rHrOiZ5gKrV6uml
MD5:	C3A40E8433D96D7E766C011D9EC7502B
SHA1:	EAB7BFAE48B1D29B95A8AE040DE94D3500824EE3
SHA-256:	BD3D0F8CF100C96415B224011F550082D4516593CBD3631347748B7D6AD5B85A
SHA-512:	ADAD26422DCA2728BB77760C508C37888013EA4E3B980D9133FE12737B02589ACD302B4096B2BF1B772A28A2103B2E1F7210F4900468B4590B84C7BBC950F1C1
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "D.ng h.nh".. },.. "1213957982723875920": {.. "message": "Tr..ng h.p n.o sau ..y m. t. ..ng nh.t m.ng c.a b.n?".. },.. "128276876460319075": {.. "message": "Kh.m ph. thi.t b.".. },.. "1428448869078126731": {.. "message": ".. m..t c.a video".. },.. "1522140683318860351": {.. "message": "K.t n.i kh.ng th.nh c.ng. Vui l.ng th. l.i.".. },.. "1550904064710828958": {.. "message": "M..t m.".. },.. "1636686747687494376": {.. "message": "Ho.n h.o".. },.. "1802762746589457177": {.. "message": ".m l..ng".. },.. "1850397500312020388": {.. "message": "B.n c. th. nh.n th.y Chromecast c.a m.nh trong $START_LINK$.ng d.ng Google Home$END_LINK$ kh.ng? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "conte

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\zh\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	14773
Entropy (8bit):	5.670562029027517
Encrypted:	false
SSDEEP:	192:hppr6VVD8/LkiQKrTV2U00jT25kNV6c8TEKdl:hr88/YOrTjF2GV6uml
MD5:	D4513639FFC58664556B4607BF8A3F19
SHA1:	65629BC4CBBACA498F4082DD5884C8D3D7DDDC8A
SHA-256:	C6D49997A9B4FF7FE701EC3644B1A523679A27778FB4BD39B7DBCA9F1ACCE595
SHA-512:	16260FAC30D57EBFD577833F45D52FEA446ABE877D0D4015EF47C5C9072B81DDA71ED4E5E7DAFDEBE82B26556A4477EA4BFCDEC227058E381B9812DAB1F4379B
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "..".. },.. "1213957982723875920": {.. "message": "..................".. },.. "128276876460319075": {.. "message": "....".. },.. "1428448869078126731": {.. "message": ".....".. },.. "1522140683318860351": {.. "message": ".........".. },.. "1550904064710828958": {.. "message": "..".. },.. "1636686747687494376": {.. "message": "..".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "... $START_LINK$Google Home ..$END_LINK$...... Chromecast ..$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START_SPAN": {.

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\_locales\zh_TW\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	14981
Entropy (8bit):	5.7019494203747865
Encrypted:	false
SSDEEP:	192:d2XprmNaHYkOkAFzrlR/jTcGIEaXV6c8TEKdl:WrT4uozrl/sXV6uml
MD5:	494CE2ACB21A426E051C146E600E7564
SHA1:	D045ECC2A69C963D5D34A148FE4A7939DE6A1322
SHA-256:	A1053F9496ED7FA3C625C94347F07A5E760F514FD8EE142EC9EE64E86B9C063D
SHA-512:	DE2C8498B55749B4D35CF2627E55271F7F09E4560FA16D7094EFB4085CF1E5FAE36F067AAC01AE120548C00DC8AA530EE96079B5CC3E322DF9FF8592799AEB3F
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "....".. },.. "1213957982723875920": {.. "message": "................".. },.. "128276876460319075": {.. "message": "....".. },.. "1428448869078126731": {.. "message": ".....".. },.. "1522140683318860351": {.. "message": "...........".. },.. "1550904064710828958": {.. "message": "..".. },.. "1636686747687494376": {.. "message": "..".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": ".... $START_LINK$Google Home ....$END_LINK$...... Chromecast ..$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\CRX_INSTALL\manifest.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	2284
Entropy (8bit):	5.29272048694412
Encrypted:	false
SSDEEP:	48:QWaLGou01ghZ7CsbCypwQdmv7pee3hZq/1C/ao1XJN8U3:DaLrgCWrdmTplZNx
MD5:	F76238944C3D189174DD74989CF1C0C6
SHA1:	85CE141EC8867B699668A5F5A48F404C84FCEB04
SHA-256:	2EF48A1CF322DE356E8844DD2FD3431E8E7ACD04770649B6507EACA5ABDB53A7
SHA-512:	330EC2ADC42A8AE653051694954795664EEECDB1A0E0F7A6BC03349C4FD1568BCC81FF2C4A6D826B07BEA7BED26CC27157A1BFAE4B6FC34B3E121DCE0A5CB26D
Malicious:	false
Reputation:	low
Preview:	{.. "background": {.. "persistent": false,.. "scripts": [ "common.js", "mirroring_common.js", "background_script.js" ].. },.. "content_security_policy": "default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://apis.google.com https://feedback.googleusercontent.com https://www.google.com https://www.gstatic.com; child-src https://accounts.google.com https://content.googleapis.com https://www.google.com; connect-src 'self' http://: https://:; font-src https://fonts.gstatic.com; object-src 'self';",.. "default_locale": "en",.. "description": "Provider for discovery and services for mirroring of Chrome Media Router",.. "externally_connectable": {.. "ids": [ "idmofbkcelhplfjnmmdolenpigiiiecc", "ggedfkijiiammpnbdadhllnehapomdge", "njjegkblellcjnakomndbaloifhcoccg" ].. },.. "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNTWJoPZ9bT32yKxuuVa9LSEYobjPoXCLX3dgsZ9djDrWKNikTECjdRe3/AFXb+v8jkmmtYQPnOgSYn06J/QodDl

C:\Users\user\AppData\Local\Temp\scoped_dir6508_1375631460\ff109978-56c2-4f15-ae05-419eb20bc387.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	768843
Entropy (8bit):	7.992932603402907
Encrypted:	true
SSDEEP:	12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
MD5:	A11D5CAF6BF849AEB84B0C95B1C3B7CF
SHA1:	27F410CCBD75852C01C7464A1FD7EF8C29BE3916
SHA-256:	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
SHA-512:	086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0....H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;\|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\8fe9e971-d001-4dce-8fad-ef0edc8d293d.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	248531
Entropy (8bit):	7.963657412635355
Encrypted:	false
SSDEEP:	3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
MD5:	541F52E24FE1EF9F8E12377A6CCAE0C0
SHA1:	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
SHA-256:	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
SHA-512:	D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f\|.~.c.4.E.......0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$\|..\|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0....H.=.....H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...\|!..A..L.+.=...kP.!.1..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\bg\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	796
Entropy (8bit):	4.864931792423268
Encrypted:	false
SSDEEP:	12:1HEJMLkSlwZGGMLkSlwZ+WYpU34f145Gb+dgoxTyO8ZpU34f1L0frhmJ03OyZnLt:1HE7n4gn8WYpYrbhz8ZpotHOGAOf6aD
MD5:	6F8E288A9AD5B1ED8633B430E2B4D4CA
SHA1:	F671D3D4BEFA431D1946D706F4192D44E29B6F08
SHA-256:	A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
SHA-512:	0F87F3F0D115B872288949E59ACD3CD41B1FBC64A622D8FDA6D71FAFC5A900D92ADFBB0E7EB926F2A8759BBAA0896D48728FB719BBF5EF54AC21027328F7700C
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "........ . ... ........ .. Chrome".. },.. "app_name": {.. "message": "........ . ... ........ .. Chrome".. },.. "craw_app_unavailable": {.. "message": "........... .... ...... .. .............".. },.. "craw_connect_to_network": {.. "message": "...., ........ .. . ......".. },.. "iap_unavailable": {.. "message": "........... .... ...... .. .......... ....... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "...., ...... . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\ca\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	675
Entropy (8bit):	4.536753193530313
Encrypted:	false
SSDEEP:	12:1HEJ0gbbGG0gbb+WYpU34g3YbiLO+dgyGFoO8ZpU34+puiPmb03OyZnLAOfTYABk:1HE5baib6WYpm31Lt0Z8Zp8pxOGAOfKD
MD5:	1FDAFC926391BD580B655FBAF46ED260
SHA1:	C95743C3F43B2B099FEBEBC5BD850F0C20E820AC
SHA-256:	C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
SHA-512:	39D95D45C5746DA3BAA7AE6A3344EA17D7A7C3569C2A56959FF119261DA08C747A320FCF701AC72B8DBDBF8BF06FD8B239017A282CDDA444F3826D4EC672CBB4
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Ara mateix aquesta aplicaci. no est. disponible.".. },.. "craw_connect_to_network": {.. "message": "Connecteu-vos a una xarxa.".. },.. "iap_unavailable": {.. "message": "La funci. Pagaments a l'aplicaci. no est. disponible actualment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicieu la sessi. a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\cs\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	641
Entropy (8bit):	4.698608127109193
Encrypted:	false
SSDEEP:	12:1HEJfZGGfZ+WYpU34OBh+dgN/O8ZpU34j05U03OyZnLAOfTYWc:1HEl4G8WYpdt8Zpq5TOGAOfW
MD5:	76DEC64ED1556180B452A13C83171883
SHA1:	CFB1E56FD587BCDC459C1D9A683B71F9849058F9
SHA-256:	32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
SHA-512:	5230A217968D5DC463E2E92D704544311A721E5CEF65C3125CBD8DEB9C0293D3BFB5C820A6011ABF77095FDEE7DAF67D541DC202B0C9CDB0908CBB85D84885CB
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikace v sou.asn. dob. nen. dostupn..".. },.. "craw_connect_to_network": {.. "message": "P.ipojte se pros.m k s.ti.".. },.. "iap_unavailable": {.. "message": "Platby v aplikaci aktu.ln. nejsou k dispozici.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "P.ihlaste se do Chromu.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\da\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	624
Entropy (8bit):	4.5289746475384565
Encrypted:	false
SSDEEP:	12:1HEJJMKKFZGGJMKKFZ+WYpU34OHu+dgxlCZO8ZpU34J4Wu03OyZnLAOfTYzD:1HErMKfqMKVWYpM6lL8ZpDNOGAOfiD
MD5:	238B97A36E411E42FF37CEFAF2927ED1
SHA1:	4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0
SHA-256:	4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
SHA-512:	FD0742D47B5F5AB9AAD9B4C3D57F63CB693E060EECE123A72036C6E92156D099495C7E9E9CC6DC83EEBCDDCC4B4C81FB47E4C9559DA3EBA024780FFF10C53E0A
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Betalinger i Chrome Webshop".. },.. "app_name": {.. "message": "Betalinger i Chrome Webshop".. },.. "craw_app_unavailable": {.. "message": "Appen er ikke tilg.ngelig i .jeblikket.".. },.. "craw_connect_to_network": {.. "message": "Opret forbindelse til et netv.rk.".. },.. "iap_unavailable": {.. "message": "Betaling i appen er ikke tilg.ngelig i .jeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log ind p. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\de\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	651
Entropy (8bit):	4.583694000020627
Encrypted:	false
SSDEEP:	12:1HEJQ1ZGGQ1Z+WYpU34pCEMT+dgJMlCTO8ZpU34p6FK603OyZnLAOfTYJ6K:1HEzWWYp3Bewv8Zp7k4OGAOfQj
MD5:	6B3E916E8C1991AA0453CBA00FEDCAAA
SHA1:	D6366D15912E40CA107FD42BFE9579C3336A51F9
SHA-256:	A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
SHA-512:	87EA4311B61F29543B13F3E17DFA919D0C320B4FE370CC152E0B1514BCA79B0ABB526DDCF08621D6EBFA48923EE8FB4C667EFB120A72BD9583EEBEE7BFB80552
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Store-Zahlungen".. },.. "app_name": {.. "message": "Chrome Web Store-Zahlungen".. },.. "craw_app_unavailable": {.. "message": "Die App ist momentan nicht verf.gbar.".. },.. "craw_connect_to_network": {.. "message": "Bitte stellen Sie eine Verbindung zu einem Netzwerk her.".. },.. "iap_unavailable": {.. "message": "In-App-Zahlungen sind momentan nicht m.glich.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Bitte melden Sie sich in Chrome an.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\el\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	787
Entropy (8bit):	4.973349962793468
Encrypted:	false
SSDEEP:	24:1HEw+aZ+6WYpbWZe80A08ZpCGyDVWlOGAOf+XD:WguYpCZnpEZbGoD
MD5:	05C437A322C1148B5F78B2F341339147
SHA1:	AB53003A678E44A170E73711FBD9949833BBF3AA
SHA-256:	A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
SHA-512:	C36CB9202A34356DD06D377E2A088F428D0B8EBE7D2E54F8380485E9D94A0598D7F651C1E7A2FD55BE481D49C02B0812F2BA335E08611EC85EE0BD60784A6B40
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "........ ... Chrome Web Store".. },.. "app_name": {.. "message": "........ ... Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": ". ........ .... .. ..... ... ..... ..........".. },.. "craw_connect_to_network": {.. "message": ".......... .. ... .......".. },.. "iap_unavailable": {.. "message": ".. ........ ..... ......... ... ..... ..... .. ...... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": ".......... ... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\en\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	593
Entropy (8bit):	4.483686991119526
Encrypted:	false
SSDEEP:	12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
MD5:	91F5BC87FD478A007EC68C4E8ADF11AC
SHA1:	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
SHA-256:	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
SHA-512:	FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\en_GB\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	593
Entropy (8bit):	4.483686991119526
Encrypted:	false
SSDEEP:	12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
MD5:	91F5BC87FD478A007EC68C4E8ADF11AC
SHA1:	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
SHA-256:	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
SHA-512:	FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\es\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	661
Entropy (8bit):	4.450938335136508
Encrypted:	false
SSDEEP:	12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34lPbdlVo03OyZnLAOfTY6xjD:1HEvaC6WYpcDeEFxq8ZpNl5OGAOffD
MD5:	82719BD3999AD66193A9B0BB525F97CD
SHA1:	41194D511F1ACC16C1CA828AC81C18C8C6B47287
SHA-256:	4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
SHA-512:	D4C49B43427799B6292CEED11CACB1D76F7CE43EBF402B43B638A6EB2B414ED0981E386CB8CDF0B51D1BD9552934FE25B2F6392266BB73D8C9A691F65BCE0128
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "Los pagos en la aplicaci.n no est.n disponibles en este momento.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicia sesi.n en Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\es_419\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	637
Entropy (8bit):	4.47253983486615
Encrypted:	false
SSDEEP:	12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34GLO03OyZnLAOfTYiJD:1HEvaC6WYpcDeEFxq8Zp4LlOGAOfvD
MD5:	6B2583D8D1C147E36A69A88009CBEBC7
SHA1:	4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937
SHA-256:	6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
SHA-512:	37F0DBFCC1B5A2B8E4C92C49D2D9DEEF25616421350324F57E0149A45A6CCB437F5E3CBE97412C4B5DBBF2593783C7DF71E9C25A851AEAE6E4764C545723FA53
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "En este momento, Pagos En-Apps no est. disponible.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accede a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\et\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	595
Entropy (8bit):	4.467205425399467
Encrypted:	false
SSDEEP:	12:1HEJfPGGGfPG+WYpU34Ze7z+dgrW9O8ZpU34ZwZz03OyZnLAOfTYgoLIR:1HEdvqlWYpTeObk8ZpT/OGAOfuLIR
MD5:	CFF6CB76EC724B17C1BC920726CB35A7
SHA1:	14ED068251D65A840F00C05409D705259D329FFC
SHA-256:	C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
SHA-512:	53D7D01BB30C0306DE65A79FD9551D2E8C1F71F4F45F71906B009071CB3E0F231E6A50FDD78773E9B4DE94085BC7B97F829842FA21A89A2080D33458B745C46F
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome'i veebipoe maksed".. },.. "app_name": {.. "message": "Chrome'i veebipoe maksed".. },.. "craw_app_unavailable": {.. "message": "Rakendus pole praegu saadaval.".. },.. "craw_connect_to_network": {.. "message": "Looge .hendus v.rguga.".. },.. "iap_unavailable": {.. "message": "Rakendusesisesed maksed ei ole praegu saadaval.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logige Chrome'i sisse.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\fi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	647
Entropy (8bit):	4.595421267152647
Encrypted:	false
SSDEEP:	12:1HEJRuzGGRuz+WYpU34ujSBu+dgYO8ZpU34J+Bu03OyZnLAOfTY5HN:1HEFcWYpPNa8ZpD+FOGAOfEHN
MD5:	3A01FEE829445C482D1721FF63153D16
SHA1:	F3EAAADDC03F943FC88B30B67F534AA13E3336DD
SHA-256:	0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
SHA-512:	3B92B6C86D30FD36AA3CEFF8773BA60C3FC5CC19C693540137044C5838A5503895C770C0336A4D0A3DB5E42F3FB36274D8D3F85B9DCA2F3EC0E974FDDB0BEAD8
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Storen maksut".. },.. "app_name": {.. "message": "Chrome Web Storen maksut".. },.. "craw_app_unavailable": {.. "message": "Sovellus ei ole t.ll. hetkell. k.ytett.viss..".. },.. "craw_connect_to_network": {.. "message": "Muodosta verkkoyhteys.".. },.. "iap_unavailable": {.. "message": "Sovelluksen sis.iset maksut eiv.t ole t.ll. hetkell. k.ytett.viss..".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Kirjaudu sis..n Chromeen.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\fil\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	658
Entropy (8bit):	4.5231229502550745
Encrypted:	false
SSDEEP:	12:1HEJADlbGGADlb+WYpU34hTUT+dgHfZAFFZO8ZpU34hTjzeT03OyZnLAOfTYHfvF:1HEYah6WYp7TUSoxOS8Zp7TOsOGAOfqV
MD5:	57AF5B654270A945BDA8053A83353A06
SHA1:	EEEF7A4F869F97CF471A05D345E74F982D15E167
SHA-256:	EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
SHA-512:	5F0AE839FCF3F4EA48FF41A76655AE0F3821564AFD5D42FBB9FBB9A38E8D8F7BB5E9B6F71064588CD441261F644095A44A755C134CE546D506D9A21E488BAF52
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "app_name": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Kasalukuyang hindi available ang app.".. },.. "craw_connect_to_network": {.. "message": "Mangyaring kumonekta sa isang network.".. },.. "iap_unavailable": {.. "message": "Kasalukuyang hindi available ang Mga Pagbabayad na In-App.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Mangyaring mag-sign in sa Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\fr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	677
Entropy (8bit):	4.552569602149629
Encrypted:	false
SSDEEP:	12:1HEJALf/nbGGALf/nb+WYpU34Owdgbyb+dgdQjO8ZpU34ITQpGnbyb03OyZnLAO8:1HE4Hna1Hn6WYpNdgpY8ZpSTQwnBOGAh
MD5:	8D11C90F44A6585B57B933AB38D1FFF8
SHA1:	3F9D44EA8807069A32AACA2AAAD02FD892E6CC90
SHA-256:	599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
SHA-512:	D7EF7F5AD7EF1A1595825D79B69E2B1E988AD3CF1F3881496FCCD30F241E4E9C6E457F9F5D0F855DE3536DB7A40C3E1C55946B50D3F556F4A35285066A0CD6F7
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "app_name": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "craw_app_unavailable": {.. "message": "Application indisponible pour le moment.".. },.. "craw_connect_to_network": {.. "message": "Veuillez vous connecter . un r.seau.".. },.. "iap_unavailable": {.. "message": "Les paiements via l'application ne sont pas disponibles pour le moment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Veuillez vous connecter . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\hi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	835
Entropy (8bit):	4.791154467711985
Encrypted:	false
SSDEEP:	24:1HEs07J0JWYp9vnCSVLP8Zp6CsOGAOf8SLm:Wh7qgYp1CMLUph1GiSLm
MD5:	E376D757C8FD66AC70A7D2D49760B94E
SHA1:	1525C5B1312D409604F097768503298EC440CC4D
SHA-256:	8106D98C4F8DA16DB698444409558E29CC96735E188BFA303C333A5D99231C1D
SHA-512:	673F3F259AF2946E4F49BBED14A2A70D44BF9FDA9D7A71DC9172BA9B7B3C7F7062B16D29682B638D485B0520ED6F99E7A735F28C7C719B539559005B69FA7555
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome ... ..... ......".. },.. "app_name": {.. "message": "Chrome ... ..... ......".. },.. "craw_app_unavailable": {.. "message": "......... .. ... ...... .... ...".. },.. "craw_connect_to_network": {.. "message": "..... ....... .. ...... .....".. },.. "iap_unavailable": {.. "message": "..-.. ...... ... ...... .... ...".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "..... Chrome ... .... .. .....".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\hr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	618
Entropy (8bit):	4.56999230891419
Encrypted:	false
SSDEEP:	12:1HEJGiimxmbZGGGiimxmbZ+WYpU34OBOEuhopIO+dgcapZO8ZpU34GiiZrMrQphK:1HE4H4TH8WYpNjTta28ZpQVLP0SOGAOK
MD5:	8185D0490C86363602A137F9A261CC50
SHA1:	5BD933B874441CEACB9201CCC941FF67BAED6DC0
SHA-256:	A2B2EC359A9DD9DCCCE02859CE1E738BD30FAA4A05F1DC522893FFDF722BBC15
SHA-512:	D7629978FC031EA5F716F9C1065FB2FEAB48C15F10CD68830DC966FA1002C03DDC7ACDE314C7D075F9F3A0A68552A6ACBCCDEE24CF20B6C3DD1BCE6562D0396E
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "app_name": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenuta.no nije dostupna.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se s mre.om.".. },.. "iap_unavailable": {.. "message": "Pla.anje u aplikaciji trenuta.no nije dostupno.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se na Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\hu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	683
Entropy (8bit):	4.675370843321512
Encrypted:	false
SSDEEP:	12:1HEJVJiGGVJi+WYpU34Hpo9O+dgMmfgijO8ZpU34Huo9O03OyZnLAOfTYBIAYm:1HEVrk5WYpQzTUg/8ZpwoXOGAOfYIAd
MD5:	85609CF8623582A8376C206556ED2131
SHA1:	1E16EB70DB5E59BB684866FF3E3925C2DEF25A12
SHA-256:	32A249749F12ADB6A220BF9ADC272C7E5D9AD5497A38B0086D961E3ABA17FBC6
SHA-512:	27883430865D3CFA6EDFE8C6CE1442BD96150B5CE520CCF7D556A330CAA6392C712B47BD86F7350E174876BC681F6DEC94D1312402655B0AF90883A2899EC78B
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "app_name": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "craw_app_unavailable": {.. "message": "Az alkalmaz.s jelenleg nem .rhet. el.".. },.. "craw_connect_to_network": {.. "message": "K.rj.k, csatlakozzon egy h.l.zathoz.".. },.. "iap_unavailable": {.. "message": "Az alkalmaz.son bel.li fizet.s jelenleg nem .rhet. el.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Jelentkezzen be a Chrome-ba.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\id\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	604
Entropy (8bit):	4.465685261172395
Encrypted:	false
SSDEEP:	12:1HEJs25bGGs25b+WYpU34ORBHAeSJ+dgkmO8ZpU34s22C/SzFAs03OyZnLAOfTYR:1HEBaA6WYpaHFH8ZptOYOGAOf2D
MD5:	EAB2B946D1232AB98137E760954003AA
SHA1:	60BDC2937905B311D2C9844DF2D639D7AC9F7F67
SHA-256:	C6E8800450602DE0F39FE9F6854472383813FB454B08ABAE7E25A9167CE004C3
SHA-512:	970FEC9A9EF0BAF7F693C4C5977F3B47914579C5B5414FCE9DBB5E4574659A5BB9AD2DE0CC886B368F49C019785AF7D2D7FE82F71341F039EADC399ED776CA12
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pembayaran Chrome Webstore".. },.. "app_name": {.. "message": "Pembayaran Chrome Webstore".. },.. "craw_app_unavailable": {.. "message": "Aplikasi tidak tersedia saat ini.".. },.. "craw_connect_to_network": {.. "message": "Sambungkan ke jaringan.".. },.. "iap_unavailable": {.. "message": "Pembayaran Dalam Aplikasi saat ini tidak tersedia.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Harap masuk ke Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\it\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	603
Entropy (8bit):	4.479418964635223
Encrypted:	false
SSDEEP:	12:1HEJsqd/bGGsqd/b+WYpU34OcX4+dgUvIO8ZpU34vq703OyZnLAOfTYsD:1HEXd/aKd/6WYpZrv58ZpskOGAOfzD
MD5:	A328EEF5E841E0C72D3CD7366899C5C8
SHA1:	2851ED658385804E87911643F5A4200B1FB26E13
SHA-256:	CD891C45F7586FB4A2514205A11F260E4A6D4482FA03D901909DD9F57BE0536D
SHA-512:	E47297896E981774EC3B59D41B89D6BA9333F6B4435EB9727D8645A46B10C7D408ADE06844871FA757382FBE7E645276449DB7B1B23BC59C9A71A5CB5A5ECC57
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pagamenti Chrome Web Store".. },.. "app_name": {.. "message": "Pagamenti Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App al momento non disponibile.".. },.. "craw_connect_to_network": {.. "message": "Collegati a una rete.".. },.. "iap_unavailable": {.. "message": "La funzione Pagamenti In-App non . al momento disponibile.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accedi a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\ja\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	697
Entropy (8bit):	5.20469020877498
Encrypted:	false
SSDEEP:	12:1HEJ07uGG07u+WYpU34DB+dgnsVztO8ZpU34MwiB03OyZnLAOfTYmSH:1HEcnDNWYp1kxU8Zp2wiqOGAOfpSH
MD5:	9B3A5D473C3F2BBFAEECE94A07A940B8
SHA1:	61BACA342CF766BBA15C7B4D892A0E7DAC9405AA
SHA-256:	706312A4A2AEF3317223F141EB2B82685345B7EED444F16BB4DF3A272716DA1F
SHA-512:	94F6FEE9A11BD890AB8211C98D1CC142348961EBCF756F66477A3E3A76519804B70BE0AE4E551739F8AFE32D7ADE6EDE04EF6B9B9EED03E3A857E6058EEDD4C6
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome ........".. },.. "app_name": {.. "message": "Chrome ........".. },.. "craw_app_unavailable": {.. "message": ".................".. },.. "craw_connect_to_network": {.. "message": "................".. },.. "iap_unavailable": {.. "message": ".......................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Chrome ............".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\ko\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	631
Entropy (8bit):	5.160315577642469
Encrypted:	false
SSDEEP:	12:1HEJ1GG1+WYpU34K3aT+dgh8d0HTO8ZpU34KaNkaT03OyZnLAOfTY/YeHx:1HEajWYpc3aSl0Hq8Zpc6kasOGAOfyYA
MD5:	9F6B4D82A70C74CA751E2EAE70FAB5CF
SHA1:	0534F125FFCE8222277CF2BE3401C59DAF9217F8
SHA-256:	D1467B8D037114403E8F4EFC52E88C4A7FEB96126BE4CFF883FEFF1084EF7E68
SHA-512:	ED9319830314385D09C06F62EE34186E8CA576C857981205E4468A28B3ACD2AB03384E77B866032C324ABDD97A56EFD08E2D6E0C79D563578B3EC52517819BD8
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome . ... ..".. },.. "app_name": {.. "message": "Chrome . ... ..".. },.. "craw_app_unavailable": {.. "message": ".. .. ... . .....".. },.. "craw_connect_to_network": {.. "message": "..... ......".. },.. "iap_unavailable": {.. "message": ".. .. ... ... . .....".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Chrome. .......".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\lt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	665
Entropy (8bit):	4.66839186029557
Encrypted:	false
SSDEEP:	12:1HEJpqHnkGGpqHnk+WYpU346M+dgV6O8ZpU34WzSWz03OyZnLAOfTYx:1HELqHtKqHPWYpM3A8ZpwGzOGAOfg
MD5:	4CA644F875606986A9898D04BDAE3EA5
SHA1:	722A10569E93975129D67FBDB75B537D9D622AD1
SHA-256:	7C311AB751D840D750C11553C083785813E079C1D464FE568A98C9E3EF3DB96C
SHA-512:	E575E3D0622F5BD4B6C0EE79128A1B1F1882195670139D1983F4377D847141B8FB8EBB8BCED82AF3A220ED07D3577AFBE085BADC0E9C7678292B80E3EC5D3444
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "app_name": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "craw_app_unavailable": {.. "message": "Programa .iuo metu negalima.".. },.. "craw_connect_to_network": {.. "message": "Prisijunkite prie tinklo.".. },.. "iap_unavailable": {.. "message": "Mok.jimai programoje .iuo metu negalimi.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prisijunkite prie .Chrome..".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\lv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	671
Entropy (8bit):	4.631774066483956
Encrypted:	false
SSDEEP:	12:1HEJFhVbGGFhVb+WYpU34wDoz+dgGedBO8ZpU34wF03OyZnLAOfTYGYID:1HENQKkWYp2Doy/em8Zp2WOGAOfRYID
MD5:	C5CE2C51391EAFD3DA9E4C71549A3C28
SHA1:	1F67FF6EF6E90C0CE3AAF56ED543A3EFD381574D
SHA-256:	1FA1DF2CA8516DEF490FB8484E9AA498ACFF80EEF5C9258FFE42D3678E6C7DED
SHA-512:	C85F6281E682F52BC2147DEA7E2F3BB4DC48D98BADA8687B05C6C7271C78EA7F5431CD51671A4184C9AE004FC53C016E3C594697F483195CCBA08A93821EEF70
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "app_name": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "craw_app_unavailable": {.. "message": "Lietotne pagaid.m nav pieejama.".. },.. "craw_connect_to_network": {.. "message": "L.dzu, izveidojiet savienojumu ar t.klu.".. },.. "iap_unavailable": {.. "message": "Maks.jumi lietotn.s pa.laik nav pieejami.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.dzu, pierakstieties p.rl.k. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\nb\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	624
Entropy (8bit):	4.555032032637389
Encrypted:	false
SSDEEP:	12:1HEJhiOGGhiO+WYpU34OHSN+dgFjdGFZO8ZpU34JgdN03OyZnLAOfTYiD:1HEDiHIitWYpCYJ8ZpD1OGAOfRD
MD5:	93C459A23BC6953FF744C35920CD2AF9
SHA1:	162F884972103A08ADB616A7EB3598431A2924C5
SHA-256:	2CD700AEB57D89C2E73333D0702556EE3FF3863516170F85669BC680FCBDC4E0
SHA-512:	F76E6E8D8499306883C3EC1E774F7E8BB6B601096DA5A14D17D3E7D5732829542041E42B7350466589291ADCC83FB065FD591B4E20CFCF8EDC586E128ECBFCB5
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Nettmarked-betalinger".. },.. "app_name": {.. "message": "Chrome Nettmarked-betalinger".. },.. "craw_app_unavailable": {.. "message": "Appen er utilgjengelig for .yeblikket.".. },.. "craw_connect_to_network": {.. "message": "Du m. koble til et nettverk.".. },.. "iap_unavailable": {.. "message": "Betaling i app er ikke tilgjengelig for .yeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Du m. logge p. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\nl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	615
Entropy (8bit):	4.4715318546237315
Encrypted:	false
SSDEEP:	12:1HEJJQGkbGGJQGkb+WYpU34OQKJT+dgiXUmvFZO8ZpU34g7JT03OyZnLAOfTYMD:1HErxkaqxk6WYptndXI8ZpTOGAOfbD
MD5:	7A8F9D0249C680F64DEC7650A432BD57
SHA1:	53477198AEE389F6580921B4876719B400A23CA1
SHA-256:	92BE7C2DC9CFBE5A65E9CE6488D364C8D7EC19E7B67A31E4D43C1CB2B169671C
SHA-512:	969AB979546A741C0F3EDBEEB21BABA375FA8870D4FB9248CDD4C305736E332E10CAB7B64C5C078E60EC0CD73848101B390BE8F44B89C310058AF4C1CA3C8AA7
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Betalingen via Chrome Web Store".. },.. "app_name": {.. "message": "Betalingen via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App momenteel niet beschikbaar.".. },.. "craw_connect_to_network": {.. "message": "Maak verbinding met een netwerk.".. },.. "iap_unavailable": {.. "message": "In-app-betalingen is momenteel niet beschikbaar.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log in bij Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\pl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	636
Entropy (8bit):	4.646901997539488
Encrypted:	false
SSDEEP:	12:1HEJbiVbGGbiVb+WYpU34OBHlBi9+dgQUg6O8ZpU34bdbfiIu03OyZnLAOfTYR5k:1HE5iVauiV6WYpIAYr8ZpxFiaOGAOfIC
MD5:	0E6194126AFCCD1E3098D276A7400175
SHA1:	E8127B905A640B1C46362FA6E1127BE172F4A40F
SHA-256:	E2699F98C511B18A2AFB82EAE9A4804B646C4FF1077D80E77C17A3943A6373C2
SHA-512:	A71F7C7BFBBF1E37E699601AF2E095C56CBA91F90CB7556477DF31D01B83ADFB1271E1775C9BA299FF6875BBFC2B6AB47488CC88E33DEF2F6F2E0E5AC687B777
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "app_name": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplikacja jest obecnie niedost.pna.".. },.. "craw_connect_to_network": {.. "message": "Po..cz si. z sieci..".. },.. "iap_unavailable": {.. "message": "P.atno.ci w ramach aplikacji s. teraz niedost.pne.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Zaloguj si. w Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\pt_BR\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	636
Entropy (8bit):	4.515158874306633
Encrypted:	false
SSDEEP:	12:1HEJsc/bGGsc/b+WYpU34OLw+dgn/KzO8ZpU34FjIBMwGRO03OyZnLAOfTYN+KcY:1HEb/a8/6WYp4mZ8Zp7cKlOGAOf2tD
MD5:	86A2B91FA18B867209024C522ED665D5
SHA1:	63DEC245637818C76655E01FCB6D59784BC7184E
SHA-256:	6374880FDD1F8AF1EE8AEA6A06B73BE0AB265AFCEB4FE6F08BDE3B3989264B21
SHA-512:	DA6DBDE5028756421C2904F605632EE98831A25A1247E6238A931629B94CE8A00FD76F4235F118D2167304BD60F2C06B2AD78E54FF6CE53F8C38DF8C7B5AFCE4
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pagamentos da Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos da Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplicativo indispon.vel no momento.".. },.. "craw_connect_to_network": {.. "message": "Conecte-se a uma rede.".. },.. "iap_unavailable": {.. "message": "No momento, os Pagamentos no aplicativo n.o est.o dispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Fa.a login no Google Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\pt_PT\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	622
Entropy (8bit):	4.526171498622949
Encrypted:	false
SSDEEP:	12:1HEJsZUkbGGsZUkb+WYpU34OAE+dgqxKzO8ZpU34rEpBfvPO03OyZnLAOfTYLD:1HEmUka5Uk6WYpFvdxZ8ZpSTnPlOGAOS
MD5:	750A4800EDB93FBE56495963F9FB3B94
SHA1:	8BFB915488A4EB3CB33D68E2E59F1F8447DB7D61
SHA-256:	C1C94F65FABAF17DEF98A8587711A56D61B1E5607500E9B01F2824DB109F9E83
SHA-512:	2AEDEF5793406221BE76AF22031CE8C30AB5FAEAED09BB394C153E2EBE990C89C1A2A73B40D8A92842641AFCA8C77FFD808A2058602D3646FD8DAE2844406F24
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pagamentos via Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplica..o atualmente indispon.vel.".. },.. "craw_connect_to_network": {.. "message": "Ligue-se a uma rede.".. },.. "iap_unavailable": {.. "message": "Os Pagamentos na app est.o atualmente indispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicie sess.o no Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\ro\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	641
Entropy (8bit):	4.61125938671415
Encrypted:	false
SSDEEP:	12:1HEJqJrJZGGqJrJZ+WYpU344HIx2Z+dgrVPlZO8ZpU34qT7hI3O03OyZnLAOfTYU:1HEC4D8WYpKow8WV68ZpKhoOGAOfoVGD
MD5:	98D43E4B1054A65DF3FA3CC40AB6FB6D
SHA1:	46E0A21C4DA2BB5D4D8F837AE211C1B6FA26E7E2
SHA-256:	113A13900CBA62FE8AED06751971C23A80A99B47F9BE219CF884D57DB19611D9
SHA-512:	A76DC53912A4F46714926B9EA2B22E909540E447F61F6DD72607AB7B3BB5D4A9B39E525B04C33AEC53BA813D14AC1FB5827275B2524E52B693E83171E1CD1466
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "app_name": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "craw_app_unavailable": {.. "message": ".n prezent, aplica.ia nu este disponibil..".. },.. "craw_connect_to_network": {.. "message": "Conecteaz.-te la o re.ea.".. },.. "iap_unavailable": {.. "message": "Pl..ile .n aplica.ie nu sunt disponibile momentan.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Conecteaz.-te la Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\ru\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	744
Entropy (8bit):	4.918620852166656
Encrypted:	false
SSDEEP:	12:1HEJ7OJHZMSl3ZGG7OJHZMSl3Z+WYpU34zWJ2F+dgVtLSv/TO8ZpU347NWjT03On:1HElOJHZMq4uOJHZMq8WYpdWJ/YGHq8m
MD5:	DB2EDF1465946C06BD95C71A1E13AE64
SHA1:	FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811
SHA-256:	FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
SHA-512:	4E0CF00BAEF1757548DEB17BBE1AF55770A0A0F7351779EF55C7DEFA6D112D0227B8865C2C22E0EC62E6E2F1C8E1632A2D0CE6828D25C5ABBF143C990116F632
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "......... ....... ........-........ Chrome".. },.. "app_name": {.. "message": "......... ....... ........-........ Chrome".. },.. "craw_app_unavailable": {.. "message": ".......... ...........".. },.. "craw_connect_to_network": {.. "message": "............ . .....".. },.. "iap_unavailable": {.. "message": "....... ..... .......... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "....... . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\sk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	647
Entropy (8bit):	4.640777810668463
Encrypted:	false
SSDEEP:	12:1HEJfZGGfZ+WYpU34ORO+dgmmCO8ZpU34yH7u2Z03OyZnLAOfTYCUAi0D:1HEl4G8WYpetPmD8ZpcH7aOGAOfzUeD
MD5:	8DF215D1EFBDABB175CCDD68ED8DCB0A
SHA1:	2B374462137A38589A73FDD00A84CBDC7E50F9F4
SHA-256:	7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
SHA-512:	C0E623343BDAEB4731800D183B59F2FCFE285F0C7153EC99641FD84F2F2DCFE47D21E73F3D28B1240340453C5668EB0AFFBE087AAB62F1C88CD2A40CC44E599D
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplik.cia moment.lne nie je dostupn..".. },.. "craw_connect_to_network": {.. "message": "Pripojte sa k sieti.".. },.. "iap_unavailable": {.. "message": "Platby v aplik.cii moment.lne nie s. k dispoz.cii.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prihl.ste sa do prehliada.a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\sl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	4.5101656584816885
Encrypted:	false
SSDEEP:	12:1HEJGcyvmbZGGGcyvmbZ+WYpU34OBOEtf+dgca1ZO8ZpU34GcQArERff03OyZnLh:1HE4cyY4TcyY8WYpNoWa1w8ZpQcQ6AfK
MD5:	3943FA2A647AECEDFD685408B27139EE
SHA1:	0129DD19D28373359530B3B477FE8A9279DABB7D
SHA-256:	18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
SHA-512:	42E62B3855611FF2E1D39C11404CB1A09825EE4CA6A8ACB3FF538B4574388F549E3BD79137DD4DC128A8DC44DD270D7D878E4AAD20DA8250A5C25297B0DEC09D
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "app_name": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenutno ni na voljo.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se z omre.jem.".. },.. "iap_unavailable": {.. "message": "Pla.ila v aplikacijah trenutno niso na voljo.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se v Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\sr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	743
Entropy (8bit):	4.913927107235852
Encrypted:	false
SSDEEP:	12:1HEJssbdOGGssbdO+WYpU347xBP+dgcucO8ZpU34s1muP03OyZnLAOfTYzDYD:1HEKsb59sbTWYplx4Xud8Zpy1mNOGAOv
MD5:	D485DF17F085B6A37125694F85646FD0
SHA1:	24D51D8642CDC6EFD5D8D7A4430232D8CDE25108
SHA-256:	7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
SHA-512:	0DDECFD860E99290B6C3AAA04F510272AE081CF2D93ED5832D9D6378EC9D36177FFBE213471247FB94721EA34A83E7665669200047091D0FDE134E3D763217E7
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "....... . Chrome ...-..........".. },.. "app_name": {.. "message": "....... . Chrome ...-..........".. },.. "craw_app_unavailable": {.. "message": ".......... .. ........ ...........".. },.. "craw_connect_to_network": {.. "message": "........ .. .......".. },.. "iap_unavailable": {.. "message": "....... . .......... .. ........ ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "......... .. . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\sv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	630
Entropy (8bit):	4.52964089437422
Encrypted:	false
SSDEEP:	12:1HEJJMkbGGJMkb+WYpU34OACwz+dgNPGFZO8ZpU34JgpXLSb03OyZnLAOfTYLdID:1HErMkaqMk6WYpTOcb8ZpDgdZOGAOf8Y
MD5:	D372B8204EB743E16F45C7CBD3CAAF37
SHA1:	C96C57219D292B01016B37DCF82E7C79AD0DD1E8
SHA-256:	B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
SHA-512:	33640529E0D5DCC5CA4BDB0615A2818E8D26C6FCB7B3474C08AC3EB67B9DB40E1F0A79954ED20728CD47A686D2533DCBC76ABCBDB917F8530C8DE8BBA687352E
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Betalning via Chrome Web Store".. },.. "app_name": {.. "message": "Betalning via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Appen .r inte tillg.nglig f.r tillf.llet.".. },.. "craw_connect_to_network": {.. "message": "Anslut till ett n.tverk.".. },.. "iap_unavailable": {.. "message": "Betalning i appen .r inte tillg.ngligt f.r n.rvarande.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logga in i Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\th\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	945
Entropy (8bit):	4.801079428724355
Encrypted:	false
SSDEEP:	24:1HEKa1dDa1/WYp6UFi72SmlG8ZpyactrW2SAOGAOfvSLD:WK2DNYp6U4y3bpyLxwGFW
MD5:	83E2D1E97791A4B2C5C69926EFB629C9
SHA1:	429600425CB0F196DDD717F940E94DBD8BFF2837
SHA-256:	2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
SHA-512:	60A5928DAA8CB4341487F477C56B5A98B83EDE50E5F4F55A802E01FDDAB86F3E795D391953D3D9214552D14D3F58C5A183693C613720FC12FC387D7B8F9B9AB6
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "............... Chrome .........".. },.. "app_name": {.. "message": "............... Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".............................".. },.. "craw_connect_to_network": {.. "message": ".........................".. },.. "iap_unavailable": {.. "message": "...............................................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "................. Chrome".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\tr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	631
Entropy (8bit):	4.710869622361971
Encrypted:	false
SSDEEP:	12:1HEJ9Y8GG9Y8+WYpU34wWT+dgGb0GO8ZpU34wryd7T03OyZnLAOfTYGbPKG:1HE0jWYpyRnG8Zpyr/OGAOfFPn
MD5:	2CEAE0567B6BB1D240BBAD690A98CA3B
SHA1:	5944346FBD4A0797B13223895995CAB58E9ECD23
SHA-256:	A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
SHA-512:	108A07C6D03D7178E8D0FFEF5349E0249A898D864964FED8757BD8A08BC1C6D9613F2A6C01AA34A6606127D1C6CE14C229FA02586677DBB060B85E3E845950E1
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "app_name": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "craw_app_unavailable": {.. "message": "Uygulama .u anda kullan.lam.yor.".. },.. "craw_connect_to_network": {.. "message": "L.tfen bir a.a ba.lan.n.".. },.. "iap_unavailable": {.. "message": "Uygulama ..i .demeler .u anda kullan.lamaz.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.tfen Chrome'da oturum a..n.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\uk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	720
Entropy (8bit):	4.977397623063544
Encrypted:	false
SSDEEP:	12:1HEJ7wILkSlXZGG7wILkSlXZ+WYpU34zb1Oy2P+dgSV1EjiTO8ZpU347qtfP2CTW:1HElwEkK4uwEkK8WYpd/dTV1e8Zptq5S
MD5:	AB0B56120E6B38C42CC3612BE948EF50
SHA1:	8B3F520E5713D9F116D68E71DAEED1F6E8D74629
SHA-256:	68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
SHA-512:	CD852A58217F739C1CD58567FF432D31A7AD3F68C884ABBA1DA95799BCD1545C6A5D3B06F319681C12B78AD0A709828DE4B22736316F148D21F5DB76A5BCCBEF
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "....... ...-........ Chrome".. },.. "app_name": {.. "message": "....... ...-........ Chrome".. },.. "craw_app_unavailable": {.. "message": "........ ......... ...........".. },.. "craw_connect_to_network": {.. "message": "............. .. .......".. },.. "iap_unavailable": {.. "message": "....... ..... ........ ..... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "........ . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\vi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	695
Entropy (8bit):	4.855375139026009
Encrypted:	false
SSDEEP:	12:1HEJMAZrSFZGGMAZrSFZ+WYpU34WFHoz+dgdklzoO8ZpU34NFHoz03OyZnLAOfTU:1HEI4B8WYpAKytFZ8ZpXKMOGAOfd6D
MD5:	7EBB677FEAD8557D3676505225A7249A
SHA1:	F161B4B6001AEAEAB246FF8987F4D992B48D47BE
SHA-256:	051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
SHA-512:	74FD267CF7E299FB8E7054605C3F651F057F676FF865082FA24F4916755456768DB0DA62DBC515D829B48AB1F9CFC8AD3E841DCBF1F194D5CB14C5335A192A0D
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "app_name": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "craw_app_unavailable": {.. "message": ".ng d.ng hi.n kh.ng kh. d.ng.".. },.. "craw_connect_to_network": {.. "message": "Vui l.ng k.t n.i v.i m.ng.".. },.. "iap_unavailable": {.. "message": "Thanh to.n trong .ng d.ng hi.n kh.ng kh. d.ng.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Vui l.ng ..ng nh.p v.o Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\zh_CN\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	595
Entropy (8bit):	5.210259193489374
Encrypted:	false
SSDEEP:	12:1HEJ01GG01+WYpU34zeHz+dgfO8ZpU34YKiO03OyZnLAOfTYB6U:1HEpIWYpISv8Zp+JOGAOfa6U
MD5:	BB73BF561BB79F89D9BF7C67C5AE5C65
SHA1:	2FADD3A1959B29C44830033A35C637D0311A8C9C
SHA-256:	D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
SHA-512:	627D44CEF1FE5C5ABD598BD47FF5E22B9EFC1CF98DDE3868FA9E5896C134A0C9C055AC34EDDADAE56B6690E51AEA89965D38F770552A85C732CC796795DC68D2
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome .........".. },.. "app_name": {.. "message": "Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".........".. },.. "craw_connect_to_network": {.. "message": ".......".. },.. "iap_unavailable": {.. "message": "............".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\_locales\zh_TW\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	634
Entropy (8bit):	5.386215984611281
Encrypted:	false
SSDEEP:	12:1HEJ2j62GG2j62+WYpU34m7T+dgc8nOO8ZpU34mvIO03OyZnLAOfTYAuH:1HEuSZCWYpsStwP8ZpROGAOfCH
MD5:	5FF50C673CC0C661D615F0CFD0E6DCA0
SHA1:	60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85
SHA-256:	C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
SHA-512:	361D62D91F4931C5F34092C9F2C6A5323D5EEB82A24E7ABE11F7817D8D66341C0ECAD4DCB4B10873920C8D6A3CC9F5704889E178EB2549001A9F62BEDF6C8019
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome ............".. },.. "app_name": {.. "message": "Chrome ............".. },.. "craw_app_unavailable": {.. "message": ".............".. },.. "craw_connect_to_network": {.. "message": "......".. },.. "iap_unavailable": {.. "message": "................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\images\icon_128.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4364
Entropy (8bit):	7.915848007375225
Encrypted:	false
SSDEEP:	96:YjlLDJjTvXUtNvX8dgb9HT6y8nviyHG5iCRYtIP:YtNTfUzvX8KM+MGRsIP
MD5:	4DBC9F9E6F5A08D299BAC9E54DF07694
SHA1:	BB38F5DE34B1E0BE1109220BA55271087A4D9EA5
SHA-256:	91C2718DD23B4356D71F88F6146868369033291086DF327534546DFA459BEB0E
SHA-512:	A5F2B1F47502836130D8083F757B7773C1E1CB36B76AD298CC29AB2B428C8002D2F15BD839838FC326DAC3681C2F48AB25A3E7631D33726C4B25E8EC14170912
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............>a.....IDATx..yp.....gF#.:,[H.l.l..8...`/.k....,!a7Km...E...Te..T.....J...p....%.(....+...3....eY.e...L.o...5....h4...\....{?....~.u.`0.....`0.....`0.....`.Y......[(.......).4....ai..w38.+....Bf././..]...{......8...3.....3W~OJ.. /...u6V.C..U.0.+._=.c..9.X.?....L....S@.L...m.0..>.C...L\|TF.p5..f4M.,.V....8..a.<...RP..@)E,..E"...h.....!...-....,I..T..........m..._[[{w{{....{.^......M.x..h4.h.....\.R.E....j).7.....h4.A.E....,. ...iii.Vj?2...=/.B.FK9P..@)=Rj..D".Y...2.B..x.}0...&J...2.......f.O..e.H.....!.J)'I..R....B............QJ;K..L...L.l".L~mhh.R.@).FFF~.L&...~.B.......u.........}.....~.....f..yUU...........^M...6......].,w.e..~.!$.C.R.....E(%e9.,....k..@...W8.........@...........O..@%.~..@.S..P.....`Tp...."...?ME..c......s...`..S1...7.b..aNE..k...3.yP.}.Ch.}......B..........IPE..C.<....T....k......Z..o_......g........P..A=y.J.)h..@.q.-.].AU.4...F.M.....y%B]+ .\.~..9......:..=...r.....E].o...F..P........i...\|....

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\images\icon_16.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	558
Entropy (8bit):	7.505638146035601
Encrypted:	false
SSDEEP:	12:6v/7vyVgSKYsfFzXxXsrPfA+b0YX+5IOUWCQKznuow7:6yVnKYsfFzhXsrIq0YXmgQGn6
MD5:	FB9C46EA81AD3E456D90D58697C12C06
SHA1:	5FC450F7D73CCFAC8F0D818CB3392BA4D91B69DE
SHA-256:	016CA659BA080E194FBFC0929602B16506ED60AA6019FAA51410C4FD93B583E8
SHA-512:	ADD810EE9EB7CAEC505B5FD90A1F184CE39D8F8C689DCC240F188FE353B9575489492E07D572A3B1C11A1555CE66AFCA5134903E4C1AA3D54BC7C5ED3E65B50C
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................a....IDAT8...Mk.Q...;... .....F..QW.....F....J.?.w..7~......'.Q..B]... .QS...M&_w..b&.\|`......p...f.?.D$.y^..........y...\..Z..t6..oRj.@&.u..G.qN).t.-V.>(.N.Ep]wFk.60o.]0.`Y..cT..Y.Tb.`DF.d..s.Z..E..9.4._C.._...%..*.^....4.l...Y..X..R..../...Wj+w0[.].._B.k.${.\.>.%...........lz .w.ALxo.2;..a...".p..S..&..uXS...<..6..[..zD.._.N+w.WbM7ye6X<...'(,=.r}........$f..5..P....k..."..8.s.<zgSm@.....).Y.....:e..\|.....F...I..A$.....T?.....m....8.........N...z.....V..vd.h'....C.?.....H.;]..C.M.....9.b......IEND.B`.

C:\Users\user\AppData\Local\Temp\scoped_dir6508_182783407\CRX_INSTALL\manifest.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	5.449026004350873
Encrypted:	false
SSDEEP:	24:1HEis7ViC/yox/fiqeUoLFlmF1s80FKrGfd0d3NZNZx1Fq7eY7nfj1B:WL7V2opiV1mvs8rxTZRczhB
MD5:	01334FB9D092AF2AA46C4185E405C627
SHA1:	47AD3C0E82362FFE5B881DF8D71D6F79AB7F5796
SHA-256:	F52714812D68C577A445169D11E84DF6751C2D6886BC429643072BB5D61C6C27
SHA-512:	888D96ADB7A847ABE472145258C8C46950EB2FA3BA7D596C2E90A17C8FB06FD0155C56CC8ABA5D076D89368417464BCB2D236F9E40E53241950A01F9F8ED548F
Malicious:	false
Reputation:	low
Preview:	{.. "app": {.. "background": {.. "scripts": [ "craw_background.js" ].. }.. },.. "default_locale": "en",.. "description": "__MSG_APP_DESCRIPTION__",.. "display_in_launcher": false,.. "display_in_new_tab_page": false,.. "icons": {.. "128": "images/icon_128.png",.. "16": "images/icon_16.png".. },.. "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB",.. "manifest_version": 2,.. "minimum_chrome_version": "29",.. "name": "__MSG_APP_NAME__",.. "oauth2": {.. "auto_approve": true,.. "client_id": "203784468217.apps.googleusercontent.com",.. "scopes": [ "https://www.googleapis.com/auth/sierra", "https://www.googleapis.com/auth/sierrasandbox", "https://www.googleapis.com/auth/chromewebstore", "https://www.googleapis.com/auth/chromewebstore.readonly" ].. },.

Static File Info

No static file info

Network Behavior

No network behavior found

Code Manipulations

Statistics

CPU Usage

• chrome.exe
• chrome.exe
• chrome.exe

Click to jump to process

Memory Usage

• chrome.exe
• chrome.exe
• chrome.exe

Click to jump to process

High Level Behavior Distribution

• File
• Registry

Click to dive into process behavior distribution

Behavior

• chrome.exe
• chrome.exe
• chrome.exe

Click to jump to process

System Behavior

Analysis Process: chrome.exe PID: 6508 Parent PID: 4684

Function Logs

General

Start time:	19:54:57
Start date:	18/08/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://my.visme.co/view/y4mrjzjj-rolling-components-ltd'
Imagebase:	0x7ff609c80000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

File Activities

File Opened

Show Windows behavior

Section Activities

Sections loaded by Windows

Sections loaded by Program

Show Windows behavior

Registry Activities

Key Opened

Key Value Modified

Show Windows behavior

COM Activities

WMI Operations

Show Windows behavior

Mutex Activities

Mutex Created

Show Windows behavior

Process Activities

Process Created

Process Terminated

Show Windows behavior

Thread Activities

Thread Created

Thread Information Set

Show Windows behavior

Memory Activities

Memory Written

Memory Usage Statistics

Show Windows behavior

System Activities

Language or Locale ID Queried

System Information Queried

Show Windows behavior

Timing Activities

Show Windows behavior

Windows UI Activities

Window UI Enumerated

Show Windows behavior

Object Security Activities

Show Windows behavior

LPC Port Activities

Chronological Activities

Analysis Process: chrome.exe PID: 6740 Parent PID: 6508

Function Logs

General

Start time:	19:54:58
Start date:	18/08/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,1888589540985915792,11004349824563291009,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1760 /prefetch:8
Imagebase:	0x7ff609c80000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

File Activities

File Opened

Show Windows behavior

Section Activities

Sections loaded by Windows

Thread Activities

Thread Created

Thread Information Set

Show Windows behavior

Memory Activities

Memory Usage Statistics

Show Windows behavior

System Activities

System Information Queried

Show Windows behavior

Windows UI Activities

Show Windows behavior

Object Security Activities

Show Windows behavior

LPC Port Activities

Chronological Activities

Analysis Process: chrome.exe PID: 7244 Parent PID: 6508

Function Logs

General

Start time:	19:55:11
Start date:	18/08/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1544,1888589540985915792,11004349824563291009,131072 --lang=en-GB --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=6932 /prefetch:8
Imagebase:	0x7ff609c80000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

File Activities

File Opened

Other File Operations

Show Windows behavior

Section Activities

Sections loaded by Windows

Sections loaded by Program

Show Windows behavior

Registry Activities

Show Windows behavior

Mutex Activities

Show Windows behavior

Process Activities

Show Windows behavior

Thread Activities

Thread Information Set

Show Windows behavior

Memory Activities

Memory Usage Statistics

Show Windows behavior

System Activities

System Information Queried

Show Windows behavior

Windows UI Activities

Show Windows behavior

LPC Port Activities

Chronological Activities

Disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Windows Analysis Report https://my.visme.co/view/y4mrjzjj-rolling-components-ltd

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Sigma Overview

Jbx Signature Overview

AV Detection:

Phishing:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Code Manipulations

Statistics

CPU Usage

Memory Usage

High Level Behavior Distribution

back

Behavior

System Behavior

Analysis Process: chrome.exe PID: 6508 Parent PID: 4684

General

File Activities

File Opened

File Created

File Deleted

File Moved

File Written

Other File Operations

Volume Information Queried

Section Activities

Sections loaded by Windows

Sections loaded by Program

Registry Activities

Key Opened

Key Created

Key Deleted

Key Value Created

Key Value Modified

Key Value Deleted