Windows Analysis Report http://bit.ly/sex4ass

Overview

General Information

Sample URL:	http://bit.ly/sex4ass
Analysis ID:	652
Most interesting Screenshot:

Detection

Porn Scam

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected Porn Scam

Queries disk information (often used to detect virtual machines)

HTML body contains low number of good links

Tries to load missing DLLs

No HTML title found

Classification

Signatures

Phishing:

HTML body contains low number of good links

Source: https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	HTTP Parser: Number of links: 0
Source: https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	HTTP Parser: Number of links: 0

No HTML title found

Source: https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	HTTP Parser: HTML title missing
Source: https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	HTTP Parser: HTML title missing

Source: https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	HTTP Parser: No <meta name="author".. found
Source: https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	HTTP Parser: No <meta name="author".. found

Source: https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	HTTP Parser: No <meta name="copyright".. found
Source: https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 143.204.98.12:443 -> 192.168.2.3:49547 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 143.204.98.12:443 -> 192.168.2.3:49546 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 24MB

Source: unknown

DNS traffic detected: queries for: accounts.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 54150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63929
Source: unknown	Network traffic detected: HTTP traffic on port 63793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61227
Source: unknown	Network traffic detected: HTTP traffic on port 60328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54309
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 51462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65343 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50189
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54150
Source: unknown	Network traffic detected: HTTP traffic on port 55927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64506
Source: unknown	Network traffic detected: HTTP traffic on port 60587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 59010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61871
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64467
Source: unknown	Network traffic detected: HTTP traffic on port 54309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49686
Source: unknown	Network traffic detected: HTTP traffic on port 56230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55927
Source: unknown	Network traffic detected: HTTP traffic on port 53163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52414
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53073
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56585
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63941
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 57436 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51055
Source: unknown	Network traffic detected: HTTP traffic on port 59724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50641
Source: unknown	Network traffic detected: HTTP traffic on port 58815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57436
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63954
Source: unknown	Network traffic detected: HTTP traffic on port 65112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65485 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56230
Source: unknown	Network traffic detected: HTTP traffic on port 64248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64122
Source: unknown	Network traffic detected: HTTP traffic on port 61530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60328
Source: unknown	Network traffic detected: HTTP traffic on port 50795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49549
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49548
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49547
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49545
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 63075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65472
Source: unknown	Network traffic detected: HTTP traffic on port 56954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51462
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56513
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58383
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63609
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58022
Source: unknown	Network traffic detected: HTTP traffic on port 52073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65343
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63960
Source: unknown	Network traffic detected: HTTP traffic on port 49252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65485
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49252
Source: unknown	Network traffic detected: HTTP traffic on port 51195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53776
Source: unknown	Network traffic detected: HTTP traffic on port 56585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60587
Source: unknown	Network traffic detected: HTTP traffic on port 65078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60582
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65112
Source: unknown	Network traffic detected: HTTP traffic on port 63954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52414 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63075
Source: unknown	Network traffic detected: HTTP traffic on port 58383 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55202
Source: unknown	Network traffic detected: HTTP traffic on port 64467 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60631
Source: unknown	Network traffic detected: HTTP traffic on port 57214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59010
Source: unknown	Network traffic detected: HTTP traffic on port 60582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61681
Source: unknown	Network traffic detected: HTTP traffic on port 54640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54640
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56148
Source: unknown	Network traffic detected: HTTP traffic on port 63941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60631 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52073
Source: unknown	Network traffic detected: HTTP traffic on port 64026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49627
Source: unknown	Network traffic detected: HTTP traffic on port 61681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65252 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245
Source: unknown	TCP traffic detected without corresponding DNS query: 2.21.142.245

Source: global traffic	HTTP traffic detected: GET /sex4ass HTTP/1.1Host: bit.lyConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sex4ass HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8Accept-Language: en-US,en;q=0.5Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363Accept-Encoding: gzip, deflateHost: bit.lyConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /sex4ass HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8Accept-Language: en-US,en;q=0.5Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363Accept-Encoding: gzip, deflateHost: bit.lyConnection: Keep-AliveCookie: _bit=l9f1ro-b21edf69b1af5009c0-00A

Source: unknown	HTTPS traffic detected: 143.204.98.12:443 -> 192.168.2.3:49547 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 143.204.98.12:443 -> 192.168.2.3:49546 version: TLS 1.2

Spam, unwanted Advertisements and Ransom Demands:

Yara detected Porn Scam

Source: Yara match

File source: 85279.3.pages.csv, type: HTML

System Summary:

Tries to load missing DLLs

Source: C:\Windows\System32\MicrosoftEdgeCP.exe	Section loaded: icuuc.dll
Source: C:\Windows\System32\MicrosoftEdgeCP.exe	Section loaded: icuin.dll
Source: C:\Windows\System32\MicrosoftEdgeCP.exe	Section loaded: icuuc.dll
Source: C:\Windows\System32\MicrosoftEdgeCP.exe	Section loaded: icuin.dll
Source: C:\Windows\System32\MicrosoftEdgeCP.exe	Section loaded: icuuc.dll
Source: C:\Windows\System32\MicrosoftEdgeCP.exe	Section loaded: icuin.dll
Source: C:\Windows\System32\MicrosoftEdgeCP.exe	Section loaded: icuuc.dll
Source: C:\Windows\System32\MicrosoftEdgeCP.exe	Section loaded: icuin.dll

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Temp\fb1b5425-b6ab-408f-b05c-8f33d065e767.tmp

Source: C:\Windows\System32\MicrosoftEdgeCP.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: classification engine

Classification label: mal48.phis.win@56/153@42/237

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation --single-argument http://bit.ly/sex4ass
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1696,3818573255597981772,7157584305214687754,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:8
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1696,3818573255597981772,7157584305214687754,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: unknown	Process created: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 'C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe' -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1632,15554398161899842066,18166183983483826829,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 /prefetch:8
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeSH.exe C:\Windows\system32\MicrosoftEdgeSH.exe SCODEF:2044 CREDAT:9730 APH:1000000000000003 JITHOST /prefetch:2
Source: unknown	Process created: C:\Windows\System32\MicrosoftEdgeCP.exe 'C:\Windows\System32\MicrosoftEdgeCP.exe' -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1632,15554398161899842066,18166183983483826829,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Windows\System32\MicrosoftEdgeCP.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InProcServer32

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61695757-1290.pma

Source: Window Recorder

Window detected: More than 3 window changes detected

Malware Analysis System Evasion:

Queries disk information (often used to detect virtual machines)

Source: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

File opened: PhysicalDrive22

Source: C:\Windows\System32\MicrosoftEdgeCP.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.206	unknown	United States	15169	GOOGLEUS	false
204.79.197.200	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.18.216.65	cdn.izooto.com	United States	13335	CLOUDFLARENETUS	false
13.107.21.200	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
139.45.195.8	my.rtmark.net	Netherlands	9002	RETN-ASEU	false
142.250.203.110	www-google-analytics.l.google.com	United States	15169	GOOGLEUS	false
172.217.168.46	plus.l.google.com	United States	15169	GOOGLEUS	false
172.217.168.8	www-googletagmanager.l.google.com	United States	15169	GOOGLEUS	false
172.217.168.3	www.google.de	United States	15169	GOOGLEUS	false
172.217.133.102	unknown	United States	15169	GOOGLEUS	false
18.213.255.217	ads.traffichunt.com	United States	14618	AMAZON-AESUS	false
67.199.248.10	bit.ly	United States	396982	GOOGLE-PRIVATE-CLOUDUS	false
142.250.203.99	unknown	United States	15169	GOOGLEUS	false
142.250.186.33	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
67.199.248.11	unknown	United States	396982	GOOGLE-PRIVATE-CLOUDUS	false
64.188.52.46	go.moartraffic.com	United States	30602	ISPRIMEUS	false
142.250.203.109	accounts.google.com	United States	15169	GOOGLEUS	false
104.21.91.45	cl0udh0st1ng.com	United States	13335	CLOUDFLARENETUS	false
108.177.119.154	stats.l.doubleclick.net	United States	15169	GOOGLEUS	false
136.243.81.150	tsyndicate.com	Germany	24940	HETZNER-ASDE	false
54.228.153.41	j1.jump4geo.com	United States	16509	AMAZON-02US	false
216.58.215.227	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false
142.250.203.100	www.google.com	United States	15169	GOOGLEUS	false
95.211.229.246	tk6if76q.ab1n.net	Netherlands	60781	LEASEWEB-NL-AMS-01NetherlandsNL	false
95.211.229.245	unknown	Netherlands	60781	LEASEWEB-NL-AMS-01NetherlandsNL	false
68.169.87.223	secure.authbill.com	United States	30602	ISPRIMEUS	false
142.250.185.110	clients.l.google.com	United States	15169	GOOGLEUS	false
13.35.253.64	utl-1.com	United States	16509	AMAZON-02US	false
95.211.229.247	unknown	Netherlands	60781	LEASEWEB-NL-AMS-01NetherlandsNL	false
142.250.185.238	unknown	United States	15169	GOOGLEUS	false
151.101.1.44	dualstack.tls13.taboola.map.fastly.net	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.174	unknown	United States	15169	GOOGLEUS	false
92.123.224.163	unknown	European Union	20940	AKAMAI-ASN1EU	false
52.222.214.85	tours.hushlove.com	United States	16509	AMAZON-02US	false
104.89.38.104	unknown	United States	16625	AKAMAI-ASUS	false
172.217.168.74	unknown	United States	15169	GOOGLEUS	false
169.254.68.153	unknown	Reserved	6966	USDOSUS	false
172.217.168.10	unknown	United States	15169	GOOGLEUS	false
66.254.114.89	ctrack.trafficjunky.net	United States	29789	REFLECTEDUS	false
204.79.197.203	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false

Private

IP
192.168.2.1
192.168.2.3
127.0.0.1

Contacted Domains

Name	IP	Active
gstaticadssl.l.google.com	216.58.215.227	true
www.google.de	172.217.168.3	true
ads.traffichunt.com	18.213.255.217	true
go.moartraffic.com	64.188.52.46	true
accounts.google.com	142.250.203.109	true
plus.l.google.com	172.217.168.46	true
tours.hushlove.com	52.222.214.85	true
www-google-analytics.l.google.com	142.250.203.110	true
stats.l.doubleclick.net	108.177.119.154	true
www-googletagmanager.l.google.com	172.217.168.8	true
utl-1.com	13.35.253.64	true
j1.jump4geo.com	54.228.153.41	true
secure.authbill.com	68.169.87.223	true
cl0udh0st1ng.com	104.21.91.45	true
ctrack.trafficjunky.net	66.254.114.89	true
my.rtmark.net	139.45.195.8	true
dualstack.tls13.taboola.map.fastly.net	151.101.1.44	true
bit.ly	67.199.248.10	true
cdn.izooto.com	104.18.216.65	true
www.google.com	142.250.203.100	true
tsyndicate.com	136.243.81.150	true
clients.l.google.com	142.250.185.110	true
googlehosted.l.googleusercontent.com	142.250.186.33	true
tk6if76q.ab1n.net	95.211.229.246	true
main.realsrv.com	unknown	unknown
main.exoclick.com	unknown	unknown
stats.g.doubleclick.net	unknown	unknown
clients2.googleusercontent.com	unknown	unknown
clients2.google.com	unknown	unknown
main.exosrv.com	unknown	unknown
www.msn.com	unknown	unknown
morjd.hornylovers.net	unknown	unknown
trc.taboola.com	unknown	unknown
www.sexglrls.com	unknown	unknown
main.exdynsrv.com	unknown	unknown
apis.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://morjd.hornylovers.net/c/da57dc555e50572d?s1=59435&s2=1303537&s3=phone&s5=test&j1=1&j3=1	true	unknown
http://bit.ly/sex4ass	false	high
https://tours.hushlove.com/902/?t=34460&aid=115443&sid=59435_1303537&xk=b04120f2a34cd5731806c91c826f1d69&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D34460%26aid%3D115443%26sid%3D59435_1303537%26clickid%3Dlhtad6168d92e0004be23%26hts_id%3D4d75f029-c0c9-42ec-a8e5-269e774b290d&clickid=lhtad6168d92e0004be23&i18n_country=CH&hts_id=4d75f029-c0c9-42ec-a8e5-269e774b290d	true	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\4302caa3-f608-475d-ae49-def657509a23.tmp	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\586ccdaa-e502-4bfb-93aa-a809adae73f7.tmp	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\879208c0-4e04-4e6c-8a2b-c1c387afac4b.tmp	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\2c33e830-210e-4715-9035-e7901d5d56b9.tmp	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\60b88a74-488b-434b-82a4-9d338436a1e2.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\67debd75-1ed6-4022-a03a-448c0cbfe517.tmp	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\831f96c4-1fdc-4b70-a56b-a6823841e44f.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\97b0c7f3-2be6-4496-83cf-0c83f073b4e9.tmp	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3035005	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_tours.hushlove.com_0.indexeddb.leveldb\MANIFEST-000001	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesui (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000001.dbtmp	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENTda (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001	PGP\011Secret Key -	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_0	data	BE8507DDF68295C150F9EC1248A85B72	60D1C4727D78A73DA4F2AFF3ACC79376FBBC6EE0	A1FC723FF37F978C78C8000DD34C925C254BE0AA1DBBDFA3D59C6392DA2F8C3F
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_1	data	38211941F7857252B4CD3AEF1C290F9A	FF9AEAD0D99A4D1C706CBA254918E677EB4735A5	2F4839D97033875C812AEE6E7D5A7A6756214090FD46D47CA704DA229961AB2F
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0	data	47CB9668C625C1FCA5F52DEE3D18E671	D7DD44EA6924A4A968F4646CEDB5D2CB0EDAC80D	C12DCE4883FF8544251D7041672AB0A3E39A503088AAAD74077CC2C7DDC1E961
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index	ISO-8859 text, with no line terminators, with escape sequences	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index. (copy)	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.oldMP (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13278767194828280	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old. (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Visited Links	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\bb0c6fca-5814-4ce2-b92c-a039b46482c5.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\c2353ad5-50c1-4bec-875b-d1db57a5cfe5.tmp	very short file (no magic)	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\d7355efc-5756-4133-b800-ecec7c2a7275.tmp	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000008.dbtmp	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT0. (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\edf02adb-016b-4c4c-913b-ecb726dd6450.tmp	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old\ (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.olde (copy)	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Module Info Cache\e (copy)	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\b6cf806b-afb4-497c-a3f2-d5fd1ef1a2be.tmp	ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt	ASCII text, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\AF6LZD6S\ntp[1].htm	HTML document, ASCII text, with very long lines, with CRLF line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\M6WYB0VY\dhp[1].htm	HTML document, ASCII text, with very long lines, with CRLF line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\TJPQH8IO\dhp[1].htm	HTML document, ASCII text, with very long lines, with CRLF line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log	data	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\2c745d2a-5683-4e54-a123-6c19701eabb2.tmp	Google Chrome extension, version 3	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\9d849794-321f-4cba-bb52-2c47400296f3.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\c3504d8f-b930-45b6-a81f-3b6db4ef07fb.tmp	Google Chrome extension, version 3	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\am\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\ar\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\bg\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\bn\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\ca\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\cs\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\da\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\el\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\en\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\es\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\et\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\fa\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\fi\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\fil\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\fr\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\gu\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\hi\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\hr\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\hu\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\id\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\it\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\iw\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\ja\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\kn\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\ko\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\lv\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	B8A408330486BAE0D68E8A66F886A8D6	51B432552C9E02591F71314223D6F74F0498C654	2D03F4A7430DDD21C57303384A8505B65A286BB44B005962936B43B2DF02C995
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\ml\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	90AC1F4A0CAF6501557FD05ABEF2B857	A58EC204F6B7FA199CB5E38633CB6D14268065C2	96A279AFFD542B743630EEF5346546A3AAB6A1B291AF6D635B7545EDCA8D25C7
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\mr\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	486554259C1C720BCACB7C26B506004E	81BDC7E9E3A9AFFBFCCA5975B64A50615E0B1649	116EC492CD4D476D413C65DB51859F7DA9F769EBE473DBCA4D94D103E833DB9A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\ms\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	E0C1022E6E1F067C78E450F6D4DA7A8F	F81C49535A785D7632F0B367CC0C9F9F38B6E160	2356C2BA045D8B03AFEFD4A88184B8A105B7582A3925A650D949C99234DB08CF
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\nb\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	BE6ED6423922FF31CE36E252A7BD2F34	D53EF8B86FA638FFD9D0AB16DA586853075E8C2B	564476EF8631ED4694EDE12D8552A5A3D8D660C9085BD4EC4FC45514D3805B2C
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\_locales\nl\messages.json	HTML document, ASCII text, with very long lines, with no line terminators	F86D30AA200350640B250B688AA7673E	CAC8CD449FE36B008B79D05D9B8409C7C888E39B	BDCA2F110201E3E071225113E2AF11ABFD85D536C2BF2F65C7AE35E0620B8743
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_1110340591\CRX_INSTALL\manifest.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\ca\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\cs\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\da\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\de\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\el\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\en\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\es\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\es_419\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\et\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\fi\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\fr\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\hi\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\hr\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\hu\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\id\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\it\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\ja\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\ko\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\lt\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\lv\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\nb\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\pl\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\pt_BR\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\pt_PT\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\ro\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\ru\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\sk\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\sl\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\sr\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\sv\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\th\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\tr\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\uk\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\vi\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\zh_CN\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\_locales\zh_TW\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\craw_background.js	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\craw_window.js	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\html\craw_window.html	HTML document, ASCII text	34A839BC40DEBC746BBD181D9EF9310C	8B4EAA74D31EED5B0BABA3CA5460201F6B10DA46	BB8742615E4CD996AE5D0200E443AE6A6F0B473255F03AFFDB8FB4660DE4554D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\images\flapper.gif	GIF image data, version 89a, 30 x 30	398ABB308EEBC355DA70BCE907B22E29	CFFB77B8A1724B8F81D98C6D6AD0071D10162252	2B73533F47A99FFEA9CC405FFAFA9C4C53623F62487AEBFBA415945120B22040
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	30899B6C4E4A757B8EC6DD2208ACDFB4	F2C5880A724C6D75CCE1B5191E0D82C3BC7DE768	4F17EFBD974A41D88CB36567AAB6BF4586579E78780F00B1826676819E14BFF4
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	344554D96E418120BD80EF5DE5194697	23E141C3A6CE368ACC1C299F062AB85914BCB17E	0A4BD08DB6422F8E7A8A218EF39C1B99A5A675F12697F26BE88F9AFC2E1F9378
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\images\topbar_floating_button.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	8803665A6328D23CC1014A7B0E9BE295	9DA6EE729D5A6E9F30658B8EC954710F107A641F	D5F9234DC36E7FFA85F35B2359A4F82276F8395EFA76E4553507EA990B27FC6C
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\images\topbar_floating_button_close.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	0599DFD9107C7647F27E69331B0A7D75	3198C0A5F34DB67F91A0035DBC297354CBC95525	131817CD9311C03DF22D769DD2AD7FA2E6E9558863A89F7E5E1657424031A937
C:\Users\alfredo\AppData\Local\Temp\scoped_dir2960_454731005\CRX_INSTALL\images\topbar_floating_button_hover.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	7CB6B9DC1A30F63B8BD976924B75AD96	0C40B0C496D2F2B5F2021C117EC8610AC03AB469	721B7AAA9A42A54A349881615A12E3A26983ACA48E173FD2F66E66AA0D725735
C:\Users\alfredo\AppData\Local\Temp\scoped_dir4752_969120128\CRX_INSTALL\_locales\bg\messages.json	ASCII text, with very long lines	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Local\Temp\scoped_dir4752_969120128\CRX_INSTALL\manifest.json	ASCII text	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic	Little-endian UTF-16 Unicode text, with no line terminators	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855

ID:	652
Product:	CloudBasic
Start time:	03:25:57
Start date:	15.10.2021
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:
Architecture:	WINDOWS

Windows Analysis Report http://bit.ly/sex4ass

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing:

Compliance:

Software Vulnerabilities:

Networking:

Spam, unwanted Advertisements and Ransom Demands:

System Summary:

Malware Analysis System Evasion:

Language, Device and Operating System Detection:

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs