Edit tour

Windows Analysis Report
https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9

Overview

General Information

Sample URL:	https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9
Analysis ID:	1524031

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

HTML body contains low number of good links

HTML body with high number of embedded images detected

HTML title does not match URL

Stores files to the Windows start menu directory

Submit button contains javascript call

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6920 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 1796 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1936,i,11227222330566312514,11259038330298004841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 2360 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4740 --field-trial-handle=1936,i,11227222330566312514,11259038330298004841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 5188 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9

HTTP Parser: Number of links: 0

Source: https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8

HTTP Parser: Total embedded image size: 31622

Source: https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9

HTTP Parser: Title: Sharing Link Validation does not match URL

Source: https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9	HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))
Source: https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9	HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))

Source: https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon
Source: https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8	HTTP Parser: No favicon

Source: https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9	HTTP Parser: No <meta name="author".. found
Source: https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9	HTTP Parser: No <meta name="author".. found

Source: https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9	HTTP Parser: No <meta name="copyright".. found
Source: https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.17:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.108.10.254:443 -> 192.168.2.17:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.17:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.42.254:443 -> 192.168.2.17:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.150.241.254:443 -> 192.168.2.17:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.19.161:443 -> 192.168.2.17:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:49855 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.71:443 -> 192.168.2.17:49920 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 26MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200

Source: global traffic	DNS traffic detected: DNS query: dlapiper-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: dns-tunnel-check.googlezip.net
Source: global traffic	DNS traffic detected: DNS query: tunnel.googlezip.net
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: www.youtube.com
Source: global traffic	DNS traffic detected: DNS query: i.ytimg.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: static.doubleclick.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.17:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.108.10.254:443 -> 192.168.2.17:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.17:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.42.254:443 -> 192.168.2.17:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.150.241.254:443 -> 192.168.2.17:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.19.161:443 -> 192.168.2.17:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.17:49855 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.71:443 -> 192.168.2.17:49920 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@25/81@39/336

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1936,i,11227222330566312514,11259038330298004841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1936,i,11227222330566312514,11259038330298004841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4740 --field-trial-handle=1936,i,11227222330566312514,11259038330298004841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4740 --field-trial-handle=1936,i,11227222330566312514,11259038330298004841,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	Windows Management Instrumentation	1 Scripting	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Extra Window Memory Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
m365cdn.nel.measure.office.net	0%	Virustotal	Browse
189528-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com	0%	Virustotal	Browse
dual-spo-0005.spo-msedge.net	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse
dns-tunnel-check.googlezip.net	1%	Virustotal	Browse
play.google.com	0%	Virustotal	Browse
tunnel.googlezip.net	1%	Virustotal	Browse
youtube-ui.l.google.com	0%	Virustotal	Browse
i.ytimg.com	0%	Virustotal	Browse
www.youtube.com	0%	Virustotal	Browse
googleads.g.doubleclick.net	0%	Virustotal	Browse
static.doubleclick.net	0%	Virustotal	Browse

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
dual-spo-0005.spo-msedge.net	13.107.136.10	true	false	0%, Virustotal, Browse	unknown
youtube-ui.l.google.com	172.217.18.14	true	false	0%, Virustotal, Browse	unknown
play.google.com	172.217.18.14	true	false	0%, Virustotal, Browse	unknown
googleads.g.doubleclick.net	172.217.18.98	true	false	0%, Virustotal, Browse	unknown
dns-tunnel-check.googlezip.net	216.239.34.159	true	false	1%, Virustotal, Browse	unknown
tunnel.googlezip.net	216.239.34.157	true	false	1%, Virustotal, Browse	unknown
i.ytimg.com	142.250.185.182	true	false	0%, Virustotal, Browse	unknown
189528-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com	52.105.37.27	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.250.184.196	true	false	0%, Virustotal, Browse	unknown
static.doubleclick.net	142.250.181.230	true	false	0%, Virustotal, Browse	unknown
dlapiper-my.sharepoint.com	unknown	unknown	false		unknown
www.youtube.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
m365cdn.nel.measure.office.net	unknown	unknown	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.99	unknown	United States	15169	GOOGLEUS	false
52.105.37.27	189528-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.186.67	unknown	United States	15169	GOOGLEUS	false
13.107.136.10	dual-spo-0005.spo-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.217.18.14	youtube-ui.l.google.com	United States	15169	GOOGLEUS	false
216.58.206.34	unknown	United States	15169	GOOGLEUS	false
216.58.206.78	unknown	United States	15169	GOOGLEUS	false
142.250.181.230	static.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.185.227	unknown	United States	15169	GOOGLEUS	false
2.23.209.37	unknown	European Union	1273	CWVodafoneGroupPLCEU	false
2.19.126.146	unknown	European Union	16625	AKAMAI-ASUS	false
142.250.185.182	i.ytimg.com	United States	15169	GOOGLEUS	false
2.16.164.49	unknown	European Union	20940	AKAMAI-ASN1EU	false
142.250.185.163	unknown	United States	15169	GOOGLEUS	false
142.250.185.142	unknown	United States	15169	GOOGLEUS	false
142.250.184.228	unknown	United States	15169	GOOGLEUS	false
142.250.184.206	unknown	United States	15169	GOOGLEUS	false
172.217.18.98	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.186.99	unknown	United States	15169	GOOGLEUS	false
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
2.23.209.41	unknown	European Union	1273	CWVodafoneGroupPLCEU	false
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
172.217.18.3	unknown	United States	15169	GOOGLEUS	false
142.250.185.234	unknown	United States	15169	GOOGLEUS	false
142.250.185.110	unknown	United States	15169	GOOGLEUS	false
142.250.185.138	unknown	United States	15169	GOOGLEUS	false
142.251.173.84	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.174	unknown	United States	15169	GOOGLEUS	false
142.250.185.230	unknown	United States	15169	GOOGLEUS	false
142.250.185.131	unknown	United States	15169	GOOGLEUS	false
142.250.186.42	unknown	United States	15169	GOOGLEUS	false
142.250.185.74	unknown	United States	15169	GOOGLEUS	false
216.239.34.157	tunnel.googlezip.net	United States	15169	GOOGLEUS	false
142.250.185.98	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1524031
Start date and time:	2024-10-02 12:28:43 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	25
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean2.win@25/81@39/336

Warnings

Exclude process from analysis (whitelisted): TextInputHost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.67, 142.250.185.174, 142.251.173.84, 34.104.35.123, 2.23.209.41, 2.23.209.39, 2.23.209.45, 2.23.209.35, 2.23.209.37, 2.23.209.44, 2.23.209.34, 2.23.209.42, 2.23.209.36, 2.23.209.48, 2.23.209.49, 2.23.209.52, 142.250.186.42, 142.250.185.170, 172.217.18.10, 142.250.184.202, 142.250.186.106, 142.250.185.202, 142.250.184.234, 142.250.185.138, 216.58.206.42, 142.250.181.234, 172.217.16.202, 142.250.186.170, 172.217.16.138, 216.58.212.170, 142.250.185.234, 142.250.74.202, 192.229.221.95, 2.16.164.49, 2.16.164.19
Excluded domains from analysis (whitelisted): accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, 189528-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a1894.dscb.akamai.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.

LLM Input / Output

Input	Output
URL: https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8 Model: jbxai	{ "Status":"Unavailable"}
	{ "Status":"Unavailable"}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 09:29:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9904296244646287
Encrypted:	false
SSDEEP:
MD5:	A0FBD4C8E224D07C309DA79933739C5D
SHA1:	DF8C59E39D52BEE9DCDFA00D95B27AC2DA0E9654
SHA-256:	1E25453AFBFB9EDB48A8D8415BE5ECF3E295B107EA4E09133A8174D1ADD0EF40
SHA-512:	B83B7D68E5471019369A9B6A65CDFEC0B7ED98920BC083F9616A52FB26F1EC0101C8582CFD86FF036B3099E3CB3CBC182032A770A7E33B44A811DCFBA996A390
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....m.p........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IBY.S....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VBY.S....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VBY.S....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VBY.S...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VBY.S...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 09:29:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.011462105359139
Encrypted:	false
SSDEEP:
MD5:	398BC3D335E1B333CD0B498DEC793DCD
SHA1:	749CC073B9561405701CED46A57EFE86A6886D8F
SHA-256:	911370627A30CD7E52AC09CF1C7BB853F3A0892E8CC3605947ACBC801FDC446B
SHA-512:	932D724D86E5108C04CF2CD69E5A87E2EFD5EDA2D8CD1BA76CF197DBFEC42848EA69D6B93D9D4A135E881EB0B72CFE1814A28B693FC0835E64B84BEBB9757118
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Q`........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IBY.S....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VBY.S....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VBY.S....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VBY.S...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VBY.S...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.0179399204572475
Encrypted:	false
SSDEEP:
MD5:	D170BB1121E7729C24DDEE563B3DD0D5
SHA1:	EBFF33334F68F83B809311DF2ED48A3EAA86D552
SHA-256:	65D983C8BD03E520FB7CE6014CD592929DCCFFFAE4BFADF4B6E1D7A7AB30BAD2
SHA-512:	64B82B48E122AF46BCA5F9C41023237CD90653A9A8E26F7A40A030A8BBD0D3C6775235D83915C0DCE9E8B961E0893103ADA998483EF4133A8F251E12433BA89B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IBY.S....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VBY.S....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VBY.S....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VBY.S...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 09:29:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	4.0081954452339925
Encrypted:	false
SSDEEP:
MD5:	86173035FEA907ED035C5AECEAA84E54
SHA1:	D420184A86767559947C845CFBF74FA6FF83EAE9
SHA-256:	C3760DA19D02DDEAD4377CE1B76F99DDD333D2F96EFE713BA2A7D388F70F5D14
SHA-512:	BE2E72503F21DA900AFB3885021C219CD7E85F9A497AF89010D0EF8A5D8DA32B1D4E550E197F269530260849F6837672CF58A5F4CF6DF9A56685552FE16C08CB
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....'.Y........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IBY.S....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VBY.S....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VBY.S....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VBY.S...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VBY.S...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 09:29:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9967375324320535
Encrypted:	false
SSDEEP:
MD5:	122777116F3974B70E0A885B52D2BB69
SHA1:	1A493CA589FD55EDE6CEA96F06B2697E59A4E440
SHA-256:	1164F6AFBB5AC4E9FB1EB75E3B7D2544945318047768F154D52CA99104016451
SHA-512:	0DEBBB5606A195D3961B6A58FF8D9481DCB39A102D85E880679802427F9B348A2578B77795A1B1FB71400763A3DE1C6C01D250E625C48DB5D6D2EB1F1E18610A
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......g........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IBY.S....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VBY.S....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VBY.S....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VBY.S...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VBY.S...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 2 09:29:22 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	4.008524389436579
Encrypted:	false
SSDEEP:
MD5:	3A46EA5484E9680D9098BAF09E7AFDB4
SHA1:	E659179492463F3E8383F799032A952156AE527A
SHA-256:	D6CBF3DC7651AC81F199C609F69178971388B355E3C1F75CD3058E5FF2FE5BF5
SHA-512:	26EBA3ECFC66F43DAABB8320A56F0E71EA6149AAFE3DCA7022041BF7A0A371C783A0262556EA73C7D4087C36BA5B84D4DDE980478ECD3ABAC0481EDCC5BC76C3
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....J.M........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IBY.S....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VBY.S....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VBY.S....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VBY.S...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VBY.S...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Category:	downloaded
Size (bytes):	389410
Entropy (8bit):	5.182496769769048
Encrypted:	false
SSDEEP:
MD5:	A527D49E37C92AABDF019D0BE2CB8AB8
SHA1:	B10AB6200EDF90B2A77B74E4BD23C8554E8690AE
SHA-256:	5D32531834A0CCCC0A2B544CF93F6DE86021B34E1B7800D1366625180C999571
SHA-512:	0D2140BAF781129B7EC45F0564FBA8A241C04CA3BAB45836966805EAA0D0C34E5F0CF2CB31B2E28D45AE397EFEB34ED2083911C8F472F72076A3069907FEF6FE
Malicious:	false
Reputation:	unknown
URL:	https://www.youtube.com/s/player/d9418494/www-player.css
Preview:	@charset "UTF-8";.html5-video-player{position:relative;width:100%;height:100%;overflow:hidden;z-index:0;outline:0;font-family:"YouTube Noto",Roboto,Arial,Helvetica,sans-serif;color:#eee;text-align:left;direction:ltr;font-size:11px;line-height:1.3;-webkit-font-smoothing:antialiased;-webkit-tap-highlight-color:rgba(0,0,0,0);touch-action:manipulation}.html5-video-player,.ytp-contextmenu{-ms-high-contrast-adjust:none;forced-color-adjust:none}.html5-video-player:not(.ytp-transparent),.html5-video-player.unstarted-mode,.html5-video-player.ad-showing,.html5-video-player.ended-mode{background-color:#000}.ytd-video-masthead-ad-primary-video-renderer .html5-video-player:not(.ytp-transparent),.ytd-video-masthead-ad-primary-video-renderer .html5-video-player.unstarted-mode,.ytd-video-masthead-ad-primary-video-renderer .html5-video-player.ad-showing,.ytd-video-masthead-ad-primary-video-renderer .html5-video-player.ended-mode{background-color:transparent}.ytp-big-mode{font-size:17px}.ytp-autohide{cu

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max compression, truncated
Category:	downloaded
Size (bytes):	35
Entropy (8bit):	4.199873730859799
Encrypted:	false
SSDEEP:
MD5:	D317C25EBCF619DCAD17963A91904BC1
SHA1:	749A0A568BEF62730A278854033B5D83AC81519C
SHA-256:	F5AF56B41CA2466246D1648A3BE8FE236C4F123E3FA8589C10A72F1C68ABBE8F
SHA-512:	4055D9D3917796222A49B8BFB48D60E9A804D4CEBFE9958EAEEE9E7BABE153FEEB6C7C11577F1494E37BB91F89F5FAB6BC204B1A7AF11F32A6043D57B5A4A237
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/compressiontest/gzip.html
Preview:	...........QL.O..,HU.(....H.....

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6421)
Category:	downloaded
Size (bytes):	6426
Entropy (8bit):	6.105710774517898
Encrypted:	false
SSDEEP:
MD5:	D8542834C15535B4E503493F4C2BFC0E
SHA1:	51408F42D5618B6358ED65A538EAD538EF040F65
SHA-256:	C55FFF7C7BDABC6D21BBEF52E8303ED3428626418F8D539C0AC8C71929E3D891
SHA-512:	83D80A11B0C909E392925B2B871FFCF9DD97C2990DDEF59419BE9F984A5AB3B4D92D995598DE478B92A235503B1F95E47E783855EC334179D1F59750BC262363
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?q&cp=0&client=gws-wiz-serp&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=niD9ZuSaCZioxc8PnP6qyAI.1727864993278&dpr=1&nolsbt=1
Preview:	)]}'.[[["us troops middle east",0,[3,308,357,362,396,143],{"zf":33,"zl":90000,"zp":{"gs_ss":"1"}}],["netflix october movies",0,[3,308,357,362,396,143],{"zf":33,"zl":90000,"zp":{"gs_ss":"1"}}],["crumbl cookies sydney australia",0,[3,308,357,362,396,143],{"zf":33,"zl":90000,"zp":{"gs_ss":"1"}}],["dodgers fernando valenzuela hospitalized",0,[3,308,357,362,396,143],{"zf":33,"zl":90000,"zp":{"gs_ss":"1"}}],["school lockdown in east hampton ct",0,[3,308,357,362,396,143],{"zf":33,"zl":90000,"zp":{"gs_ss":"1"}}],["green bay packers field goal kicker",0,[3,308,357,362,396,143],{"zf":33,"zl":90000,"zp":{"gs_ss":"1"}}],["ohio state buckeyes football",46,[3,308,357,362,396,143],{"lm":[],"zf":33,"zh":"Ohio State Buckeyes football","zi":"Football team","zl":90000,"zp":{"gs_ssp":"eJzj4tTP1TdIy6oqrjRg9JLJz8jMVyguSSxJVUgqTc5OrUwtVkjLzy9JSszJAQAlUw66"},"zs":"https://encrypted-tbn0.gstatic.com/images?q\u003dtbn:ANd9GcQcfgOX8GpX152k1-LWW3SE7PQj11JKC7qPVRDpRlhpffsYB33IBPQOsDkZsg\u0026s\u003d10"}],["miami d

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	846
Entropy (8bit):	7.705518982778801
Encrypted:	false
SSDEEP:
MD5:	7FC1BD4ECC9CB87AC3890F0F86997350
SHA1:	2A918B5C380D5B322826E4B745E8BF942E046F3C
SHA-256:	AFE0A5FC8AB2F25A3EF5426B04F573747EF5AC292FD5D2F0C9CC63650B8DAF2C
SHA-512:	D98A52B4DB9CCB499FBCEC1B46BDEB5371CEDD6F16E3F2BC968B914A63BAB02537AE02063071BFD358EC2841A8E3DDCB2A3927B5F446D7F55BD057254513D1EF
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/kpui/social/fb_32x32.png
Preview:	.PNG........IHDR... ... .....szz.....IDATx......Q..'..m..6N...m.Q.....m...'.....\|..;.{..K..J@....jqE..Q...U.F...E.1...5..q...(.e..).q-.[L...q.!..x5.W....}........Rv1Rt...)...w.WE.W..V.[.."{_(>...r...P{-M.."j.+...\..b.7...v..[p..<y.....gp....o+.b;.._<...u.Yz.-..#.c...w.9.L..[@M..]...^....,........."c.Yi..{....."...kqK.".....11..5...O......0....^..e.S..............h..A]..1......L.`......h=..u...q......."(n?.b..,.3.$.....r.....MP\}...A.....V.....x..Pt...88w.....jO..9......1...kN.K....k./...y.._......;Pf.....6R.5...>..8{...0.vm.........c..K.k.C..m....l..a.H.....a..............{.wV..o.p\..J.e..]`...Qb...GP.x.......o.ww.._V...#..y..(.....Z1.........#..'Pp...~Y..........f...+.$.._..w/.!.&..k...f.X\Mp.V.ip..+.?...p.<.5}.x.....,.7>?Nk.E....Dy..%.X.S+.~%.V...H...Y.\..E........u..:...e.....\B.}up8....IEND.B`.

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2684)
Category:	dropped
Size (bytes):	438895
Entropy (8bit):	5.517220782715614
Encrypted:	false
SSDEEP:
MD5:	D59188DA76191BEFE29C234BA0C3F524
SHA1:	26E79FDE01B69F3BAAABC7BF378DB25BD99AEB11
SHA-256:	412C78940CE3A16D92F0F0C746199461D44A85652CF096C2019C98DAC38BEDD9
SHA-512:	688FCD6EF1B6C49E51F65A252AA84F913C9E31208CFA93DD416D270108884D936648898AC3664BA274DC2DB0B24BAB5E4D2012855079E6DC5FDAD0A27A6D776D
Malicious:	false
Reputation:	unknown
Preview:	_F_installCss(".S8ee5{box-sizing:border-box;cursor:pointer;background:#f1f3f4;border:1px solid transparent;pointer-events:auto;position:relative;width:300px}.S8ee5{font-size:14px;line-height:20px}.S8ee5{padding:7px 11px}.S8ee5{flex-direction:row-reverse;align-items:center;display:flex;justify-content:center;margin-left:auto;margin-right:auto}.S8ee5{height:36px;border-radius:18px}.S8ee5:hover{background-color:#d8d7dc}.S8ee5:hover{background:#D8D7DC}.rhHIGd{background-color:var(--gS5jXb);border:0;height:1px;left:0;position:absolute;width:100%}.rhHIGd{margin-top:18px}.S8ee5 .p8VO6e{margin-top:0px}.S8ee5 .z1asCe{height:20px;width:20px}.S8ee5 .Z4Cazf{display:inline-block;max-width:220px;white-space:nowrap}#rhs .lQi8Fc{height:auto;top:0}#rhs .S8ee5{max-width:336px;width:100%;border-color:rgba(255,255,255,0)}#rhs .S8ee5 .Z4Cazf{max-width:73.33%}#rhs .oYWfcb .rhHIGd{display:none}.Zeeake{font-family:Roboto-Medium,Arial,sans-serif-medium,sans-serif}.Zeeake .p8VO6e{width:20px;height:20px}.MTIaKb,

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	63
Entropy (8bit):	4.877530518497626
Encrypted:	false
SSDEEP:
MD5:	5CD18A4F2C73BEF1304F58AB3D540395
SHA1:	FF4258012A24C31FF3897941D87817E60C933914
SHA-256:	3D4B92A8C507D39DA27CE7C429EA2A31D836D75436F78138151EFEE1A796E4FE
SHA-512:	D2FD1942667AF61312D50112D7D650966ED76991B549654FFC0889D53459B7D040655D79008343257ACF9DB0607A6C763F3B1F821C519F396CB2E22C3C175BFA
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/async/asyncContextualTask?vet=12ahUKEwjk4dTXvu-IAxUYVPEDHRy_CikQ4dMLegQIChAA..i&ei=niD9ZuSaCZioxc8PnP6qyAI&opi=89978449&yv=3&cid=9190809263875897075&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en_US.YL3dwZaCQMg.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgoEAgAAAACAAgAAAAAAAAAAAAAAAAAAAAAEAgAgJAQAAAEAAIAFAIAICAgAAAQAQEAAAAABIoDffwIAAAAAAAAAAAACgAkAAAAAALgAACAoAgAAAAQAAGAAAAAgAAAAAABAAQAAAAAAAAAAAAAAAAAAAAAAAAIB6AcAAAAAAAAAAAAgAAAAAAAMUAAggB8AAAAACAAAAIIAAIADMgABAAAAAAAA3AcAzwOGQwoLAAAAAAAAAAAAAABAABIEc0D6CwJAAAAAAAAAAAAAAAAAAABICZq43ABAAg%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oGujdBgk1gWfh3XWINxuUh8jdtdwg,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.s.SIJgKp0_ANA.L.B1.O%2Fam%3DQOIQIAQAAAJABBpAAAAAAAAAAAAAAAAAAAAAkAAAABAAAAAAAAgAIAIAKJMAAIC8AACADQAIAAB8AAAHBAAGAAAAAAAAJAAAAACAAAAVAgAAAAAAEBAAAEQAAABAIQAAAAAEAAAYAAAAABACBAAggAEIAYACJCAoAtCPQgAAAGAAAAAhIAwwDEBQAcAATgEAAAAAAAAAABAACAEAAAAFBAAQIABAj0AAGABiIgBACAAIUAIAAQAABAAAIEAgAAAxE4ADMgABAAAAAAAAQAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAAAAAAAAAAAAAAAAAAAAAAQ%2Fbr%3D1%2Frs%3DACT90oHS1JOiuDK_SdGLwRo-ZKYuMRNIaQ,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en_US.YL3dwZaCQMg.es5.O%2Fck%3Dxjs.s.SIJgKp0_ANA.L.B1.O%2Fam%3DQOIQIAQAAAJABBpAAAAAAAAAAAAAAAAAAAAAkAAAABAAAAAAAAgAIgoEKpMAAIC8AgCADQAIAAB8AAAHBAAGAAAEAgAgJAQAAAGAAIAVAoAICAgAEBQAQEQAAABBI4DffwIEAAAYAAAAABAChAkggAEIAbgCJCAoAtCPQgQAAGAAAAAhIAwwDEBQAcAATgEAAAAAAAAAABAACAEAAAIF7AcQIABAj0AAGABiIgBACAAMUAIggR8ABAAAKEAgAIIxE4ADMgABAAAAAAAA3AcAzwOGQwoLAAAAAAAAAAAAAABAABIEc0D6CwJAAAAAAAAAAAAAAAAAAABICZq43ABAAg%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oFjTMcLfsQqlJERMofnWWYprZ8qhw,_fmt:prog,_id:rNi7Zc"
Preview:	)]}'.24;["rSD9ZpjEGeiW9u8PxpWiuQc","2090",1]c;[1,null,"0"]3;[5]

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8163)
Category:	dropped
Size (bytes):	8168
Entropy (8bit):	6.014584460799823
Encrypted:	false
SSDEEP:
MD5:	F78CE01C87DCDB5FF1BD35C10CA3B573
SHA1:	48C5A83A346CAD6AB56701D6F7A9C7BBC10EA470
SHA-256:	5820C7654B6E1107F2C55E846D83086CB5BBDD55C4AA698C626086D9C56AB445
SHA-512:	FB97C521DAD0D3A3BDFAE30C1C570337AB209E2287A1B8E63A4B580393B824928EBAB97EB963A3D59695446744076AA653F4987C43334208404FAAE45F20E494
Malicious:	false
Reputation:	unknown
Preview:	)]}'.{"bgasy":["https://www.google.com/js/bg/SHq4PPhfjRSl0-V2jZYRTjGjM6HmQe3FExMe8NfPTFM.js","hGojNGCRk43kqHJdhXXtN8NTdJIVwoMkTIP2q8g7Kh+A8uZZOXaSDSX6peFHOSlqWeh+ZTjsuh5IK3paiC7rZVl8Ra/XjU4FRODoj/ufwQX4VwKIWcU/ufyuTrsBz64iQfpImPaFp/U2xUGXYrCKgkbgZ6csk7y9gxAhrLcRticCjsbIWFHEbtJ8zhZa/oXa8BZBH1CCagmUaOtcBKKM2DrUyl1rQ6GJ5/bXp6JmTmSKNxB9NfU74NYZA2ZyJ5APAeO87cB38UNNVliEZ0L0KpZBpUZFosSe/kriy3zRMh4I3OuDY2d56dQMidlekK35iRV0MonjpchjYzwR2l/gqF1khlyjpRR/ni3O6zz2lVc6h72T59+CWJK7c4jag7Ef8fNt3xwUmLIiv3uZ9TDWVOzMHyLTj8o6IKV6CnjH+ovprfSQzH8pHbHLOiURdv5C+FjKXVlHO4cyQHLMeEbQNX40Ls78KIBsdcljOuoupKbVqX94nbAVGR74Pr3qOYXrydhGqGgrcs85VSTcPOdkPEwOctLuUUmR+LdiF5yLCgCdjC52MU1Phbkfkd7p4Qu2iAakO9XJu+Xpl5EY/pULYhTHEo8OcPI95pT/M/AvLsfcsfba4SZjk1KZcZcp1+XbrY2V2Jg9Qlm3OU8JNB1a6hEemhgCQqKXDOr6EL9IVTKD9wCZvzspGqyl3h7rCqtoIhy7ebiOAXQqaKtMxifK3y5tOCfFSyesRrWS6ZF1zCQb8RqhLFMFbKEFvXZJCi/OKc94iabpiYrXTFk6Tof9NHVK4192eGFVRU1pXPY7Cfm3Nlm+XKBFKENoz5IiYIKMk+D+50qJQvPFLQ8+sGd2bhmKjA5nqQHzRL6EM22o/Ry/s37MXV6agseT6HW1CIy/JbAb8qd8v3

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (543)
Category:	downloaded
Size (bytes):	120870
Entropy (8bit):	5.458375657777695
Encrypted:	false
SSDEEP:
MD5:	03056576332C0AB6EB58AA7606FD2DC5
SHA1:	CC81E3C340E4C3405CF9DFB6219A8339CB23A1EB
SHA-256:	3D546F0C69AE0BA14F09290F45BFCC5EDCFF6FC36755BA00EAE768830DD3AA4C
SHA-512:	8FBB940263EC41C8554C074A93457C2341987D8037598564C9E12222F813CA2455C9DFCCE8D98D91C5084AC685E9978A5F9780CB76531AFBDCE49AFE7B100BA4
Malicious:	false
Reputation:	unknown
URL:	https://www.youtube.com/s/player/d9418494/player_ias.vflset/en_US/remote.js
Preview:	(function(g){var window=this;'use strict';var e7=function(a){g.zk(a,"zx",Math.floor(Math.random()2147483648).toString(36)+Math.abs(Math.floor(Math.random()2147483648)^g.Ya()).toString(36));return a},f7=function(a,b,c){Array.isArray(c)\|\|(c=[String(c)]);.g.eha(a.D,b,c)},Grb=function(a){if(a instanceof g.ln)return a;.if(typeof a.Hm=="function")return a.Hm(!1);if(g.Ra(a)){var b=0,c=new g.ln;c.next=function(){for(;;){if(b>=a.length)return g.q1;if(b in a)return g.mn(a[b++]);b++}};.return c}throw Error("Not implemented");},Hrb=function(a,b,c){if(g.Ra(a))g.kc(a,b,c);.else for(a=Grb(a);;){var d=a.next();if(d.done)break;b.call(c,d.value,void 0,a)}},Irb=function(a,b){var c=[];.Hrb(b,function(d){try{var e=g.Lp.prototype.B.call(this,d,!0)}catch(f){if(f=="Storage: Invalid value was encountered")return;throw f;}e===void 0?c.push(d):g.ima(e)&&c.push(d)},a);.return c},Jrb=function(a,b){Irb(a,b).forEach(function(c){g.Lp.prototype.remove.call(this,c)},a)},Krb=function(a){if(a.oa){if(a.oa.locationOverri

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3537)
Category:	dropped
Size (bytes):	52603
Entropy (8bit):	5.316331138717284
Encrypted:	false
SSDEEP:
MD5:	F0A9F2F65F95B61810777606051EE17D
SHA1:	872BF131CB4BEFD0242339F072F2F9B9FBF8019F
SHA-256:	9CDF2602AC04F7E2BED582D4299C73D464FC4AB069E3AD5A20EE2B6635A015B8
SHA-512:	6823914507BA31E0F61B95CC53F09543C3C14E5530E9EF1B00338FBBD7C25D2E398F5F628DF4ED25D6FF88E0F8BEE506EFE62BA704778BA7CFF09AEC9579D9F0
Malicious:	false
Reputation:	unknown
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.'use strict';var f,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},h="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},ca=ba(this),da=function(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&h(c,a,{configurable:!0,writable:!0,value:b})}};.da("Symbol",function(a){if(a)return a;var b=function(g,k){this.g=g;h(this,"description",{configurable:!0,writable:!0,value:k})};b.prototype.toStri

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1603
Entropy (8bit):	5.2727801090429285
Encrypted:	false
SSDEEP:
MD5:	78FD7C1A980B9162702E6F984A25B7A6
SHA1:	E832ABE897CDAA5E36131733AF619F174AD0F9C5
SHA-256:	1C5A3539A6FBE5420A519540FF6662EFEACB0BB1B9B8314C74064694A0D52C0B
SHA-512:	06B0C9A98D1F6B5BCF81D81574258B7D479579CD80FC51105C58B99263D802EFD64ECF6B5A9A3105C1046FB7EE3F776547E1593436AFC3E6C0820D149C0913BA
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 404 (Not Found)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, Unicode text, UTF-8 (with BOM) text
Category:	downloaded
Size (bytes):	215
Entropy (8bit):	5.333834408254051
Encrypted:	false
SSDEEP:
MD5:	8371A65E77A93D5D8BD73C32084F4350
SHA1:	BE784A99543BF27D53C66E60036A2944F85AF0A9
SHA-256:	D0CD0D8FF23FCCEAD1E134649532B92815D01928319EA19F20BDAC9FCE90D203
SHA-512:	2C3C6AC7FAA8E8805B8EDC82D002B7A47DB65D2554BD43C8E2A50F85EFD337683050304B5AEFB1F9EA47565DDC31F92FC1A93A2A75737F16DE958387BD01F1D7
Malicious:	false
Reputation:	unknown
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.007/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js
Preview:	.<?xml version="1.0" encoding="utf-8"?><Error><Code>BlobNotFound</Code><Message>The specified blob does not exist..RequestId:f6f15564-001e-0054-49b5-142757000000.Time:2024-10-02T10:29:31.3634236Z</Message></Error>

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.702819531114783
Encrypted:	false
SSDEEP:
MD5:	858372DD32511CB4DD08E48A93B4F175
SHA1:	CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43
SHA-256:	3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359
SHA-512:	6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAktcUahtBgiERIFDfSCVyI=?alt=proto
Preview:	CgkKBw30glciGgA=

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Category:	downloaded
Size (bytes):	15552
Entropy (8bit):	7.983966851275127
Encrypted:	false
SSDEEP:
MD5:	285467176F7FE6BB6A9C6873B3DAD2CC
SHA1:	EA04E4FF5142DDD69307C183DEF721A160E0A64E
SHA-256:	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
SHA-512:	5F9BB763406EA8CE978EC675BD51A0263E9547021EA71188DBD62F0212EB00C1421B750D3B94550B50425BEBFF5F881C41299F6A33BBFA12FB1FF18C12BC7FF1
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Preview:	wOF2......<...........<Z.........................d..z..J.`..L.\..<.....<.....^...x.6.$..6. .... ..S..}%.......\|....x..[j.E...d..-A...]=sjf$X.o.5......V....i?}.\...;...V......5..mO=,[.B..d'..=..M...q...8..U'..N..G...[..8....Jp..xP...'.?....}.-.1F.C.....%z..#...Q...~.~..3.............r.Xk..v..7t.+bw...f..b...q.W..'E.....O..a..HI.....Y.B..i.K.0.:.d.E.Lw....Q..~.6.}B...bT.F.,<./....Qu....\|...H....Fk.-..H..p4.$......{.2.....".T'..........Va.6+.9uv....RW..U$8...p...........H5...B..N..V...{.1....5}p.q6..T...U.P.N...U...!.w..?..mI..8q.}.... >.Z.K.....tq..}.><Ok..w.. ..v....W...{....o...."+#+,..vdt...p.WKK:.p1...3`. 3.......Q.].V.$}.......:.S..bb!I...c.of.2uq.n.MaJ..Cf.......w.$.9C...sj.=...=.Z7...h.w M.D..A.t.....]..GVpL...U(.+.)m..e)..H.}i.o.L...S.r..m..Ko....i..M..J..84.=............S..@......Z.V.E..b...0.....@h>...."$.?....../..?.....?.J.a,..\|..d...\|`.m5..b..LWc...L...?.G.].i...Q..1.:..LJV.J...bU.2.:\.kt.......t.....k....B..i.z+...........A.....

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5858)
Category:	downloaded
Size (bytes):	5863
Entropy (8bit):	5.798407448424014
Encrypted:	false
SSDEEP:
MD5:	E8F494EEC49325E576A819F1A35A228D
SHA1:	2082092F9C822B460EACD2ED88AD0F6AFC52276F
SHA-256:	31897883E9DBF532C6EB6D88E6F57317D6B679CE99A22CBE0ED6C9D63386F0F3
SHA-512:	026F658095D09889640A1EE225664375895B3AFBA841C4BA33E1EB0690B22ED9D495C860946A775FE52E6CF79DF296A3C24E895DE5F129A708CCF7BF1D6E9634
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["",["zelda echoes of wisdom walkthrough","devara box office collection day","philadelphia eagles","interest rates mortgage rates","brittnee dancho missing maryland","only murders","karl anthony towns knicks trade","rentcafe outage"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"google:entityinfo":"CggvbS8wNXRnMxINRm9vdGJhbGwgdGVhbTKeDGRhdGE6aW1hZ2UvcG5nO2Jhc2U2NCxpVkJPUncwS0dnb0FBQUFOU1VoRVVnQUFBRUFBQUFCQUNBTUFBQUNkdDRIc0FBQUF0MUJNVkVYLy8vOEFBQUNscksrcHNMT3NzN2FocUt2Nit2cGdaR1lBUjFBQUFBZjA5UFRsNStnQU9FS3Z0cm1lcGFpQWhZZm83ZTY4eU1vQVBFVUFNVHdBQndqVjN0OEFLREtJanBFQUFBL2IyOXZDeHNoSlRFNEFKU2t4WUdlWG5xQXRMekI0Zlg5UlZWWndkWGNqSkNWZWdZYUZuS0J5anBPa3RiZkgwZEt1dmI4QUxUTSthbkFBVGxjQUV4VUFHeU5SZDN3ZEdoc1VLaTBkV0dEUno4K1ZrNU05UWtRQURSWUFIQitCa3BWcGZvRTJPRGtURkJTU3FhekhIakY2QUFBRGlVbEVRVlJZaGUxVjI1YWlNQkNrQ1JJRUF3b0tFcFNySWw0R1hSMTExL0gvdjJzNzZManVXU

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (561)
Category:	dropped
Size (bytes):	31666
Entropy (8bit):	5.397564672661937
Encrypted:	false
SSDEEP:
MD5:	B0A74586B183DB7082EA48B6EA43EDE3
SHA1:	5CEC77CD9C2A7EC472327533B0E32D2D5DA8634D
SHA-256:	36CB859BE5A639C678F317D76C5C589DA1B5E08820FCCE41D67C38B517EFA959
SHA-512:	88A1BA500A6CA668014C54D442DCA1487C1FFBE0E57BAA53A4F4E9C0038F12B981F3A1FC38B598EA4822EB0E086FAF0A4C5DC8601C9BB91C2B6B6BFC3E0945A2
Malicious:	false
Reputation:	unknown
Preview:	(function(){'use strict';var q;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}.var r=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function ba(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}.var t=ba(this);function u(a,b){if(b)a:{var c=t;a=a.split(".");for(var d=0;d<a.length-1;d++){var g=a[d];if(!(g in c))break a;c=c[g]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&r(c,a,{configurable:!0,writable:!0,value:b})}}.u("Symbol",function(a){function b(k){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(k\|\|"")+"_"+g++,k)}.function c(k,e){this.g=k;r(this,"description",{configurable:!0,writable:!0,value:e

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65329), with CRLF line terminators
Category:	dropped
Size (bytes):	102801
Entropy (8bit):	5.336080509196147
Encrypted:	false
SSDEEP:
MD5:	C89EAA5B28DF1E17376BE71D71649173
SHA1:	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
SHA-256:	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
SHA-512:	B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
Malicious:	false
Reputation:	unknown
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c\|\|typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	5430
Entropy (8bit):	3.6534652184263736
Encrypted:	false
SSDEEP:
MD5:	F3418A443E7D841097C714D69EC4BCB8
SHA1:	49263695F6B0CDD72F45CF1B775E660FDC36C606
SHA-256:	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
SHA-512:	82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/favicon.ico
Preview:	............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1061)
Category:	dropped
Size (bytes):	117627
Entropy (8bit):	5.488475360689753
Encrypted:	false
SSDEEP:
MD5:	146CDD7FA6A8B35FBADA027ABF4F456E
SHA1:	4FC074327D247A11D27BC1F363F415B4531021B9
SHA-256:	59BF4FCD21C3A01190C8305FEAF3CD01EBF8869D2758B67DE50EA2309C8BECB5
SHA-512:	C3FB84BFC7DFEA7D844ECE52EB1815CDDCD645A499B6077E8C8AF311E6B0CF6E3307CA76F1FF4DE051946E97D70D8722A42DE67B323CCAE55F58567B0C672E8A
Malicious:	false
Reputation:	unknown
Preview:	this._s=this._s\|\|{};(function(_){var window=this;.try{._.Cev=_.B("DpX64d",[_.uo]);.}catch(e){_._DumpException(e)}.try{._.yXi=function(a,b){return _.gza(a,1,_.wwb,b)};_.oP=function(a){this.Od=a===void 0?null:a};_.zXi=function(a,b){return a.Od.Fc(_.Twb.getInstance(b)).then(function(c){if(_.Vh(c,1)!==1)throw Error("kp`"+_.Vh(c,1));return c})};_.pP=function(a,b,c,d,e){var f=new _.Owb,g=new _.Nt,h=new _.Lt;_.Mwb(_.Mt(h,b),e==null?void 0:e.pYh);h.setValue(c);_.Nwb(g,h).Tp(d);_.Qwb(f,g);(e==null?void 0:e.iBc)!==void 0&&_.Rwb(f,e==null?void 0:e.iBc);return _.zXi(a,f)};._.AXi=function(a,b,c){var d=new _.Owb,e=new _.Nt,f=new _.Lt;_.Mwb(_.Mt(f,b));_.Ob(_.Nwb(e,f).Tp(c),_.Kwb,4,void 0);_.Qwb(d,e);return _.zXi(a,d)};.}catch(e){_._DumpException(e)}.try{._.x("DpX64d");._.mjw=function(a){_.Vn.call(this,a.Ma);this.Od=a.service.Me};_.F(_.mjw,_.Vn);_.mjw.Ha=function(){return{service:{Me:_.fr}}};_.mjw.prototype.lIa=function(){var a=_.n(this.dxa(!0)),b=a.next().value;a=a.next().value;return _.pP(new _.oP(t

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	17799
Entropy (8bit):	1.1744323294080827
Encrypted:	false
SSDEEP:
MD5:	DB79515EC8256201EAF1216A2EB7A332
SHA1:	5E948E579A170ADDF7C39ABFBB683C8B2F00E1E7
SHA-256:	DBA82EAAC0F91B73DC2E5D04DD6F0B4CA2ADE2E4126084AB7105ECB4622895A8
SHA-512:	C640107B42C72B0747D4C266E4CACB937D216311CA55896CEAFE36815AE71FBD6AD61799D6C4C4BED9E1B00A5A586A7764EBCA33F41EAAF56ED2689BAF367619
Malicious:	false
Reputation:	unknown
Preview:	{"chunkTypes":"1000011111110011110001000010110100000011111111111111111111111111111111011011111111111010111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110111101111111113101101111111111110111111111111110111111111111111100011010111111111111111111111111111110101002222121212121212121212121212121222222212121212121212121212121212121212121212121222222221221221222122122122122122122122122122122122122122122122122122122122122122122122122122212212212212212212212121212212121212121212121212121212121211212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121222221212122222222212221212121221122121212121211212112121212121212121212121212121212122122122122

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	29
Entropy (8bit):	3.9353986674667634
Encrypted:	false
SSDEEP:
MD5:	6FED308183D5DFC421602548615204AF
SHA1:	0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
SHA-256:	4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
SHA-512:	A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/async/newtab_promos
Preview:	)]}'.{"update":{"promos":{}}}

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:
MD5:	5030B8DD100353DBECBEA12B494B8223
SHA1:	697F7637DB6E2505825AE786D77EC950D40B6FB2
SHA-256:	3A34E72278612B8E567A4529475F092D32436F32B438E54FEB7DF87B7083B32A
SHA-512:	AAD443C3B439863065C9AD7982608B377BB95920BA4BA4F2610D3EA0765ACB67C1732B10D36CD94DAE7303241E8FE4BC5D065A9DD094E09CC9D9E89298E14397
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto
Preview:	CgkKBw1KhZ5SGgA=

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	29
Entropy (8bit):	4.142295219190901
Encrypted:	false
SSDEEP:
MD5:	1FA71744DB23D0F8DF9CCE6719DEFCB7
SHA1:	E4BE9B7136697942A036F97CF26EBAF703AD2067
SHA-256:	EED0DC1FDB5D97ED188AE16FD5E1024A5BB744AF47340346BE2146300A6C54B9
SHA-512:	17FA262901B608368EB4B70910DA67E1F11B9CFB2C9DC81844F55BEE1DB3EC11F704D81AB20F2DDA973378F9C0DF56EAAD8111F34B92E4161A4D194BA902F82F
Malicious:	false
Reputation:	unknown
URL:	https://static.doubleclick.net/instream/ad_status.js
Preview:	window.google_ad_status = 1;.

Chrome Cache Entry: 171

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1599
Entropy (8bit):	5.267838660635414
Encrypted:	false
SSDEEP:
MD5:	5EDBA73F30F0D3A342CECCB3A34BFE45
SHA1:	3F39E4C8EF00408D327260F5328162AB3E5D3CAF
SHA-256:	F768529B209DB7EDF38AA0DA2A69C1C1DBE5A760D457FE74080D3AD76F14A0C2
SHA-512:	C302E3CCC2D9F2E12133ED07082A78260613F1B8C756D9EB2CF0A7AF63C425D4A8956B01EAE3FC3DFAB506DACF6416B0B53929D535CFA2AD81951183A6526FE7
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 404 (Not Found)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4047), with no line terminators
Category:	downloaded
Size (bytes):	4047
Entropy (8bit):	5.534384437106259
Encrypted:	false
SSDEEP:
MD5:	AF48F04773891DDF399D6B831213BB6D
SHA1:	6ACC8F319D52DF9C33E0849604C94B7A43C5EFF0
SHA-256:	2CB7A79E4960F2FE53DF6FDBC1E4A6C59D851C083939090ECAD77445C1F1CEFD
SHA-512:	7BCB01B20191F1473331520444599F59927E27771385D4A0346BF1B9DAC645A1312C6ECD45FEEFE7FC7AA808C2AB11E7AC23C043C7AB4A6BE4E540F0510C3166
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/ss/k=xjs.s.SIJgKp0_ANA.L.B1.O/am=QOIQIAQAAAJABBpAAAAAAAAAAAAAAAAAAAAAkAAAABAAAAAAAAgAIAIAKJMAAIC8AACADQAIAAB8AAAHBAAGAAAAAAAAJAAAAACAAAAVAgAAAAAAEBAAAEQAAABAIQAAAAAEAAAYAAAAABACBAAggAEIAYACJCAoAtCPQgAAAGAAAAAhIAwwDEBQAcAATgEAAAAAAAAAABAACAEAAAAFBAAQIABAj0AAGABiIgBACAAIUAIAAQAABAAAIEAgAAAxE4ADMgABAAAAAAAAQAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAAAAAAAAAAAAAAAAAAAAAAQ/d=1/ed=1/br=1/rs=ACT90oHS1JOiuDK_SdGLwRo-ZKYuMRNIaQ/m=X3N0Bf,attn,cdos,gwc,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl"
Preview:	:root{--COEmY:#1f1f1f;--xhUGwc:#fff}:root{--vZe0jb:#a8c7fa;--nwXobb:#638ed4;--VuZXBd:#001d35;--uLz37c:#545d7e;--jINu6c:#001d35;--TyVYld:#0b57d0;--ZEpPmd:#c3d9fb;--QWaaaf:#638ed4;--DEeStf:#f5f8ff;--TSWZIb:#e5edff;--BRLwE:#d3e3fd;--gS5jXb:#dadce0;--Aqn7xd:#d2d2d2;--EpFNW:#fff;--IXoxUe:#5e5e5e;--bbQxAb:#474747;--YLNNHc:#1f1f1f;--TMYS9:#0b57d0;--JKqx2:#1a0dab;--rrJJUc:#0b57d0;--mXZkqc:#d2d2d2;--Nsm0ce:#0b57d0;--XKMDxc:#f3f5f6;--aYn2S:#f3f5f6;--Lm570b:#dee1e3}.zJUuqf{margin-bottom:4px}.AB4Wff{margin-left:16px}.OhScic{margin:0px}.v0rrvd{padding-bottom:16px}.zsYMMe{padding:0px}.QyJI3d{background-color:var(--xhUGwc);color:#666;box-shadow:0 4px 16px rgba(0,0,0,0.2)}.oQcPt{background-color:var(--xhUGwc)}.QyJI3d{border:1px solid rgba(0,0,0,.2);position:absolute;z-index:9120}.nFdFHf{animation:g-bubble-show .2s forwards}.bE3Kif{animation:g-bubble-hide .2s forwards}@keyframes g-bubble-show{from{opacity:0}to{opacity:1}}@keyframes g-bubble-hide{from{opacity:1}to{opacity:0}}.QyJI3d.QJnoze{border-radius

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (568)
Category:	dropped
Size (bytes):	2442768
Entropy (8bit):	5.604657258846942
Encrypted:	false
SSDEEP:
MD5:	34C0EB65A1A40D63EFB16DBFA35D58B9
SHA1:	10CF1F8C6796290B03C132AF633C8D481904B34D
SHA-256:	5059590A454043033E983133398FA9D38D66F760E8645AE7EBC6DFFF4B063C59
SHA-512:	7567A53EABEC1721F305774C5EB7FCD0EBA5D02A9D9D4629ABD79834DB519BA03DA816340FAE0B7702266C3243A92B615AD4F888B51590481BC8701ED649FE2F
Malicious:	false
Reputation:	unknown
Preview:	var _yt_player={};(function(g){var window=this;/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC All Rights Reserved... Use of this source code is governed by an MIT-style license that can be. found in the LICENSE file at https://angular.dev/license././*.. (The MIT License).. Copyright (C) 2014 by Vitaly Puzrin.. Permission is hereby granted, free of charge, to any person obtaining a copy. of this software and associated documentation files (the "Software"), to deal. in the Software without restriction, including without limitation the rights. to use, copy, modify, merge, publish, distribute, sublicense, and/or sell. copies of the Software, and to permit persons to whom the Software is. furnished to do so, subject to the following conditions:.. The above copyright notice and this permission notice shall be included in. all copies or substantial portions of the

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15436, version 1.0
Category:	downloaded
Size (bytes):	15436
Entropy (8bit):	7.986311903040136
Encrypted:	false
SSDEEP:
MD5:	037D830416495DEF72B7881024C14B7B
SHA1:	619389190B3CAFAFB5DB94113990350ACC8A0278
SHA-256:	1D5B7C64458F4AF91DCFEE0354BE47ADDE1F739B5ADED03A7AB6068A1BB6CA97
SHA-512:	C8D2808945A9BF2E6AD36C7749313467FF390F195448C326C4D4D7A4A635A11E2DDF4D0779BE2DB274F1D1D9D022B1F837294F1E12C9F87E3EAC8A95CFD8872F
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Preview:	wOF2......<L.......\|..;..........................d..z..J.`..L.H..<........e..^...x.6.$..6. ..~. ..).7{...K.. .k~....".v(...[...RE.$..K..C,.'..{BK.C&.....'L!...DZ........+6.r...K..._...<..0..].V..........e.r(RN.43k;g`...?<?.......b..c.`.. .6..p...5.$zd.R%.........h....";.^WU.....H........S.j..M:..=K..\B.6"f......z.........$...%w.?$-....9.:u....u.I..Tt..s........lY...J.6oN..y...1,I.Yx..lu..}.e...Og..d...Xv.. ...iF.]..x.N..#%,y.&..,$.^.n...\.K.P.J.x...H$..-.....p.....t.v...gD^....?..6o......e....,f.)..h...P...<.:.E...X..p....U.?.[m....l.Y.S..p..%..K.,U..3U.qFZo....U...3..3.]\.C.#..9T.8P`8......P...R;..r..J.*...u.j..^vnf.v.... .pw...Z.(.6%$U.[.\|....!mU\}./..i,..7D........:t'.a;.W(.."G....q.-.Z......;J..0.&/.5. .T......w..;...t...H.t.<y ..@xx .JA.U.t..;g....@..... .t......<.5(^.\|s..Ko.O.x.....!...........lHF............So{.%..V...7..aA$....C;,"(.J..EE..@.....vOB.,V..../....B#.r+./-t.(.N.S...R.Z$4...4i.c.}t...#3`.......s..;.O,.\|..W.A.f.w.

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG ADTS, layer III, v2, 64 kbps, 24 kHz, Monaural
Category:	downloaded
Size (bytes):	5184
Entropy (8bit):	7.712560143450262
Encrypted:	false
SSDEEP:
MD5:	DBF47851C4067864F074537A6D265FC7
SHA1:	BF9E8B534F58F8CDAB6AB8D872678EA4DD4A853E
SHA-256:	860BF9DCE807597B3A1CABB3CD7F08C1F9427CD1A7B1F25EBF6111B3ABC8EEE1
SHA-512:	B9528A123C19572BA225A4454B0C6C2AE2678544F4DDE694FCF0CB3B9C83A74B881C1E4A4E40337EB6FB0E094C8B89FCA1DB4558F5F38EDECBE906B18D2D0F59
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/speech-api/v1/synthesize?text=%40&enc=mpeg&lang=en-us&speed=0.4&client=lr-language-tts&use_google_only_voices=1
Preview:	...................................................................................................................................................................................................&....I0.....0L6O..4{.2...4s... .DA.d..`0.2w.a..........&L.2... @...0...2d..... B"...... @..."......""#?....Dv.d..L.2..!....'`.>.... d..... ....&........?.\...QVYe..]./w.....~Zy.......-..d.............l..W,.......8. b..,...-3....r..>...@-.......(D..x..P.q.......@..m........H./...h.).........k.]3sD&.M54}.a _-.tHc.d.....................M.M..lZr.f....d.2...C.V.4.I.:.....'..........a..{.H..:.a../..pI.....D.....LY....Q.he.M).~.t./....V9.......Va..x.jyt...;s...7.....Z......c.m.....g...uI.4...h.....o...H..1.....V.a..Q,Y.O.[...`..g...+....2.../Z ....'/.F......x..o..p......EA."%.`qexf#a..;..&..-...D(.0..%l\.o..DB...F......QD...X.;Y.q,a$v.t....)..M..8..."<L..x..E....8u.q...%.w.........8.(.}...[j..kD.4.:.%...@.*.L.k..#.B...-f"3....+.F......[&j,.@d..`...1.L.Ab.q....

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 24 x 24
Category:	dropped
Size (bytes):	4465
Entropy (8bit):	7.666715222755507
Encrypted:	false
SSDEEP:
MD5:	6BCD2C5891A5E617898FF487DF0D2082
SHA1:	A2242A3F396F1FEAF7AEABD40B48122D070F125A
SHA-256:	018716003EA7214D7F973B17997ACEB69CAFEE5C09C96C23851AF2D291522ED7
SHA-512:	A5E78F13A46F88779D91BF6683DB4963D77AA3E0D73CB700468FC0291D60EE8DFD30E8CC2A81EF38A8E6373BB3A7144CF1B4B5BAA5269555957B79D69929CDE0
Malicious:	false
Reputation:	unknown
Preview:	GIF89a.......rX.c.....R.T.E....S?..IHt....5..N>...k:&..=..}...2.5.KN.6.n;....x..F.f@.L@o...;.[x.ps...I....},._tg...O'....o.P..K..Er5.YS..e....Q.NC..b..TH....Uz6v.;U.d.z.R..!.a...]....d'.R.RW.Se.......;..H{.Si.QH...g$Um.%n.%.x..._.9~.q.......6....L.65.\...A%...<2..J..]...s.....T.a...\|...K?.....I....F>2...}.8..-.p..s..c.L5.w9...OW...:..@......xA.^...h$u..z..qBYY.9w..i...[92..g........#.yK..C..)..pu..M>.AR.I>9~...M4x..D9%j..`..1)...$.g.....n7}......9......._A..{..[..!.cE........or.y..PGG...OD%.hs...........`\...........K@5.x..U.C3=.Pfk...JO.P.>L..M0....\..N...@u...7w...K...x.Mo.St.....O.w=.T`..A.P.S={..k....I.n;..V?..@3.tR.Ii.Uz.Rj.Sq ....>..M......c.8....A._.0....p..RD....fH..a...._9...ZC,.........fA..Q.2:...K?8~.;...J>..M..`...!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="ht

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8361)
Category:	downloaded
Size (bytes):	8366
Entropy (8bit):	6.015014436660114
Encrypted:	false
SSDEEP:
MD5:	00756F83F75FACD8D5BE68CBA4F3DB26
SHA1:	39D2624286D800B947580533E6FB2761DC5D21B9
SHA-256:	DFE9A6D84AA9585611A2EEBC6DE52CC3F23425B817145CF6B7E3EF5E1DEF3DC1
SHA-512:	5AE79CBD7DC04526C71FF7365E7DCE657FB6395930EB306A49CA9FCD808ED0B3A047E7B4702DEC806FB68FC1A0D0B6721C35B46B9F3A9D5639FFA40BC9EB0C85
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/async/bgasy?ei=niD9ZuSaCZioxc8PnP6qyAI&opi=89978449&yv=3&cs=0&async=_fmt:jspb
Preview:	)]}'.{"bgasy":["https://www.google.com/js/bg/SHq4PPhfjRSl0-V2jZYRTjGjM6HmQe3FExMe8NfPTFM.js","hGoVHz2a+7UCuP4u88IroDtOVBkMOBh1P4uBfViI3sQijlAfoFDgF285HRwUH++w0LfGVU2dNBk5Sp3+oSyJ0+ygGEaIDXnZlIjAq9aKaRv6ZVoMvAMJOZM82TKRfbKUMmzNygTALEbPuDndZMx9pAd8w3RbaLrDlyHOXvy7MF/hi1uy83ZLaVXjXAyEv/O/jkxmfnzs6SgLD3EwIdXx36rYnsdH3tAFQgqi7Z6QocMVx15Jz5ZH177ANWRVwie8G6FzHJ0EIpKcvDf82XI2u/IxJZD2P7z4qVlkpEmw0dMj9joz1FtcFDODY8Yrd6l+GLFAydAFWiLl1uCojSSiS9w+Eht8dXxmyVdyueBkiLPd5QkZVU8tg1jgz158ciwDwnhM0sdIlh1vbhqZWElhbocpgZBD5X4Gv565KL0Bxqc/lDlgx5kc0Vlc77CGteWwOjxsi9h4LXNCxyAzvUqlJ5uGqpmP54n4afAMDdfwgrcr6nK7EBwotulLuvOhMSPRq+gS9ZHAHsGTt9Q+elwFWjBr4FDwMKhoUbLymBPtLXcZKCQzMuK4eBWXY8XhZke3UINNHbEBwWZxD+rqf4/Db/2UurtdCd2pfE3Sk6w/B4AaTkhH9zOaFr5z8Oav/DaFk6si0lr4JdgcAgh5W8n2shu1B55EUKGkYBvO+f4fwl5l1E8HvcScelZjzCxt13lwqRCvkMKjeug5k7VFMNolqECp/Xo25paeQwe5UV3UeREU7WA6H+Yf+CO4ZgqIP39wrDwkTUImuQ/mzkX62vBgjBbSAaX5xU3YYsaZ7LLXSRG2+h/rzoTzVDmNelkeOWTAtfXkpbAhnz07qnuIXJsUAUpfCQwPXIWwfatiIJGER2ZHFWLHfL0OlQTuOalENFV4aG9af3QQUX

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	611
Entropy (8bit):	4.918393991458898
Encrypted:	false
SSDEEP:
MD5:	FDCCEBFA37374F47C7DB9D31714AD6BB
SHA1:	0020EF09D5BB52460B5D0239BEF9C2F2CF9EC9FA
SHA-256:	526AAAFB82827920E07B5CE784660FAB5F01FB62F3B63968EC34317AECAA5CCA
SHA-512:	D265EE577D64E9682698F021A5E2158CF5EA0A6C887E69A90F72C45E29B9F8A3ED436F2D4DA6B4F3436EF59FF306348EC57FFD7FEFDEC969909E089E03B59528
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/i/productlogos/youtube/v9/192px.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 192 192" height="192" viewBox="0 0 192 192" width="192"><rect fill="none" height="192" width="192"/><g><g><path d="M177.44,55.09c-1.96-7.31-7.72-13.08-15.03-15.03C149.17,36.5,96,36.5,96,36.5s-53.17,0-66.41,3.56 c-7.31,1.96-13.08,7.72-15.03,15.03C11,68.33,11,96,11,96s0,27.67,3.56,40.91c1.96,7.31,7.72,13.08,15.03,15.03 C42.83,155.5,96,155.5,96,155.5s53.17,0,66.41-3.56c7.31-1.96,13.08-7.72,15.03-15.03C181,123.67,181,96,181,96 S181,68.33,177.44,55.09z" fill="#FF0000"/><polygon fill="#FFFFFF" points="79,121.5 123.17,96 79,70.5"/></g></g></svg>

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	350
Entropy (8bit):	6.922576431804136
Encrypted:	false
SSDEEP:
MD5:	F8F20B1A0E5303C04EBAAFD7F09A625C
SHA1:	ED0ED603206887E2D5AE2F0F770ADC2B869DE6DA
SHA-256:	895172C5269BC2F7F1B26A807944106D88FEF304586399A0D9A10E21C6A8DD46
SHA-512:	C8D8FEB29312771F14B72A6DC992303508A66B0CBDC85AF2EF9659AA36A3F7806ABBA595FB83F36DBF164962DB4493B00E5ECDAC8DA41EAB56DD146D8D9F7C0C
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/images/branding/product/1x/youtube_32dp.png
Preview:	.PNG........IHDR... ... .....szz....%IDATx....d.@......P.A0.0.C1`.......a......C...Eq........0...C..^{........... DBS...I.:+I..H..H.......?.N.....WB..e.._B .[@M.dk..`..o...\|.VU.\|.u...0.......L..0.r....k M]#...o^....(........H...^.....s._........nr.S.`u...M..E4.{_D..M.D..6.@...wB.-=.......-.%l3.$.H..8.z.?R..%}.0...w..=y>2;......IEND.B`.

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1159)
Category:	downloaded
Size (bytes):	338877
Entropy (8bit):	5.616824180269083
Encrypted:	false
SSDEEP:
MD5:	39194FBDA3B75220D24BA59F994FCE0D
SHA1:	792E6C8BFE1102C757C9BCFFBC20AE2252CA5022
SHA-256:	E170CA1EEFEC8C4D0FAB4B1884D7B23F99BBA0E16D4FEE3D2F1F4996D287DF06
SHA-512:	30072E703ADC1DFB9FFF0E2D3EC5316B8E0921FD9B12856EED11793BE4AFD647D9E96D007C7D40B9BEAF13416381AC7D9D92345220F6DC0C7AE044F16CED221B
Malicious:	false
Reputation:	unknown
URL:	https://www.youtube.com/s/player/d9418494/www-embed-player.vflset/www-embed-player.js
Preview:	(function(){'use strict';var p;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}.var ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}.var da=ca(this);function u(a,b){if(b)a:{var c=da;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.u("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f\|\|"")+"_"+e++,f)}.function c(f,g){this.h=f;ba(this,"description",{configurable:!0,writable:!0,va

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	5494
Entropy (8bit):	7.943800412453245
Encrypted:	false
SSDEEP:
MD5:	1E4ADFCE09B0D0C2E9DB0D9144ABAFE9
SHA1:	2058B270F22F40FB4B1EFD90CBF84BCF156564A4
SHA-256:	460997174B5C47F2245ACB674BD5B1D0092272C4698AE83E504FC8CF06E1260B
SHA-512:	B537A3FAAEA9B02D8AD75DA0F22CF9E2A16F308E7A24440DE20F25FC300486739D0F5410DDB396B253F208DF76E1889BB1E3A6BA2DB2D8D78AC0E23090B35204
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/images/nav_logo321.webp
Preview:	RIFFn...WEBPVP8La.../.@f..`..#.......1..[3.jl.....=.c;...j.h7/r..i.3.t.%.r..+G......Kz...c..N...$.?..4..W....U..y.....}8... .... ..@...!....... ........9..` ,...N....P&..B.!......(<.r..9.2....e.."o..A..B.f...o..:..q...Wx.EP.. ..m{.m..oV..m...l....$....Tu..'.._...6V.........pZ.I.w.}...y.$cM...R.S..D.A../....D.n.....'"u.5.....]2BR.].p.....lRrR".....3Bbb.HC..!c...W.C.4..UP.{...;..-84a.L6.M`G..X.'..;...b..'..H.#.#...2.....mG.................$ER.1>.......][.F...J.......XkKb.....>d.....K...S... ......PF!ICFA.VrN>.Q..+.P..=..............t...@5.Mf...m....0....-,...v.F.....`..G.@..#A.d[Vs.....$BX\|.)Y.....`.[.m..m.m.v..m.m..$I...kcw..n.m..D=y?z.gveS.H\|....3s..]....T..pu.....:.m.D.........D...A.]..ZsE..E.R.r\...-.C...r....=m.>.(.l....u.*D-.n.lF.l..B#I.$l..}...=o...H..I..^Zdx.........@.g.m.m.m.m.m..F.D.FgG3..?..HS....R...T5)J.'.'...._np...6....'...k.k...o.7o.?.V.K.k.Y..p./.......VQ...?t....P...0M.#...6H.z..pH..Ga.E...0.b.{..0d.W7d.T=.<.'

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65531)
Category:	downloaded
Size (bytes):	134068
Entropy (8bit):	5.43501088336922
Encrypted:	false
SSDEEP:
MD5:	7CD16B018E81474F5E390302046ABF1E
SHA1:	E702F1ADC9BFB26F463CD0C2483AFEC78415CB3A
SHA-256:	883864F0BD16DD6CFC1DE64515FBA13E18E736F2878C84176C5CE396779DDC0E
SHA-512:	C27983BB96041A0E37BDC4DA7E7016453190425A822098573D407925989592B86D987305EACBF08CD63EBD6089741B6D00EBCD3D622A58BDFC491C7C76A77ECE
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
Preview:	)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Fa gb_3d gb_Re gb_rd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Qd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_ld gb_pd gb_Hd gb_md\"\u003e\u003cdiv class\u003d\"gb_xd gb_sd\"\u003e\u003cdiv class\u003d\"gb_Kc gb_R\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Kc gb_Nc gb_R\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (30522), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	70285
Entropy (8bit):	5.693729049659655
Encrypted:	false
SSDEEP:
MD5:	B8649357B4759D225ED403335CD3A1C9
SHA1:	59447E0243906CF706CB523F620197780B1C2075
SHA-256:	32EAABECFA45C766DE75D640E9889A7B6C83539CEAE99A1924FB69388BAC08BB
SHA-512:	6B415A391F1CC35BD88CEBEA043DFE4BAA7C2BAA6EB7B6BA6F66A23CD91C6FA1BB4DC923D51DDD489578B1DAA2C1580233B2916CAE991718E7B19868DF6C329C
Malicious:	false
Reputation:	unknown
URL:	https://dlapiper-my.sharepoint.com/personal/lucy_stevens_dlapiper_com/_layouts/15/guestaccess.aspx?e=5%3au3LlBN&at=9&share=EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg
Preview:	..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta name="Robots" content="NOHTMLINDEX" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><link id="favicon" rel="shortcut icon" href="/_layouts/15/images/favicon.ico?rev=47" type="image/vnd.microsoft.icon" /><title>...Sharing Link Validation..</title>...<style type="text/css" media="screen, print, projection">....html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,ma

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	23063
Entropy (8bit):	4.7535440881548165
Encrypted:	false
SSDEEP:
MD5:	90EA7274F19755002360945D54C2A0D7
SHA1:	647B5D8BF7D119A2C97895363A07A0C6EB8CD284
SHA-256:	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
SHA-512:	7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
Malicious:	false
Reputation:	unknown
URL:	https://dlapiper-my.sharepoint.com/WebResource.axd?d=L0ynGjn4_vVhlveVtr01pfg9mmkiPigsJplvXrCFnmSuDzdQjN9siNKnvD1WfeqO5KAC1GJxzi32djcpxKfUT2vKgL-RG2ALC_10XV3Fxz01&t=638588829843638381
Preview:	function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

Chrome Cache Entry: 191

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 24652, version 1.0
Category:	downloaded
Size (bytes):	24652
Entropy (8bit):	7.991535968589447
Encrypted:	true
SSDEEP:
MD5:	87C2B09A983584B04A63F3FF44064D64
SHA1:	8796D5EF1AD1196309EF582CECEF3AB95DB27043
SHA-256:	D4A4A801C412A8324A19F21511A7880815B373628E66016BC1785A5A85E0AFB0
SHA-512:	DF1F0D6F5F53306887B0B16364651BDA9CDC28B8EA74B2D46B2530C6772A724422B33BBDCD7C33D724D2FD4A973E1E9DBC4B654C9C53981386C341620C337067
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
Preview:	wOF2......`L.........._...............................b...?HVAR.X.`?STAT~'..../<.....D..i..$.0..".6.$..@. ..T. ........v .u'.(.n[...68...^...VQZQ...OHPc..m...jM....5.FZ1.e..H.D.....~.* ...>].N....6..4.....rG...$Sw....u........yD5LY;E...w5...[....1...i.$.<.E.\\|.~....G....[.G..gZ...i_\.\......O.#..1...t.....%.rI.t1..!.t..J(-.j..B+........t,....A;..kG..p?.....I#6......#m.;.S..^u.4.Q....mI<....}........F&.p.r.H2...Y........o.xc.......>...!...T...e.7..\|Z.i.R[Y.zC.Al..wb.?..9.. =..P(..v....9`.pxI..O9.}2.,..H...........^.q..c.....f..tVU.$.x....s....%hy.......fAKj..C....WP.....o...!.:).r......Al...>..G....G.....W...a.i}...0O..v...=^.D.x...\ST..U.4...#Pvv...GJ...0.W9.n.J..=.v......5A8&}.......y\-.t.......K?...)]........`&@.7.O3g_.4z.9H...C.&...24K......}.Z....h(T.._...&}.l.'....!.B<.?...D...e. i7 R......D:....@Jer"5Q.D{..Mv...&&.)sC..l........5}.."...S..v.A1.....$..9.....e\|z.....\..J....%#O...-......m.P2R2T...T.#.....0.y.,9...M1..!..N..g.>...SW.....1"b

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (501)
Category:	downloaded
Size (bytes):	993
Entropy (8bit):	5.303519320189195
Encrypted:	false
SSDEEP:
MD5:	5A8457D38765353E91A6CE89E45965B1
SHA1:	38624C9C36F34DC4C640AC3455D20B2CB26B0F84
SHA-256:	93D2AA96B40FBCF6D45E7BB4BB02C2C7B0413BB365D76F9E32A879A6BD4FE97E
SHA-512:	B622DAAAF54B207891330AABCCA615631A537255A9CB020435395627D7A07F4B1A4736FEC096B6F753BE29CAE78DB6C4E988091CE94A6A1889259A12FBA8F712
Malicious:	false
Reputation:	unknown
URL:	https://www.youtube.com/iframe_api?version=3
Preview:	var scriptUrl = 'https:\/\/www.youtube.com\/s\/player\/d9418494\/www-widgetapi.vflset\/www-widgetapi.js';try{var ttPolicy=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(x){return x}});scriptUrl=ttPolicy.createScriptURL(scriptUrl)}catch(e){}var YT;if(!window["YT"])YT={loading:0,loaded:0};var YTConfig;if(!window["YTConfig"])YTConfig={"host":"https://www.youtube.com"};.if(!YT.loading){YT.loading=1;(function(){var l=[];YT.ready=function(f){if(YT.loaded)f();else l.push(f)};window.onYTReady=function(){YT.loaded=1;var i=0;for(;i<l.length;i++)try{l[i]()}catch(e){}};YT.setConfig=function(c){var k;for(k in c)if(c.hasOwnProperty(k))YTConfig[k]=c[k]};var a=document.createElement("script");a.type="text/javascript";a.id="www-widgetapi-script";a.src=scriptUrl;a.async=true;var c=document.currentScript;if(c){var n=c.nonce\|\|c.getAttribute("nonce");if(n)a.setAttribute("nonce",.n)}var b=document.getElementsByTagName("script")[0];b.parentNode.insertBefore(a,b)})()};.

Chrome Cache Entry: 195

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 36, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	419
Entropy (8bit):	7.289774220010951
Encrypted:	false
SSDEEP:
MD5:	F28B4C07E46021BB0991206697EEDAE5
SHA1:	AA622D330BD188C127F354E7E2905B0974A7552C
SHA-256:	C288FE53AF2CEA86FE59890BC302CE308568E73B178532B2826DA79663826A0E
SHA-512:	70D9B53CBC9961CFA6798C87E05ED1B83A7F1AAB941ACDC4B4DAAD4EAE1A3C2C5345EB749EF8B81C02F8FE51BB527F5B06C5FF8B4D4ED582B89599626E67EAF0
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/kpui/social/whatsapp_solid_bg_36x36.png
Preview:	.PNG........IHDR...$...$.......h....3PLTE%.f\.........@.y........w.3.p....i.N.....u.T...+IDATx^...r.0...]^..kS.`..6.lU.C...r..x...d...;....yg............y..9.X...).....z.7l...h.(o...'..(..Bt..D....(..5.k.k..nY.g.b.......j6.C...;)...w......v.J].B..3.~.p.._.(t..U.C['/.1....../...d.B........d.r/St.NV....N...K...5.@..sG.xM..o..(..f2F&h.%..P.+.~..F:m;...."...g.....Z..8a.xS../....IEND.B`.

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (702)
Category:	downloaded
Size (bytes):	707
Entropy (8bit):	4.769929286462037
Encrypted:	false
SSDEEP:
MD5:	CFCE579D2E6823A58C724E60A37DA883
SHA1:	FDC225D049BB4BFC9F8769936EFA3BE105422477
SHA-256:	D5616053E89E9B9A4BDA3851AA598DAC56928C6400DDDFBE3AD71A9059D34F32
SHA-512:	2E968E5299403F6C7A990FD1ACD5F8B22266B5D0BAC00F6224F6D355CC4B05F69C38E0CD45B9FED0238B8C7C90562F1E6CDA549F6B097EE3DDBA0E90B4AA2430
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?q=at%20sign&cp=0&client=desktop-gws-wiz-on-focus-serp&xssi=t&gs_pcrt=3&hl=en&authuser=0&pq=at%20sign&psi=niD9ZuSaCZioxc8PnP6qyAI.1727864993278&dpr=1&ofp=EAEYlv3gjOiwq5CFARiln8HFm-WE04cBGNDYtcuKkdikgQEY4omV7LbLo6bGARjVkMj3jpmevPEBMqYBChgKFkAgc3ltYm9sIG5hbWUgaW4gZW1haWwKFQoTYXQgc2lnbiBvbiBrZXlib2FyZAoUChJhdCB0aGUgcmF0ZSBzeW1ib2wKDQoLaGFzaCBzeW1ib2wKDgoMYXQgc2lnbiBjb3B5ChMKEXVuZGVyc2NvcmUgc3ltYm9sCg0KC2RvbGxhciBzaWduChgKFndoYXQgZG9lcyBhdCBzaWduIG1lYW4QRzJiCh4KHFdoYXQgaXMgdGhlICdAJyBzaWduIGNhbGxlZD8KIAoeV2hhdCBpcyB0aGUgJ0AnIHN5bWJvbCBjYWxsZWQ_ChsKGVdoeSBpcyAnQCcgdXNlZCBpbiBHbWFpbD8Q5AI
Preview:	)]}'.[[["\u003cb\u003e@ symbol name in email\u003c\/b\u003e",0,[432,598,71]],["at sign\u003cb\u003e on keyboard\u003c\/b\u003e",0,[432,598,71]],["at\u003cb\u003e the rate symbol\u003c\/b\u003e",0,[432,598,71]],["\u003cb\u003ehash symbol\u003c\/b\u003e",0,[432,598,71]],["at sign\u003cb\u003e copy\u003c\/b\u003e",0,[432,598,71]],["\u003cb\u003eunderscore symbol\u003c\/b\u003e",0,[432,598,71]],["\u003cb\u003edollar\u003c\/b\u003e sign",0,[432,598,71]],["\u003cb\u003ewhat does\u003c\/b\u003e at sign\u003cb\u003e mean\u003c\/b\u003e",0,[432,598,71]],["\u003cb\u003egmail\u003c\/b\u003e",0,[512,432,67,650]],["\u003cb\u003ecalculator\u003c\/b\u003e",0,[512,432,67,650]]],{"q":"mB6eExC5Ft1FCL6y1PLIn10OglQ"}]

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39257), with CRLF line terminators
Category:	dropped
Size (bytes):	40326
Entropy (8bit):	5.245555585297941
Encrypted:	false
SSDEEP:
MD5:	DA9DC1C32E89C02FC1E9EEB7E5AAB91E
SHA1:	3EFB110EFA6068CE6B586A67F87DA5125310BC30
SHA-256:	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
SHA-512:	D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
Malicious:	false
Reputation:	unknown
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1268)
Category:	downloaded
Size (bytes):	299638
Entropy (8bit):	5.628363036330395
Encrypted:	false
SSDEEP:
MD5:	C0B03CCB2A28542F50E66D2BEF8CC1D2
SHA1:	14C72268784C6BE30CFD49EB201A00258B2DC69D
SHA-256:	D8E06C4D7606884C4C4B1C93CFF78D610DF049B2A7C8ABDD1F2B3C6D5E6809D6
SHA-512:	DF429AB7748680037972EBD620C3B663A58C9B5333A2980B9B57A4CA57076BA34529E714B1CBF875CE0DF9EA349A19EBA7A77C45D62DFB20E36F2BE4CD020A1A
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/js/k=xjs.s.en_US.YL3dwZaCQMg.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgoEAgAAAACAAgAAAAAAAAAAAAAAAAAAAAAEAgAgJAQAAAEAAIAFAIAICAgAAAQAQEAAAAABIoDffwIAAAAAAAAAAAACgAkAAAAAALgAACAoAgAAAAQAAGAAAAAgAAAAAABAAQAAAAAAAAAAAAAAAAAAAAAAAAIB6AcAAAAAAAAAAAAgAAAAAAAMUAAggB8AAAAACAAAAIIAAIADMgABAAAAAAAA3AcAzwOGQwoLAAAAAAAAAAAAAABAABIEc0D6CwJAAAAAAAAAAAAAAAAAAABICZq43ABAAg/d=0/dg=0/br=1/rs=ACT90oGujdBgk1gWfh3XWINxuUh8jdtdwg/m=sb_wiz,aa,abd,sy2ld,syzy,syzx,syzp,syzw,syzz,async,sy1gv,bgd,sy7ie,foot,sy212,kyn,sy1un,sy29a,lli,sy59j,sy54u,sy54x,sy7pg,sy5a7,lr,sf,sy44u,sonic,TxCJfd,sy7t4,qzxzOb,IsdWVc,sy2mt,syg9,sy54z,sy15v,sy1jm,sy1jn,spch,tl,sy3bs,sy3bq,syzu,sy3br,sy117,EkevXb,sy1ir,fiAufb,sy1ep,SZXsif,sy75g,sy7iu,sy5lw,syy7,sYEX8b,ma4xG,syw6,sy19x,sytt,E9M6Uc,syw8,syw7,NO84gd,b5lhvb,IoGlCf,sytm,sytl,C8HsP,sywc,sytv,gOTY1,syxh,syxe,syxf,syx3,syxg,syxd,syxa,syx5,syx6,sywu,sywi,sywe,sywd,sywf,syxc,syx4,PbHo4e,sy1j3,NEW1Qc,xBbsrc,sy1j6,sy1j5,IX53Tb,sy1h5,syzv,C8ffD,sy1h6,sy1h8,ZUBru,sy1ha,sy1h9,sy1h7,rTuANe,sy30d,sy11n,yfZcPd,sy119,sy118,Dpem5c,sy1h4,sy1h2,sy1gz,sy1h0,sy1gk,Fy1Pv,sy6g8,ND0kmf,sy50n,sy18y,zGLm3b,sy1bz,sy1c0,Qj0suc,JXS8fb,sy1bx,NdLnDf,sy1bp,QKZgZd,sy1cg,sy1cd,sy1bv,sy1cc,sy1c8,sy1c7,sy1c9,sy1c5,sy1ca,sy1c2,sy1bs,Wct42,sy1ci,sy1ch,LiBxPe,syxm,UBXHI,syxn,R3fhkb,sy3el,sy3ee,sy3ef,sy2tn,sy2sf,sy3ek,sy3et,sy3es,sy3ed,sy3ea,sy3eq,sy3ep,KHourd,sy66k,vrkJ0e,sy3xm,T5VV,sy2rb,aDVF7,sy62e,rhYw1b,sy297,sy295,sy2a3,sy2a4,Tia57b,KpRAue,sy2a5,NyeqM,sy3e6,sy3e5,sy3e3,O9SqHb,M6QgBb,sy1a3,sy1a2,sy18h,sy1a1,sy1a0,sytu,EO13pd,sy2ky,I9y8sd,MpJwZc,UUJqVe,sy7z,sOXFj,sy7y,s39S4,oGtAuc,NTMZac,nAFL3,sy8t,sy8s,q0xTif,y05UD,sy1nw,sy1n5,sy1n6,sy1n7,sy1n8,sy1n4,syqd,sy45k,sy3dt,sy2eo,sy1ni,sy1nh,sy1ng,sy21o,sy1nl,sy2en,sy1ne,sy19g,sy1nf,sy1n0,sy1na,sy1nd,sy1my,sy2ep,sy2c5,sy45l,sy45g,sy1ox,sy386,sy1mx,sy2ev,sy1vi,sy2er,sy1vl,sy1n3,sy2ey,sy1te,sy29h,sy1qq,sy1qr,epYOx?xjs=s4"
Preview:	this._s=this._s\|\|{};(function(_){var window=this;.try{._.x("sb_wiz");.._.y();.}catch(e){_._DumpException(e)}.try{._.x("aa");.._.y();.}catch(e){_._DumpException(e)}.try{._.x("abd");.var C5w=function(a){for(var b="",c=21,d=0;d<a.length;d++)d%4!=3&&(b+=String.fromCharCode(a[d]^c),c++);return b},D5w=function(a){var b=0,c;for(c in a)if(a[c].e)if(a[c].b)b++;else return!1;return b>0},I5w=function(a){a=a===void 0?{}:a;var b={};b[E5w]={e:!!a[E5w],b:!_.Xnj(F5w)};b[G5w]={e:!!a[G5w],b:!_.Xnj(H5w)};return b},J5w=function(a){var b=[],c;for(c in a)a[c].e&&b.push(c+":"+(a[c].b?"1":"0"));return b.join(",")},L5w=function(a,b){a=String(a);b&&(a+=","+b);google.log(K5w,a)},M5w=function(a,b,c){c=.c===void 0?2:c;if(c<1)L5w(7,b);else{var d=new Image;d.onerror=function(){M5w(a,b,c-1)};d.src=a}},F5w=C5w([97,119,115,111,107]),H5w=C5w([97,119,115,111,107,123]),N5w=C5w([118,115,121,107,108,124,104,119,68,127,114,105,114]),K5w=C5w([101,126,118,102,118,125,118,109,126]),O5w=C5w([116,116,115,108]),E5w=C5w([113,115,99

Chrome Cache Entry: 202

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	63
Entropy (8bit):	4.953004923293872
Encrypted:	false
SSDEEP:
MD5:	884D94AA5AF08BC0E5F92BB228FF2BF4
SHA1:	B35E4A84C538C9B46DCF717D37844E7B0EEC6929
SHA-256:	A997F5DF28A625036D31FF1A8860EED72EF76E0FE5CB793D85BE59F7E4C2A361
SHA-512:	66108EECEBDEA8DDAF195ACA35702043BB000C322728418BEE18BD0CAE9E6BCE502C07DD612DF0D09B176A1659B2FD4ACA86A20D225A52FE96550610E6EABA6C
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/async/asyncContextualTask?vet=12ahUKEwjk4dTXvu-IAxUYVPEDHRy_CikQ4dMLegQICRAA..i&ei=niD9ZuSaCZioxc8PnP6qyAI&opi=89978449&yv=3&cid=10083065812560707192&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en_US.YL3dwZaCQMg.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgoEAgAAAACAAgAAAAAAAAAAAAAAAAAAAAAEAgAgJAQAAAEAAIAFAIAICAgAAAQAQEAAAAABIoDffwIAAAAAAAAAAAACgAkAAAAAALgAACAoAgAAAAQAAGAAAAAgAAAAAABAAQAAAAAAAAAAAAAAAAAAAAAAAAIB6AcAAAAAAAAAAAAgAAAAAAAMUAAggB8AAAAACAAAAIIAAIADMgABAAAAAAAA3AcAzwOGQwoLAAAAAAAAAAAAAABAABIEc0D6CwJAAAAAAAAAAAAAAAAAAABICZq43ABAAg%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oGujdBgk1gWfh3XWINxuUh8jdtdwg,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.s.SIJgKp0_ANA.L.B1.O%2Fam%3DQOIQIAQAAAJABBpAAAAAAAAAAAAAAAAAAAAAkAAAABAAAAAAAAgAIAIAKJMAAIC8AACADQAIAAB8AAAHBAAGAAAAAAAAJAAAAACAAAAVAgAAAAAAEBAAAEQAAABAIQAAAAAEAAAYAAAAABACBAAggAEIAYACJCAoAtCPQgAAAGAAAAAhIAwwDEBQAcAATgEAAAAAAAAAABAACAEAAAAFBAAQIABAj0AAGABiIgBACAAIUAIAAQAABAAAIEAgAAAxE4ADMgABAAAAAAAAQAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAAAAAAAAAAAAAAAAAAAAAAQ%2Fbr%3D1%2Frs%3DACT90oHS1JOiuDK_SdGLwRo-ZKYuMRNIaQ,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.s.en_US.YL3dwZaCQMg.es5.O%2Fck%3Dxjs.s.SIJgKp0_ANA.L.B1.O%2Fam%3DQOIQIAQAAAJABBpAAAAAAAAAAAAAAAAAAAAAkAAAABAAAAAAAAgAIgoEKpMAAIC8AgCADQAIAAB8AAAHBAAGAAAEAgAgJAQAAAGAAIAVAoAICAgAEBQAQEQAAABBI4DffwIEAAAYAAAAABAChAkggAEIAbgCJCAoAtCPQgQAAGAAAAAhIAwwDEBQAcAATgEAAAAAAAAAABAACAEAAAIF7AcQIABAj0AAGABiIgBACAAMUAIggR8ABAAAKEAgAIIxE4ADMgABAAAAAAAA3AcAzwOGQwoLAAAAAAAAAAAAAABAABIEc0D6CwJAAAAAAAAAAAAAAAAAAABICZq43ABAAg%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oFjTMcLfsQqlJERMofnWWYprZ8qhw,_fmt:prog,_id:rNi7Zc"
Preview:	)]}'.24;["qyD9Zo7WNcH_7_UPm7OB4Qs","2090",1]c;[1,null,"0"]3;[5]

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1609
Entropy (8bit):	5.268171846580519
Encrypted:	false
SSDEEP:
MD5:	20D444971B8254AC39C8145D99D6CA4C
SHA1:	72E41F2A340F4A6E3A748CB57D293631390B733A
SHA-256:	A04F41837D317573EA61EA29ABBA7C4FF4E38C9177DA68F4706B9C13921A8D82
SHA-512:	BEA16497D014481EE10EB80A129846B7B184AB1ECA242FA38B84255C6461C748A62F1BD6C15D1807F8B5E926E550C30AB47F8A40AE43BE229E6AB857C4EA6F6F
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 405 (Method Not Allowed)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:u

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	63
Entropy (8bit):	4.941022581989689
Encrypted:	false
SSDEEP:
MD5:	4BFDE51A62E3B098985B4B059CF6ED4F
SHA1:	0D85783F128D54FA726930EEB2407DC238F7C48B
SHA-256:	A907C4F9108000F6D070A825FEE94CA28BDA9AF1E4D7749FD898F5154A67910B
SHA-512:	AEB04658C7BB2EC3644AB13A7558DB6DEB55688D51F1093974BED72B27A005D4BD087161CF28FEF8E3528CC2E9420F879D249ED29465DDBFC642C30E3704CECE
Malicious:	false
Reputation:	unknown
Preview:	)]}'.24;["riD9Zt_JFMWJ9u8P2oaAqQo","2090",1]c;[1,null,"0"]3;[5]

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17444)
Category:	downloaded
Size (bytes):	17672
Entropy (8bit):	5.233316811547578
Encrypted:	false
SSDEEP:
MD5:	6EFDDF589864D2E146A55C01C6764A35
SHA1:	EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F
SHA-256:	2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999
SHA-512:	1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A
Malicious:	false
Reputation:	unknown
URL:	https://res-1.cdn.office.net/bld/_layouts/15/16.0.25311.12012/require.js
Preview:	/** vim: et:ts=4:sw=4:sts=4. * @license RequireJS 2.1.22 Copyright (c) 2010-2015, The Dojo Foundation All Rights Reserved.. * Available via the MIT or new BSD license.. * see: http://github.com/jrburke/requirejs for details. */.var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var r;for(r=0;r<e.length&&(!e[r]\|\|!t(e[r],r,e));r+=1);}}function eachReverse(e,t){if(e){var r;for(r=e.length-1;r>-1&&(!e[r]\|\|!t(e[r],r,e));r-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var r;for(r in e)if(hasProp(e,r)&&t(e[r],r))break}function mixin(e,t,r,i){return t&&eachProp(t,function(t,n){(r\|\|!hasProp(e,n))&&(!i\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[n]=t:(e[n]\|\|(e[n]={}),mixin(e[n],t,r,i)))}),e}function bind(e,t){return function(){return t.apply(e,ar

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37521)
Category:	dropped
Size (bytes):	40512
Entropy (8bit):	5.386921349191213
Encrypted:	false
SSDEEP:
MD5:	8DCE60169BA666CA03A31D123DB49908
SHA1:	956C46BB6058C23D35440DCC656CE61C7B151399
SHA-256:	F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75
SHA-512:	26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E
Malicious:	false
Reputation:	unknown
Preview:	/! For license information please see spoguestaccess.js.LICENSE.txt /.document.currentScript,define("@fluentui/react-file-type-icons",[],()=>{var e;return(()=>{"use strict";var t=[e=>{var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.call(o,l)&&(c[l]

Chrome Cache Entry: 213

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (593)
Category:	dropped
Size (bytes):	1670
Entropy (8bit):	5.343963060160701
Encrypted:	false
SSDEEP:
MD5:	85CDFAFC9333DC6B0D601405ABEB3357
SHA1:	A577A6F08AB127F1EDB992D1FB5D6C50BCE0D387
SHA-256:	8E1FD6D9C352FA2218F22C7B15E04AA14F671433A436E1B3B1BC6FFD4C4881D2
SHA-512:	1C71C9320AF9CF687EF9A6E85DA6AFA1D8D04720435C5F661B67B3AAEAD4B21F413ECE0D4BBD2D74868A1C04130BB6AD6CA7160D47E36C1AFFA58B7D3BDF9135
Malicious:	false
Reputation:	unknown
Preview:	this._s=this._s\|\|{};(function(_){var window=this;.try{._.x("lOO0Vd");._.Veb=new _.Pd(_.mOa);._.y();.}catch(e){_._DumpException(e)}.try{.var efb;_.ffb=function(a,b,c,d,e){this.Tvb=a;this.O3f=b;this.dCc=c;this.mcg=d;this.Yyg=e;this.Zlc=0;this.cCc=efb(this)};efb=function(a){return Math.random()Math.min(a.O3fMath.pow(a.dCc,a.Zlc),a.mcg)};_.ffb.prototype.zNd=function(){return this.Zlc};_.ffb.prototype.G_a=function(a){return this.Zlc>=this.Tvb?!1:a!=null?!!this.Yyg[a]:!0};_.gfb=function(a){if(!a.G_a())throw Error("Ce`"+a.Tvb);++a.Zlc;a.cCc=efb(a)};.}catch(e){_._DumpException(e)}.try{._.x("P6sQOc");.var hfb=function(a){var b={};_.Ra(a.uOc(),function(e){b[e]=!0});var c=a.KMc(),d=a.kNc();return new _.ffb(a.jNc(),c.oa()1E3,a.myc(),d.oa()1E3,b)},ifb=!!(_.Qg[34]>>29&1);var jfb=function(a){_.Vn.call(this,a.Ma);this.logger=null;this.oa=a.service.J4c;this.Ba=a.service.metadata;a=a.service.gOf;this.fetch=a.fetch.bind(a)};_.F(jfb,_.Vn);jfb.Ha=function(){return{service:{J4c:_.$eb,metadata:_.Veb,gOf:

Chrome Cache Entry: 214

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	660
Entropy (8bit):	7.7436458678149815
Encrypted:	false
SSDEEP:
MD5:	C3DFF0D9F30EC0BCF4DEC9524505916B
SHA1:	4B378403ACBEBC3747E08C69B5FD7770A850C9EB
SHA-256:	73D788F86BE22112BB53762545989C0F1BBDB7343161130952C9BA3834FF81E3
SHA-512:	677EA304D00D176ACF61FF68BF23BD5F77AD2928D7DE9F4B842292BC9D3FB7029FE9F578B62F142DCE689230F392E828098EED3484FE2DBEE6E1A7AA5378E2C6
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Preview:	RIFF....WEBPVP8L..../'....Hv.=n.......Q...a..(Rv.o..U.....l..m........0l.6l..f.......A?B.C.A...2h..Ag0....G8.n#)R.j.x..P.F..I;.Ox......7-...bX./..]...3..T....5...x...G.C....%.u.....u/._.=....<!q.\...9.....\....p:..P.4.aS.N).>.>.."..9..Vh ....no....l.1..#6p\c..2..>..=8...........FP.^....+/.~......hs..D.Jm..9...r....t*.H..~T^\|.....l..l......he..}f....d.."....K...&1..................pl.Pf.%6...2X..I...eXQ(.K..1%c..w.s._..._K`K.1}..D.E=...<..ytM..>.q'.e.L.~$...b..;k.M.....t\O..m.I._..F....'........z.]..u?~..P.zJM.. k...p~9..D....".Zl$?f..+...\.Pg..%...;.[R>N.#.W.e..@q...(....]&......K.......?.\|.z..(...:&m.V.C.'...D^.R....

Chrome Cache Entry: 216

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit grayscale, non-interlaced
Category:	dropped
Size (bytes):	446
Entropy (8bit):	7.334244373314574
Encrypted:	false
SSDEEP:
MD5:	146C086C5DED80E72D9F95B13771EA6A
SHA1:	60BCF86E93154D798489BEA354F635333AA9B315
SHA-256:	B3338321602FECD34CB925A5713638ADD25D908E7E6C88924222E0D04A4E9330
SHA-512:	730A7A4B5A9856D50A2D050B1CF9F4E8D765736B052DAD26503B50D81AB8924136CDDE15827229837D8B05A3213CE639846D53C23E03290A67C1EFCCBFFA21F2
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR... ... .....V.%(....IDATx.....\......m...A..fX[Am....m...7.X..z$:.66>..@.N..+..#....L.tl.s.tB.!....)....>.......3.....n...}.bx.q.o-q.).....V..B.{.#i.&!.......Y.....V,/.Sg9..u5y.v.h.......8.8.rYki...n..3.<\|._.B.N.QT[.3\...8..b..7G-9D8.0.c.>..wI.Y?.Q...):.2r.l.i..cL.1l...aKH"..5.9...OI.N....../.....O47~...2P.1M;..I.D.kK.p!.....z..`.g..'...]yj..Yw...G..0.B...g...d.X..B...LBL4.........I..<..W#s........IEND.B`.

Chrome Cache Entry: 217

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5902), with no line terminators
Category:	downloaded
Size (bytes):	5902
Entropy (8bit):	5.274097293290911
Encrypted:	false
SSDEEP:
MD5:	22B637AA5267C77DA44BC3CE5E0E1F4B
SHA1:	D035AA107D0C0DD482A3926E0E2D65F36DF9DF36
SHA-256:	35C2E6A1EF3E41C4261665B22EB124C7B8E1DCC08FAA23AF1F11C4199E2DDE8E
SHA-512:	8DE7C22C38C11981C3221E50DA652CEA9B3EE5AB89C49ADCCA9AF2D55F317DF1ADD529BABF7AB0E7CEBA7323890ECB01CC3188D2439CD8B7AB8E89625D68E087
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/og/_/ss/k=og.asy.DjFxgb1wvJ0.L.W.O/m=ll_tdm,adcgm3,ll_fw/excm=/d=1/ed=1/ct=zgms/rs=AA2YrTs5j1NDATM179ZUry_9BBpF96PiTg"
Preview:	.gb_Ac{background:rgba(60,64,67,.9);-webkit-border-radius:4px;border-radius:4px;color:#fff;font:500 12px "Roboto",arial,sans-serif;letter-spacing:.8px;line-height:16px;margin-top:4px;min-height:14px;padding:4px 8px;position:absolute;-webkit-user-select:text;-webkit-user-select:text;z-index:1000;-webkit-font-smoothing:antialiased}.gb_Bc{text-align:left}.gb_Bc>*{color:#bdc1c6;line-height:16px}.gb_Bc div:first-child{color:white}.gb_A{-webkit-border-radius:50%;border-radius:50%}.gb_A::before{background:#444746;background:var(--gm3-sys-color-on-surface-variant,#444746);-webkit-border-radius:100px;border-radius:100px;content:"";height:100%;left:0;opacity:0;position:absolute;top:0;-webkit-transition:opacity .3s ease-out;-webkit-transition:opacity .3s ease-out;transition:opacity .3s ease-out;width:100%}.gb_F .gb_A::before{background:#c4c7c5;background:var(--gm3-sys-color-on-surface-variant,#c4c7c5)}.gb_A:hover{background-color:rgba(60,64,67,.08)}.gb_A:focus::before,.gb_A:focus:hover::before{op

Chrome Cache Entry: 219

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (625)
Category:	downloaded
Size (bytes):	1379116
Entropy (8bit):	5.739880374166699
Encrypted:	false
SSDEEP:
MD5:	AF4D98C398D35352FE42F395CC4D293A
SHA1:	C9784A8EE021834B36B238D64C540B52DF5A4BC9
SHA-256:	372B932751A249DB09ABA255ED81E6345D4D202A9451FC36BBCFDB397C0A8DC5
SHA-512:	B07DAAA494CDA54457D61FD438B97B4347FE68DE8103203FBD8E3531D22072DCF6A70B64EB8BC9F42E26089F8749FDB0EC37C505FAD621709A7FB21BAB692DB2
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/js/k=xjs.s.en_US.YL3dwZaCQMg.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgoEAgAAAACAAgAAAAAAAAAAAAAAAAAAAAAEAgAgJAQAAAEAAIAFAIAICAgAAAQAQEAAAAABIoDffwIAAAAAAAAAAAACgAkAAAAAALgAACAoAgAAAAQAAGAAAAAgAAAAAABAAQAAAAAAAAAAAAAAAAAAAAAAAAIB6AcAAAAAAAAAAAAgAAAAAAAMUAAggB8AAAAACAAAAIIAAIADMgABAAAAAAAA3AcAzwOGQwoLAAAAAAAAAAAAAABAABIEc0D6CwJAAAAAAAAAAAAAAAAAAABICZq43ABAAg/d=1/ed=1/dg=3/br=1/rs=ACT90oGujdBgk1gWfh3XWINxuUh8jdtdwg/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;FqHJkd:yQamIb;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXJSm:ii1RGf;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;PqHfGe:im2cZe;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ScI3Yc:e7Hzgb,e7Hzgb;ShpF6e:N0pvGc;SzQQ3e:dNhofb;TxfV6d:YORN0b;U96pRd:FsR04;UBKJZ:LGDJGb;UDrY1c:eps46d;UVmjEd:EesRsb;UVzb9c:IvPZ6d;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YIZmRd:A1yn5d;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;Zen4yb:jMF88c;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dowIGb:ebZ3mb,ebZ3mb;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;euOXY:OZjbQ;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lOO0Vd:OTA3Ae;lkq0A:JyBE3e;mzW4Id:nYdusb;nAFL3:NTMZac,s39S4;nJw4Gd:dPFZH;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qGV2uc:HHi04c;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qafBPd:sgY6Zb;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sTsDMc:kHVSUb;sZmdvc:rdGEfc;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uknmt:GkPrzb;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;xbe2wc:uRMPBc;xtZeyf:ax1MVb;ysNiMc:CpIBjd;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=X3N0Bf,attn,cdos,gwc,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl"
Preview:	this._s=this._s\|\|{};(function(_){var window=this;.try{./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT././. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var baa,caa,naa,oaa,paa,qaa,raa,saa,taa,uaa,vaa,zaa,xaa,waa,Aaa,yaa,Baa,Daa,Caa,Eaa,Faa,Gaa,Iaa,Jaa,Oaa,aba,fba,oba,qba,Bba,Fba,Gba,Lba,Pba,Sba,Uba,Yba,Zba,$ba,aca,bca,dca,cca,fca,Tba,gca,hca,lca,mca,nca,rca,vca,wca,yca,Aca,Bca,Dca,Eca,Kca,Nca,Pca,$ca,ada,bda,Wca,cda,Xca,dda,Vca,eda,Uca,fda,hda,oda,qda,rda,xda,yda,Cda,Fda,zda,Eda,Dda,Bda,Ada,Gda,Hda,Lda,Nda,Mda,Qda,Rda,Sda,Uda,Wda,Vda,Yda,Zda,$da,bea,cea,dea,eea,fea,iea,jea,kea,oea,nea,rea,sea,xea,yea,zea,Bea,Aea,Dea,Cea,Gea,Fea,Iea,Kea,Lea,Nea,Oea,.Rea,Sea,Wea,Xea,bfa,dfa,nfa,pfa,ofa,qfa,rfa,Vea,Zea,sfa,wfa,Afa,Efa,Gfa,Kfa,Lfa,Tfa,Qfa,Ufa,Vfa,Xfa

Chrome Cache Entry: 221

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1159)
Category:	dropped
Size (bytes):	269094
Entropy (8bit):	5.606765274303076
Encrypted:	false
SSDEEP:
MD5:	E5987FFEC0F977F323839F3502D86A59
SHA1:	446C6241EA70599D7E804FE198E6530AB943B218
SHA-256:	CF9A9329AE39F9940458F14D5DE224419CF3399849512C7C5072B51A39AEFEE4
SHA-512:	0D0EC9C885DC94CB94A3AB60E0D3972D7889ABC9ED9F91840D70386104E2D4F365AABF1F11FF97C074D7263BD28611CE333593C6CE6E15C4E68BEA6063467CC4
Malicious:	false
Reputation:	unknown
Preview:	(function(){'use strict';var p;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}.var ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}.var da=ca(this);function u(a,b){if(b)a:{var c=da;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.u("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f\|\|"")+"_"+e++,f)}.function c(f,g){this.h=f;ba(this,"description",{configurable:!0,writable:!0,va

Chrome Cache Entry: 222

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (30522), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	69092
Entropy (8bit):	5.6643722149265985
Encrypted:	false
SSDEEP:
MD5:	7C11D8A089935CAB6E71F799F449D84A
SHA1:	C5D059B9CCF53022F4D793661E3D06BC91EF4B5B
SHA-256:	3200CF345562A599E93CEB13E8711309B6B4B8E59227DD217A3E1B9FF1E1F673
SHA-512:	988C9C448E7A1F0B8DE8C280CC1B09FC34BD320F0AD9CD720E0C557CE4A4171F537B5C13D7CEBCEC6EC4E6641DFACFC3D0456565F91CA3DDF3EF4660176787CD
Malicious:	false
Reputation:	unknown
URL:	https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9
Preview:	..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta name="Robots" content="NOHTMLINDEX" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><link id="favicon" rel="shortcut icon" href="/_layouts/15/images/favicon.ico?rev=47" type="image/vnd.microsoft.icon" /><title>...Sharing Link Validation..</title>...<style type="text/css" media="screen, print, projection">....html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,ma

Chrome Cache Entry: 225

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17823)
Category:	dropped
Size (bytes):	18842
Entropy (8bit):	5.679640536759594
Encrypted:	false
SSDEEP:
MD5:	46BDF0668A54CEA1913CD463A7E4A61C
SHA1:	43EF92FE7506F244C9A2D24FED2F9AC93B73B1E9
SHA-256:	487AB83CF85F8D14A5D3E5768D96114E31A333A1E641EDC513131EF0D7CF4C53
SHA-512:	1446F25DB57119AAF7A6F24C250B5EA50EFA5AC8025F07273623CE5C7B3ACE1D0F160D014627EBC96D2C00D1D49C1D5637ECA60D334E71FF2CC2C931B2EAE1C1
Malicious:	false
Reputation:	unknown
Preview:	//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlbnQiOlsiICJdLCJuYW1lcyI6WyJjbG9zdXJlRHluYW1pY0J1dHRvbiJdLCJtYXBwaW5ncyI6IkFBQUE7QUFBQTtBQUFBO0FBQUE7QUFBQTtBQUFBO0FBQUEifQ==.(function(){var n=this\|\|self,P=function(R){return R},Y=function(R,V){if(V=n.trustedTypes,R=null,!V\|\|!V.createPolicy)return R;try{R=V.createPolicy("bg",{createHTML:P,createScript:P,createScriptURL:P})}catch(c){n.console&&n.console.error(c.message)}return R};(0,eval)(function(R,V){return(V=Y())&&R.eval(V.createScript("1"))===1?function(c){return V.createScript(c)}:function(c){return""+c}}(n)(Array(Math.random()7824\|0).join("\n")+['//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlbnQiOlsiICJdLCJuYW1lcyI6WyJjbG9zdXJlRHluYW1pY0J1dHRvbiJdLCJtYXBwaW5ncyI6IkFBQUE7QUFBQTtBQUFBO0FBQUE7QUFBQTtBQUFBO0FBQUEifQ==',.'(function(){/',.'',.' Copyright Google LLC',.' SPDX-License-Identifier:

Chrome Cache Entry: 226

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2693)
Category:	dropped
Size (bytes):	204349
Entropy (8bit):	5.522168588040052
Encrypted:	false
SSDEEP:
MD5:	65FE0804ED95AAA3FA53ABE856A68068
SHA1:	AB2C12AFF0E37FCA75E5D7592293C1461860DD43
SHA-256:	2CA54982A16AA99E17BF0B6537B823DE9D7C3D5F7394FE47A88D28EB8F177727
SHA-512:	F9005D6911BC2F3F7AF2D983A338F6FD1C7863BE84BCBBDD4CF1ACC25804FD9725E5071E60628D9AC7CD4ABC043D6981E6E8E1CD3E251E59D4C00D8D060E22D3
Malicious:	false
Reputation:	unknown
Preview:	this.gbar_=this.gbar_\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([]);.var aa,ba,da,ea;aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};da=ba(this);.ea=function(a,b){if(b)a:{var c=da;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}};ea("Symbol.dispose",function(a){return a?a:Symbol("b")});ea("globalThis",function(a){return a\|\|da});.ea("Promise.prototype.finally",f

Chrome Cache Entry: 227

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7547), with no line terminators
Category:	downloaded
Size (bytes):	7547
Entropy (8bit):	5.4121739035581
Encrypted:	false
SSDEEP:
MD5:	726E24B83869C6393345CE943B424916
SHA1:	E396CB2D150968CF9B9A39E8381131E16147721C
SHA-256:	23A01091028BAE8DAC4F120D049613E7E1770CF91C37EFF0043B464A87CE9B03
SHA-512:	F74EF200897A838979581126DD753F6742AE7449EAFBB791447EA33AC952A7A50F6594DA4ACF74ABCCBD307F94237B28DECDA0CE494D31D3A4110FE093C13069
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/ss/k=xjs.s.SIJgKp0_ANA.L.B1.O/am=QOIQIAQAAAJABBpAAAAAAAAAAAAAAAAAAAAAkAAAABAAAAAAAAgAIAIAKJMAAIC8AACADQAIAAB8AAAHBAAGAAAAAAAAJAAAAACAAAAVAgAAAAAAEBAAAEQAAABAIQAAAAAEAAAYAAAAABACBAAggAEIAYACJCAoAtCPQgAAAGAAAAAhIAwwDEBQAcAATgEAAAAAAAAAABAACAEAAAAFBAAQIABAj0AAGABiIgBACAAIUAIAAQAABAAAIEAgAAAxE4ADMgABAAAAAAAAQAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAAAAAAAAAAAAAAAAAAAAAAAQ/d=0/br=1/rs=ACT90oHS1JOiuDK_SdGLwRo-ZKYuMRNIaQ/m=sy1gk,y05UD,sy1nw,sy1n5,sy1n6,sy1n7,sy1n8,sy1n4,syqd,sy45k,sy45g,sy1ox,sy1mx,sy1vi,sy1vl,sy1te,epYOx?xjs=s4"
Preview:	.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:relative}.nNMuOd{animation:qli-container-rotate 1568.2352941176ms linear infinite}@keyframes qli-container-rotate{from{transform:rotate(0)}to{transform:rotate(1turn)}}.RoKmhb{height:100%;opacity:0;position:absolute;width:100%}.nNMuOd .VQdeab{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-blue-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .IEqiAf{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-red-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .smocse{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-yellow-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .FlKbCe{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-green-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,

Chrome Cache Entry: 228

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1660
Entropy (8bit):	4.301517070642596
Encrypted:	false
SSDEEP:
MD5:	554640F465EB3ED903B543DAE0A1BCAC
SHA1:	E0E6E2C8939008217EB76A3B3282CA75F3DC401A
SHA-256:	99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
SHA-512:	462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

Chrome Cache Entry: 229

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	dropped
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	unknown
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 233

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (31343)
Category:	downloaded
Size (bytes):	568392
Entropy (8bit):	5.947180824771289
Encrypted:	false
SSDEEP:
MD5:	D5C5911A3841C83B8B4D4128C8903D69
SHA1:	00AD02949C854EAC5CB7E3DFFDA3C501FAE0A1F5
SHA-256:	C9E020DF7FF86995357E9FC58E833E5F5C339883FA4DD40E1862688CE4E1FCC0
SHA-512:	5095A9842E302E4C9631D7C0891287E73E33C1A0DB6319371DACA01E5658ED00F99826E54D57838EE9B4184756BE13DD979A7182E6011FF4A12290EF3C8203BE
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/search?q=at+sign&oq=at+sign&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDEyMTBqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8
Preview:	<!doctype html><html itemscope="" itemtype="http://schema.org/SearchResultsPage" lang="en"><head><meta charset="UTF-8"><meta content="origin" name="referrer"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>at sign - Google Search</title><script nonce="GOYeJkAFEu1MWw60iRxPXg">window._hst=Date.now();performance&&performance.mark&&performance.mark("SearchHeadStart");</script><script nonce="GOYeJkAFEu1MWw60iRxPXg">(function(){var b=window.addEventListener;window.addEventListener=function(a,c,d){a!=="unload"&&b(a,c,d)};}).call(this);(function(){var _g={kEI:'niD9ZuSaCZioxc8PnP6qyAI',kEXPI:'31',kBL:'9Oo8',kOPI:89978449};(function(){var a;((a=window.google)==null?0:a.stvsc)?google.kEI=_g.kEI:window.google=_g;}).call(this);})();(function(){google.sn='web';google.kHL='en';})();(function(){.var h=this\|\|self;function l(){return window.google!==void 0&&window.google.kOPI!==void 0&&window.google.kOPI!==0?window.google.kOPI:null};var m,n=[];functio

Chrome Cache Entry: 234

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	unknown
URL:	https://dlapiper-my.sharepoint.com/_layouts/15/images/microsoft-logo.png
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Chrome Cache Entry: 236

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1555
Entropy (8bit):	5.249530958699059
Encrypted:	false
SSDEEP:
MD5:	FBE36EB2EECF1B90451A3A72701E49D2
SHA1:	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
SHA-256:	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
SHA-512:	7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

Chrome Cache Entry: 237

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced
Category:	downloaded
Size (bytes):	219
Entropy (8bit):	6.672026282090217
Encrypted:	false
SSDEEP:
MD5:	A645907F22E3265E9C3ECE3872EF9567
SHA1:	377426B57776474466297240AC1F315F2DEB3343
SHA-256:	3B38DF6E208371DCD43F691C977F8F1891B4A0341674A102585A5490EE4AC4B5
SHA-512:	BE849829C32D817E67DBA2E4E2A93939F0AAE8245A3BCE8086A7B7D0A1CC1076BCCBDBE2506071E61E1810C78C0DEF6452C26D138BF1F892DA2294D17BA08214
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/images/icons/material/system/1x/email_grey600_24dp.png
Preview:	.PNG........IHDR.............J~.s....IDATx..1..0.F...o...s..$...!.D.....2..../6.iG.oh..= ..<.q..Fj. +i]q1..0.T..z.......s.@l.S"T<...=......M.eB.....M.}c.P.s._.......[.a.@.h.....`.._1.q..!...i..i...gZ......IEND.B`.

Chrome Cache Entry: 238

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.625
Encrypted:	false
SSDEEP:
MD5:	DC546C243CDB4C081E25FB8FBD485AF6
SHA1:	C45B22AE92639B4E5E1987D2A41A936CF88FCCEF
SHA-256:	EF8CD11533F9AC941221CD3BD88FA751EE4BA5CFEEC83A3A038C6D983066EBE7
SHA-512:	0B64D055F18868E89B16347BE2E7854009824E28CF63DFE29D8C7FE1431566E743714F9B254640AF58C2B47961D6CEA47E07397705C72F07C752319FD550178C
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAmbf-N-7AWuXxIFDQCkpSI=?alt=proto
Preview:	CgkKBw0ApKUiGgA=

Chrome Cache Entry: 239

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	26951
Entropy (8bit):	4.514992390210281
Encrypted:	false
SSDEEP:
MD5:	B3D7A123BE5203A1A3F0F10233ED373F
SHA1:	F4C61F321D8F79A805B356C6EC94090C0D96215C
SHA-256:	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
SHA-512:	A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
Malicious:	false
Reputation:	unknown
Preview:	var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

Chrome Cache Entry: 240

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (846)
Category:	downloaded
Size (bytes):	13057
Entropy (8bit):	5.697288330125711
Encrypted:	false
SSDEEP:
MD5:	F5D9DAD4D8992BCAAA1A54417F7AEB79
SHA1:	BBBB5D990231E25673522BBEF037DFF013389A4C
SHA-256:	D19878EDD08E0E3344544678E0C7E7A54C877E04EC02E2C3F1FA008612C0480D
SHA-512:	348F7F9A58F50D584F4A743296EF40EAD28EC7225DEEDA32B8D6F8A92D41F809ECF49BADEC02552A8A34D91693042E909DF3810766101F19210A062136F554AB
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.cUpXqrd4NA0.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTsLF9xo3cxDRYfLOKQnh9oZJqzzrA"
Preview:	this.gbar_=this.gbar_\|\|{};(function(_){var window=this;.try{._.kj=class extends _.Q{constructor(){super()}};.}catch(e){_._DumpException(e)}.try{.var lj,mj,oj,rj,uj,tj,nj,sj;lj=function(a){try{return a.toString().indexOf("[native code]")!==-1?a:null}catch(b){return null}};mj=function(){_.Ka()};oj=function(){nj===void 0&&(nj=typeof WeakMap==="function"?lj(WeakMap):null);return nj};rj=function(a,b){(_.pj\|\|(_.pj=new nj)).set(a,b);(_.qj\|\|(_.qj=new nj)).set(b,a)};.uj=function(a){if(sj===void 0){const b=new tj([],{});sj=Array.prototype.concat.call([],b).length===1}sj&&typeof Symbol==="function"&&Symbol.isConcatSpreadable&&(a[Symbol.isConcatSpreadable]=!0)};_.vj=function(a,b,c,d){a=_.zb(a,b,c,d);return Array.isArray(a)?a:_.Nc};_.wj=function(a,b){a=(2&b?a\|2:a&-3)\|32;return a&=-2049};_.xj=function(a,b){a===0&&(a=_.wj(a,b));return a\|1};_.yj=function(a){return!!(2&a)&&!!(4&a)\|\|!!(2048&a)};_.zj=function(a,b,c){32&b&&c\|\|(a&=-33);return a};._.Dj=function(a,b,c,d,e,f,g){const h=a.ha;var k=!!(2&b);e=k?

Chrome Cache Entry: 241

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.952153720356113
Encrypted:	false
SSDEEP:
MD5:	0DCAF66E7C030E48662EC67A65923EDA
SHA1:	2B367F6A77B3F01EDAAB5BABABF2CBC25D157830
SHA-256:	AB90034BA06D313A39B431006F39F908F37907B1A10521654DC8539AC7D1F7AD
SHA-512:	92EC758FADFE3E1E744DAF8AB2BA06BCE2B57C4DE869395000C6C9C8D3C2C8AD3423C6BE95F5B53F298BE2EC6BE37EB7143FEDBEBECE40DAB5BDB49664376D5E
Malicious:	false
Reputation:	unknown
Preview:	)]}'.21;["rSD9ZtjIFMyX9u8PjdGeCA","2091"]c;[1,null,"0"]3;[5]

Chrome Cache Entry: 242

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 244

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3962)
Category:	dropped
Size (bytes):	478430
Entropy (8bit):	5.679809491329989
Encrypted:	false
SSDEEP:
MD5:	562706F7042F6757F4292F8A92F314E3
SHA1:	9911C6AE52C9325E2EB6F14D589CB686165B95A5
SHA-256:	0A6F3B4B2A2327E7373FE13D1868BE9E199CA3D39EBDA94212E6EC37DD340114
SHA-512:	B3B81F8769F77309659B446A4286579243EF715A5AEA38BA4881A593A232F2A8B9F0851B133CEC74AE1F664F739AE033CD5617E0BBE5100027B381C2E6DA4127
Malicious:	false
Reputation:	unknown
Preview:	_F_installCss("@media (min-width:480px){.Jm7ege.fC2KG{min-width:380px}}.vSyRff.kqLqDd{bottom:0;left:0;right:0}@media (min-width:480px){.c3k6Zc.fC2KG{left:auto;right:20px}}@media (min-width:480px){.JXXsr.fC2KG{left:20px;right:auto}}.dgVGnc .qk7LXc,.qk7LXc.dgVGnc{width:90%}.BhUHze .qk7LXc,.qk7LXc.BhUHze{width:75%}.rfx2Y .qk7LXc,.qk7LXc.rfx2Y{width:100%}.cJFqsd .qk7LXc,.qk7LXc.cJFqsd{height:100%}.yMNJR .qk7LXc,.qk7LXc.yMNJR{max-width:100%}.vSyRff.Y5Ip8c{background-color:var(--xhUGwc);border-radius:20px;bottom:40px;right:40px;box-shadow:0 4px 8px rgba(0,0,0,0.1),0 1px 3px rgba(0,0,0,0.06)}.jnyxRd.Y5Ip8c{border-radius:20px}.vSyRff.fC2KG{background-color:var(--xhUGwc);box-shadow:0 2px 2px 2px rgba(0,0,0,0.1),0 2px 6px 6px rgba(0,0,0,0.06)}@media (min-width:320px){.vSyRff.fC2KG{bottom:0;left:0;right:0}}@media (min-width:480px){.vSyRff.fC2KG{display:inline-block;bottom:20px}}.lgo9kc.vKW4md{opacity:.2;visibility:inherit}.vSyRff.vKW4md{transform:translateY(0);opacity:1;visibility:inherit}.lgo9kc

Chrome Cache Entry: 245

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	742
Entropy (8bit):	4.715663467051154
Encrypted:	false
SSDEEP:
MD5:	EDD0E34F60D7CA4A2F4ECE79CFF21AE3
SHA1:	2CC789A02534557380D92124E2F8B9483D198FB3
SHA-256:	ED9087D76CDC6D1C53698F6068F79872E77E87C8D012C0CFDAD13B05B6CCB37C
SHA-512:	CE9D50913CAD41D11C7B3963C90788301B63EE1FFFFF73108E9F8709CA0A9FCC6170853A65A820FBF020628B403813C9E3CD262389FEB7D17A6C73C2F724394F
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" height="24" viewBox="0 0 24 24" width="24"><path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z" fill="#4285F4"/><path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/><path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z" fill="#FBBC05"/><path d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/><path d="M1 1h22v22H1z" fill="none"/></svg>

Chrome Cache Entry: 246

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5162), with no line terminators
Category:	downloaded
Size (bytes):	5162
Entropy (8bit):	5.3533581296433415
Encrypted:	false
SSDEEP:
MD5:	6776548F23C2A44FBD3C7343F0CB43E1
SHA1:	1E6871D4196BB00F0D161D5DC8872A8D940CEC30
SHA-256:	DDFC74A717ADCA6E6DB1BCF58D64FF7205F52BA4B61617A0137045088622C86E
SHA-512:	947B3AC76BC7B6DF6FD1C4AEA94E79D1E168E3B15BB4DC2A497E3DAFF60DAA58A490C89BA11A10910BB4B21C79A56CEAEDFFAE32A77D39E245422BE874BF7CF1
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/og/_/ss/k=og.qtm.QEmFiQX-ROw.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTuqAa7PW703tsRdQnFgFKMOuHOagg"
Preview:	.gb_Q{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ka{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_La{fill:#f9ab00}.gb_F .gb_La{fill:#fdd663}.gb_Ma>.gb_La{fill:#d93025}.gb_F .gb_Ma>.gb_La{fill:#f28b82}.gb_Ma>.gb_Na{fill:white}.gb_Na,.gb_F .gb_Ma>.gb_Na{fill:#202124}.gb_Oa{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

Chrome Cache Entry: 247

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3391)
Category:	dropped
Size (bytes):	68476
Entropy (8bit):	5.604069316900506
Encrypted:	false
SSDEEP:
MD5:	BCACAC27051FFC8A895EC9EC3A759D2F
SHA1:	12C9FD0CD56E42076D23E21E1A6AB9AC3ADC54FD
SHA-256:	B213B19192B2D1A7577757FD9E4EA8BC9D17192E34544B197AF156E3717A5847
SHA-512:	AFFEE0462FCEF283B924CE749071B71B72F167C90BA96943F9507499939D6555573E847B524A1624A2B0422D9897EBEF4A7F33B640AA5DC14AE7D32C641E18CE
Malicious:	false
Reputation:	unknown
Preview:	(function(g){var window=this;/. SPDX-License-Identifier: Apache-2.0././.. Copyright 2017 Google LLC. SPDX-License-Identifier: BSD-3-Clause./.'use strict';var Fhb=function(a){a.mutedAutoplay=!1;a.endSeconds=NaN;a.limitedPlaybackDurationInSeconds=NaN;g.CQ(a)},Ghb=function(a){g.Ro(a);.for(var b=0;b<a.eg.length;b++){var c=a.eg[b],d=a.Ry[b];if(d!==c.version)return!0;if(!g.Po(c)\|\|c.Pm)if(c.Pm\|\|c.s_!==g.Uo)(c.P1(c)\|\|Ghb(c))&&c.Q1(c),c.Pm=!1,c.s_=g.Uo;if(d!==c.version)return!0}return!1},c4=function(a){var b=g.No(a);.a={};return a[Symbol.dispose]=function(){g.No(b)},a},Hhb=function(){return{I:"svg",.X:{height:"100%",version:"1.1",viewBox:"0 0 110 26",width:"100%"},V:[{I:"path",Fc:!0,S:"ytp-svg-fill",X:{d:"M 16.68,.99 C 13.55,1.03 7.02,1.16 4.99,1.68 c -1.49,.4 -2.59,1.6 -2.99,3 -0.69,2.7 -0.68,8.31 -0.68,8.31 0,0 -0.01,5.61 .68,8.31 .39,1.5 1.59,2.6 2.99,3 2.69,.7 13.40,.68 13.40,.68 0,0 10.70,.01 13.40,-0.68 1.5,-0.4 2.59,-1.6 2.99,-3 .69,-2.7 .68,-8.31 .68,-8.31 0,0 .11,-5.61 -0.68,-8.31

Chrome Cache Entry: 248

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG ADTS, layer III, v2, 64 kbps, 24 kHz, Monaural
Category:	downloaded
Size (bytes):	8448
Entropy (8bit):	7.817956356528785
Encrypted:	false
SSDEEP:
MD5:	7FFC9B9A2A3D9BB5E5F04E008BB23931
SHA1:	92F21C67711C93C0AC513FB70DBD486BE076F4F3
SHA-256:	FEF0A26B074E3E26979F2E41BF3279BA030235A57B755678A27ABE1B8167F3CF
SHA-512:	EBADBFA528720B75DB650B092D8B8FA795ED631B09E75C25ACF818AB0F42725D05F66E2FC5A974C8C98080B64A4DFBF74F261057880B076B2A5B3BAE9CE31D3B
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/speech-api/v1/synthesize?text=at%20sign&enc=mpeg&lang=en-us&speed=0.4&client=lr-language-tts&use_google_only_voices=1
Preview:	...................................................................................................................................................................................................'j...I@...@@P..b.B..G:@..V+..F.....P.....(...........?.....wqqqqAAAAAAAA@.\\\\\\\\PPPQ..P\\\].........DDwwww...D.w..>.........................@...........;......<z.Y~....z...a......tV.....-.&d.....M-o..P. ..G.......1......../a.....4d.@H.0,..1d.3..a..f..8......R) ..."..e..(.A.\>G.....M.s..r..&fp.E.....gAi....P....:D0.2H......S.U..o.......$.I..55...INU...A....!...D.`.@....,R......"...v.B20.A;eK........d.@x>..amZ\|....kb.j`@...lI.Y.b..W.....@p..!....0.8...=-=...zj..%.\..2..{.o.NX..K...<e..n.0.w5c...r...;>h...E.%.5....9 .....re..bU.OD...yn1.]g,2.i.......,.&......y.P`!.... ...0..C..$i1....>.<.s.f+..!.m.fr...L........m.......i......&....t.^.:...2.X..S..%.e.a.+....~bgw....y\5\C....;..U..<....B.\|..`l>.8\|.}.+....W..0,..)A{..OT ......,..........J........].x..i..L.U<0.

Chrome Cache Entry: 249

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1143)
Category:	dropped
Size (bytes):	4272
Entropy (8bit):	5.407649241930215
Encrypted:	false
SSDEEP:
MD5:	B427175FA1078775EB792756E7B6D1E7
SHA1:	4C55C0233D3D9002B3449C025F97821F8BB8900D
SHA-256:	EE147E859AD0F09AA50367974E38AB53E7C7054C4A51D400A7F45B0EB251454F
SHA-512:	AF8D384188363378BC99C2E51523E74E1D18BA77D51BFF7647A377A117499421F9E94477E09907925E46DAD0A908B799A616D0B4855FFFF064BA6350815063D3
Malicious:	false
Reputation:	unknown
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.'use strict';var l=function(){var a=h,b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},m=this\|\|self,n=/^[\w+/_-]+[=]{0,2}$/,p=null,q=function(a){return(a=a.querySelector&&a.querySelector("script[nonce]"))&&(a=a.nonce\|\|a.getAttribute("nonce"))&&n.test(a)?a:""},r=function(a,b){function e(){}e.prototype=b.prototype;a.i=b.prototype;a.prototype=new e;a.prototype.constructor=a;a.h=function(c,g,k){for(var f=Array(arguments.length-2),d=2;d<arguments.length;d++)f[d-2]=arguments[d];.return b.prototype[g].apply(c,f)}},t=function(a){return a};function u(a){if(Error.captureStackTrace)Error.captureStackTrace(this,u);else{var b=Error().stack;b&&(this.stack=b)}a&&(this.message=String(a))}r(u,Error);u.prototype.name="CustomError";var v=function(a,b){a=a.split("%s");for(var e="",c=a.length-1,g=0;g<c;g++)e+=a[g]+(g<b.length?b[g]:"%s");u.call(this,e+a[c])};r(v,u);v.prototype.name="Asse

Chrome Cache Entry: 253

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	19
Entropy (8bit):	3.6818808028034042
Encrypted:	false
SSDEEP:
MD5:	9FAE2B6737B98261777262B14B586F28
SHA1:	79C894898B2CED39335EB0003C18B27AA8C6DDCD
SHA-256:	F55F6B26E77DF6647E544AE5B45892DCEA380B7A6D2BFAA1E023EA112CE81E73
SHA-512:	29CB8E5462B15488B0C6D5FC1673E273FB47841E9C76A4AA5415CA93CEA31B87052BBA511680F2BC9E6543A29F1BBFBA9D06FCC08F5C65BEB115EE7A9E5EFF36
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/async/ddljson?async=ntp:2
Preview:	)]}'.{"ddljson":{}}

Static File Info

⊘No static file info

Description:	This technique has been deprecated. Please use Command and Scripting Interpreter where appropriate.
Tactics:	Defense Evasion, Execution
Data Sources:
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Process: OS API Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 150

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 158

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Chrome Cache Entry: 168

Chrome Cache Entry: 170

Chrome Cache Entry: 171

Chrome Cache Entry: 172

Chrome Cache Entry: 173

Chrome Cache Entry: 174

Chrome Cache Entry: 176

Chrome Cache Entry: 177

Chrome Cache Entry: 180

Chrome Cache Entry: 181

Chrome Cache Entry: 183

Windows Analysis Report
https://dlapiper-my.sharepoint.com/:f:/p/lucy_stevens/EuoU6OvOyL9OuhIHkdC9OMQBex9HLiWuOXPp0kCtLg1gOg?e=5%3au3LlBN&at=9