Edit tour

Windows Analysis Report
http://google.com

Overview

General Information

Sample URL:	http://google.com
Analysis ID:	1525662

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 1364 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6784 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1888,i,3811607656877600295,1336773009039061601,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6428 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://google.com

URL Reputation: detection malicious, Label: malware

Source: https://www.google.com	HTTP Parser: No favicon
Source: https://www.google.com	HTTP Parser: No favicon
Source: https://ogs.google.com	HTTP Parser: No favicon
Source: https://ogs.google.com	HTTP Parser: No favicon
Source: https://ogs.google.com	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49786 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200

Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ogs.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49786 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@18/36@20/226

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1888,i,3811607656877600295,1336773009039061601,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1888,i,3811607656877600295,1336773009039061601,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://google.com	100%	URL Reputation	malware

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
google.com	142.250.185.174	true	false	unknown
www3.l.google.com	142.250.186.78	true	false	unknown
plus.l.google.com	142.250.184.238	true	false	unknown
play.google.com	142.250.185.78	true	false	unknown
www.google.com	172.217.16.196	true	false	unknown
ogs.google.com	unknown	unknown	false	unknown
apis.google.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com	false		unknown
https://ogs.google.com	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.196	unknown	United States	15169	GOOGLEUS	false
142.250.186.78	www3.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.78	play.google.com	United States	15169	GOOGLEUS	false
172.217.18.14	unknown	United States	15169	GOOGLEUS	false
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
173.194.76.84	unknown	United States	15169	GOOGLEUS	false
142.250.186.106	unknown	United States	15169	GOOGLEUS	false
172.217.23.110	unknown	United States	15169	GOOGLEUS	false
142.250.181.238	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.23.99	unknown	United States	15169	GOOGLEUS	false
142.250.185.131	unknown	United States	15169	GOOGLEUS	false
142.250.186.131	unknown	United States	15169	GOOGLEUS	false
142.250.184.238	plus.l.google.com	United States	15169	GOOGLEUS	false
142.250.184.227	unknown	United States	15169	GOOGLEUS	false
142.250.184.206	unknown	United States	15169	GOOGLEUS	false
216.58.212.163	unknown	United States	15169	GOOGLEUS	false
172.217.16.196	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.42	unknown	United States	15169	GOOGLEUS	false
142.250.184.234	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1525662
Start date and time:	2024-10-04 13:49:09 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://google.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@18/36@20/226

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.131, 142.250.181.238, 173.194.76.84, 34.104.35.123, 142.250.185.131, 93.184.221.240, 142.250.184.234, 172.217.23.106, 142.250.185.170, 142.250.185.202, 142.250.181.234, 142.250.185.234, 142.250.185.106, 216.58.206.74, 172.217.16.202, 142.250.186.106, 142.250.184.202, 172.217.18.10, 142.250.186.74, 142.250.185.74, 142.250.185.138, 142.250.186.138, 142.250.184.227, 172.217.18.106, 172.217.16.138, 142.250.186.42, 216.58.212.170, 216.58.212.138, 216.58.212.163, 142.250.186.163
Excluded domains from analysis (whitelisted): ssl.gstatic.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, ogads-pa.googleapis.com, clients.l.google.com, www.gstatic.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: google.com

LLM Input / Output

Input	Output
URL: https://www.google.com Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://ogs.google.com Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.google.com Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:49:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9792935102997977
Encrypted:	false
SSDEEP:
MD5:	67A3338E69EB337DDF8CD61A616E95A9
SHA1:	AE704482E727FE9E9C565FB9EA7896DC901B1D5C
SHA-256:	20B1A26C20F988E4F10A181A02FB0EC71C0AF40F99EDAC1D27082AC6D69DC6D2
SHA-512:	F30278D79634573B3AE4990C9A7C3A73967DFA2F14661A7C12CB983032CD33FF3704D615C8EBF2B529A71E0955F49E5684B7504FF4F4A87984984006C0625D23
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....?&~S...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDY+^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY3^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY3^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY3^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY4^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Li#.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:49:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.9961635556681547
Encrypted:	false
SSDEEP:
MD5:	FA9B6ED1CACD1364D6A401D92647AFEE
SHA1:	EF931DE113E6F1EC706F7323D6EFB4E9A2B74347
SHA-256:	E066D30A15EFF92E48766D78EBB68D37215DE30FBE8DBDECD5991A29F6803D04
SHA-512:	D74D3909F43CD2BCEF66D0D0EEA1AAFCB257BF92E1954008E3391A531138AEA07EEC91913BE2854EEC91034091FBD9EDE03C65038F6CB25A1E0A86C7277D103B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.......~S...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDY+^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY3^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY3^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY3^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY4^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Li#.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.005077326974432
Encrypted:	false
SSDEEP:
MD5:	C5FD5FF5424A4837365F5325C7245C38
SHA1:	7FA06B48E21DD618E9EBAB1235181EC570A92FFD
SHA-256:	FF8C48B92860C8E4A8D61064C4FB2BCC9DEA699146E708B4145F52DA9F0DE7C3
SHA-512:	7B9588D557D23A555C37E8911EAF56310A8BB2E2AF4986CB36D11630112FA867F246A566F849915616B25D658DCD822A9C590AF39C8665A1E89D81D01C75E5F9
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDY+^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY3^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY3^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY3^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Li#.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:49:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9920536919289145
Encrypted:	false
SSDEEP:
MD5:	ADCE401DF76F399390C57284DCD52102
SHA1:	225DD0FBD724961E7E6D266DC7D1616061715A7B
SHA-256:	FD5BE3345C5C1CEE5C6F6C1751405D58F4CEA54BA7227CE9C99830E8DA474C38
SHA-512:	21407F309FB8956C9ECCB5C23C8BB6852713ABA94B92AAB8C902E0742614A61CD51ED8154532E52DFF166E6345CA616E70A776F7DE64D16DE7879793730F4D2B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.......~S...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDY+^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY3^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY3^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY3^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY4^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Li#.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:49:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9802916180706323
Encrypted:	false
SSDEEP:
MD5:	A7963D8F3336F3C0C50B49E4A04F35BB
SHA1:	4C5980E8E3F6D8C2D199C53B36B7690F49B1CBC6
SHA-256:	D049197B82E3CB2EA9E958D6897EDE6997C3F7BB47A3844BF29C8EC471BA15A1
SHA-512:	C49083AD8ED9A9C91DB5FF691EFF1763E6BF224892741F580AC23CDFB8BEA1023C2F26E32556112201B15681CB154289C8E9420666365BC3B746111FA6AA9725
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....x. ~S...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDY+^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY3^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY3^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY3^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY4^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Li#.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:49:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9913906871683613
Encrypted:	false
SSDEEP:
MD5:	7B2A02C25A57A7F2A00FD724F613B5C3
SHA1:	AB2DD6CAD4B5CF7775DEFF1C584C54FF01D15A90
SHA-256:	43F04769E27AF783B10296D15A89B92778071C8420D5B63211CA628BB4F8CEFE
SHA-512:	F58DAE37E330A67EE6621255835BF7BBC98A6213D25D908186D508D041F10A290C8B666B52EB51A6F1AE9E98879FCE8B6CB1DF6F2847DA50C4534A05AD4E075A
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....(..~S...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDY+^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY3^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY3^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY3^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY4^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Li#.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (13540)
Category:	downloaded
Size (bytes):	199819
Entropy (8bit):	5.883130867533761
Encrypted:	false
SSDEEP:
MD5:	C4609E8165E9F4B242407B4CA18D9F0A
SHA1:	EDF9E14684C39DADAC541E41AC8E2466B6B1800D
SHA-256:	BC230FBB90B91DBAC8E0AFAF0AEC71BE3C155316ADD6F45D68C422B264F8B832
SHA-512:	72501E91BE8AB0466A5881985B8A90AB7A290FED09A07F1F8681AA403949D92EA3EAA3977994CAD5DAC7475EBB5DD165D22A30D66B1230B2A4E02A2E1E953D5F
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/
Preview:	<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta charset="UTF-8"><meta content="origin" name="referrer"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="tOwGfjbnYXwEKwawpHIvXg">window._hst=Date.now();performance&&performance.mark&&performance.mark("SearchHeadStart");</script><script nonce="tOwGfjbnYXwEKwawpHIvXg">(function(){var _g={kEI:'VNb_ZumWGdKH7NYP7bLckAM',kEXPI:'31',kBL:'_pcO',kOPI:89978449};(function(){var a;((a=window.google)==null?0:a.stvsc)?google.kEI=_g.kEI:window.google=_g;}).call(this);})();(function(){google.sn='webhp';google.kHL='en';})();(function(){.var h=this\|\|self;function l(){return window.google!==void 0&&window.google.kOPI!==void 0&&window.google.kOPI!==0?window.google.kOPI:null};var m,n=[];function p(a){for(var b;a&&(!a.getAttribute\|\|!(b=a.getAttribute("eid")));)a=a.parentNode;return b\|\|m}function q(a){for(var b=null;a&&(!a.getAttribute\|\|!

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	5430
Entropy (8bit):	3.6534652184263736
Encrypted:	false
SSDEEP:
MD5:	F3418A443E7D841097C714D69EC4BCB8
SHA1:	49263695F6B0CDD72F45CF1B775E660FDC36C606
SHA-256:	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
SHA-512:	82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
Malicious:	false
Reputation:	unknown
Preview:	............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (524)
Category:	dropped
Size (bytes):	24979
Entropy (8bit):	5.413871838201982
Encrypted:	false
SSDEEP:
MD5:	7499DF9BAF83A3C7FCEDDD55D7B57EE7
SHA1:	D114C83993BCF559740578A7AB2FFB44E7E33C2A
SHA-256:	494321695048A16A8A354775226283AC4084B540F9E7C280CF7731E92F491E6B
SHA-512:	1E39FEC6F87B74C69DEE5C8A8D1ED31BD8FCFC970AFF632DA3E0FE4EE09F81AD1C593F99FF266EAFAD6A413A15E8F511F918E917EAC3D80CCF53826B52BDABB5
Malicious:	false
Reputation:	unknown
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.$$c=_.Ed("P10Owf",[_.lq]);.}catch(e){_._DumpException(e)}.try{._.w("P10Owf");.var ZD=function(a){_.A.call(this,a.Ma);this.ka=this.getData("cmep").Kb();this.Ob=a.service.Ob;this.data=a.Ud.Qda};_.C(ZD,_.A);ZD.Ga=function(){return{service:{Ob:_.Jt},Ud:{Qda:_.yD}}};ZD.prototype.wa=function(){this.Ob.ka().oa(this.getRoot().el(),1).log(!0)};ZD.prototype.ta=function(a){a=a.data?_.Rb(_.yD,a.data):new _.yD;aad(this,a)};ZD.prototype.oa=function(a){aad(this,a.data)};.var aad=function(a,b){var c;(b==null?0:b.Pu())&&((c=a.data)==null?0:c.Pu())&&(b==null?void 0:b.Pu())!==a.data.Pu()\|\|a.Ob.ka().oa(a.getRoot().el(),2).log(!0)};ZD.prototype.Ia=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);_.Ne(document,_.aFc)};ZD.prototype.Ea=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);if(this.ka){var b;_.Ne(document,_.$Ec,(b=this.data)==null?void 0:b.Kc())}else _.Ne(document,_.ZEc,this.data)};_.K(ZD.prototype,"kEOk4d",function(){return this.Ea});_.K(ZD.pro

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (6293)
Category:	downloaded
Size (bytes):	6299
Entropy (8bit):	6.108842918606728
Encrypted:	false
SSDEEP:
MD5:	4FB38459CC925FD68C06E684DFF2D728
SHA1:	012B4B6AA39FBA6F54E8E784C0F0C3874F47A1D6
SHA-256:	F2C68ED33D1F0773BE6C9C6433C5CF55AF0C9B469522AEED9EA6EC920DBBFA9A
SHA-512:	38C16B46866CB33C42D536DC4882C1AB246ECD8F9D57E85C9285FDDEEC0C11D9DA78CE38C355C5132494A0C999588496C29F8553330DB3F6251EA7ACC9520FD3
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=VNb_ZumWGdKH7NYP7bLckAM.1728042582099&dpr=1&nolsbt=1
Preview:	)]}'.[[["padres joe musgrove injury",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["companion movie trailer",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["las vegas raiders",46,[3,357,362,396,143],{"lm":[],"zf":33,"zh":"Las Vegas Raiders","zi":"Football team","zl":8,"zp":{"gs_ssp":"eJzj4tDP1TcwzTE3NGD0EsxJLFYoS00HkkWJmSmpRcUAeb0JIw"},"zs":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFAAAABQCAMAAAC5zwKfAAAAhFBMVEUAAAAdHRv////O0dgbGxn5+fnu7u4SEg8ZGRfR1Nvr6+vOzs7d3d0WFhTj4+MMDAi2trbX19fExMSRkZG+vr6cnJysrKzX2uF6enpISEdzc3Kjo6PGyc9OTk1CQkKJiYlqamldXVw2NjUpKSi3ur+vsbaVl5tiY2WeoKXi5eyCgoVWVlhTgl/ZAAAHE0lEQVRYhe2YabeiuhKGizCPQWZFGVVs/P//71YloIDs7n1P73U+nVpLZQgPSaXqTUWA/+zfsssP82JmVD+Isw4MLf0xXoo0Az/O8DM4HVkRXAgZnP6WdnKZ7Jpmio4yPXt+78nmw+ddkXlM4AowFTTQMnHO3HRQNo215+Y9nBoawSGKkjBMIjfQ2WRRC1yRZgHU3nzd8FzZNvJEY3cNVNieBWEDsneTaRz6OjL22h7WwB67kkWHwDF0XTec4JCU9ZOvaVM38WrfxBl2jNrqRuC5Sekwb+MwxoqNW7ipfdBmqMk3jV0WrC9UCBSuki7GA58coSicvsVFS5zQrzj1p8Zyvj6AlwnInSAIMq4p/tFxXFB

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2091
Entropy (8bit):	7.8938748179764
Encrypted:	false
SSDEEP:
MD5:	6282A05D151E7D0446C655D1892475E2
SHA1:	B2B05F319DA0E73250200AE9BB518A318D6B4C5D
SHA-256:	4CAB9CF78FD7C85AE2236CDD47B905FA4173F664946DFAB008591B3CFE4280B7
SHA-512:	DF0C4C01555430BD2AFAD409E40A422F5EFB0ED9B6E86168874B46312FFC0BA7CA2B5503E49858035056C342A83CBC42721AA89077BD2E1F698692AF4277BAB5
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/images/hpp/ic_wahlberg_product_core_48.png8.png
Preview:	.PNG........IHDR...0...0.....W.......IDATx........m.tm.86.m.m...m.Xo..._~..Mm.&..x....v.....?... .~^.TV....z.wK.....-.`..w.............4....."...z6Z."....`;@....!...S.Q..E...L$..`01..S(.v...vn._...H.......H.fs.8).....q....\....9B>...)>#2...A....z..8.#+A.V-..hh....3.......c.......F. 3.......~.^Q......c.....a.1...gZ....y....wU..2...].-.0b].......[......w...&K..$..K..\.t..QoY..O?....u.Sa.-...na.Z..}..._s..~[.Ue.M.!#Y.....%.t.7y....J......Q.0fC.Fo..@..&...B.....&..}.ld....O.#+...<.z..,."?vC....Y.....<d..."b.D.(sX..c..5.z,..!...oV.. .....>O.#..pHG..y.j.7.-@.K.s..,...&.%6.. O=dj....S..;.O..ylc.O.~....Tn.F.\|.Y..X..@........e..O.Z......}(H...vp.... ...y..&..:.......8y...{n..R^...:.q.......>....C.....^P..C..%..<. 6...9..,.$0x.M.=.`\..MI..\|.........^...W-"...@..J........K.m...h...x.H.>.c.>.w!......:X.b%.v....)..[R..-..>.+!..?...?.....Q.G:F...k..A.)`*.^N$...{9.<.PD...7`).3.d........h.k..{]&.;^.h.s>BREP.X.O.~P\|[....R].m,.......Z..Pk.g0.yl...Z.qp..

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2287)
Category:	dropped
Size (bytes):	221974
Entropy (8bit):	5.525116818290676
Encrypted:	false
SSDEEP:
MD5:	CA99755538A8D8B1866C97729137BFEE
SHA1:	0949EAA1931E46A95BF1B0674F43D92885B3BEC7
SHA-256:	088314A76E272A02EA40D754DDBA1E839D2C2817C5385CE332A03664C0B45B36
SHA-512:	B07F8E3D1D304CE4B12AF1043A53ED544BAA0ECE5F3ED0ACC12B4AD52C76D0B36346E9255194FB34869748A42AC823889056B097E0A0122C3A1484236AD0BFC5
Malicious:	false
Reputation:	unknown
Preview:	this.gbar_=this.gbar_\|\|{};(function(_){var window=this;.try{.var He;He=0;_.Ie=function(a){return Object.prototype.hasOwnProperty.call(a,_.Qb)&&a[_.Qb]\|\|(a[_.Qb]=++He)};_.Je=function(a){return _.Pb(a)&&a.nodeType==1};_.Ke=function(a,b){if("textContent"in a)a.textContent=b;else if(a.nodeType==3)a.data=String(b);else if(a.firstChild&&a.firstChild.nodeType==3){for(;a.lastChild!=a.firstChild;)a.removeChild(a.lastChild);a.firstChild.data=String(b)}else _.Ee(a),a.appendChild(_.te(a).createTextNode(String(b)))};var Le;_.Me=function(a,b,c){Array.isArray(c)&&(c=c.join(" "));var d="aria-"+b;c===""\|\|c==void 0?(Le\|\|(Le={atomic:!1,autocomplete:"none",dropeffect:"none",haspopup:!1,live:"off",multiline:!1,multiselectable:!1,orientation:"vertical",readonly:!1,relevant:"additions text",required:!1,sort:"none",busy:!1,disabled:!1,hidden:!1,invalid:"false"}),c=Le,b in c?a.setAttribute(d,c[b]):a.removeAttribute(d)):a.setAttribute(d,c)};var Qe;_.Pe=function(a,b,c,d,e,f){if(_.qc&&e)return _.Ne(a);if(e&&!d)re

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1885)
Category:	dropped
Size (bytes):	126135
Entropy (8bit):	5.498654960721984
Encrypted:	false
SSDEEP:
MD5:	C299A572DF117831926BC3A0A25BA255
SHA1:	673F2AC4C7A41AB95FB14E2687666E81BC731E95
SHA-256:	F847294692483E4B7666C0F98CBE2BD03B86AE27B721CAE332FEB26223DDE9FC
SHA-512:	B418A87A350DBC0DEF9FAF3BE4B910CB21AE6FFFC6749EECEA486E3EB603F5AF92F70B936C3D440009482EDE572EE9736422CF89DCDD2B758DFA829216049179
Malicious:	false
Reputation:	unknown
Preview:	gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x800000, ]);.var ba,fa,ha,na,oa,sa,ua,wa;ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};fa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.ma=ha(this);na=function(a,b){if(b)a:{var c=_.ma;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&fa(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (768)
Category:	downloaded
Size (bytes):	1425
Entropy (8bit):	5.352015286891893
Encrypted:	false
SSDEEP:
MD5:	F989AA4A304254FE7C53F1A299D3E3C7
SHA1:	0A6BBF0E3C59855D6CBE269B3AD991C8848F4288
SHA-256:	47F3A84A8B30F8380C7DDB46F5F753174626C6A7D1A17F482C202F457397E393
SHA-512:	3DD76D30ABDA12DB3F85BC6DFDE67243C8BD3C818D0F3BAC5C9E9D4E7B39454C2F178844F70286B643F3BBCCB73954E1612428B4DAA89745B0FDCDF83FE9BF49
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.OlyLa8GkuaI.es5.O/ck=boq-one-google.OneGoogleWidgetUi.-thgPwNVrLw.L.B1.O/am=IEAwYGw/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pw70Gc,s39S4,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,yYB61,zbML3c,zr1jrb/excm=_b,_tp,calloutview/ed=1/wt=2/ujg=1/rs=AM-SdHsBZGUsqOLkp1tQbc4AdY2xMI9Jeg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("P6sQOc");.var rpa=!!(_.Bi[0]>>26&1);var spa=function(a,b,c,d,e){this.o=a;this.N=b;this.v=c;this.O=d;this.ha=e;this.j=0;this.l=QY(this)},tpa=function(a){var b={};_.Ea(a.Lq(),function(e){b[e]=!0});var c=a.Dq(),d=a.Fq();return new spa(a.Eq(),c.j()1E3,a.yq(),d.j()1E3,b)},QY=function(a){return Math.random()Math.min(a.NMath.pow(a.v,a.j),a.O)},RY=function(a,b){return a.j>=a.o?!1:b!=null?!!a.ha[b]:!0};var SY=function(a){_.S.call(this,a.oa);this.l=a.service.Zr;this.o=a.service.metadata;a=a.service.hE;this.fetch=a.fetch.bind(a)};_.G(SY,_.S);SY.W=function(){return{service:{Zr:_.OY,metadata:_.KY,hE:_.FW}}};SY.prototype.j=function(a,b){if(this.o.getType(a.wb())!==1)return _.vp(a);var c=this.l.Gr;(c=c?tpa(c):null)&&RY(c)?(b=TY(this,a,b,c),a=new _.up(a,b,2)):a=_.vp(a);return a};.var TY=function(a,b,c,d){return c.then(function(e){return e},function(e){if(rpa)if(e instanceof _.yf){

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (736)
Category:	dropped
Size (bytes):	3516
Entropy (8bit):	5.552055740061078
Encrypted:	false
SSDEEP:
MD5:	BDF45A6BA57F872963259DA69256A45E
SHA1:	0F6328EA074F20F841EF27871D04F7A61ABFC580
SHA-256:	89474426B70726A283415671A654B2B74E2C9999CAD67BCC2F072856621BC05B
SHA-512:	F35AC64D7D4923B848145FE487BB4E7A93A29C81E6B2BEDE806691D21145B648CC968961E23CEB328AA0DC4D0D6FF2CCD128DBDCAC15461A8AA713F12479F6D7
Malicious:	false
Reputation:	unknown
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("Wt6vjf");.var Mz=function(a){this.ta=_.y(a,0,Mz.mb)};_.G(Mz,_.C);Mz.prototype.Xa=function(){return _.xl(this,1)};Mz.prototype.oc=function(a){_.Jl(this,1,a)};Mz.mb="f.bo";var Nz=function(){_.Vo.call(this)};_.G(Nz,_.Vo);Nz.prototype.ab=function(){this.Yq=!1;Oz(this);_.Vo.prototype.ab.call(this)};Nz.prototype.j=function(){Pz(this);if(this.lk)return Qz(this),!1;if(!this.js)return Rz(this),!0;this.dispatchEvent("p");if(!this.np)return Rz(this),!0;this.ao?(this.dispatchEvent("r"),Rz(this)):Qz(this);return!1};.var Sz=function(a){var b=new _.tu(a.yx);a.bq!=null&&b.j.set("authuser",a.bq);return b},Qz=function(a){a.lk=!0;var b=Sz(a),c="rt=r&f_uid="+_.Xl(a.np);_.Aq(b,(0,_.E)(a.l,a),"POST",c)};.Nz.prototype.l=function(a){a=a.target;Pz(this);if(_.Hq(a)){this.fn=0;if(this.ao)this.lk=!1,this.dispatchEvent("r");else if(this.js)this.dispatchEvent("s");else{try{var b=_.Iq(a),c=JSON.pars

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 272 x 92, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	5969
Entropy (8bit):	7.949719859611916
Encrypted:	false
SSDEEP:
MD5:	8F9327DB2597FA57D2F42B4A6C5A9855
SHA1:	1737D3DFB411C07B86ED8BD30F5987A4DC397CC1
SHA-256:	5776CD87617EACEC3BC00EBCF530D1924026033EDA852F706C1A675A98915826
SHA-512:	B807694ED1EF6DFA6CB5D35B46526FF9584D9AAD66CE4DC93CDEB7B8B103A7C78369D1141D53F092EDDEA0441E982D3A16DF6E98959A5557C288B580CF5191E6
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Preview:	.PNG........IHDR.......\............IDATx..]...U..:.................].{.A.A.(......\....1........A@6.......$...(.CXX\|..d...IUu..dz...g..u.....sO.1..g..W.....~..fv..+.TL.z.q.c..e..;..{..._"...`V...NwUwg....L.{6...y...]....2yo.x}^\|.....)....444.....r7.f&.<...t.!.l'8.s..LCCcl...t........ ......;..,a..0.xju........\|.. D%.l._..........]Y.. ...&N.r.~$g...&...Z}.w.3q......RKwm.ihh.I.pL.n..7j.W..%..Ld...@......q7x)..A.x.0..M .H..Wq.g.h..k.\|P..-Q.}.Ca...@.A.....D....x.....vOp.....+.z...N...T..o.?...?.%e....&..#..3.....P..Np9...$m.Ne. ..3y?......]....l.).z...g.^.v.!....-...&..M .Eg..w.K. ..;..@.qiP4yhh.....U.l7X-.u...-.tP..X..D.i......p'.T>Y.\o.TM.....xx&...&..M ..{.MQ...@.......C.ihh...]].ws..L.<.1...M ..>/yl...yhh.Yh..y..n...H.iW!..4444.p'8G.<...4444. .!.$'.._`....&....h=@8..........T.Ao..4444..#..i.q.'t.u........T..+j.ASyjT...u..(f.y.uw...-e.B...5.W........m~..5-\|_">.j....c[o..m+....K.v.Tak_.".\.....<........u.....},..02..'.h.v.^.....s..A..Ctw

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:
MD5:	BEEDCB4EB0A559E6CE2D1E20D38CB330
SHA1:	A04EE9801770C0E81B170D7992EC3735E878AA58
SHA-256:	6E9D99B87595B07B10676B68EBE9AA8B63DF7D9A74F59CC91EED60EA1FBDC6EF
SHA-512:	BD101CDF7FDF1210127D83CE76E3F6F6F1378259F0A55C112E39C49A9131B8636FB020E07E985B8427A35B62A544F2F7C5F75B11AD69EF2C4AE67A41BD5898B2
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAn11VQ7sgCk8RIFDWlIR0c=?alt=proto
Preview:	CgkKBw1pSEdHGgA=

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1689), with no line terminators
Category:	dropped
Size (bytes):	1689
Entropy (8bit):	5.640520027557763
Encrypted:	false
SSDEEP:
MD5:	45DD7BD58C9F085DA52FA16A2A150066
SHA1:	9B5CF4B288EDE14AE8834F3EF2A58145B8EC8CBC
SHA-256:	0D5C53FCC37C7A2CE26367BBE6197FCD9272DD7EBC81823D088A4DFFF5AE599B
SHA-512:	520B8DF68524C2CEF393B837D7EAD0168028C94697E1DA0AC4BDDAFAB849D1B26D7E7933082146AE6A220A449F066CBBBA2EBFC6CC30D3F756FBD98EE061C8DF
Malicious:	false
Reputation:	unknown
Preview:	.MTIaKb,.LwDUdc,.FAoEle,.RlTCPd,.wPNfjb,.caNvfd,.Vnob4b,.bbxTBb,.DpgmK,.YKUhfb,.uNnvb,.aVsZpf,.RoOVmf,.dIfvQd,.V3Ezn,.Enb9pe,.mYuoaf,.kJSB8,.tUr4Kc,.iQMtqe{--Yi4Nb:var(--mXZkqc);--pEa0Bc:var(--bbQxAb);--kloG3:var(--mXZkqc);--YaIeMb:var(--XKMDxc);--Pa8Wlb:var(--Nsm0ce);--izGsqb:var(--Nsm0ce);--todMNcl:var(--EpFNW);--p9J9c:var(--Nsm0ce)}:root{--KIZPne:#a3c9ff;--xPpiM:#001d35;--Ehh4mf:var(--Nsm0ce)}:root{--Yi4Nb:#d2d2d2;--pEa0Bc:#474747;--kloG3:#d2d2d2;--YaIeMb:#f7f8f9;--Pa8Wlb:#0b57d0;--izGsqb:#0b57d0;--todMNcl:#fff;--p9J9c:#0b57d0}.EpPYLd{display:block;position:relative}.YpcDnf{padding:0 16px;vertical-align:middle}.YpcDnf.HG1dvd{padding:0}.HG1dvd>*{padding:0 16px}.WtV5nd .YpcDnf{padding-left:28px}.Zt0a5e .YpcDnf{line-height:48px}.GZnQqe .YpcDnf{line-height:23px}.EpPYLd:hover{cursor:pointer}.EpPYLd,.CB8nDe:hover{cursor:default}.LGiluc,.EpPYLd[disabled]{pointer-events:none;cursor:default}@media (forced-colors:active){.EpPYLd[disabled]{color:GrayText}}.LGiluc{border-top:1px solid;height:0;

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (621)
Category:	dropped
Size (bytes):	1049455
Entropy (8bit):	5.721692820619692
Encrypted:	false
SSDEEP:
MD5:	E4262E9DC44045559DB48629FEB9338E
SHA1:	62A18C7072FA0D74E99791BA5B7BC2684E7A9BC5
SHA-256:	BBC97732C93FB7743E254CB81F5D4A8468CEA36FB86EDADEF63CE64BF6DB5C4E
SHA-512:	99E680D71743D102D98CF9B6595DEC51AEFDAF012F1E6A8CFEA5B6688E4A04F05D32F770318F5364EFFE509784BE3D192A92FAA1A0908E8C3506E5D2966F9170
Malicious:	false
Reputation:	unknown
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT././. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var baa,caa,naa,Aaa,Caa,Iaa,Taa,$aa,iba,kba,mba,nba,rba,sba,xba,Cba,Fba,Hba,Iba,Lba,Kba,Eba,Sa,Oba,Sba,Tba,Uba,Yba,aca,bca,dca,eca,fca,hca,ica,kca,oca,qca,sca,Aca,Bca,Cca,wca,Dca,xca,Eca,vca,Fca,uca,Gca,Ica,Pca,Rca,Sca,Wca,Xca,ada,dda,Yca,cda,bda,$ca,Zca,fda,gda,kda,mda,lda,pda,qda,rda,tda,vda,uda,xda,yda,zda,Bda,Cda,Dda,Eda,Fda,Ida,Jda,Kda,Oda,Nda,Rda,Sda,Xda,Yda,Zda,aea,$da,cea,bea,fea,eea,hea,jea,mea,nea,qea,rea,vea,wea,Bea,Dea,Lea,Mea,Oea,uea,yea,Sea,Wea,cfa,gfa,hfa,pfa,mfa,qfa,sfa,wfa,xfa,yfa,.Afa,Bfa,jfa,Dfa,Ffa,Jfa,Lfa,Sfa,Xfa,Zfa,iga,kga,mga,nga,wga,yga,Bga,Dga,Ega,Gga,Iga,Mga,Nga,Pga,dh

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (931)
Category:	dropped
Size (bytes):	254613
Entropy (8bit):	5.576818946538596
Encrypted:	false
SSDEEP:
MD5:	C91E795CD9C7D0261CDE27830CF6B8DE
SHA1:	F70B8F3A5A875DF6D6FF651A15231C2E2FAA3A1D
SHA-256:	33BD2DE42D98E775A2141D1E3933295FE78234E6F8BF8D9713FE7CB20CBA1D92
SHA-512:	805818E99FFA1E9B94334EB7AC0C9704DAA9C763B904FD0B6E9B46B27426230B6CE20C5967C905093F85F76F94E1CFABF99FF8AD59B28F0CD25CA0345A084A6B
Malicious:	false
Reputation:	unknown
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("sb_wiz");.._.y();.}catch(e){_._DumpException(e)}.try{._.w("aa");.._.y();.}catch(e){_._DumpException(e)}.try{._.w("abd");.var vhi=function(a){for(var b="",c=21,d=0;d<a.length;d++)d%4!=3&&(b+=String.fromCharCode(a[d]^c),c++);return b},whi=function(a){var b=0,c;for(c in a)if(a[c].e)if(a[c].b)b++;else return!1;return b>0},Bhi=function(a){a=a===void 0?{}:a;var b={};b[xhi]={e:!!a[xhi],b:!_.C0b(yhi)};b[zhi]={e:!!a[zhi],b:!_.C0b(Ahi)};return b},Chi=function(a){var b=[],c;for(c in a)a[c].e&&b.push(c+":"+(a[c].b?"1":"0"));return b.join(",")},Ehi=function(a,b){a=String(a);b&&(a+=","+b);google.log(Dhi,a)},Fhi=function(a,b,c){c=.c===void 0?2:c;if(c<1)Ehi(7,b);else{var d=new Image;d.onerror=function(){Fhi(a,b,c-1)};d.src=a}},yhi=vhi([97,119,115,111,107]),Ahi=vhi([97,119,115,111,107,123]),Ghi=vhi([118,115,121,107,108,124,104,119,68,127,114,105,114]),Dhi=vhi([101,126,118,102,118,125,118,109,126]),Hhi=vhi([116,116,115,108]),xhi=vhi([113,115,

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (550)
Category:	dropped
Size (bytes):	1521
Entropy (8bit):	5.117264756343684
Encrypted:	false
SSDEEP:
MD5:	100B36980D9894320C32C44B6F87CB36
SHA1:	4141A706A21E06BC6F5476FE17EF47379A43B6DE
SHA-256:	5081E282A0EF3031276FB9AF5A8CD4BB97F76F70F25BD5AFDE8F1370C5549305
SHA-512:	DCDEC1E07153B002AE9ED23D04E51D866BEB92D4B12AFB03B1289695B20396B315809365FE43B5BE824BA81FAB44458A8A5EB70CB2562EE4CE5FC236B76AD304
Malicious:	false
Reputation:	unknown
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("aLUfP");.var zqb=function(a){this.Tp=a};var Aqb=function(a){_.Hn.call(this,a.Ma);var b=this;this.window=a.service.window.get();this.ta=this.Tp();this.oa=window.orientation;this.ka=function(){var c=b.Tp(),d=b.GYa()&&Math.abs(window.orientation)===90&&b.oa===-1window.orientation;b.oa=window.orientation;if(c!==b.ta\|\|d){b.ta=c;d=_.Ra(b.Od);for(var e=d.next();!e.done;e=d.next()){e=e.value;var f=new zqb(c);try{e(f)}catch(g){_.ca(g)}}}};this.Od=new Set;this.window.addEventListener("resize",this.ka);this.GYa()&&this.window.addEventListener("orientationchange",.this.ka)};_.C(Aqb,_.Hn);Aqb.Ga=function(){return{service:{window:_.In}}};_.m=Aqb.prototype;_.m.addListener=function(a){this.Od.add(a)};_.m.removeListener=function(a){this.Od.delete(a)};._.m.Tp=function(){if(_.ma()&&_.la()&&!navigator.userAgent.includes("GSA")){var a=_.yl(this.window);a=new _.ol(a.width,Math.round(a.widththis.window.innerHeight/this.window.innerWidth))}else a

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	660
Entropy (8bit):	7.7436458678149815
Encrypted:	false
SSDEEP:
MD5:	C3DFF0D9F30EC0BCF4DEC9524505916B
SHA1:	4B378403ACBEBC3747E08C69B5FD7770A850C9EB
SHA-256:	73D788F86BE22112BB53762545989C0F1BBDB7343161130952C9BA3834FF81E3
SHA-512:	677EA304D00D176ACF61FF68BF23BD5F77AD2928D7DE9F4B842292BC9D3FB7029FE9F578B62F142DCE689230F392E828098EED3484FE2DBEE6E1A7AA5378E2C6
Malicious:	false
Reputation:	unknown
Preview:	RIFF....WEBPVP8L..../'....Hv.=n.......Q...a..(Rv.o..U.....l..m........0l.6l..f.......A?B.C.A...2h..Ag0....G8.n#)R.j.x..P.F..I;.Ox......7-...bX./..]...3..T....5...x...G.C....%.u.....u/._.=....<!q.\...9.....\....p:..P.4.aS.N).>.>.."..9..Vh ....no....l.1..#6p\c..2..>..=8...........FP.^....+/.~......hs..D.Jm..9...r....t*.H..~T^\|.....l..l......he..}f....d.."....K...&1..................pl.Pf.%6...2X..I...eXQ(.K..1%c..w.s._..._K`K.1}..D.E=...<..ytM..>.q'.e.L.~$...b..;k.M.....t\O..m.I._..F....'........z.]..u?~..P.zJM.. k...p~9..D....".Zl$?f..+...\.Pg..%...;.[R>N.#.W.e..@q...(....]&......K.......?.\|.z..(...:&m.V.C.'...D^.R....

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1555
Entropy (8bit):	5.249530958699059
Encrypted:	false
SSDEEP:
MD5:	FBE36EB2EECF1B90451A3A72701E49D2
SHA1:	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
SHA-256:	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
SHA-512:	7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (593)
Category:	downloaded
Size (bytes):	1671
Entropy (8bit):	5.310512153734107
Encrypted:	false
SSDEEP:
MD5:	452C8CBEE627C5886E747EA494432643
SHA1:	B51BF243A9BAF7E7BDF8A27A14D3FE7145565275
SHA-256:	67F25A1FAC422C683850275ABD482AC609C37B72E54EA55653E08C93AD0EBF9B
SHA-512:	DE32ABCD944564BAEB49EF3BCE53C8072CDA9D0699332BFBC50ABD7962340A375A3DBF5B65ABF6CC0129BF38B45C526A56D263E125C9F2BEFDCE54238D209E11
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/js/k=xjs.hd.en.-yh58R89BVo.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgEKAAAAAKAAAAAAAAAAAAAAAAAAAIAAQQAAIgEAAAIAAAsAAAIBABAAgIAAAECABOBRJgAACAAmAAAAAAAIAAACRQAAAAQAAGAAAAAQAAAAAACgAAAAAAAAAAAAAAAAAAAAIIBAAAAAAAAAAAAAAAIAAACgBwAAAAAAAAAQAABAEAAADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN/d=0/dg=0/br=1/rs=ACT90oG5RqGecCmpbq3VhTDTbbsGJcYOXw/m=lOO0Vd,sy8u,P6sQOc?xjs=s4"
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("lOO0Vd");._.pbb=new _.Pd(_.jLa);._.y();.}catch(e){_._DumpException(e)}.try{.var zbb;_.Abb=function(a,b,c,d,e){this.wFa=a;this.nnd=b;this.wmb=c;this.ptd=d;this.QFd=e;this.pdb=0;this.vmb=zbb(this)};zbb=function(a){return Math.random()Math.min(a.nndMath.pow(a.wmb,a.pdb),a.ptd)};_.Abb.prototype.V4b=function(){return this.pdb};_.Abb.prototype.rka=function(a){return this.pdb>=this.wFa?!1:a!=null?!!this.QFd[a]:!0};_.Bbb=function(a){if(!a.rka())throw Error("Ae`"+a.wFa);++a.pdb;a.vmb=zbb(a)};.}catch(e){_._DumpException(e)}.try{._.w("P6sQOc");.var Cbb=function(a){var b={};_.Ga(a.Ltb(),function(e){b[e]=!0});var c=a.Gsb(),d=a.Tsb();return new _.Abb(a.Ssb(),c.ka()1E3,a.vjb(),d.ka()1E3,b)},Dbb=!!(_.Xg[30]>>28&1);var Ebb=function(a){_.Hn.call(this,a.Ma);this.logger=null;this.ka=a.service.NEb;this.ta=a.service.metadata;a=a.service.hdd;this.fetch=a.fetch.bind(a)};_.C(Ebb,_.Hn);Ebb.Ga=function(){return{service:{NEb:_.ubb,metadata:_.pbb,hd

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4232), with no line terminators
Category:	downloaded
Size (bytes):	4232
Entropy (8bit):	5.531069792601157
Encrypted:	false
SSDEEP:
MD5:	DA43A25BD1F9DD99ABEEE97AE6E6BCA6
SHA1:	FAF739B5A3ACE85BABEF8AF8C123C7B140D5222A
SHA-256:	FC42CAFE3E110C38CB62AB04E51E2F806F308D3ED3F95C9E3AB5D0B7B3C9978A
SHA-512:	CB7ABBCBFF96B0B6C7AA9A674C8DB81FD6D3AD3D1F950B08F6F64AE3BC86E0ECD3DDF05C6542CAD98CE5ED59BBF2C1B510B2598064DE0B42DEB051F1CF368DFD
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/ss/k=xjs.hd.HFq-c3Fv2Po.L.B1.O/am=JFUAAAAAAAAAAAwAAAAAAAAAAAAAAAAAAAAAgAAAABAAAAAAAAAAQAGwkwAAACMAgA0ACAAAAAAAAQDAAAAAAAAAIAEAAAAEACoAAAAAAEAAAIggAABQBAAAAEBACBAAgAAKIAQoQAICRRCPQgAAAGAAAIAQAAYYBiCoAGAUIAAAAAAAAIAACAEAAIAiAAECAPQIBIABICYAAEKgB4AAAAAAEABAAAgAgJkADJABCAAAAAAAACADAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAIACgAAAAAAAAAAAAAAAAAAAEA/d=1/ed=1/br=1/rs=ACT90oF_tAztOuFhjIXnyMt3ns5pMHBzVQ/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl"
Preview:	:root{--COEmY:#1f1f1f;--xhUGwc:#fff}:root{--vZe0jb:#a8c7fa;--nwXobb:#638ed4;--VuZXBd:#001d35;--uLz37c:#545d7e;--jINu6c:#001d35;--TyVYld:#0b57d0;--ZEpPmd:#c3d9fb;--QWaaaf:#638ed4;--DEeStf:#f5f8ff;--TSWZIb:#e5edff;--BRLwE:#d3e3fd;--gS5jXb:#dadce0;--Aqn7xd:#d2d2d2;--EpFNW:#fff;--IXoxUe:#5e5e5e;--bbQxAb:#474747;--YLNNHc:#1f1f1f;--TMYS9:#0b57d0;--JKqx2:#1a0dab;--rrJJUc:#0b57d0;--mXZkqc:#d2d2d2;--Nsm0ce:#0b57d0;--XKMDxc:#f3f5f6;--aYn2S:#f3f5f6;--Lm570b:#dee1e3}.zJUuqf{margin-bottom:4px}.AB4Wff{margin-left:16px}.OhScic{margin:0px}.v0rrvd{padding-bottom:16px}.zsYMMe{padding:0px}.wHYlTd{font-family:Roboto,Arial,sans-serif;font-size:14px;line-height:22px}.yUTMj{font-family:Roboto,Arial,sans-serif;font-weight:400}.VDgVie{text-align:center}.TUOsUe{text-align:left}@keyframes g-snackbar-show{from{pointer-events:none;transform:translateY(0)}to{transform:translateY(-100%)}}@keyframes g-snackbar-hide{from{transform:translateY(-100%)}to{transform:translateY(0)}}@keyframes g-snackbar-show-content{from{op

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	102
Entropy (8bit):	5.192601269797329
Encrypted:	false
SSDEEP:
MD5:	993931E88E7C99648509FF2BAA1E82E4
SHA1:	72C0583B020F8DF49B6B0B0817DA545F00B51214
SHA-256:	6A8F905B21E648761FCB043ADF6FED536926504DD3C44BD8E6793BC224D9A9B3
SHA-512:	E29B2274E8BBD2677D35D649CC9F3A26414010C34CD67AA9D9CA2DAA2A66292EF1B649EF731B6192143A798CA67C89758FCEAAA0EB19D493C394F5D2FB49AD8B
Malicious:	false
Reputation:	unknown
Preview:	)]}'.22;["Wtb_ZvfrJbCL9u8P5Z38-AY","2092"]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7408)
Category:	dropped
Size (bytes):	253573
Entropy (8bit):	5.627994488658993
Encrypted:	false
SSDEEP:
MD5:	4E3F8785835EEC4FD0706D833CCAE47B
SHA1:	F11940254FA75BF7BA155A4CA4F20E2FFCD7ACE6
SHA-256:	9D77D766A04C584E35E738735C7FF5FC034B755413F7078F5FC13BF85E4477EC
SHA-512:	F54F23362FF4601758CE52EB035518F428C16E993054C8A350058AE7AF7008BB3754892F4B9B317CDB5C1CB7360E02ED76CB428FC21FC4FD0DE2D80C66BB8CB0
Malicious:	false
Reputation:	unknown
Preview:	_F_installCss("c-wiz{contain:style}c-wiz>c-data{display:none}c-wiz.rETSD{contain:none}c-wiz.Ubi8Z{contain:layout style}.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:relative}.nNMuOd{animation:qli-container-rotate 1568.2352941176ms linear infinite}@keyframes qli-container-rotate{from{transform:rotate(0)}to{transform:rotate(1turn)}}.RoKmhb{height:100%;opacity:0;position:absolute;width:100%}.nNMuOd .VQdeab{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-blue-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .IEqiAf{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-red-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .smocse{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-yellow-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .FlKbCe{animation:qli

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1518)
Category:	downloaded
Size (bytes):	268207
Entropy (8bit):	5.480155158674957
Encrypted:	false
SSDEEP:
MD5:	DBC94F2D77F7997B897B8B76406AF8DB
SHA1:	C5B2A27C6F1293F21EFE21652EB958BEB8F30F81
SHA-256:	5024B51982F837B244F8EE664B6C618A2820B0868B29D797A772518EEB3F9C26
SHA-512:	22D578E5585CBF73CB11BA517796BDBD499E49341FAE3EF355D500F4440A3E95742E28D7193773474F327FFBE921E184CEE14CF5004E2E016E9A89CA713FC956
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.OlyLa8GkuaI.es5.O/ck=boq-one-google.OneGoogleWidgetUi.-thgPwNVrLw.L.B1.O/am=IEAwYGw/d=1/exm=_b,_tp/excm=_b,_tp,calloutview/ed=1/wt=2/ujg=1/rs=AM-SdHsBZGUsqOLkp1tQbc4AdY2xMI9Jeg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,yYB61,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,s39S4,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,QIhFr,ovKuLd,hKSk3e,yDVVkb,hc6Ubd,SpsfSb,ebZ3mb,Z5uLle,MdUzUe,ZDZcre,zbML3c,A7fCU,zr1jrb,Uas9Hd,pjICDe"
Preview:	"use strict";_F_installCss(".KL4X6e{background:#eee;bottom:0;left:0;opacity:0;position:absolute;right:0;top:0}.TuA45b{opacity:.8}sentinel{}");.this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.Uz=function(a,b,c,d,e,f,g){var h=(0,_.Jd)(a.ta);_.Ac(h);a=_.ke(a,h,c,b,2,f,!0);c=d!=null?d:new c;if(g&&(typeof e!=="number"\|\|e<0\|\|e>a.length))throw Error();e!=void 0?a.splice(e,g,c):a.push(c);(0,_.yc)(c.ta)&2?(0,_.jl)(a,8):(0,_.jl)(a,16)};_.Wz=function(a){if(a instanceof _.Vz)return a.j;throw Error("w");};_.Xz=function(a){return new _.Vz(_.La,a[0].toLowerCase())};._.Yz=function(a,b,c,d){if(a.length===0)throw Error("w");a=a.map(function(f){return _.Wz(f)});var e=c.toLowerCase();if(a.every(function(f){return e.indexOf(f)!==0}))throw Error("ga`"+c);b.setAttribute(c,d)};_.ct.prototype.kc=_.ca(28,function(){return this.rb.length==0?null:new _.M(this.rb[0])});_.M.prototype.kc=_.ca(27,function(){return this});_.ct.prototype.Ia=_.ca(26,function(){retur

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10093), with no line terminators
Category:	downloaded
Size (bytes):	10093
Entropy (8bit):	5.302847362869835
Encrypted:	false
SSDEEP:
MD5:	D65E709854C32D756DA316B7FC68A1E0
SHA1:	587C7A88CBC46322868C4BC8F37DDFB0AB2369EE
SHA-256:	FAD93AA382237DA388873AA1288FE98D5BC7774C753ADB9D8A685BB91EED4670
SHA-512:	BCD132EECF608BD77E8780C4A6BE32CCD6BE4DC48804BF4227E035F0424891BB2F35F9A22F0B696FEFD45DBE355D7537461D3A92C2DF77B3C394AD4CC70BFADD
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/og/_/ss/k=og.qtm.fSHv1dvvroY.L.W.O/m=qcwid,d_b_gm3,d_wi_gm3,d_lo_gm3/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTsVA9_hKyGtH1-UzkVaxmvYQjNv7Q"
Preview:	.gb_Q{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ka{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_La{fill:#f9ab00}.gb_F .gb_La{fill:#fdd663}.gb_Ma>.gb_La{fill:#d93025}.gb_F .gb_Ma>.gb_La{fill:#f28b82}.gb_Ma>.gb_Na{fill:white}.gb_Na,.gb_F .gb_Ma>.gb_Na{fill:#202124}.gb_Oa{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	12199
Entropy (8bit):	1.399940702471973
Encrypted:	false
SSDEEP:
MD5:	B457C7B87B8C704171BB91C496B366CD
SHA1:	1D4676115873F19959EC619AD5338C2B2FB2274A
SHA-256:	B798A59449911C00165A63DB52258680734341807F23DEC1C1D0C3A66DEB94DE
SHA-512:	FEF9743486BE6510A8F23003EA298C159390B1B3553D3D749426FE954AA9F01FF7257C00BCE587AA54E212740AF85F1D0DDE764087942ADAB000EA5C1270E295
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/xjs/_/js/md=2/k=xjs.hd.en.-yh58R89BVo.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgEKAAAAAKAAAAAAAAAAAAAAAAAAAIAAQQAAIgEAAAIAAAsAAAIBABAAgIAAAECABOBRJgAACAAmAAAAAAAIAAACRQAAAAQAAGAAAAAQAAAAAACgAAAAAAAAAAAAAAAAAAAAIIBAAAAAAAAAAAAAAAIAAACgBwAAAAAAAAAQAABAEAAADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN/rs=ACT90oG5RqGecCmpbq3VhTDTbbsGJcYOXw
Preview:	{"chunkTypes":"1000011111110011110001000010110100000011111111111111111111111111111110110111111111110101111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111101110111111113101101111111111110111111111111110111111111111111100011011111111111111111111111110101002222222212212212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212122212121212121212122212222221221221212212121212121212121212121212121212221212121212121212121212121212121212121212122221221221222122122122122122122122122122122122122122122122122122122122122122122122122122122122122122121212121222122222222222121221211212212121212121212212121221212122121121212121212121222222221211121122221121212121221212121212121221212222222122122122122121121212212121212121

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	102
Entropy (8bit):	5.134756813621935
Encrypted:	false
SSDEEP:
MD5:	AC5D56BBBAE07BD304A8A378EAE95F2F
SHA1:	A2EE9C751F5C754B923789EFAA1759AC4441AA81
SHA-256:	BBDA20EC94407B2595492EACE6806D4BAA304B0DF5458C027F309E7AFD24119D
SHA-512:	2BBE8E7D8D11F1DAC94FE235E3790CF9202F8798AF5E71551F97E822F1F1CE619017DD73B12E663646B2D965F15026B93E1350D583F2CD7C970AE0CA8A408B15
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/async/hpba?vet=10ahUKEwjpkKah1PSIAxXSA9sEHW0ZFzIQj-0KCBU..i&ei=VNb_ZumWGdKH7NYP7bLckAM&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.-yh58R89BVo.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgEKAAAAAKAAAAAAAAAAAAAAAAAAAIAAQQAAIgEAAAIAAAsAAAIBABAAgIAAAECABOBRJgAACAAmAAAAAAAIAAACRQAAAAQAAGAAAAAQAAAAAACgAAAAAAAAAAAAAAAAAAAAIIBAAAAAAAAAAAAAAAIAAACgBwAAAAAAAAAQAABAEAAADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oG5RqGecCmpbq3VhTDTbbsGJcYOXw,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.HFq-c3Fv2Po.L.B1.O%2Fam%3DJFUAAAAAAAAAAAwAAAAAAAAAAAAAAAAAAAAAgAAAABAAAAAAAAAAQAGwkwAAACMAgA0ACAAAAAAAAQDAAAAAAAAAIAEAAAAEACoAAAAAAEAAAIggAABQBAAAAEBACBAAgAAKIAQoQAICRRCPQgAAAGAAAIAQAAYYBiCoAGAUIAAAAAAAAIAACAEAAIAiAAECAPQIBIABICYAAEKgB4AAAAAAEABAAAgAgJkADJABCAAAAAAAACADAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAIACgAAAAAAAAAAAAAAAAAAAEA%2Fbr%3D1%2Frs%3DACT90oF_tAztOuFhjIXnyMt3ns5pMHBzVQ,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.-yh58R89BVo.es5.O%2Fck%3Dxjs.hd.HFq-c3Fv2Po.L.B1.O%2Fam%3DJFUAAAAAAAAAAAwAAAAAAAAAAAAAAAAAAAAAgAAAABAAAAAAAAAAQgG6kwAAAKMAgA0ACAAAAAAAAQDAAIAAQQAAIgEAAAIEACsAAAIBAFAAgIggAEDQBOBRJkBACBAmgAAKIAQoQAICRRCPQgQAAGAAAIAQAAYYBiCoAGAUIAAAAAAAAIAACAEAIIBiAAECAPQIBIABICYAAEKgB4AAAAAAEABQAAhAkJkADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oGEE0jN2_oyc0ImiW6gXpk0OYE97A,_fmt:prog,_id:_VNb_ZumWGdKH7NYP7bLckAM_8"
Preview:	)]}'.22;["Wdb_ZreoLJeKi-gPvquR0Qk","2092"]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3521)
Category:	downloaded
Size (bytes):	21593
Entropy (8bit):	5.4043969828957215
Encrypted:	false
SSDEEP:
MD5:	EF2BE4DC1F0BBEBFF9FDED6E0C05F3E3
SHA1:	1531B7819E6BE8C3D709D5E209B33344FCF07C83
SHA-256:	9CD8E1EBEDBFB992859F20ADC7CF68CD06D0FA1CDF843FB149B7E33D359C1704
SHA-512:	79B739927746E6BACF438609D5600C71DE3795F27239137B95FAB7B22FA98DCEDD8EDA73419B2F58D80D5CAC9F84392CCB016C23A91618DC9F044D1087D70405
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.OlyLa8GkuaI.es5.O/ck=boq-one-google.OneGoogleWidgetUi.-thgPwNVrLw.L.B1.O/am=IEAwYGw/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,ebZ3mb,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pw70Gc,s39S4,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,yYB61,zbML3c,zr1jrb/excm=_b,_tp,calloutview/ed=1/wt=2/ujg=1/rs=AM-SdHsBZGUsqOLkp1tQbc4AdY2xMI9Jeg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.CF=function(){var a,b,c,d;return(d=BF)!=null?d:BF=Object.freeze({Zb:function(e){return _.of(_.Ee("iCzhFc"),!1)\|\|e===-1},Ig:(a=_.fm(_.Ee("y2FhP")))!=null?a:void 0,eu:(b=_.fm(_.Ee("MUE6Ne")))!=null?b:void 0,eg:(c=_.fm(_.Ee("cfb2h")))!=null?c:void 0,Ze:_.hm(_.Ee("yFnxrf"),-1),Cu:_.lm(_.Ee("fPDxwd")).map(function(e){return _.hm(e,0)}).filter(function(e){return e>0})})};var BF;._.q("RqjULd");.var Uha=function(a){if(_.n&&_.n.performance&&_.n.performance.memory){var b=_.n.performance.memory;if(b){var c=new tG;isNaN(b.jsHeapSizeLimit)\|\|_.uf(c,1,_.gd(Math.round(b.jsHeapSizeLimit).toString()));isNaN(b.totalJSHeapSize)\|\|_.uf(c,2,_.gd(Math.round(b.totalJSHeapSize).toString()));isNaN(b.usedJSHeapSize)\|\|_.uf(c,3,_.gd(Math.round(b.usedJSHeapSize).toString()));_.ul(a,tG,1,c)}}},Vha=function(a){if(uG()){var b=performance.getEntriesByType("navigation");if(b&&b.length){var c=new vG;if(b=b[0

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (32553)
Category:	downloaded
Size (bytes):	48893
Entropy (8bit):	5.807344645572476
Encrypted:	false
SSDEEP:
MD5:	C23B385B2EACAD0D40BD64D4A4FEA94F
SHA1:	4BB652D5F03B8805880DE703942AAADE93F3E8C4
SHA-256:	61B7442E3B9EBAE3A76C67DED3B998D9BC5D29A392AD6ABC7837B21D7F9D13BE
SHA-512:	0F287EAC646ACE66B9CA39797794C7940549B09D6501E031E4E3A723C5D49D1E5426CAE2FD19D334C464D154A0A3597C88170E0A26B43952FD137C3B17CE74DB
Malicious:	false
Reputation:	unknown
URL:	https://ogs.google.com/widget/callout?prid=19040333&pgid=19037049&puid=86ee7442362823ae&eom=1&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com&cn=callout&pid=1&spid=538&hl=en
Preview:	<!doctype html><html lang="en" dir="ltr"><head><base href="https://ogs.google.com/"><link rel="preconnect" href="//www.gstatic.com"><meta name="referrer" content="origin"><link rel="canonical" href="https://ogs.google.com/widget/callout"><link rel="preconnect" href="https://www.gstatic.com"><link rel="preconnect" href="https://ssl.gstatic.com"><script data-id="_gd" nonce="SSQPmxp8TxP7r-RIc58KLw">window.WIZ_global_data = {"DpimGf":false,"EP1ykd":["/_/*"],"FdrFJe":"-4721644672013241600","Im6cmf":"/_/OneGoogleWidgetUi","LVIXXb":1,"LoQv7e":true,"MT7f9b":[],"MUE6Ne":"OneGoogleWidgetUi","NrSucd":false,"OwAJ6e":false,"QrtxK":"","S06Grb":"","S6lZl":128566913,"TSDtV":"%.@.[[null,[[45459555,null,false,null,null,null,\"Imeoqb\"]],\"CAMSDx0K99WlEPaumhAKs5wNCg\\u003d\\u003d\"]]]","Vvafkd":false,"Yllh3e":"%.@.1728042584172987,146725763,3208189734]","ZwjLXe":538,"cfb2h":"boq_onegooglehttpserver_20240929.01_p0","eptZe":"/_/OneGoogleWidgetUi/","fPDxwd":[48802160,97517168,97684531],"gGcLoe":false,"iCzhF

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1279)
Category:	downloaded
Size (bytes):	202152
Entropy (8bit):	5.475451252598485
Encrypted:	false
SSDEEP:
MD5:	D36D84843A7A62C2FBBE0F6336670534
SHA1:	DF36AC0062B21E6ACFAD7EBD65355EBCA6E239EF
SHA-256:	E00C5CC92538BDC465E3A12E3B874B79DDA37D1B51D0AB5BF180E54FFABAC8AF
SHA-512:	B1445703AD009BC2A3D8DE5308FDC9AAF2A596EA9D3BED5C0EEC1C4BD10625F608461F922A90B776CFF8605D8AF2E28A2ADCD0B0A62CD946866C786A444D4412
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.OlyLa8GkuaI.es5.O/am=IEAwYGw/d=1/excm=_b,_tp,calloutview/ed=1/dg=0/wt=2/ujg=1/rs=AM-SdHsDqokh4SRAQCxfIFSY87a3oGgt8w/m=_b,_tp"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x20304020, 0x1b1, ]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT./.var ia,aaa,Ga,baa,Ja,cb,sb,Hb,Mb,Nb,Ob,Pb,Qb,Rb,Tb,Wb,eaa,faa,Yb,$b,gc,jc,lc,gaa,rc,sc,tc,zc,Gc,Hc,Kc,Mc,Oc,Qc,Lc,Tc,laa,hd,ed,jd,maa,naa,sd,rd,oaa,wd,paa,yd,qaa,zd,raa,Gd,saa,Kd,Qd,Rd,Td,Xd,Yd,Wd,$d,we,ze,He,Fe,Ie,z,Me,Pe,Te,$e,ef,yaa,zaa,Aaa,Baa,Caa,Daa,Eaa,Faa,Gaa,Haa,Iaa,Jaa,Kaa,Laa,ag,eg,Raa,Paa,pg,Vaa,wg,zg,Xaa,Yaa,Bg,Qg,bba,cba,Vg,dba,eba,hh,fba,gba,wh,xh,yh,hba,iba,Bh,kba,lba,Fh,Gh,pba,rba,sba,tba,uba,vba,wba,xba,zba,Aba,Bba,Dba,

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
Category:	downloaded
Size (bytes):	52280
Entropy (8bit):	7.995413196679271
Encrypted:	true
SSDEEP:
MD5:	F61F0D4D0F968D5BBA39A84C76277E1A
SHA1:	AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2
SHA-256:	57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC
SHA-512:	6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2
Preview:	wOF2.......8.....................................^...$..4?HVAR..?MVAR9.`?STAT.',..J/.......`..(..Z.0..R.6.$.... .....K..[..q..c..T.....>.P.j.`.w..#...%......N.".....$..3.0.6......... .L.rX/r[j.y.\|(.4.%#.....2.v.m..-..%.....;-.Y.{..&..O=#l@...k..7g..ZI...#.Z./+T..r7...M..3).Z%.x....s..sL..[A!.51w'/.8V..2Z..%.X.h.o.).]..9..Q`.$.....7..kZ.~O........d..g.n.d.Rw+&....Cz..uy#..fz,(.J....v.%..`..9.....h...?O..:...c%.....6s....xl..#...5..._......1.>.)"U.4 W....?%......6//!$...!.n9C@n...........!""^.....W..Z<.7.x.."UT.T....E.."R>.R..t.....H d..e_.K../.+8.Q.P.ZQ....;...U....]......._.e......71.?.7.ORv.?...l...G\|.P...\|:...I.X..2.,.L........d.g.]}W#uW]QnuP-s.;.-Y.....].......C..j_.M0...y.......J..........NY..@A...,....-.F......'..w./j5g.vUS...U..0.&...y7.LP.....%.....Y......Y..D. e.A..G.?.$.......6...eaK.n5.m...N...,...+BCl..L> .E9~.b[.w.x....6<...}.e...%V....O.......*.?...a..#[eE.4..p..$...].....%......o._......N.._~..El....b..A.0.r8.....\|..D.d..

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://google.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 115

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 127

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 134

Chrome Cache Entry: 84

Chrome Cache Entry: 86

Chrome Cache Entry: 87

Chrome Cache Entry: 93

Chrome Cache Entry: 94

Chrome Cache Entry: 95

Chrome Cache Entry: 96

Chrome Cache Entry: 97

Static File Info

Windows Analysis Report
http://google.com