Edit tour

Windows Analysis Report
http://google.com

Overview

General Information

Sample URL:	http://google.com
Analysis ID:	1525665

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Detected non-DNS traffic on DNS port

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 1632 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 4816 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1984,i,14737658693280914766,15693124248539817634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6704 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://google.com	URL Reputation: detection malicious, Label: malware
Source: http://google.com	URL Reputation: detection malicious, Label: malware

Source: https://www.google.com	HTTP Parser: No favicon
Source: https://www.google.com	HTTP Parser: No favicon
Source: https://ogs.google.com	HTTP Parser: No favicon
Source: https://ogs.google.com	HTTP Parser: No favicon
Source: https://ogs.google.com	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.186:443 -> 192.168.2.17:49793 version: TLS 1.2

Source: global traffic	TCP traffic: 192.168.2.17:49794 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:49794 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:49794 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:49794 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:49794 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:49794 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.17:49794 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: ogs.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.186:443 -> 192.168.2.17:49793 version: TLS 1.2

Source: classification engine

Classification label: mal48.win@18/33@20/236

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1984,i,14737658693280914766,15693124248539817634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://google.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1984,i,14737658693280914766,15693124248539817634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://google.com	100%	URL Reputation	malware
http://google.com	100%	URL Reputation	malware

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
google.com	142.250.186.174	true	false	unknown
www3.l.google.com	216.58.206.78	true	false	unknown
play.google.com	142.250.74.206	true	false	unknown
plus.l.google.com	172.217.16.142	true	false	unknown
www.google.com	142.250.185.132	true	false	unknown
ogs.google.com	unknown	unknown	false	unknown
apis.google.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com	false		unknown
https://ogs.google.com	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.196	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
216.58.212.131	unknown	United States	15169	GOOGLEUS	false
142.250.74.206	play.google.com	United States	15169	GOOGLEUS	false
172.217.18.14	unknown	United States	15169	GOOGLEUS	false
216.58.206.78	www3.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.132	www.google.com	United States	15169	GOOGLEUS	false
142.250.185.227	unknown	United States	15169	GOOGLEUS	false
216.58.206.35	unknown	United States	15169	GOOGLEUS	false
142.251.168.84	unknown	United States	15169	GOOGLEUS	false
142.250.181.238	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.131	unknown	United States	15169	GOOGLEUS	false
142.250.186.131	unknown	United States	15169	GOOGLEUS	false
142.250.184.238	unknown	United States	15169	GOOGLEUS	false
172.217.18.10	unknown	United States	15169	GOOGLEUS	false
142.251.41.4	unknown	United States	15169	GOOGLEUS	false
172.217.16.142	plus.l.google.com	United States	15169	GOOGLEUS	false
142.250.184.202	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1525665
Start date and time:	2024-10-04 13:52:35 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://google.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	20
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@18/33@20/236

Warnings

Exclude process from analysis (whitelisted): svchost.exe, TextInputHost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.131, 142.251.168.84, 216.58.206.78
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: google.com

LLM Input / Output

Input	Output
URL: https://www.google.com Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://ogs.google.com Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.google.com Model: jbxai	{ "brand":["Google"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Sign in", "text_input_field_labels":["Google Search", "I'm Feeling Lucky"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:53:19 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9865568085449237
Encrypted:	false
SSDEEP:
MD5:	B9D31D1A91D98D83ABA8FFA41505BB52
SHA1:	07E5F5D2B8C383DAC3FF3CF622CA380EF3CAED4B
SHA-256:	1845F7D656AF6E55239AE326F178A48832264FFA91C0ED3681C9C54F26E81A51
SHA-512:	827DC40D3C2112E87D54870AEE387E3DF1B7117C0F6AA0A233AC3371ADAF4CA3E9B959E6B2DC3CE91111BE0F0862F79FB366DDA30C84F7399DF9C190363B8DFE
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.......T.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IDY.^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY.^....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VDY.^....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VDY.^...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VDY.^...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........g.. .....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:53:19 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.000882927055585
Encrypted:	false
SSDEEP:
MD5:	325FEA89F7D5D4779887A6DB91F69B55
SHA1:	06EDEB8E582BC1523E500C72457F0426F521EB87
SHA-256:	C51942A716375DF817C31283ABFFE529368BB8856ECBB9B8E63964F939A8F519
SHA-512:	E6DB6B0FD8ACA02CFBD668E155A7E2EA920E5B049E4E9DD1ACD52BBC72F1ED9E98301EA5761F81A6A9CA598A0EB7E25DD490B6A6CB44BB6F462DDCA635F68C93
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....+a..T.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IDY.^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY.^....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VDY.^....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VDY.^...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VDY.^...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........g.. .....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:53:19 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	4.001792676575767
Encrypted:	false
SSDEEP:
MD5:	CD80861B8E83868A922BE11E7DDC6181
SHA1:	4A0508AF7982669E029F269E4AC97E5AAEE90373
SHA-256:	0C60361BA1F40D2C491092302C61AF90B71962CDC3719DC0230EBFDA1057976E
SHA-512:	F7B6A989AF92557381343AE77927F2CB9A3220DE3AB59ED7DE490D406032A928F4304D0341C915BC6F5BF87295808512A56E50548BE7DA07AF0E2A18F7C0B0C6
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....O...T.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IDY.^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY.^....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VDY.^....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VDY.^...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VDY.^...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........g.. .....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 10:53:19 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.991355768946737
Encrypted:	false
SSDEEP:
MD5:	92A43EB5F1C0FF97B481AD4B8069240E
SHA1:	006D19E0BE10F4C76818BACFA3710817FD5F1E68
SHA-256:	AF8472289605A005FFF483D0222FB1C1A07836F92B99ED1A6B14316B273FE4CB
SHA-512:	148AF8CA9CC6944C09EA22AEA23B1F8EAE1E078621269839A3BFDDD01B48CD6A99EFACFC81792DD64DA695C739878CD61C15D66C1BDEA536F870E89349A807E0
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....2...T.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IDY.^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY.^....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VDY.^....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VDY.^...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VDY.^...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........g.. .....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7408)
Category:	downloaded
Size (bytes):	508105
Entropy (8bit):	5.615943985683116
Encrypted:	false
SSDEEP:
MD5:	105B4829633C2829F040822B149B4E57
SHA1:	FEB708610FB857105B1F151C38CCAB3E49FD84D7
SHA-256:	4B59800F9249D2285CF9D825ABD0F54BCCED033295525C2FDEDF8A72FB9464BC
SHA-512:	AB88CEC49F1352C060FF5F2B9091FC5ED163EEC9CA551C75322E052B4E8473BED1CE8B9D9F66CCC5A5D2C9DE7F163DCEAFF00B450F2199C41FDF8E96D5AE9A3D
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/js/k=xjs.hd.en.-yh58R89BVo.es5.O/ck=xjs.hd.HFq-c3Fv2Po.L.B1.O/am=JFUAAAAAAAAAAAwAAAAAAAAAAAAAAAAAAAAAgAAAABAAAAAAAAAAQgG6kwAAAKMAgA0ACAAAAAAAAQDAAIAAQQAAIgEAAAIEACsAAAIBAFAAgIggAEDQBOBRLkBACBAmgAAKIAQoQAICRRCPQgQAAGAAAIAQAAYYBiCoAGAUIAAAAAAAAIAACAEAIIBiAAECAPQIBIABICYAAEKgB4AAAAAAEABQAAhAkJkADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN/d=0/dg=0/br=1/ujg=1/rs=ACT90oHs1j0msIcSsOSpKSFZRrpJMLnqjA/m=sb_wiz,aa,abd,sysk,sysj,syse,syfy,sysi,sys4,sy10j,syzr,sys9,syzq,syt9,sysf,sysh,sysd,sysx,sys1,sysy,sysz,sysq,sysu,sysa,syso,sysr,syss,syru,sysm,sys5,sys6,syrz,syri,syrg,syrf,sys8,syzp,syt8,syrs,syt7,async,syw5,ifl,pHXghd,sf,syto,sytr,sy49f,sonic,TxCJfd,sy49j,qzxzOb,IsdWVc,sy49l,sy1f9,sy1bm,sy1bi,syre,syrc,syrd,syrb,syra,sy484,sy487,sy2c8,sy17g,sy12d,sy12e,syro,syr6,syfc,sybw,sybz,sybu,syby,sybx,sycq,spch,syun,syum,rtH1bd,sy1cr,sy18j,sy178,syga,sy1cq,sy12j,sy1cp,sy179,sygc,sy1cs,SMquOb,sy8h,sygj,sygg,sygh,sygk,sygf,sygs,sygq,sygo,syge,sycn,syci,sycl,syal,syad,syb7,syak,syaj,syai,sya6,syb2,syar,sy9t,sy9s,sycj,syc1,syc2,syc8,syap,syba,syc7,syc0,sybt,sybs,syag,syan,syc3,sybo,sybl,sybk,sybm,syaf,syb8,sybf,sybd,sybh,sybe,sybg,syaa,syb5,sycs,syd7,syct,syd8,sya8,syb4,syab,syb6,sya7,syb3,syaq,syac,sycr,sycg,sycc,sycd,sy9w,sya0,sy9x,sya1,sy9y,sy9q,sy9n,sy9p,sya5,syc4,syg4,sygd,syg9,syg7,sy80,sy7x,sy7z,syg6,sygb,syg5,syg3,syg0,syfz,sy83,uxMpU,syfv,syd2,syd0,sycu,syd9,sycw,sycv,sybi,sycy,sycp,sy8z,sy8y,sy8x,Mlhmy,QGR0gd,aurFic,sy98,fKUV3e,OTA3Ae,sy8i,OmgaI,EEDORb,PoEs9b,Pjplud,sy8t,sy8m,A1yn5d,YIZmRd,uY49fb,sy7u,sy7s,sy7t,sy7r,sy7q,byfTOb,lsjVmc,LEikZe,kWgXee,Ug7Xab,U0aPgd,ovKuLd,sgY6Zb,qafBPd,ebZ3mb,dowIGb,sy1cx,sy1ct,syus,sy1cw,syz5,d5EhJe,sy1dd,fCxEDd,sywa,sy1dc,sy1db,sy1da,sy1d6,sy1d1,sy1d3,sy1d2,sy1d5,sy1ag,sy1a9,sy17p,syw9,syyq,syyp,T1HOxc,sy1d4,sy1d0,zx30Y,sy1de,sy1d8,sy18w,Wo3n8,sys0,loL8vb,syt2,syt1,syt0,ms4mZb,syq6,B2qlPe,syvn,NzU6V,sy10v,syw4,zGLm3b,syxi,syxj,syxa,DhPYme,MpJwZc,UUJqVe,sy7n,sOXFj,sy7m,s39S4,oGtAuc,NTMZac,nAFL3,sy8f,sy8e,q0xTif,y05UD,sy12w,sy1c8,sy1c2,syyo,sy1bu,sy14f,syyn,syym,syyl,syyr,sy1c1,sy147,sy1bq,sy14c,sy1c0,sy12r,sy1bv,sy1br,sy14d,sy14e,sy1c3,sy12g,sy1bz,sy1by,sy1bw,synm,sy1bx,sy1c5,sy1bk,sy1bs,sy1bj,sy1bp,sy1bl,sy15a,sy1bt,sy1bf,sy14h,sy14i,syyt,syyu,epYOx?xjs=s3"
Preview:	_F_installCss("c-wiz{contain:style}c-wiz>c-data{display:none}c-wiz.rETSD{contain:none}c-wiz.Ubi8Z{contain:layout style}.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:relative}.nNMuOd{animation:qli-container-rotate 1568.2352941176ms linear infinite}@keyframes qli-container-rotate{from{transform:rotate(0)}to{transform:rotate(1turn)}}.RoKmhb{height:100%;opacity:0;position:absolute;width:100%}.nNMuOd .VQdeab{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-blue-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .IEqiAf{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-red-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .smocse{animation:qli-fill-unfill-rotate 5332ms cubic-bezier(0.4,0,0.2,1) infinite both,qli-yellow-fade-in-out 5332ms cubic-bezier(0.4,0,0.2,1) infinite both}.nNMuOd .FlKbCe{animation:qli

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (593)
Category:	downloaded
Size (bytes):	1671
Entropy (8bit):	5.310512153734107
Encrypted:	false
SSDEEP:
MD5:	452C8CBEE627C5886E747EA494432643
SHA1:	B51BF243A9BAF7E7BDF8A27A14D3FE7145565275
SHA-256:	67F25A1FAC422C683850275ABD482AC609C37B72E54EA55653E08C93AD0EBF9B
SHA-512:	DE32ABCD944564BAEB49EF3BCE53C8072CDA9D0699332BFBC50ABD7962340A375A3DBF5B65ABF6CC0129BF38B45C526A56D263E125C9F2BEFDCE54238D209E11
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/js/k=xjs.hd.en.-yh58R89BVo.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgEKAAAAAKAAAAAAAAAAAAAAAAAAAIAAQQAAIgEAAAIAAAsAAAIBABAAgIAAAECABOBRLgAACAAmAAAAAAAIAAACRQAAAAQAAGAAAAAQAAAAAACgAAAAAAAAAAAAAAAAAAAAIIBAAAAAAAAAAAAAAAIAAACgBwAAAAAAAAAQAABAEAAADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN/d=0/dg=0/br=1/rs=ACT90oE8lueoS4jC6c87-2g4C0MINW8vPQ/m=lOO0Vd,sy8u,P6sQOc?xjs=s4"
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("lOO0Vd");._.pbb=new _.Pd(_.jLa);._.y();.}catch(e){_._DumpException(e)}.try{.var zbb;_.Abb=function(a,b,c,d,e){this.wFa=a;this.nnd=b;this.wmb=c;this.ptd=d;this.QFd=e;this.pdb=0;this.vmb=zbb(this)};zbb=function(a){return Math.random()Math.min(a.nndMath.pow(a.wmb,a.pdb),a.ptd)};_.Abb.prototype.V4b=function(){return this.pdb};_.Abb.prototype.rka=function(a){return this.pdb>=this.wFa?!1:a!=null?!!this.QFd[a]:!0};_.Bbb=function(a){if(!a.rka())throw Error("Ae`"+a.wFa);++a.pdb;a.vmb=zbb(a)};.}catch(e){_._DumpException(e)}.try{._.w("P6sQOc");.var Cbb=function(a){var b={};_.Ga(a.Ltb(),function(e){b[e]=!0});var c=a.Gsb(),d=a.Tsb();return new _.Abb(a.Ssb(),c.ka()1E3,a.vjb(),d.ka()1E3,b)},Dbb=!!(_.Xg[30]>>28&1);var Ebb=function(a){_.Hn.call(this,a.Ma);this.logger=null;this.ka=a.service.NEb;this.ta=a.service.metadata;a=a.service.hdd;this.fetch=a.fetch.bind(a)};_.C(Ebb,_.Hn);Ebb.Ga=function(){return{service:{NEb:_.ubb,metadata:_.pbb,hd

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1279)
Category:	downloaded
Size (bytes):	202152
Entropy (8bit):	5.475451252598485
Encrypted:	false
SSDEEP:
MD5:	D36D84843A7A62C2FBBE0F6336670534
SHA1:	DF36AC0062B21E6ACFAD7EBD65355EBCA6E239EF
SHA-256:	E00C5CC92538BDC465E3A12E3B874B79DDA37D1B51D0AB5BF180E54FFABAC8AF
SHA-512:	B1445703AD009BC2A3D8DE5308FDC9AAF2A596EA9D3BED5C0EEC1C4BD10625F608461F922A90B776CFF8605D8AF2E28A2ADCD0B0A62CD946866C786A444D4412
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.OlyLa8GkuaI.es5.O/am=IEAwYGw/d=1/excm=_b,_tp,calloutview/ed=1/dg=0/wt=2/ujg=1/rs=AM-SdHsDqokh4SRAQCxfIFSY87a3oGgt8w/m=_b,_tp"
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x20304020, 0x1b1, ]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT./.var ia,aaa,Ga,baa,Ja,cb,sb,Hb,Mb,Nb,Ob,Pb,Qb,Rb,Tb,Wb,eaa,faa,Yb,$b,gc,jc,lc,gaa,rc,sc,tc,zc,Gc,Hc,Kc,Mc,Oc,Qc,Lc,Tc,laa,hd,ed,jd,maa,naa,sd,rd,oaa,wd,paa,yd,qaa,zd,raa,Gd,saa,Kd,Qd,Rd,Td,Xd,Yd,Wd,$d,we,ze,He,Fe,Ie,z,Me,Pe,Te,$e,ef,yaa,zaa,Aaa,Baa,Caa,Daa,Eaa,Faa,Gaa,Haa,Iaa,Jaa,Kaa,Laa,ag,eg,Raa,Paa,pg,Vaa,wg,zg,Xaa,Yaa,Bg,Qg,bba,cba,Vg,dba,eba,hh,fba,gba,wh,xh,yh,hba,iba,Bh,kba,lba,Fh,Gh,pba,rba,sba,tba,uba,vba,wba,xba,zba,Aba,Bba,Dba,

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
Category:	downloaded
Size (bytes):	52280
Entropy (8bit):	7.995413196679271
Encrypted:	true
SSDEEP:
MD5:	F61F0D4D0F968D5BBA39A84C76277E1A
SHA1:	AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2
SHA-256:	57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC
SHA-512:	6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2
Preview:	wOF2.......8.....................................^...$..4?HVAR..?MVAR9.`?STAT.',..J/.......`..(..Z.0..R.6.$.... .....K..[..q..c..T.....>.P.j.`.w..#...%......N.".....$..3.0.6......... .L.rX/r[j.y.\|(.4.%#.....2.v.m..-..%.....;-.Y.{..&..O=#l@...k..7g..ZI...#.Z./+T..r7...M..3).Z%.x....s..sL..[A!.51w'/.8V..2Z..%.X.h.o.).]..9..Q`.$.....7..kZ.~O........d..g.n.d.Rw+&....Cz..uy#..fz,(.J....v.%..`..9.....h...?O..:...c%.....6s....xl..#...5..._......1.>.)"U.4 W....?%......6//!$...!.n9C@n...........!""^.....W..Z<.7.x.."UT.T....E.."R>.R..t.....H d..e_.K../.+8.Q.P.ZQ....;...U....]......._.e......71.?.7.ORv.?...l...G\|.P...\|:...I.X..2.,.L........d.g.]}W#uW]QnuP-s.;.-Y.....].......C..j_.M0...y.......J..........NY..@A...,....-.F......'..w./j5g.vUS...U..0.&...y7.LP.....%.....Y......Y..D. e.A..G.?.$.......6...eaK.n5.m...N...,...+BCl..L> .E9~.b[.w.x....6<...}.e...%V....O.......*.?...a..#[eE.4..p..$...].....%......o._......N.._~..El....b..A.0.r8.....\|..D.d..

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (524)
Category:	dropped
Size (bytes):	24979
Entropy (8bit):	5.413871838201982
Encrypted:	false
SSDEEP:
MD5:	7499DF9BAF83A3C7FCEDDD55D7B57EE7
SHA1:	D114C83993BCF559740578A7AB2FFB44E7E33C2A
SHA-256:	494321695048A16A8A354775226283AC4084B540F9E7C280CF7731E92F491E6B
SHA-512:	1E39FEC6F87B74C69DEE5C8A8D1ED31BD8FCFC970AFF632DA3E0FE4EE09F81AD1C593F99FF266EAFAD6A413A15E8F511F918E917EAC3D80CCF53826B52BDABB5
Malicious:	false
Reputation:	unknown
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.$$c=_.Ed("P10Owf",[_.lq]);.}catch(e){_._DumpException(e)}.try{._.w("P10Owf");.var ZD=function(a){_.A.call(this,a.Ma);this.ka=this.getData("cmep").Kb();this.Ob=a.service.Ob;this.data=a.Ud.Qda};_.C(ZD,_.A);ZD.Ga=function(){return{service:{Ob:_.Jt},Ud:{Qda:_.yD}}};ZD.prototype.wa=function(){this.Ob.ka().oa(this.getRoot().el(),1).log(!0)};ZD.prototype.ta=function(a){a=a.data?_.Rb(_.yD,a.data):new _.yD;aad(this,a)};ZD.prototype.oa=function(a){aad(this,a.data)};.var aad=function(a,b){var c;(b==null?0:b.Pu())&&((c=a.data)==null?0:c.Pu())&&(b==null?void 0:b.Pu())!==a.data.Pu()\|\|a.Ob.ka().oa(a.getRoot().el(),2).log(!0)};ZD.prototype.Ia=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);_.Ne(document,_.aFc)};ZD.prototype.Ea=function(a){this.Ob.ka().ka(a.qb.el()).log(!0);if(this.ka){var b;_.Ne(document,_.$Ec,(b=this.data)==null?void 0:b.Kc())}else _.Ne(document,_.ZEc,this.data)};_.K(ZD.prototype,"kEOk4d",function(){return this.Ea});_.K(ZD.pro

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2091
Entropy (8bit):	7.8938748179764
Encrypted:	false
SSDEEP:
MD5:	6282A05D151E7D0446C655D1892475E2
SHA1:	B2B05F319DA0E73250200AE9BB518A318D6B4C5D
SHA-256:	4CAB9CF78FD7C85AE2236CDD47B905FA4173F664946DFAB008591B3CFE4280B7
SHA-512:	DF0C4C01555430BD2AFAD409E40A422F5EFB0ED9B6E86168874B46312FFC0BA7CA2B5503E49858035056C342A83CBC42721AA89077BD2E1F698692AF4277BAB5
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...0...0.....W.......IDATx........m.tm.86.m.m...m.Xo..._~..Mm.&..x....v.....?... .~^.TV....z.wK.....-.`..w.............4....."...z6Z."....`;@....!...S.Q..E...L$..`01..S(.v...vn._...H.......H.fs.8).....q....\....9B>...)>#2...A....z..8.#+A.V-..hh....3.......c.......F. 3.......~.^Q......c.....a.1...gZ....y....wU..2...].-.0b].......[......w...&K..$..K..\.t..QoY..O?....u.Sa.-...na.Z..}..._s..~[.Ue.M.!#Y.....%.t.7y....J......Q.0fC.Fo..@..&...B.....&..}.ld....O.#+...<.z..,."?vC....Y.....<d..."b.D.(sX..c..5.z,..!...oV.. .....>O.#..pHG..y.j.7.-@.K.s..,...&.%6.. O=dj....S..;.O..ylc.O.~....Tn.F.\|.Y..X..@........e..O.Z......}(H...vp.... ...y..&..:.......8y...{n..R^...:.q.......>....C.....^P..C..%..<. 6...9..,.$0x.M.=.`\..MI..\|.........^...W-"...@..J........K.m...h...x.H.>.c.>.w!......:X.b%.v....)..[R..-..>.+!..?...?.....Q.G:F...k..A.)`*.^N$...{9.<.PD...7`).3.d........h.k..{]&.;^.h.s>BREP.X.O.~P\|[....R].m,.......Z..Pk.g0.yl...Z.qp..

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (13641)
Category:	downloaded
Size (bytes):	201775
Entropy (8bit):	5.882196577540839
Encrypted:	false
SSDEEP:
MD5:	D99B2DED9C7459C513372557EC870269
SHA1:	11BEE1C26EBCCDDB7C7FA3D76A257F191FB263F3
SHA-256:	40EC87295BF1EF3ED0E05259A6E4205FD1960768C37B6F51E8849E49E505F3DB
SHA-512:	ADCD2B4143B18CF256A8C520A9F8198AFD941F6D6F70E4FDBE289591DBE883D11F3A218916A204478ED83B03D846C8CDD74D7E84837E52E154A34A83E888176A
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/
Preview:	<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta charset="UTF-8"><meta content="origin" name="referrer"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="qBH6m_CDYvTKTNaFZXG8oA">window._hst=Date.now();performance&&performance.mark&&performance.mark("SearchHeadStart");</script><script nonce="qBH6m_CDYvTKTNaFZXG8oA">(function(){var _g={kEI:'MNf_ZqH3NoKji-gP0YWC6AQ',kEXPI:'31',kBL:'DgOl',kOPI:89978449};(function(){var a;((a=window.google)==null?0:a.stvsc)?google.kEI=_g.kEI:window.google=_g;}).call(this);})();(function(){google.sn='webhp';google.kHL='en';})();(function(){.var h=this\|\|self;function l(){return window.google!==void 0&&window.google.kOPI!==void 0&&window.google.kOPI!==0?window.google.kOPI:null};var m,n=[];function p(a){for(var b;a&&(!a.getAttribute\|\|!(b=a.getAttribute("eid")));)a=a.parentNode;return b\|\|m}function q(a){for(var b=null;a&&(!a.getAttribute\|\|!

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	5430
Entropy (8bit):	3.6534652184263736
Encrypted:	false
SSDEEP:
MD5:	F3418A443E7D841097C714D69EC4BCB8
SHA1:	49263695F6B0CDD72F45CF1B775E660FDC36C606
SHA-256:	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
SHA-512:	82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
Malicious:	false
Reputation:	unknown
Preview:	............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1689), with no line terminators
Category:	dropped
Size (bytes):	1689
Entropy (8bit):	5.640520027557763
Encrypted:	false
SSDEEP:
MD5:	45DD7BD58C9F085DA52FA16A2A150066
SHA1:	9B5CF4B288EDE14AE8834F3EF2A58145B8EC8CBC
SHA-256:	0D5C53FCC37C7A2CE26367BBE6197FCD9272DD7EBC81823D088A4DFFF5AE599B
SHA-512:	520B8DF68524C2CEF393B837D7EAD0168028C94697E1DA0AC4BDDAFAB849D1B26D7E7933082146AE6A220A449F066CBBBA2EBFC6CC30D3F756FBD98EE061C8DF
Malicious:	false
Reputation:	unknown
Preview:	.MTIaKb,.LwDUdc,.FAoEle,.RlTCPd,.wPNfjb,.caNvfd,.Vnob4b,.bbxTBb,.DpgmK,.YKUhfb,.uNnvb,.aVsZpf,.RoOVmf,.dIfvQd,.V3Ezn,.Enb9pe,.mYuoaf,.kJSB8,.tUr4Kc,.iQMtqe{--Yi4Nb:var(--mXZkqc);--pEa0Bc:var(--bbQxAb);--kloG3:var(--mXZkqc);--YaIeMb:var(--XKMDxc);--Pa8Wlb:var(--Nsm0ce);--izGsqb:var(--Nsm0ce);--todMNcl:var(--EpFNW);--p9J9c:var(--Nsm0ce)}:root{--KIZPne:#a3c9ff;--xPpiM:#001d35;--Ehh4mf:var(--Nsm0ce)}:root{--Yi4Nb:#d2d2d2;--pEa0Bc:#474747;--kloG3:#d2d2d2;--YaIeMb:#f7f8f9;--Pa8Wlb:#0b57d0;--izGsqb:#0b57d0;--todMNcl:#fff;--p9J9c:#0b57d0}.EpPYLd{display:block;position:relative}.YpcDnf{padding:0 16px;vertical-align:middle}.YpcDnf.HG1dvd{padding:0}.HG1dvd>*{padding:0 16px}.WtV5nd .YpcDnf{padding-left:28px}.Zt0a5e .YpcDnf{line-height:48px}.GZnQqe .YpcDnf{line-height:23px}.EpPYLd:hover{cursor:pointer}.EpPYLd,.CB8nDe:hover{cursor:default}.LGiluc,.EpPYLd[disabled]{pointer-events:none;cursor:default}@media (forced-colors:active){.EpPYLd[disabled]{color:GrayText}}.LGiluc{border-top:1px solid;height:0;

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (550)
Category:	downloaded
Size (bytes):	1521
Entropy (8bit):	5.117264756343684
Encrypted:	false
SSDEEP:
MD5:	100B36980D9894320C32C44B6F87CB36
SHA1:	4141A706A21E06BC6F5476FE17EF47379A43B6DE
SHA-256:	5081E282A0EF3031276FB9AF5A8CD4BB97F76F70F25BD5AFDE8F1370C5549305
SHA-512:	DCDEC1E07153B002AE9ED23D04E51D866BEB92D4B12AFB03B1289695B20396B315809365FE43B5BE824BA81FAB44458A8A5EB70CB2562EE4CE5FC236B76AD304
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/xjs/_/js/k=xjs.hd.en.-yh58R89BVo.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgEKAAAAAKAAAAAAAAAAAAAAAAAAAIAAQQAAIgEAAAIAAAsAAAIBABAAgIAAAECABOBRLgAACAAmAAAAAAAIAAACRQAAAAQAAGAAAAAQAAAAAACgAAAAAAAAAAAAAAAAAAAAIIBAAAAAAAAAAAAAAAIAAACgBwAAAAAAAAAQAABAEAAADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN/d=0/dg=0/br=1/rs=ACT90oE8lueoS4jC6c87-2g4C0MINW8vPQ/m=aLUfP?xjs=s4
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{._.w("aLUfP");.var zqb=function(a){this.Tp=a};var Aqb=function(a){_.Hn.call(this,a.Ma);var b=this;this.window=a.service.window.get();this.ta=this.Tp();this.oa=window.orientation;this.ka=function(){var c=b.Tp(),d=b.GYa()&&Math.abs(window.orientation)===90&&b.oa===-1window.orientation;b.oa=window.orientation;if(c!==b.ta\|\|d){b.ta=c;d=_.Ra(b.Od);for(var e=d.next();!e.done;e=d.next()){e=e.value;var f=new zqb(c);try{e(f)}catch(g){_.ca(g)}}}};this.Od=new Set;this.window.addEventListener("resize",this.ka);this.GYa()&&this.window.addEventListener("orientationchange",.this.ka)};_.C(Aqb,_.Hn);Aqb.Ga=function(){return{service:{window:_.In}}};_.m=Aqb.prototype;_.m.addListener=function(a){this.Od.add(a)};_.m.removeListener=function(a){this.Od.delete(a)};._.m.Tp=function(){if(_.ma()&&_.la()&&!navigator.userAgent.includes("GSA")){var a=_.yl(this.window);a=new _.ol(a.width,Math.round(a.widththis.window.innerHeight/this.window.innerWidth))}else a

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2287)
Category:	downloaded
Size (bytes):	221974
Entropy (8bit):	5.525116818290676
Encrypted:	false
SSDEEP:
MD5:	CA99755538A8D8B1866C97729137BFEE
SHA1:	0949EAA1931E46A95BF1B0674F43D92885B3BEC7
SHA-256:	088314A76E272A02EA40D754DDBA1E839D2C2817C5385CE332A03664C0B45B36
SHA-512:	B07F8E3D1D304CE4B12AF1043A53ED544BAA0ECE5F3ED0ACC12B4AD52C76D0B36346E9255194FB34869748A42AC823889056B097E0A0122C3A1484236AD0BFC5
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.eBPYdy5TlKU.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvCjRZ-bRAiOPLLf0QdNwYcTlfNSg"
Preview:	this.gbar_=this.gbar_\|\|{};(function(_){var window=this;.try{.var He;He=0;_.Ie=function(a){return Object.prototype.hasOwnProperty.call(a,_.Qb)&&a[_.Qb]\|\|(a[_.Qb]=++He)};_.Je=function(a){return _.Pb(a)&&a.nodeType==1};_.Ke=function(a,b){if("textContent"in a)a.textContent=b;else if(a.nodeType==3)a.data=String(b);else if(a.firstChild&&a.firstChild.nodeType==3){for(;a.lastChild!=a.firstChild;)a.removeChild(a.lastChild);a.firstChild.data=String(b)}else _.Ee(a),a.appendChild(_.te(a).createTextNode(String(b)))};var Le;_.Me=function(a,b,c){Array.isArray(c)&&(c=c.join(" "));var d="aria-"+b;c===""\|\|c==void 0?(Le\|\|(Le={atomic:!1,autocomplete:"none",dropeffect:"none",haspopup:!1,live:"off",multiline:!1,multiselectable:!1,orientation:"vertical",readonly:!1,relevant:"additions text",required:!1,sort:"none",busy:!1,disabled:!1,hidden:!1,invalid:"false"}),c=Le,b in c?a.setAttribute(d,c[b]):a.removeAttribute(d)):a.setAttribute(d,c)};var Qe;_.Pe=function(a,b,c,d,e,f){if(_.qc&&e)return _.Ne(a);if(e&&!d)re

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1885)
Category:	dropped
Size (bytes):	126135
Entropy (8bit):	5.498654960721984
Encrypted:	false
SSDEEP:
MD5:	C299A572DF117831926BC3A0A25BA255
SHA1:	673F2AC4C7A41AB95FB14E2687666E81BC731E95
SHA-256:	F847294692483E4B7666C0F98CBE2BD03B86AE27B721CAE332FEB26223DDE9FC
SHA-512:	B418A87A350DBC0DEF9FAF3BE4B910CB21AE6FFFC6749EECEA486E3EB603F5AF92F70B936C3D440009482EDE572EE9736422CF89DCDD2B758DFA829216049179
Malicious:	false
Reputation:	unknown
Preview:	gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x800000, ]);.var ba,fa,ha,na,oa,sa,ua,wa;ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};fa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.ma=ha(this);na=function(a,b){if(b)a:{var c=_.ma;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&fa(c,a,{configurable:!0,writable:!0,value:b})}};.na("Symbol",function(a){if(a)r

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (736)
Category:	dropped
Size (bytes):	3516
Entropy (8bit):	5.552055740061078
Encrypted:	false
SSDEEP:
MD5:	BDF45A6BA57F872963259DA69256A45E
SHA1:	0F6328EA074F20F841EF27871D04F7A61ABFC580
SHA-256:	89474426B70726A283415671A654B2B74E2C9999CAD67BCC2F072856621BC05B
SHA-512:	F35AC64D7D4923B848145FE487BB4E7A93A29C81E6B2BEDE806691D21145B648CC968961E23CEB328AA0DC4D0D6FF2CCD128DBDCAC15461A8AA713F12479F6D7
Malicious:	false
Reputation:	unknown
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("Wt6vjf");.var Mz=function(a){this.ta=_.y(a,0,Mz.mb)};_.G(Mz,_.C);Mz.prototype.Xa=function(){return _.xl(this,1)};Mz.prototype.oc=function(a){_.Jl(this,1,a)};Mz.mb="f.bo";var Nz=function(){_.Vo.call(this)};_.G(Nz,_.Vo);Nz.prototype.ab=function(){this.Yq=!1;Oz(this);_.Vo.prototype.ab.call(this)};Nz.prototype.j=function(){Pz(this);if(this.lk)return Qz(this),!1;if(!this.js)return Rz(this),!0;this.dispatchEvent("p");if(!this.np)return Rz(this),!0;this.ao?(this.dispatchEvent("r"),Rz(this)):Qz(this);return!1};.var Sz=function(a){var b=new _.tu(a.yx);a.bq!=null&&b.j.set("authuser",a.bq);return b},Qz=function(a){a.lk=!0;var b=Sz(a),c="rt=r&f_uid="+_.Xl(a.np);_.Aq(b,(0,_.E)(a.l,a),"POST",c)};.Nz.prototype.l=function(a){a=a.target;Pz(this);if(_.Hq(a)){this.fn=0;if(this.ao)this.lk=!1,this.dispatchEvent("r");else if(this.js)this.dispatchEvent("s");else{try{var b=_.Iq(a),c=JSON.pars

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 272 x 92, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	5969
Entropy (8bit):	7.949719859611916
Encrypted:	false
SSDEEP:
MD5:	8F9327DB2597FA57D2F42B4A6C5A9855
SHA1:	1737D3DFB411C07B86ED8BD30F5987A4DC397CC1
SHA-256:	5776CD87617EACEC3BC00EBCF530D1924026033EDA852F706C1A675A98915826
SHA-512:	B807694ED1EF6DFA6CB5D35B46526FF9584D9AAD66CE4DC93CDEB7B8B103A7C78369D1141D53F092EDDEA0441E982D3A16DF6E98959A5557C288B580CF5191E6
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Preview:	.PNG........IHDR.......\............IDATx..]...U..:.................].{.A.A.(......\....1........A@6.......$...(.CXX\|..d...IUu..dz...g..u.....sO.1..g..W.....~..fv..+.TL.z.q.c..e..;..{..._"...`V...NwUwg....L.{6...y...]....2yo.x}^\|.....)....444.....r7.f&.<...t.!.l'8.s..LCCcl...t........ ......;..,a..0.xju........\|.. D%.l._..........]Y.. ...&N.r.~$g...&...Z}.w.3q......RKwm.ihh.I.pL.n..7j.W..%..Ld...@......q7x)..A.x.0..M .H..Wq.g.h..k.\|P..-Q.}.Ca...@.A.....D....x.....vOp.....+.z...N...T..o.?...?.%e....&..#..3.....P..Np9...$m.Ne. ..3y?......]....l.).z...g.^.v.!....-...&..M .Eg..w.K. ..;..@.qiP4yhh.....U.l7X-.u...-.tP..X..D.i......p'.T>Y.\o.TM.....xx&...&..M ..{.MQ...@.......C.ihh...]].ws..L.<.1...M ..>/yl...yhh.Yh..y..n...H.iW!..4444.p'8G.<...4444. .!.$'.._`....&....h=@8..........T.Ao..4444..#..i.q.'t.u........T..+j.ASyjT...u..(f.y.uw...-e.B...5.W........m~..5-\|_">.j....c[o..m+....K.v.Tak_.".\.....<........u.....},..02..'.h.v.^.....s..A..Ctw

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	660
Entropy (8bit):	7.7436458678149815
Encrypted:	false
SSDEEP:
MD5:	C3DFF0D9F30EC0BCF4DEC9524505916B
SHA1:	4B378403ACBEBC3747E08C69B5FD7770A850C9EB
SHA-256:	73D788F86BE22112BB53762545989C0F1BBDB7343161130952C9BA3834FF81E3
SHA-512:	677EA304D00D176ACF61FF68BF23BD5F77AD2928D7DE9F4B842292BC9D3FB7029FE9F578B62F142DCE689230F392E828098EED3484FE2DBEE6E1A7AA5378E2C6
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Preview:	RIFF....WEBPVP8L..../'....Hv.=n.......Q...a..(Rv.o..U.....l..m........0l.6l..f.......A?B.C.A...2h..Ag0....G8.n#)R.j.x..P.F..I;.Ox......7-...bX./..]...3..T....5...x...G.C....%.u.....u/._.=....<!q.\...9.....\....p:..P.4.aS.N).>.>.."..9..Vh ....no....l.1..#6p\c..2..>..=8...........FP.^....+/.~......hs..D.Jm..9...r....t*.H..~T^\|.....l..l......he..}f....d.."....K...&1..................pl.Pf.%6...2X..I...eXQ(.K..1%c..w.s._..._K`K.1}..D.E=...<..ytM..>.q'.e.L.~$...b..;k.M.....t\O..m.I._..F....'........z.]..u?~..P.zJM.. k...p~9..D....".Zl$?f..+...\.Pg..%...;.[R>N.#.W.e..@q...(....]&......K.......?.\|.z..(...:&m.V.C.'...D^.R....

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:
MD5:	BEEDCB4EB0A559E6CE2D1E20D38CB330
SHA1:	A04EE9801770C0E81B170D7992EC3735E878AA58
SHA-256:	6E9D99B87595B07B10676B68EBE9AA8B63DF7D9A74F59CC91EED60EA1FBDC6EF
SHA-512:	BD101CDF7FDF1210127D83CE76E3F6F6F1378259F0A55C112E39C49A9131B8636FB020E07E985B8427A35B62A544F2F7C5F75B11AD69EF2C4AE67A41BD5898B2
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAn11VQ7sgCk8RIFDWlIR0c=?alt=proto
Preview:	CgkKBw1pSEdHGgA=

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1555
Entropy (8bit):	5.249530958699059
Encrypted:	false
SSDEEP:
MD5:	FBE36EB2EECF1B90451A3A72701E49D2
SHA1:	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
SHA-256:	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
SHA-512:	7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	12199
Entropy (8bit):	1.399940702471973
Encrypted:	false
SSDEEP:
MD5:	B457C7B87B8C704171BB91C496B366CD
SHA1:	1D4676115873F19959EC619AD5338C2B2FB2274A
SHA-256:	B798A59449911C00165A63DB52258680734341807F23DEC1C1D0C3A66DEB94DE
SHA-512:	FEF9743486BE6510A8F23003EA298C159390B1B3553D3D749426FE954AA9F01FF7257C00BCE587AA54E212740AF85F1D0DDE764087942ADAB000EA5C1270E295
Malicious:	false
Reputation:	unknown
Preview:	{"chunkTypes":"1000011111110011110001000010110100000011111111111111111111111111111110110111111111110101111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111101110111111113101101111111111110111111111111110111111111111111100011011111111111111111111111110101002222222212212212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212122212121212121212122212222221221221212212121212121212121212121212121212221212121212121212121212121212121212121212122221221221222122122122122122122122122122122122122122122122122122122122122122122122122122122122122122121212121222122222222222121221211212212121212121212212121221212122121121212121212121222222221211121122221121212121221212121212121221212222222122122122122121121212212121212121

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	102
Entropy (8bit):	5.1167646277040975
Encrypted:	false
SSDEEP:
MD5:	A87D976B3C39513CB57562819A3E9A63
SHA1:	5C8BC265FC1C12E037F64B9F946BB122C3DE02B6
SHA-256:	6B07F064473450B790CD211D6781A6B4A7FD82B73DA8501871F06A8C82EC12CD
SHA-512:	C8E2F7D6E974FFA3FD26D377243DACA626B0C385A0F3E3B0EF7A9DE0BC70011FF5158EE5FD228A89EC1E3D7EF3BBA39E55C7F55D92D653E6B315EDC40BE5AA77
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/async/hpba?vet=10ahUKEwihz7eK1fSIAxWC0QIHHdGCAE0Qj-0KCBU..i&ei=MNf_ZqH3NoKji-gP0YWC6AQ&opi=89978449&yv=3&sp_imghp=false&sp_hpte=1&sp_hpep=1&stick=&cs=0&async=_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.-yh58R89BVo.es5.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgEKAAAAAKAAAAAAAAAAAAAAAAAAAIAAQQAAIgEAAAIAAAsAAAIBABAAgIAAAECABOBRLgAACAAmAAAAAAAIAAACRQAAAAQAAGAAAAAQAAAAAACgAAAAAAAAAAAAAAAAAAAAIIBAAAAAAAAAAAAAAAIAAACgBwAAAAAAAAAQAABAEAAADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oE8lueoS4jC6c87-2g4C0MINW8vPQ,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.HFq-c3Fv2Po.L.B1.O%2Fam%3DJFUAAAAAAAAAAAwAAAAAAAAAAAAAAAAAAAAAgAAAABAAAAAAAAAAQAGwkwAAACMAgA0ACAAAAAAAAQDAAAAAAAAAIAEAAAAEACoAAAAAAEAAAIggAABQBAAACEBACBAAgAAKIAQoQAICRRCPQgAAAGAAAIAQAAYYBiCoAGAUIAAAAAAAAIAACAEAAIAiAAECAPQIBIABICYAAEKgB4AAAAAAEABAAAgAgJkADJABCAAAAAAAACADAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAIACgAAAAAAAAAAAAAAAAAAAEA%2Fbr%3D1%2Frs%3DACT90oEXqKNVybsF4DOMwJvfGV6IH5KKUA,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.-yh58R89BVo.es5.O%2Fck%3Dxjs.hd.HFq-c3Fv2Po.L.B1.O%2Fam%3DJFUAAAAAAAAAAAwAAAAAAAAAAAAAAAAAAAAAgAAAABAAAAAAAAAAQgG6kwAAAKMAgA0ACAAAAAAAAQDAAIAAQQAAIgEAAAIEACsAAAIBAFAAgIggAEDQBOBRLkBACBAmgAAKIAQoQAICRRCPQgQAAGAAAIAQAAYYBiCoAGAUIAAAAAAAAIAACAEAIIBiAAECAPQIBIABICYAAEKgB4AAAAAAEABQAAhAkJkADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oHs1j0msIcSsOSpKSFZRrpJMLnqjA,_fmt:prog,_id:_MNf_ZqH3NoKji-gP0YWC6AQ_8"
Preview:	)]}'.22;["Ntf_Zv_WFtjWi-gPmrvPkQk","2092"]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	102
Entropy (8bit):	5.153385583522819
Encrypted:	false
SSDEEP:
MD5:	05A7373CAD65A251B8F1AFDCCF4116FF
SHA1:	9BF92BE02213C7469785EF7705ACB59E3D3EEE27
SHA-256:	FC9CB3EEBCACF244EC42D84FD5472DABF9EBC5E8318BCEE82358BD1DCECFA6E8
SHA-512:	9C429435A8470B177840DF847A9C904E3533241F5300C1E5F106202A1F1C35A3278CC2C6F8F39B5E2D948AFE2B12C57C9584AA6AABD9541F7877827FDB425176
Malicious:	false
Reputation:	unknown
Preview:	)]}'.22;["N9f_ZsjeEMzi7_UPp-LNyQM","2092"]c;[2,null,"0"]1b;<div jsname="Nll0ne"></div>c;[9,null,"0"]0;

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (32553)
Category:	downloaded
Size (bytes):	48893
Entropy (8bit):	5.806068194411718
Encrypted:	false
SSDEEP:
MD5:	2E062FC5D8F7935B4D0A6697A81C7B92
SHA1:	8B8A655334AB46029629686E29B4749B3B75673D
SHA-256:	05F6EE56EE18D60F6B537D36ACA9E18A580076A3C393A2244060A52D157B21E3
SHA-512:	6DA4D69010164470A5FED94AD37B0697C079AC3012044C44A9A1A5366AE94B78EAE827E78869B972FF70645649CE9D3E702C0E0E5C0E649BBDBB3D989AE00AAB
Malicious:	false
Reputation:	unknown
URL:	https://ogs.google.com/widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&eom=1&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com&cn=callout&pid=1&spid=538&hl=en
Preview:	<!doctype html><html lang="en" dir="ltr"><head><base href="https://ogs.google.com/"><link rel="preconnect" href="//www.gstatic.com"><meta name="referrer" content="origin"><link rel="canonical" href="https://ogs.google.com/widget/callout"><link rel="preconnect" href="https://www.gstatic.com"><link rel="preconnect" href="https://ssl.gstatic.com"><script data-id="_gd" nonce="XlviNmPQaVdT7aKgQPbySQ">window.WIZ_global_data = {"DpimGf":false,"EP1ykd":["/_/*"],"FdrFJe":"-3277648184611482851","Im6cmf":"/_/OneGoogleWidgetUi","LVIXXb":1,"LoQv7e":true,"MT7f9b":[],"MUE6Ne":"OneGoogleWidgetUi","NrSucd":false,"OwAJ6e":false,"QrtxK":"","S06Grb":"","S6lZl":128566913,"TSDtV":"%.@.[[null,[[45459555,null,false,null,null,null,\"Imeoqb\"]],\"CAMSDx0K99WlEPaumhAKs5wNCg\\u003d\\u003d\"]]]","Vvafkd":false,"Yllh3e":"%.@.1728042804234761,151684512,3658006154]","ZwjLXe":538,"cfb2h":"boq_onegooglehttpserver_20240929.01_p0","eptZe":"/_/OneGoogleWidgetUi/","fPDxwd":[48802160,97517168,97684531],"gGcLoe":false,"iCzhF

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (621)
Category:	downloaded
Size (bytes):	1049459
Entropy (8bit):	5.721691992592675
Encrypted:	false
SSDEEP:
MD5:	095F0603A6AC08E885712E94032D02F7
SHA1:	E1744C83253CE085BED7AF63F93F417F64C124AA
SHA-256:	A24E5FF23B3351004B476F29DAAED5ABFDF928DD7E09ACCF2532A3D80B53501C
SHA-512:	1574470FFED68D863B26821F84E3783E41C48E5C1430F04ADC5920196E9A229B76CBE08EB5E5210CB6526B63C2B9DCBE27634C12F2644E2A7365721ADEF2B34D
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/js/k=xjs.hd.en.-yh58R89BVo.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAgEKAAAAAKAAAAAAAAAAAAAAAAAAAIAAQQAAIgEAAAIAAAsAAAIBABAAgIAAAECABOBRLgAACAAmAAAAAAAIAAACRQAAAAQAAGAAAAAQAAAAAACgAAAAAAAAAAAAAAAAAAAAIIBAAAAAAAAAAAAAAAIAAACgBwAAAAAAAAAQAABAEAAADJABCAAAAAAAAOgDgOABMKSwAAAAAAAAAAAAAACAACQI5kICCgIQAAAAAAAAAAAAAAAAAFLSxIUN/d=1/ed=1/dg=3/br=1/rs=ACT90oE8lueoS4jC6c87-2g4C0MINW8vPQ/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXJSm:ii1RGf;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;Q6C5kf:pfdZCe;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ScI3Yc:e7Hzgb,e7Hzgb;ShpF6e:N0pvGc;SzQQ3e:dNhofb;TxfV6d:YORN0b;U96pRd:FsR04;UBKJZ:LGDJGb;UDrY1c:eps46d;UVmjEd:EesRsb;UVzb9c:IvPZ6d;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YIZmRd:A1yn5d;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZSH6tc:QAvyLe;ZWEUA:afR4Cf;ZlOOMb:P0I0Ec;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aCJ9tf:qKftvc;aZ61od:arTwJ;af0EJf:ghinId;bDXwRe:UsyOtc;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dowIGb:ebZ3mb,ebZ3mb;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;euOXY:OZjbQ;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lOO0Vd:OTA3Ae;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;nJw4Gd:dPFZH;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qafBPd:sgY6Zb;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sTsDMc:kHVSUb;sZmdvc:rdGEfc;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;ysNiMc:CpIBjd;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl"
Preview:	this._hd=this._hd\|\|{};(function(_){var window=this;.try{./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT././. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var baa,caa,naa,Aaa,Caa,Iaa,Taa,$aa,iba,kba,mba,nba,rba,sba,xba,Cba,Fba,Hba,Iba,Lba,Kba,Eba,Sa,Oba,Sba,Tba,Uba,Yba,aca,bca,dca,eca,fca,hca,ica,kca,oca,qca,sca,Aca,Bca,Cca,wca,Dca,xca,Eca,vca,Fca,uca,Gca,Ica,Pca,Rca,Sca,Wca,Xca,ada,dda,Yca,cda,bda,$ca,Zca,fda,gda,kda,mda,lda,pda,qda,rda,tda,vda,uda,xda,yda,zda,Bda,Cda,Dda,Eda,Fda,Ida,Jda,Kda,Oda,Nda,Rda,Sda,Xda,Yda,Zda,aea,$da,cea,bea,fea,eea,hea,jea,mea,nea,qea,rea,vea,wea,Bea,Dea,Lea,Mea,Oea,uea,yea,Sea,Wea,cfa,gfa,hfa,pfa,mfa,qfa,sfa,wfa,xfa,yfa,.Afa,Bfa,jfa,Dfa,Ffa,Jfa,Lfa,Sfa,Xfa,Zfa,iga,kga,mga,nga,wga,yga,Bga,Dga,Ega,Gga,Iga,Mga,Nga,Pga,dh

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (768)
Category:	dropped
Size (bytes):	1425
Entropy (8bit):	5.352015286891893
Encrypted:	false
SSDEEP:
MD5:	F989AA4A304254FE7C53F1A299D3E3C7
SHA1:	0A6BBF0E3C59855D6CBE269B3AD991C8848F4288
SHA-256:	47F3A84A8B30F8380C7DDB46F5F753174626C6A7D1A17F482C202F457397E393
SHA-512:	3DD76D30ABDA12DB3F85BC6DFDE67243C8BD3C818D0F3BAC5C9E9D4E7B39454C2F178844F70286B643F3BBCCB73954E1612428B4DAA89745B0FDCDF83FE9BF49
Malicious:	false
Reputation:	unknown
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.q("P6sQOc");.var rpa=!!(_.Bi[0]>>26&1);var spa=function(a,b,c,d,e){this.o=a;this.N=b;this.v=c;this.O=d;this.ha=e;this.j=0;this.l=QY(this)},tpa=function(a){var b={};_.Ea(a.Lq(),function(e){b[e]=!0});var c=a.Dq(),d=a.Fq();return new spa(a.Eq(),c.j()1E3,a.yq(),d.j()1E3,b)},QY=function(a){return Math.random()Math.min(a.NMath.pow(a.v,a.j),a.O)},RY=function(a,b){return a.j>=a.o?!1:b!=null?!!a.ha[b]:!0};var SY=function(a){_.S.call(this,a.oa);this.l=a.service.Zr;this.o=a.service.metadata;a=a.service.hE;this.fetch=a.fetch.bind(a)};_.G(SY,_.S);SY.W=function(){return{service:{Zr:_.OY,metadata:_.KY,hE:_.FW}}};SY.prototype.j=function(a,b){if(this.o.getType(a.wb())!==1)return _.vp(a);var c=this.l.Gr;(c=c?tpa(c):null)&&RY(c)?(b=TY(this,a,b,c),a=new _.up(a,b,2)):a=_.vp(a);return a};.var TY=function(a,b,c,d){return c.then(function(e){return e},function(e){if(rpa)if(e instanceof _.yf){

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3521)
Category:	dropped
Size (bytes):	21593
Entropy (8bit):	5.4043969828957215
Encrypted:	false
SSDEEP:
MD5:	EF2BE4DC1F0BBEBFF9FDED6E0C05F3E3
SHA1:	1531B7819E6BE8C3D709D5E209B33344FCF07C83
SHA-256:	9CD8E1EBEDBFB992859F20ADC7CF68CD06D0FA1CDF843FB149B7E33D359C1704
SHA-512:	79B739927746E6BACF438609D5600C71DE3795F27239137B95FAB7B22FA98DCEDD8EDA73419B2F58D80D5CAC9F84392CCB016C23A91618DC9F044D1087D70405
Malicious:	false
Reputation:	unknown
Preview:	"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.CF=function(){var a,b,c,d;return(d=BF)!=null?d:BF=Object.freeze({Zb:function(e){return _.of(_.Ee("iCzhFc"),!1)\|\|e===-1},Ig:(a=_.fm(_.Ee("y2FhP")))!=null?a:void 0,eu:(b=_.fm(_.Ee("MUE6Ne")))!=null?b:void 0,eg:(c=_.fm(_.Ee("cfb2h")))!=null?c:void 0,Ze:_.hm(_.Ee("yFnxrf"),-1),Cu:_.lm(_.Ee("fPDxwd")).map(function(e){return _.hm(e,0)}).filter(function(e){return e>0})})};var BF;._.q("RqjULd");.var Uha=function(a){if(_.n&&_.n.performance&&_.n.performance.memory){var b=_.n.performance.memory;if(b){var c=new tG;isNaN(b.jsHeapSizeLimit)\|\|_.uf(c,1,_.gd(Math.round(b.jsHeapSizeLimit).toString()));isNaN(b.totalJSHeapSize)\|\|_.uf(c,2,_.gd(Math.round(b.totalJSHeapSize).toString()));isNaN(b.usedJSHeapSize)\|\|_.uf(c,3,_.gd(Math.round(b.usedJSHeapSize).toString()));_.ul(a,tG,1,c)}}},Vha=function(a){if(uG()){var b=performance.getEntriesByType("navigation");if(b&&b.length){var c=new vG;if(b=b[0

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4232), with no line terminators
Category:	downloaded
Size (bytes):	4232
Entropy (8bit):	5.531069792601157
Encrypted:	false
SSDEEP:
MD5:	DA43A25BD1F9DD99ABEEE97AE6E6BCA6
SHA1:	FAF739B5A3ACE85BABEF8AF8C123C7B140D5222A
SHA-256:	FC42CAFE3E110C38CB62AB04E51E2F806F308D3ED3F95C9E3AB5D0B7B3C9978A
SHA-512:	CB7ABBCBFF96B0B6C7AA9A674C8DB81FD6D3AD3D1F950B08F6F64AE3BC86E0ECD3DDF05C6542CAD98CE5ED59BBF2C1B510B2598064DE0B42DEB051F1CF368DFD
Malicious:	false
Reputation:	unknown
URL:	"https://www.google.com/xjs/_/ss/k=xjs.hd.HFq-c3Fv2Po.L.B1.O/am=JFUAAAAAAAAAAAwAAAAAAAAAAAAAAAAAAAAAgAAAABAAAAAAAAAAQAGwkwAAACMAgA0ACAAAAAAAAQDAAAAAAAAAIAEAAAAEACoAAAAAAEAAAIggAABQBAAACEBACBAAgAAKIAQoQAICRRCPQgAAAGAAAIAQAAYYBiCoAGAUIAAAAAAAAIAACAEAAIAiAAECAPQIBIABICYAAEKgB4AAAAAAEABAAAgAgJkADJABCAAAAAAAACADAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAIACgAAAAAAAAAAAAAAAAAAAEA/d=1/ed=1/br=1/rs=ACT90oEXqKNVybsF4DOMwJvfGV6IH5KKUA/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl"
Preview:	:root{--COEmY:#1f1f1f;--xhUGwc:#fff}:root{--vZe0jb:#a8c7fa;--nwXobb:#638ed4;--VuZXBd:#001d35;--uLz37c:#545d7e;--jINu6c:#001d35;--TyVYld:#0b57d0;--ZEpPmd:#c3d9fb;--QWaaaf:#638ed4;--DEeStf:#f5f8ff;--TSWZIb:#e5edff;--BRLwE:#d3e3fd;--gS5jXb:#dadce0;--Aqn7xd:#d2d2d2;--EpFNW:#fff;--IXoxUe:#5e5e5e;--bbQxAb:#474747;--YLNNHc:#1f1f1f;--TMYS9:#0b57d0;--JKqx2:#1a0dab;--rrJJUc:#0b57d0;--mXZkqc:#d2d2d2;--Nsm0ce:#0b57d0;--XKMDxc:#f3f5f6;--aYn2S:#f3f5f6;--Lm570b:#dee1e3}.zJUuqf{margin-bottom:4px}.AB4Wff{margin-left:16px}.OhScic{margin:0px}.v0rrvd{padding-bottom:16px}.zsYMMe{padding:0px}.wHYlTd{font-family:Roboto,Arial,sans-serif;font-size:14px;line-height:22px}.yUTMj{font-family:Roboto,Arial,sans-serif;font-weight:400}.VDgVie{text-align:center}.TUOsUe{text-align:left}@keyframes g-snackbar-show{from{pointer-events:none;transform:translateY(0)}to{transform:translateY(-100%)}}@keyframes g-snackbar-hide{from{transform:translateY(-100%)}to{transform:translateY(0)}}@keyframes g-snackbar-show-content{from{op

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1518)
Category:	downloaded
Size (bytes):	268207
Entropy (8bit):	5.480155158674957
Encrypted:	false
SSDEEP:
MD5:	DBC94F2D77F7997B897B8B76406AF8DB
SHA1:	C5B2A27C6F1293F21EFE21652EB958BEB8F30F81
SHA-256:	5024B51982F837B244F8EE664B6C618A2820B0868B29D797A772518EEB3F9C26
SHA-512:	22D578E5585CBF73CB11BA517796BDBD499E49341FAE3EF355D500F4440A3E95742E28D7193773474F327FFBE921E184CEE14CF5004E2E016E9A89CA713FC956
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.OlyLa8GkuaI.es5.O/ck=boq-one-google.OneGoogleWidgetUi.-thgPwNVrLw.L.B1.O/am=IEAwYGw/d=1/exm=_b,_tp/excm=_b,_tp,calloutview/ed=1/wt=2/ujg=1/rs=AM-SdHsBZGUsqOLkp1tQbc4AdY2xMI9Jeg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,yYB61,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,s39S4,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,QIhFr,ovKuLd,hKSk3e,yDVVkb,hc6Ubd,SpsfSb,ebZ3mb,Z5uLle,MdUzUe,ZDZcre,zbML3c,A7fCU,zr1jrb,Uas9Hd,pjICDe"
Preview:	"use strict";_F_installCss(".KL4X6e{background:#eee;bottom:0;left:0;opacity:0;position:absolute;right:0;top:0}.TuA45b{opacity:.8}sentinel{}");.this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this;.try{._.Uz=function(a,b,c,d,e,f,g){var h=(0,_.Jd)(a.ta);_.Ac(h);a=_.ke(a,h,c,b,2,f,!0);c=d!=null?d:new c;if(g&&(typeof e!=="number"\|\|e<0\|\|e>a.length))throw Error();e!=void 0?a.splice(e,g,c):a.push(c);(0,_.yc)(c.ta)&2?(0,_.jl)(a,8):(0,_.jl)(a,16)};_.Wz=function(a){if(a instanceof _.Vz)return a.j;throw Error("w");};_.Xz=function(a){return new _.Vz(_.La,a[0].toLowerCase())};._.Yz=function(a,b,c,d){if(a.length===0)throw Error("w");a=a.map(function(f){return _.Wz(f)});var e=c.toLowerCase();if(a.every(function(f){return e.indexOf(f)!==0}))throw Error("ga`"+c);b.setAttribute(c,d)};_.ct.prototype.kc=_.ca(28,function(){return this.rb.length==0?null:new _.M(this.rb[0])});_.M.prototype.kc=_.ca(27,function(){return this});_.ct.prototype.Ia=_.ca(26,function(){retur

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10093), with no line terminators
Category:	downloaded
Size (bytes):	10093
Entropy (8bit):	5.302847362869835
Encrypted:	false
SSDEEP:
MD5:	D65E709854C32D756DA316B7FC68A1E0
SHA1:	587C7A88CBC46322868C4BC8F37DDFB0AB2369EE
SHA-256:	FAD93AA382237DA388873AA1288FE98D5BC7774C753ADB9D8A685BB91EED4670
SHA-512:	BCD132EECF608BD77E8780C4A6BE32CCD6BE4DC48804BF4227E035F0424891BB2F35F9A22F0B696FEFD45DBE355D7537461D3A92C2DF77B3C394AD4CC70BFADD
Malicious:	false
Reputation:	unknown
URL:	"https://www.gstatic.com/og/_/ss/k=og.qtm.fSHv1dvvroY.L.W.O/m=qcwid,d_b_gm3,d_wi_gm3,d_lo_gm3/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTsVA9_hKyGtH1-UzkVaxmvYQjNv7Q"
Preview:	.gb_Q{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ka{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_La{fill:#f9ab00}.gb_F .gb_La{fill:#fdd663}.gb_Ma>.gb_La{fill:#d93025}.gb_F .gb_Ma>.gb_La{fill:#f28b82}.gb_Ma>.gb_Na{fill:white}.gb_Na,.gb_F .gb_Ma>.gb_Na{fill:#202124}.gb_Oa{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (6293)
Category:	downloaded
Size (bytes):	6299
Entropy (8bit):	6.10893100920193
Encrypted:	false
SSDEEP:
MD5:	4CB54FBE690EBBB3FC978FABDDBF9A83
SHA1:	DE73B32DC14433EC950FB4BE6FC0767AF6CB5CB7
SHA-256:	6043D50351E10F591B9795DFFEB5DE116039E2500BECB3A9AB84711089D8CFDA
SHA-512:	55F8FD8500D14ED863491A9DFD4B4F1DA80757E3DBC39C1D50835F21F00C54C6428D33B45E208DFBCA44E4C5F9304592B772313B4D43299E1B265D34A962EB60
Malicious:	false
Reputation:	unknown
URL:	https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=MNf_ZqH3NoKji-gP0YWC6AQ.1728042802378&dpr=1&nolsbt=1
Preview:	)]}'.[[["padres joe musgrove injury",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["companion movie trailer",0,[3,357,362,396,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["las vegas raiders",46,[3,357,362,396,143],{"lm":[],"zf":33,"zh":"Las Vegas Raiders","zi":"Football team","zl":8,"zp":{"gs_ssp":"eJzj4tDP1TcwzTE3NGD0EsxJLFYoS00HkkWJmSmpRcUAeb0JIw"},"zs":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFAAAABQCAMAAAC5zwKfAAAAhFBMVEUAAAAdHRv////O0dgbGxn5+fnu7u4SEg8ZGRfR1Nvr6+vOzs7d3d0WFhTj4+MMDAi2trbX19fExMSRkZG+vr6cnJysrKzX2uF6enpISEdzc3Kjo6PGyc9OTk1CQkKJiYlqamldXVw2NjUpKSi3ur+vsbaVl5tiY2WeoKXi5eyCgoVWVlhTgl/ZAAAHE0lEQVRYhe2YabeiuhKGizCPQWZFGVVs/P//71YloIDs7n1P73U+nVpLZQgPSaXqTUWA/+zfsssP82JmVD+Isw4MLf0xXoo0Az/O8DM4HVkRXAgZnP6WdnKZ7Jpmio4yPXt+78nmw+ddkXlM4AowFTTQMnHO3HRQNo215+Y9nBoawSGKkjBMIjfQ2WRRC1yRZgHU3nzd8FzZNvJEY3cNVNieBWEDsneTaRz6OjL22h7WwB67kkWHwDF0XTec4JCU9ZOvaVM38WrfxBl2jNrqRuC5Sekwb+MwxoqNW7ipfdBmqMk3jV0WrC9UCBSuki7GA58coSicvsVFS5zQrzj1p8Zyvj6AlwnInSAIMq4p/tFxXFB

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://google.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Chrome Cache Entry: 101

Chrome Cache Entry: 104

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 115

Chrome Cache Entry: 119

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 125

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 136

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 143

Chrome Cache Entry: 95

Chrome Cache Entry: 97

Chrome Cache Entry: 99

Static File Info

Windows Analysis Report
http://google.com