Post on 16-May-2022
ID: 509882Cookbook: browseurl.jbsTime: 05:07:12Date: 27/10/2021Version: 33.0.0 White Diamond
233333333333445556666677788888999999999
393939393939394042434343434343434343
434344
4444
44444444
4444
Table of Contents
Table of ContentsWindows Analysis Report http://innovatusmedia.com.au
OverviewGeneral InformationDetectionSignaturesClassification
Process TreeMalware ConfigurationYara OverviewSigma OverviewJbx Signature OverviewMitre Att&ck MatrixBehavior GraphScreenshots
ThumbnailsAntivirus, Machine Learning and Genetic Malware Detection
Initial SampleDropped FilesUnpacked PE FilesDomainsURLs
Domains and IPsContacted DomainsContacted URLsURLs from Memory and BinariesContacted IPsPublicPrivate
General InformationSimulations
Behavior and APIsJoe Sandbox View / Context
IPsDomainsASNJA3 FingerprintsDropped Files
Created / dropped FilesStatic File Info
No static file infoNetwork Behavior
Network Port DistributionTCP PacketsUDP PacketsDNS QueriesDNS AnswersHTTP Request Dependency Graph
Code ManipulationsStatistics
BehaviorSystem Behavior
Analysis Process: chrome.exe PID: 7000 Parent PID: 2932GeneralFile ActivitiesRegistry Activities
Key Value Modified
Analysis Process: chrome.exe PID: 204 Parent PID: 7000GeneralFile Activities
Analysis Process: chrome.exe PID: 6208 Parent PID: 7000General
Analysis Process: chrome.exe PID: 4664 Parent PID: 7000GeneralFile ActivitiesRegistry Activities
DisassemblyCode Analysis
Copyright Joe Security LLC 2021 Page 2 of 44
Windows Analysis Report http://innovatusmedia.com.au
Overview
General Information
Sample URL: innovatusmedia.com.au
Analysis ID: 509882
Infos:
Most interesting Screenshot:
Detection
Score: 2
Range: 0 - 100
Whitelisted: false
Confidence: 80%
Signatures
PE file contains an invalid checksum
PE file contains an invalid checksum
PE file contains an invalid checksum
PE file contains an invalid checksum
PE file contains an invalid checksum
PE file contains an invalid checksum
PE file contains an invalid checksumPE file contains an invalid checksum
Drops PE files
Drops PE files
Drops PE files
Drops PE files
Drops PE files
Drops PE files
Drops PE filesDrops PE files
PE file contains sections with non-s
PE file contains sections with non-s
PE file contains sections with non-s
PE file contains sections with non-s
PE file contains sections with non-s
PE file contains sections with non-s
PE file contains sections with non-sPE file contains sections with non-s……
No HTML title found
No HTML title found
No HTML title found
No HTML title found
No HTML title found
No HTML title found
No HTML title foundNo HTML title found
Classification
Malware Configuration
Yara Overview
Sigma Overview
No Sigma rule has matched
Jbx Signature Overview
Ransomware
Spreading
Phishing
Banker
Trojan / Bot
Adware
Spyware
Exploiter
Evader
Miner
clean
clean
clean
clean
clean
clean
clean
suspicious
suspicious
suspicious
suspicious
suspicious
suspicious
suspicious
malicious
malicious
malicious
malicious
malicious
malicious
malicious
System is w10x64
chrome.exe (PID: 7000 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://innovatusmedia.com.au' MD5:
C139654B5C1438A95B321BB01AD63EF6)chrome.exe (PID: 204 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=
1512,14104144083061678150,13823328614914360892,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
chrome.exe (PID: 6208 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1512
,14104144083061678150,13823328614914360892,131072 --lang=en-GB --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=2272 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
chrome.exe (PID: 4664 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-tr
ial-handle=1512,14104144083061678150,13823328614914360892,131072 --lang=en-GB --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=2140 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
cleanup
No configs have been found
No yara matches
Process Tree
Copyright Joe Security LLC 2021 Page 3 of 44
Click to jump to signature section
There are no malicious signatures, There are no malicious signatures, click here to show all signaturesclick here to show all signatures ..
Mitre Att&ck Matrix
InitialAccess Execution Persistence
PrivilegeEscalation
DefenseEvasion
CredentialAccess Discovery
LateralMovement Collection Exfiltration
CommandandControl
NetworkEffects
RemoteServiceEffects Impact
ValidAccounts
WindowsManagementInstrumentation
PathInterception
ProcessInjection 1
Masquerading 1 OSCredentialDumping
SystemServiceDiscovery
RemoteServices
Data fromLocalSystem
ExfiltrationOver OtherNetworkMedium
EncryptedChannel 2
Eavesdrop onInsecureNetworkCommunication
RemotelyTrack DeviceWithoutAuthorization
ModifySystemPartition
DefaultAccounts
ScheduledTask/Job
Boot orLogonInitializationScripts
Boot orLogonInitializationScripts
ProcessInjection 1
LSASSMemory
ApplicationWindowDiscovery
RemoteDesktopProtocol
Data fromRemovableMedia
ExfiltrationOverBluetooth
Non-ApplicationLayerProtocol 2
Exploit SS7 toRedirect PhoneCalls/SMS
RemotelyWipe DataWithoutAuthorization
DeviceLockout
DomainAccounts
At (Linux) Logon Script(Windows)
LogonScript(Windows)
Obfuscated Filesor Information
SecurityAccountManager
QueryRegistry
SMB/WindowsAdmin Shares
Data fromNetworkSharedDrive
AutomatedExfiltration
ApplicationLayerProtocol 3
Exploit SS7 toTrack DeviceLocation
ObtainDeviceCloudBackups
DeleteDeviceData
LocalAccounts
At (Windows) Logon Script(Mac)
LogonScript(Mac)
Binary Padding NTDS SystemNetworkConfigurationDiscovery
DistributedComponentObject Model
InputCapture
ScheduledTransfer
IngressToolTransfer 1
SIM CardSwap
CarrierBillingFraud
Behavior GraphID: 509882
URL: http://innovatusmedia.com.au
Startdate: 27/10/2021
Architecture: WINDOWS
Score: 2
us.innovatus.media innovamedia.wpengine.com
chrome.exe
16 447
started
192.168.2.1
unknown
unknown
239.255.255.250
unknown
Reserved
C:\Users\user\AppData\...\widevinecdm.dll, PE32+
dropped
chrome.exe
126
started
chrome.exe
started
chrome.exe
1 6
started
innovatusmedia.com.au
15.197.142.173, 49780, 49781, 80
TANDEMUS
United States
youtube-ui.l.google.com
142.250.181.238, 443, 49288, 49859
GOOGLEUS
United States
27 other IPs or domains
Legend:
Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
Hide Legend
Behavior Graph
Copyright Joe Security LLC 2021 Page 4 of 44
ThumbnailsThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
Screenshots
Antivirus, Machine Learning and Genetic Malware Detection
Copyright Joe Security LLC 2021 Page 5 of 44
Source Detection Scanner Label Link
innovatusmedia.com.au 0% Virustotal Browse
innovatusmedia.com.au 0% Avira URL Cloud safe
Source Detection Scanner Label Link
C:\Users\user\AppData\Local\Temp\7000_1829773800\_platform_specific\win_x64\widevinecdm.dll 0% Metadefender Browse
C:\Users\user\AppData\Local\Temp\7000_1829773800\_platform_specific\win_x64\widevinecdm.dll 0% ReversingLabs
No Antivirus matches
No Antivirus matches
Source Detection Scanner Label Link
https://us.innovatus.media/wp-includes/js/jquery/jquery.min.js?ver=3.6.0s_$ 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9sTJx 0% Avira URL Cloud safe
https://innovatus.media/wp-json/ 0% Avira URL Cloud safe
https://csp.withgoogle.com/csp/report-to/apps-themes 0% URL Reputation safe
https://innovatus.media/feed/ 0% Avira URL Cloud safe
https://us.innovatus.media/#sidewidgetareaInnovatus 0% Avira URL Cloud safe
https://innovatus.media/wp-content/themes/salient/css/grid-system.css?ver=12.1.2 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9 0% Avira URL Cloud safe
https://innovatus.media/xmlrpc.php?rsd 0% Avira URL Cloud safe
https://us.innovatus.media/contact/Contact 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/plugins/contact-form-7/assets/ajax-loader.gif 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/uploads/sites/11/2020/02/MK4_1216-scaled.jpg 0% Avira URL Cloud safe
https://csp.withgoogle.com/csp/botguard-scs 0% Avira URL Cloud safe
crls.pki.goog/gts1c3/QOvJ0N1sT2A.crl0 0% URL Reputation safe
https://us.innovatus.media/contact/#wpcf7-f264-p284-o1 0% Avira URL Cloud safe
https://innovatus.media/0 0% Avira URL Cloud safe
https://innovatus.media/2 0% Avira URL Cloud safe
innovatusmedia.com.au/ 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/uploads/sites/11/2021/01/cropped-Untitled-design-2021-01-14T15
0% Avira URL Cloud safe
https://innovatus.media/Server: 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/themes/salient/css/skin-material.css?ver=12.1.2 0% Avira URL Cloud safe
https://pki.goog/repository/0 0% URL Reputation safe
https://us.innovatus.media/wp-content/themes/salient/css/off-canvas/slide-out-right-hover.css?ver=12
0% Avira URL Cloud safe
https://us.innovatus.media/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1 0% Avira URL Cloud safe
https://innovatus.media/wp-content/themes/salient/css/responsive.css?ver=12.1.2 0% Avira URL Cloud safe
https://us.innovatus.media/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 0% Avira URL Cloud safe
https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA 0% URL Reputation safe
https://innovatus.media/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4 0% Avira URL Cloud safe
https://sb.scorecardresearch.com/b?c1=2&c2=6402952&c3=&c4=&c5=&c6=&c15=&ns__t=1635304150866&ns_c=UTF
0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/themes/salient/css/grid-system.css?ver=12.1.2 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1k 0% Avira URL Cloud safe
crl.pki.goog/gsr1/gsr1.crl0; 0% URL Reputation safe
https://innovatus.media/wp-content/plugins/wp-whatsapp-chat-pro/assets/qlwapp-icons.min.css?ver=2.5.
0% Avira URL Cloud safe
https://csp.withgoogle.com/csp/report-to/botguard-scs 0% URL Reputation safe
https://us.innovatus.media/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver
0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/uploads/sites/11/2021/01/144A9664-1-scaled.jpg?w 0% Avira URL Cloud safe
https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy: 0% URL Reputation safe
Initial Sample
Dropped Files
Unpacked PE Files
Domains
URLs
Copyright Joe Security LLC 2021 Page 6 of 44
https://us.innovatus.media/wp-content/themes/salient/css/salient-dynamic-styles-multi-id-11.css?ver=
0% Avira URL Cloud safe
us.innovatus.media 0% Avira URL Cloud safe
https://innovatus.media/wp-content/themes/salient-child/style.css?ver=12.1.2 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/uploads/sites/11/2021/01/144A9664-1-scaled.jpg 0% Avira URL Cloud safe
https://csp.withgoogle.com/csp/report-to/youtube 0% URL Reputation safe
https://us.innovatus.media/?p=284 0% Avira URL Cloud safe
https://us.innovatus.media/?p=283 0% Avira URL Cloud safe
crls.pki.goog/gts1c3/zdATt0Ex_Fk.crl0 0% URL Reputation safe
https://us.innovatus.media/wp-content/plugins/wp-whatsapp-chat/assets/frontend/css/frontend.css?ver=
0% Avira URL Cloud safe
https://us.innovatus.media/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/plugins/wp-whatsapp-chat/assets/frontend/js/frontend.js?ver=fe
0% Avira URL Cloud safe
https://us.innovatus.media/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8ws)q 0% Avira URL Cloud safe
us.innovatus.media/2 0% Avira URL Cloud safe
https://us.innovatus.media/about/6 0% Avira URL Cloud safe
pki.goog/repo/certs/gts1c3.der0M 0% URL Reputation safe
https://us.innovatus.media/wp-content/uploads/sites/11/2020/09/FAVPNG_globe-world-map-flat-earth_dsF
0% Avira URL Cloud safe
https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media 0% URL Reputation safe
https://us.innovatus.media/wp-json/ 0% Avira URL Cloud safe
https://us.innovatus.media/wp-json/wp/v2/pages/283 0% Avira URL Cloud safe
https://us.innovatus.media/wp-json/wp/v2/pages/284 0% Avira URL Cloud safe
Source Detection Scanner Label Link
Name IP Active Malicious Antivirus Detection Reputation
gstaticadssl.l.google.com 172.217.168.35 true false high
r3.sn-5hne6nzs.googlevideo.com 74.125.8.104 true false high
accounts.google.com 172.217.168.13 true false high
i.ytimg.com 172.217.168.22 true false high
r3.sn-5hnekn7k.googlevideo.com 209.85.226.72 true false high
static-doubleclick-net.l.google.com 172.217.168.6 true false high
innovatusmedia.com.au 15.197.142.173 true false unknown
innovamedia.wpengine.com 35.189.21.238 true false high
youtube-ui.l.google.com 142.250.181.238 true false high
innovatus.media 35.189.21.238 true false unknown
googleads.g.doubleclick.net 172.217.168.34 true false high
photos-ugc.l.googleusercontent.com 172.217.168.33 true false high
sb.scorecardresearch.com 52.222.174.20 true false unknown
www.google.com 172.217.168.4 true false high
clients.l.google.com 172.217.168.46 true false high
s.w.org 192.0.77.48 true false high
googlehosted.l.googleusercontent.com 142.250.203.97 true false high
yt3.ggpht.com unknown unknown false high
r3---sn-5hnekn7k.googlevideo.com unknown unknown false high
www.linkedin.com unknown unknown false high
static-exp1.licdn.com unknown unknown false high
static.doubleclick.net unknown unknown false high
r3---sn-5hne6nzs.googlevideo.com unknown unknown false high
clients2.googleusercontent.com unknown unknown false high
clients2.google.com unknown unknown false high
us.innovatus.media unknown unknown false unknown
www.youtube.com unknown unknown false high
platform.linkedin.com unknown unknown false high
Domains and IPs
Contacted Domains
Contacted URLs
Copyright Joe Security LLC 2021 Page 7 of 44
General Information
Joe Sandbox Version: 33.0.0 White Diamond
Analysis ID: 509882
Start date: 27.10.2021
Start time: 05:07:12
Joe Sandbox Product: CloudBasic
Overall analysis duration: 0h 5m 59s
Hypervisor based Inspection enabled: false
Report type: light
Cookbook file name: browseurl.jbs
Sample URL: innovatusmedia.com.au
Analysis system description: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:
13
Name Malicious Antivirus Detection Reputation
https://www.youtube.com/embed/4BfKFCOCJe8?playlist=4BfKFCOCJe8&iv_load_policy=3&enablejsapi=1&disablekb=1&autoplay=1&controls=0&showinfo=0&rel=0&loop=1&origin=https%3A%2F%2Fus.innovatus.media&widgetid=1
false high
innovatusmedia.com.au/ false Avira URL Cloud: safe unknown
https://us.innovatus.media/about/ false unknown
https://us.innovatus.media/#sidewidgetarea false unknown
IP Domain Country Flag ASN ASN Name Malicious
15.197.142.173 innovatusmedia.com.au United States 7430 TANDEMUS false
74.125.8.104 r3.sn-5hne6nzs.googlevideo.com
United States 15169 GOOGLEUS false
172.217.168.46 clients.l.google.com United States 15169 GOOGLEUS false
142.250.181.238 youtube-ui.l.google.com United States 15169 GOOGLEUS false
142.250.203.97 googlehosted.l.googleusercontent.com
United States 15169 GOOGLEUS false
209.85.226.72 r3.sn-5hnekn7k.googlevideo.com
United States 15169 GOOGLEUS false
172.217.168.4 www.google.com United States 15169 GOOGLEUS false
172.217.168.22 i.ytimg.com United States 15169 GOOGLEUS false
172.217.168.6 static-doubleclick-net.l.google.com
United States 15169 GOOGLEUS false
35.189.21.238 innovamedia.wpengine.com
United States 15169 GOOGLEUS false
172.217.168.13 accounts.google.com United States 15169 GOOGLEUS false
172.217.168.35 gstaticadssl.l.google.com United States 15169 GOOGLEUS false
172.217.168.34 googleads.g.doubleclick.net
United States 15169 GOOGLEUS false
239.255.255.250 unknown Reserved unknown unknown false
172.217.168.33 photos-ugc.l.googleusercontent.com
United States 15169 GOOGLEUS false
52.222.174.20 sb.scorecardresearch.com United States 16509 AMAZON-02US false
IP
192.168.2.1
127.0.0.1
URLs from Memory and Binaries
Contacted IPs
Public
Private
Copyright Joe Security LLC 2021 Page 8 of 44
Number of new started drivers analysed: 0
Number of existing processes analysed: 0
Number of existing drivers analysed: 0
Number of injected processes analysed: 0
Technologies: HCA enabledEGA enabledHDC enabledAMSI enabled
Analysis Mode: default
Analysis stop reason: Timeout
Detection: CLEAN
Classification: clean2.win@42/248@22/18
EGA Information: Failed
HDC Information: Failed
HCA Information: Successful, ratio: 100%Number of executed functions: 0Number of non-executed functions: 0
Cookbook Comments: Adjust boot timeEnable AMSIBrowse: https://us.innovatus.media/#sidewidgetareaBrowse: https://us.innovatus.media/#fws_6178c217db0c6Browse: https://www.linkedin.com/company/innovatus-media/Browse: https://us.innovatus.media/about/Browse: https://us.innovatus.media/contact/
Warnings:
No simulations
No context
No context
No context
No context
No context
C:\Users\user\AppData\Local\Google\Chrome\User Data\14361aa1-c9f2-4886-82a5-b4144c609b21.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
Show All
Simulations
Behavior and APIs
Joe Sandbox View / Context
IPs
Domains
ASN
JA3 Fingerprints
Dropped Files
Created / dropped Files
Copyright Joe Security LLC 2021 Page 9 of 44
File Type: data
Category: dropped
Size (bytes): 100984
Entropy (8bit): 3.7470916843578337
Encrypted: false
SSDEEP: 384:7r8z7p2ouOyZFVC4f6NfrcvLx3Mb5YHBIGQPrqVfxAxs1VxEreDm+q02hf/XoO1F:tO61NaaMw0eoF1lVmXHOhKzx/hS
MD5: 42601611CD15B58892842757D42AF542
SHA1: 1654180CE32C021E9D176E6A84065A838B97CBEB
SHA-256: AD53C028D15C5C9EBEDA01BB83DC5B019E6771D506A270FB964BE81238281C14
SHA-512: 3F8807117661F126CDC81B04DB35C6378DA811446D78EA7C0722E4281FB13FE4D870A1D6F4C95E37F76F469FED65141C1734B9700D58D891DDB045E16FE03568
Malicious: false
Reputation: low
Preview:t...............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...{I8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
C:\Users\user\AppData\Local\Google\Chrome\User Data\14361aa1-c9f2-4886-82a5-b4144c609b21.tmp
C:\Users\user\AppData\Local\Google\Chrome\User Data\1d7399c6-617d-4a0a-84ab-1b8393d4ba1e.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 177529
Entropy (8bit): 6.048040554664605
Encrypted: false
SSDEEP: 3072:8txF5Kc8ps5XPvPwTAfoErslZhVPiszKh179FcbXafIB0u1GOJmA3iuRP:Mz57AcvPCEIlZhBiNj3aqfIlUOoSiuRP
MD5: 8DC2C1162F8EFDBCAEBE5F94A9E89317
SHA1: D585CF08F2EBAB6C3F92A793985E1EF3EEF6171A
SHA-256: 78A2BBC70D029393B32B55076A6BD1F1F60F1B0FC7E7180574DC17897C43C32A
SHA-512: 51FE764E58F390C1BC499981E37B01E61E987A0B2C9C0915933A6926013FA967CCFF2F5AC6F6B2D808897A1DBB2ABB045A6A25A8D686D1A194EA0E06A20B9C13
Malicious: false
Reputation: low
Preview:{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.635304088895849e+12,"network":1.63530409e+12,"ticks":310347548.0,"uncertainty":3984027.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715059940"},"plugins":{"metadata":{"adobe-flash-player":{"di
C:\Users\user\AppData\Local\Google\Chrome\User Data\4024f951-df80-451f-a8ae-d4c4c64458c6.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 177529
Entropy (8bit): 6.048040554664605
Encrypted: false
SSDEEP: 3072:8txF5Kc8ps5XPvPwTAfoErslZhVPiszKh179FcbXafIB0u1GOJmA3iuRP:Mz57AcvPCEIlZhBiNj3aqfIlUOoSiuRP
MD5: 8DC2C1162F8EFDBCAEBE5F94A9E89317
SHA1: D585CF08F2EBAB6C3F92A793985E1EF3EEF6171A
SHA-256: 78A2BBC70D029393B32B55076A6BD1F1F60F1B0FC7E7180574DC17897C43C32A
SHA-512: 51FE764E58F390C1BC499981E37B01E61E987A0B2C9C0915933A6926013FA967CCFF2F5AC6F6B2D808897A1DBB2ABB045A6A25A8D686D1A194EA0E06A20B9C13
Malicious: false
Reputation: low
Preview:{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.635304088895849e+12,"network":1.63530409e+12,"ticks":310347548.0,"uncertainty":3984027.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715059940"},"plugins":{"metadata":{"adobe-flash-player":{"di
C:\Users\user\AppData\Local\Google\Chrome\User Data\522a9d08-c1d8-417d-bf49-6471ecbe2243.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Copyright Joe Security LLC 2021 Page 10 of 44
Size (bytes): 186005
Entropy (8bit): 6.07736895062882
Encrypted: false
SSDEEP: 3072:P4BBxF5Kc8ps5XPvPwTAfoErslZhVPiszKh179FcbXafIB0u1GOJmA3iuRP:Q/z57AcvPCEIlZhBiNj3aqfIlUOoSiuN
MD5: 0A20D220D66CF0F618C814B04D5DAF2E
SHA1: 20D26EA46130B9855C7595586C41A2D83F85C0D7
SHA-256: 8747CB3EC4D3F53827A2AC7E35FFE0CCE7359D163376F65CB25D931626A058C9
SHA-512: 42B1DF6806227F9666415E5F3D3BBC78C72587149180213CBBD42372E2FBF5BB23F34EBA3AD982FFC4DD834E5B8705AB26A96CF5CEFF39C1A8E5AA9CBA2F55EE
Malicious: false
Reputation: low
Preview:{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.635304088895849e+12,"network":1.63530409e+12,"ticks":310347548.0,"uncertainty":3984027.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715401452"},"plugins":{"metadata":{"adobe-flash-player":{"di
C:\Users\user\AppData\Local\Google\Chrome\User Data\522a9d08-c1d8-417d-bf49-6471ecbe2243.tmp
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.datProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 40
Entropy (8bit): 3.3041625260016576
Encrypted: false
SSDEEP: 3:FkXwgs0oRLn:+taRLn
MD5: 7AE9008C2AA5ED3E5ED52743E082F5BF
SHA1: CD90099842F51474494BFC490433578A89C1B539
SHA-256: 94E7D9BF431A0E3F0FD02F0FBA7321F43DD8B523E3D32092AFC474D3FD5ABF62
SHA-512: 596E66D10186ADAD552F4CF7E74CD438AD19AF4C30950D2D6EB80E9F9430CA475D12BB79423EC8D15EAF37ABE0AD1DCCAE459C356A00055A82155C24A35C6F14
Malicious: false
Reputation: low
Preview:sdPC.....................UO..E.D.Q.o....
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\00d8456f-c070-4a0b-af20-baedb822ee3f.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 372
Entropy (8bit): 5.4317497112801245
Encrypted: false
SSDEEP: 6:YAQNCT+us1vXI1YDr9cyR8wXwlmUUAnIMOb3UYBVT+uD1rNSTWhh4Dj8wXwlmUUT:YJusJXI2pcO+UAnIrBIw1rNgmh4r+UAo
MD5: C50B1CF51BEE53CBB240F8F50135A0F3
SHA1: 0D9CA52B83B633E5E1E937660BC50E44A9D3BF79
SHA-256: D1D28C47941DFCD56887DD326EADB1CCC89324B6E30721EE1FD6ED0001A5114D
SHA-512: D749019A5752B9CBB10C856B9ADE7B56A3597DAC747655832B4CDB635AC0FE4FF38D38D79C14073BA7A07DB5520C0E610D5A2DE41B790D9B5428B7EB97ED4142
Malicious: false
Reputation: low
Preview:{"expect_ct":[],"sts":[{"expiry":1666840117.456553,"host":"kYxWDeIDVgesBS02XkmPRTIpB0nkimBvKZESXctn8eA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1635304117.456557},{"expiry":1666840101.500568,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1635304101.500573}],"version":2}
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\157ecb93-bb9e-4ad8-b2f1-f144326f4842.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: very short file (no magic)
Category: dropped
Size (bytes): 1
Entropy (8bit): 0.0
Encrypted: false
SSDEEP: 3:L:L
MD5: 5058F1AF8388633F609CADB75A75DC9D
SHA1: 3A52CE780950D4D969792A2559CD519D7EE8C727
Copyright Joe Security LLC 2021 Page 11 of 44
SHA-256: CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512: 0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious: false
Reputation: low
Preview:.
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\157ecb93-bb9e-4ad8-b2f1-f144326f4842.tmp
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\23ec3043-c0d6-47ce-b978-f7ea2e62f363.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 372
Entropy (8bit): 5.45900350295434
Encrypted: false
SSDEEP: 6:YAQNCT++0XI1YDr9cyR8wXwlmUUAnIMOb3Wx0gcVT+uD1rNSTWhh4Dj8wXwlmUUT:YJ+0XI2pcO+UAnIgxEIw1rNgmh4r+UAo
MD5: 90276E0A549F8E861DDB3AC139F2EEB3
SHA1: 4B86B726F67C3CD849C203C901FAA88AA7289448
SHA-256: D2B61735DB129EB022C56F66BBE78BD2F6054C55935B5BA09830C97AE9A9CB1A
SHA-512: D0B0EAB8292EEC2C010018A3C0670EE4FC4D350423BA97EE74BC646F0BB1FD61887CB6AF2C4AF69CE8DC01876E5A31F24D88B98BBE974B83A6508E29FFA50B0D
Malicious: false
Reputation: low
Preview:{"expect_ct":[],"sts":[{"expiry":1666840132.479832,"host":"kYxWDeIDVgesBS02XkmPRTIpB0nkimBvKZESXctn8eA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1635304132.479836},{"expiry":1666840101.500568,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1635304101.500573}],"version":2}
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\31e80de7-28a3-4b4c-b639-fdcaa86c4458.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: UTF-8 Unicode text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 19185
Entropy (8bit): 5.571031046586699
Encrypted: false
SSDEEP: 384:V1wtvLl57Xf1kXqKf/pUZNCgVLH2HfDsrUsHGW8q45:2LlZf1kXqKf/pUZNCgVLH2HfArUgGpqu
MD5: C20835A5FD0269E12C6FA4D851C39E63
SHA1: 0853C5430A24B9E100637740727CCD6BF2EAE0A3
SHA-256: 7C9539FCA239221636B92F5AACF318B4EDF9D977C0E49A51A86D9C11B0E173C6
SHA-512: 6A04D088573BFB47A62EE391C2C2AD0AB3DFD33F6291459ADF91075C520D25C1374873CCF056BEE43266E1E9114EF1A6FC568BA044FA15DF0479233BD5CBDA5C
Malicious: false
Reputation: low
Preview:{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13279777686878156","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4ffefd00-5d29-4f49-a1c2-41a3d6bafbbe.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with no line terminators
Category: dropped
Size (bytes): 204
Entropy (8bit): 5.3530435381074675
Encrypted: false
SSDEEP: 6:YAQNCT+uD1rNSTWhh4Dj8wXwlmUUAnIMOb3W0SQ:YJw1rNgmh4r+UAnIkQ
MD5: 6AEB4F42C9C5F6E983314EDD923CC924
SHA1: D50400C041A241EE9B32134C268D90A80DC30CCA
SHA-256: BE5509D34B4893DB96C12966D279CB71F038A357C77A29EA7FDC6CF4F706B7FE
SHA-512: E52837D0F125518D934DC24613B13D96B4A51E6E67FE7A1CA9FE4A94BA0E322D213CC8C0F52286174F00B4D8591DFCBFFE6D479CDC4F31CD3F22316AB0717116
Malicious: false
Reputation: low
Preview:{"expect_ct":[],"sts":[{"expiry":1666840101.500568,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1635304101.500573}],"version":2}
Copyright Joe Security LLC 2021 Page 12 of 44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5d1a8f4d-c479-48b4-96cb-28122b9d1ae6.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 6279
Entropy (8bit): 5.188726258984432
Encrypted: false
SSDEEP: 96:nBLpBD99TT7YIKI75k0JCrwRWL8TEkg1TUkQ4tvbOTlVuHn:nBLf9ZTMIJh4rwYKEkgNUkQmh
MD5: C14FC5866EBBCBE3E746A4BEDDC1003A
SHA1: 23EF184746A43188104CB177BDCB23E10A4198F8
SHA-256: D12733655A0C9DF2C94632DCA64939567C02D32498953BF0675FDC8B251BB27A
SHA-512: A91271E9425F19485CB5786C51A6796D9D1567CBEBABA4595D21385FBA9A9420D45BD8D113E8F67450524390B97C08E4FD090F27584B49D9F082D983FEB43928
Malicious: false
Reputation: low
Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13279777687457674","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5d2bb9d7-b989-498d-aff4-6a69ce1c7955.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: UTF-8 Unicode text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 19184
Entropy (8bit): 5.570914105939052
Encrypted: false
SSDEEP: 384:V1wtvLl57Xf1kXqKf/pUZNCgVLH2HfDsrUsHGFuq4cZ:2LlZf1kXqKf/pUZNCgVLH2HfArUgGgqx
MD5: 7CEB9CE8AC3D4C116A3BA889EC083B65
SHA1: A5AC605700EAFDD2070C281F2FE2401E9006002B
SHA-256: F9B460853C6D13EC120D8D6FE9D1AF1098E76CFDA5C42A7C8AE668FCB61F56C3
SHA-512: 2A41D006D1A56A473E0EB9869211620B80FED36D7B056B177C567025F1B59B33E0DA90FE15E0381B6151936EA5C5F6D6B4C20181B117259D83A9C80BD51EB45B
Malicious: false
Reputation: low
Preview:{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13279777686878156","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5fa9d015-d16d-4a55-825f-ac895c498355.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 3473
Entropy (8bit): 4.884843136744451
Encrypted: false
SSDEEP: 96:6FGX0G70GhIGpyGzRDYLiEHYDBKGzUGaCGjHGESHG/OG6mhM:6Fe0i0sIIyGzRDYLiEHYDBKSUpCQHrSP
MD5: 494384A177157C36E9017D1FFB39F0BF
SHA1: CE5D9754A70CD84CEE77C9180DB92C69715BE105
SHA-256: 07CF0A5189FAD30A4AA721F4F6DA1B15100991115833EACFA1E2DC84A1B54337
SHA-512: BFB80EEC0C0B5D9E487047703BE49826321A4D249422E0C81E978E6C8A310F41C7B4B8F849229BA87484FDF4831DD6A98FF994D0FDA5CE3D341CE615C15F2F1C
Malicious: false
Reputation: low
Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607497410","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":27387},"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607334226","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34287},"server":"https://ssl.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607463627","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31787},"server":"https://fonts.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607318875","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":23359},"server":"https://apis.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6936b87f-3f6c-49fe-9caf-3513eba03a13.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Copyright Joe Security LLC 2021 Page 13 of 44
Size (bytes): 5655
Entropy (8bit): 4.9986954459628175
Encrypted: false
SSDEEP: 96:nBLpiD9pIKI75k0JCrwRWL8TEkg1T1k9OSvbOTlVuHn:nBLG9pIJh4rwYKEkgN1k9rh
MD5: BFE4A8F2FC06233581E21BC11C2208C7
SHA1: E8F9A799A7B7DC9567EF9BA1843984AD40E97922
SHA-256: C497FEBC7F24FC5F3D5B50CF258021AE2BF9ED3B229FFAE8A6F459FA0C352CA9
SHA-512: 04E8BBC9C6EA3F1259EEF46A827817728FB9534B3BF87DEEC5E95490A3ABE1A8D11B0896B9F729917DA774AD7E28A54A538D97EA4D612B95455C224D6832001C
Malicious: false
Reputation: low
Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13279777687457674","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6936b87f-3f6c-49fe-9caf-3513eba03a13.tmp
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\798951f0-8bbb-4482-9e74-dbe996142730.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: UTF-8 Unicode text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 22602
Entropy (8bit): 5.536868110262561
Encrypted: false
SSDEEP: 384:V1wtvLl57Xf1kXqKf/pUZNCgVLH2HfDsrUsHGfnZErRq4tx:2LlZf1kXqKf/pUZNCgVLH2HfArUgGfns
MD5: EF7092AF60D02B323782FF613F7B277D
SHA1: D67287DF3AAA0FB867A069FA0000C8783D7D4C07
SHA-256: DB59288B9A82631E96423F551FDEB5C2448955D3284625376EBCBEFB58A89DA7
SHA-512: E213FFD0033417A06FBE163E87503F751BCB8F7B590D135B7F3258460A7997A058E2ED1E78A428ED77A9F6CEAD520973302E367C2FACB3406AC0D01FF5829810
Malicious: false
Reputation: low
Preview:{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13279777686878156","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 334
Entropy (8bit): 5.242760064110592
Encrypted: false
SSDEEP: 6:ma29/Fc+q2Pwkn23iKKdK9RXXTZIFUtn29/5ZmwB29xFUd3VkwOwkn23iKKdK9Rn:p2lvYf5Kk7XT2FUtn255/B2nFwF5Jf51
MD5: 25C19A371D05510883090B39DD1BC5AC
SHA1: F4C24EAAC78903CE2EF07BAD11B2FF4A8C3FD56F
SHA-256: A4B55F37315191EA1781094D737FD38358FE2004B6552863B8F98D485C674860
SHA-512: D83B037AF8760914641145A648A223E28676C7805D9C07AAB8BDB37DECEAE7611FDE73BD39392F875EB6232F6E917A1EC13D5305E206EEF401B41155EE579B24
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.966 1bb8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/10/27-05:08:30.967 1bb8 Recovering log #3.2021/10/27-05:08:30.968 1bb8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old:g (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 334
Entropy (8bit): 5.242760064110592
Encrypted: false
SSDEEP: 6:ma29/Fc+q2Pwkn23iKKdK9RXXTZIFUtn29/5ZmwB29xFUd3VkwOwkn23iKKdK9Rn:p2lvYf5Kk7XT2FUtn255/B2nFwF5Jf51
MD5: 25C19A371D05510883090B39DD1BC5AC
Copyright Joe Security LLC 2021 Page 14 of 44
SHA1: F4C24EAAC78903CE2EF07BAD11B2FF4A8C3FD56F
SHA-256: A4B55F37315191EA1781094D737FD38358FE2004B6552863B8F98D485C674860
SHA-512: D83B037AF8760914641145A648A223E28676C7805D9C07AAB8BDB37DECEAE7611FDE73BD39392F875EB6232F6E917A1EC13D5305E206EEF401B41155EE579B24
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.966 1bb8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/10/27-05:08:30.967 1bb8 Recovering log #3.2021/10/27-05:08:30.968 1bb8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old:g (copy)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 318
Entropy (8bit): 5.226009723642102
Encrypted: false
SSDEEP: 6:ma29iHt+q2Pwkn23iKKdKyDZIFUtn297FUdXZmwB297FUd3VkwOwkn23iKKdKyJd:p2+ovYf5Kk02FUtn2M/B2s5Jf5KkWJ
MD5: 2B9EEF8DC6A58E3FB4900D04AFC17719
SHA1: 02D4AF6801F05D42503870E4B31F2CDD4FF86D3C
SHA-256: 3ABAE383E29FD1E27A590F0582D1FA4808ACE73DB278B557886ABC79CE5ED521
SHA-512: 3604AB78FD5B18D129F2B5FFA77582A786CDBC65E2D2AC7DF6E6C7256E00267E5510DADD0BFC05E283DEF6000717BD781E363FBC5F14C1E019371A26A5D60E48
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.959 1bb8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/10/27-05:08:30.962 1bb8 Recovering log #3.2021/10/27-05:08:30.962 1bb8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old.. (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 318
Entropy (8bit): 5.226009723642102
Encrypted: false
SSDEEP: 6:ma29iHt+q2Pwkn23iKKdKyDZIFUtn297FUdXZmwB297FUd3VkwOwkn23iKKdKyJd:p2+ovYf5Kk02FUtn2M/B2s5Jf5KkWJ
MD5: 2B9EEF8DC6A58E3FB4900D04AFC17719
SHA1: 02D4AF6801F05D42503870E4B31F2CDD4FF86D3C
SHA-256: 3ABAE383E29FD1E27A590F0582D1FA4808ACE73DB278B557886ABC79CE5ED521
SHA-512: 3604AB78FD5B18D129F2B5FFA77582A786CDBC65E2D2AC7DF6E6C7256E00267E5510DADD0BFC05E283DEF6000717BD781E363FBC5F14C1E019371A26A5D60E48
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.959 1bb8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/10/27-05:08:30.962 1bb8 Recovering log #3.2021/10/27-05:08:30.962 1bb8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 45056
Entropy (8bit): 1.2244094068614504
Encrypted: false
SSDEEP: 192:hezsZ80u7uEDNSHtpQLxkOv9e84TecEuQfYVIVj++eIl9jjK:4v0tokAxDc+AyA+NbX
MD5: CBB36C3B17D8EBE68A874B372610BFF4
SHA1: 002738532DBA5A5956E311BFC809B35C0EA82F89
SHA-256: F371C02493618A596A941F131F8A45DD2964D02C3F380760EE7F31B93E7BDD36
SHA-512: E65346034714C7642AE9406370A3E8B4AE20636F7AE44CD264C712F8428B98A3B5604C23E136317F7E08EF55580914363EFBB453445AC420F98F66F19293B200
Malicious: false
Reputation: low
Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Copyright Joe Security LLC 2021 Page 15 of 44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 270336
Entropy (8bit): 1.796139079893481
Encrypted: false
SSDEEP: 1536:MG1nvyOjUTILtI07QwGct95z0SwCvgy/T:M+vET6bwCvgy/T
MD5: A97AA1A2A5A1A2C71E4B3E004A00D17F
SHA1: E78D3505812D359DD5D1914BB9BDE368AB5B1794
SHA-256: 8EF2CF0A96EBCEEE5C3B28C35E49DF6517BE70F1744EEE1C111FA882D8DAEBE8
SHA-512: 28251ADB9C9E477EE10D29501BE0A5251D4969DF6BF5C406E9F52C740CB7AED20FBFD6ABE67286E45AFC5213292A83E3A6C2EEA7DF9AA16C078388E0C99F3DDA
Malicious: false
Reputation: low
Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 1056768
Entropy (8bit): 3.7511665201433835
Encrypted: false
SSDEEP: 3072:eEhBHRytgTn3iMnUPNfAI9AFb/f2XPZEndIY+xg8J/QHFXcihc:eEhjye3i1AI9AF72XPZy
MD5: 0A20A7BC13BF8C2EE9E098E6F74EE327
SHA1: ABDD861B84E248B45F9499C49A5A54332F24D652
SHA-256: C0A912EF1EA3816F267DC475F36D7D73CEFC6F6DE43F4EF43DD4F6F58C959323
SHA-512: 23BD1DBBD7EC790CBACE4F1981754E32CB34279C07D0CE7B8BFC5544A3D95026490C9A20CFD5055D21CF0C856D2649DEB0017511421BF3C6E612519593863B96
Malicious: false
Reputation: low
Preview:....................................~...........................................................................................................?.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 4202496
Entropy (8bit): 2.4324714265104355
Encrypted: false
SSDEEP: 6144:HoMPyDwPyDSrDcj16xNN7C2ub1DSfzA5AuABAnAocrBiAhLVATkAAHSPy7+YGA8N:BPHPzfA5cr9LyI
MD5: 9BE5AA9D6090188ED740FC6EE1E570E6
SHA1: 16B59E35A718C914E023C8C98A2D6921A9ADD908
SHA-256: 2B01EFE3A39075F91C7AE19EBCD5DF156DBB560DEF1FBD083A114CDA6E79C62B
SHA-512: D44DF9A83D779968EBE19CE5723A7577DA92F2AC8E360BBFE460E3B3DF2F8A01D26120466D30E77901A5735A39C639E2949F6A2EDBCA55A9F7E2DC2911C4F14E
Malicious: false
Reputation: low
Preview:.................................................................................w..................................?...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\CookiesProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: SQLite 3.x database, last written using SQLite version 3032001
Category: dropped
Size (bytes): 20480
Entropy (8bit): 1.8914473079791505
Encrypted: false
Copyright Joe Security LLC 2021 Page 16 of 44
SSDEEP: 96:9Nw4kwz95OFEuy7RdFDX+loq5js2q+5cjKv4wPeBJMtC7:9u4kwz95/X+xpbq+OLMm
MD5: 9167DADE8872DE2621C68E37B05941E4
SHA1: F72756E30BA0418546C91EBAAFCE95B2512EF652
SHA-256: 049AA989A9951281602765FE2D8A60D7401F3105500AB0049FCFDDABD638F2C7
SHA-512: 4FEFFBEC74BDE142C799B90A001E4B4E8FF847675CC904D4A5AF042D582ABCC8A5CA1D821985F5E7DB7292F3DCCFE29975A36C3C65A9AFF8BF767A9C24BE9835
Malicious: false
Reputation: low
Preview:SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current SessionProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 26230
Entropy (8bit): 3.3801985759758932
Encrypted: false
SSDEEP: 192:3HhNJfnW1s+nW1m++XnW1+lQrrtXnW101Kj0uK6b9iM16a24z4YrgOum64X4yscp:v16i2+7Z7hy777E7d70
MD5: F8EF37426F3FEBB6F5A33A65B8B77E35
SHA1: D301184137B3CD5E861649161126635EAE555C86
SHA-256: 16FA2A391412F6918369F9B8FC12EEB4CBBBB9A415C787B93521FF7B3ADE2447
SHA-512: 5135878F5BF8C12324E7DFA66E1D08A5D6FCB048FCF3E54CD1C8BB879DEF9F031B2217AB7E0A461C45E0C132F6B9F5E6AEEBDBDB4508F49E5D458A371E6F844F
Malicious: false
Reputation: low
Preview:SNSS....................................................!.............................................1..,.......$...a4db1a9d_4b55_4443_9cb8_c2a72dda7724........................h.................................................................................5..0.......&...{730C75E3-B87A-4292-818B-DC8F984D08AE}...........................................................https://innovatus.media/....|...x.......p...................................h.......`.........................................................m.L.....m.L...........................................8.......h.t.t.p.s.:././.i.n.n.o.v.a.t.u.s...m.e.d.i.a./.................................8.......0.......8....................................................................... ...........................................................http://innovatusmedia.com.au/........?./.-/.............................................................................................................https://us.innovatus.media/..................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current TabsProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 8
Entropy (8bit): 1.8112781244591325
Encrypted: false
SSDEEP: 3:3Dtn:3h
MD5: 0686D6159557E1162D04C44240103333
SHA1: 053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256: 3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512: 884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious: false
Reputation: low
Preview:SNSS....
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 335
Entropy (8bit): 3.5297306448944714
Encrypted: false
SSDEEP: 6:qTCTCTCTCTCTCTCTCTCT5z/t2qoEwhXeLKB:qWWWWWWWWWbopXeLKB
MD5: 4B02663C177BA8EA36FB2E49617CCC05
SHA1: 6E77145135116873842B1BEE6622B116CDA3CBB1
SHA-256: 0FD0B4ED1B18A8A1C73736E3C74168C6102092E5AFD431CD36F7F222E578A1C9
SHA-512: 6FAE4934BB9F78B40ECE19DC10FD522EB88497B97F47B76AC4DBC28146F73D23984322AFBF32DDBC3AC219277A7A6F899FAE59E5834DC2E28377A6306D9D6F03
Malicious: false
Reputation: low
Copyright Joe Security LLC 2021 Page 17 of 44
Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 320
Entropy (8bit): 5.225260398564491
Encrypted: false
SSDEEP: 6:ma29CL2H+q2Pwkn23iKKdK8aPrqIFUtn29CLnXZmwB29CLn3VkwOwkn23iKKdK8h:p2oA+vYf5KkL3FUtn2ob/B2orV5Jf5KV
MD5: 506FD89476F2F43ED109878AE03D1D2E
SHA1: 8803644FB36AFFD8A1C7814403F0FCA5F82A00FD
SHA-256: 79AAF9E60AF5A02E779EDB51ADE0FE93BBA95AD33D1267DBAA1E67163F81B4F3
SHA-512: 1E8719B117F21FEA669F0CDB89161A9B5827442031B35821621A951A6853737C926250616457A34B8430E06E0851C814D467E2865664A1DAC32E525F0F99D562
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.454 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/10/27-05:08:07.455 1bdc Recovering log #3.2021/10/27-05:08:07.455 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 320
Entropy (8bit): 5.225260398564491
Encrypted: false
SSDEEP: 6:ma29CL2H+q2Pwkn23iKKdK8aPrqIFUtn29CLnXZmwB29CLn3VkwOwkn23iKKdK8h:p2oA+vYf5KkL3FUtn2ob/B2orV5Jf5KV
MD5: 506FD89476F2F43ED109878AE03D1D2E
SHA1: 8803644FB36AFFD8A1C7814403F0FCA5F82A00FD
SHA-256: 79AAF9E60AF5A02E779EDB51ADE0FE93BBA95AD33D1267DBAA1E67163F81B4F3
SHA-512: 1E8719B117F21FEA669F0CDB89161A9B5827442031B35821621A951A6853737C926250616457A34B8430E06E0851C814D467E2865664A1DAC32E525F0F99D562
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.454 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/10/27-05:08:07.455 1bdc Recovering log #3.2021/10/27-05:08:07.455 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 1482
Entropy (8bit): 1.8784775129881184
Encrypted: false
SSDEEP: 12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW8:
MD5: 531557DF3F473422DD0102A22E51FE15
SHA1: E2048D9AD1D7E3AC2135A339A6FF91814A473501
SHA-256: FB89F5D2BDE68159700BDE0E306D9E5D5CFF0B0AF733603967D228BB9C286A93
SHA-512: 64EFCB0E9EA0D90E827555B9CA381A34F39AADD524B631CD5E3D4BA1EEF0A27CDEE8116138869A7FD5BE0F647CEEA08F95146273138921C46F1245DA0D0A9C4A
Malicious: false
Reputation: low
Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 320
Copyright Joe Security LLC 2021 Page 18 of 44
Entropy (8bit): 5.228468422490884
Encrypted: false
SSDEEP: 6:ma29jYLAVq2Pwkn23iKKdK8NIFUtn29JuAgZmwB29drAIkwOwkn23iKKdK8+eLJ:p2YAVvYf5KkpFUtn2/uAg/B2HAI5Jf5c
MD5: 1931471D7087930CD2E918AC9F35AEA2
SHA1: 8D7B1F8535B538878F89DF701F49009139F77C62
SHA-256: 82A7172283F432663CC8EC7124E66CDCC7411C0109226A061E372F1111B8517A
SHA-512: 7860C64679BD99C07F342C3A20DA70D4AE74374016557150782C97BC6DD05E9D81BA78A007F246334B067438C1BD2DA4ADF3AAD6D2941F57294FCBDAFFC3874F
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:08.891 1bb4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/10/27-05:08:08.893 1bb4 Recovering log #3.2021/10/27-05:08:08.894 1bb4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 320
Entropy (8bit): 5.228468422490884
Encrypted: false
SSDEEP: 6:ma29jYLAVq2Pwkn23iKKdK8NIFUtn29JuAgZmwB29drAIkwOwkn23iKKdK8+eLJ:p2YAVvYf5KkpFUtn2/uAg/B2HAI5Jf5c
MD5: 1931471D7087930CD2E918AC9F35AEA2
SHA1: 8D7B1F8535B538878F89DF701F49009139F77C62
SHA-256: 82A7172283F432663CC8EC7124E66CDCC7411C0109226A061E372F1111B8517A
SHA-512: 7860C64679BD99C07F342C3A20DA70D4AE74374016557150782C97BC6DD05E9D81BA78A007F246334B067438C1BD2DA4ADF3AAD6D2941F57294FCBDAFFC3874F
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:08.891 1bb4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/10/27-05:08:08.893 1bb4 Recovering log #3.2021/10/27-05:08:08.894 1bb4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.jsonProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 11217
Entropy (8bit): 6.069602775336632
Encrypted: false
SSDEEP: 192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
MD5: 90F880064A42B29CCFF51FE5425BF1A3
SHA1: 6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
SHA-256: 965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
SHA-512: D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
Malicious: false
Reputation: low
Preview:{"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.jsonProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 23474
Entropy (8bit): 6.059847580419268
Encrypted: false
SSDEEP: 384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
MD5: 6AE2135EA4583C2F06CDEBEA4AE70FA4
SHA1: DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
Copyright Joe Security LLC 2021 Page 19 of 44
SHA-256: 03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
SHA-512: B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
Malicious: false
Reputation: low
Preview:{"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\FaviconsProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: SQLite 3.x database, last written using SQLite version 3032001
Category: dropped
Size (bytes): 26624
Entropy (8bit): 2.0277262423181046
Encrypted: false
SSDEEP: 192:7NjNl5os4HwhhJNfC/xPKTlMMtGfsYV2r5yNzh3:BjFf81KTlEzh
MD5: F9EF3BC4E0EC19539689EC7A30BF2CA4
SHA1: 580755BD9691163E6D9E9DEAD7AF8C42096BF76D
SHA-256: D3B71AF40B1118A7E0129C89262DF010B5B05593B978526FA0AD6212DCAE07FD
SHA-512: 390353196E11BE1B47D9BD736438009D7CDDDF73A62E5ABAABAC4B666CB1E45290E0EAEDAB909F4DABF795FE36A8E1AA95D78E2FC6CD5F2215E76C5A0FC6C6CA
Malicious: false
Reputation: low
Preview:SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 38
Entropy (8bit): 1.8784775129881184
Encrypted: false
SSDEEP: 3:FQxlXNQxlX:qTCT
MD5: 51A2CBB807F5085530DEC18E45CB8569
SHA1: 7AD88CD3DE5844C7FC269C4500228A630016AB5B
SHA-256: 1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
SHA-512: B643A8FA75EDA90C89AB98F79D4D022BB81F1F62F50ED4E5440F487F22D1163671EC3AE73C4742C11830214173FF2935C785018318F4A4CAD413AE4EEEF985DF
Malicious: false
Reputation: low
Preview:.f.5................f.5...............
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 372
Entropy (8bit): 5.201114205229337
Encrypted: false
SSDEEP: 6:ma29J0Aq2Pwkn23iKKdK25+Xqx8chI+IFUtn29XFU4ZmwB29UzkwOwkn23iKKdKI:p2sAvYf5KkTXfchI3FUtn2zU4/B2+z5S
MD5: 4610F16F9AA2A98758FCE34E9BC9D68B
SHA1: 042FC95884FFBDE1A6889BAAC6D9888E6355ED60
SHA-256: 3207FE9E53F74DCB0FDEE6A37E667AAE666B291BD6EF17DD3D096194211DBF44
SHA-512: CCAD8D5EB68833D11EAB850CC6E694544A526A832E83D0A19D7159E65A887457C174B03D8803830F2E3DC620433D4DFA3D63042B229CD8DD4BCA3001BD0122E0
Malicious: false
Reputation: low
Copyright Joe Security LLC 2021 Page 20 of 44
Preview:2021/10/27-05:08:30.907 1a80 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/10/27-05:08:30.908 1a80 Recovering log #3.2021/10/27-05:08:30.909 1a80 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 372
Entropy (8bit): 5.201114205229337
Encrypted: false
SSDEEP: 6:ma29J0Aq2Pwkn23iKKdK25+Xqx8chI+IFUtn29XFU4ZmwB29UzkwOwkn23iKKdKI:p2sAvYf5KkTXfchI3FUtn2zU4/B2+z5S
MD5: 4610F16F9AA2A98758FCE34E9BC9D68B
SHA1: 042FC95884FFBDE1A6889BAAC6D9888E6355ED60
SHA-256: 3207FE9E53F74DCB0FDEE6A37E667AAE666B291BD6EF17DD3D096194211DBF44
SHA-512: CCAD8D5EB68833D11EAB850CC6E694544A526A832E83D0A19D7159E65A887457C174B03D8803830F2E3DC620433D4DFA3D63042B229CD8DD4BCA3001BD0122E0
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.907 1a80 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/10/27-05:08:30.908 1a80 Recovering log #3.2021/10/27-05:08:30.909 1a80 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 358
Entropy (8bit): 5.14653007931941
Encrypted: false
SSDEEP: 6:ma29f0Aq2Pwkn23iKKdK25+XuoIFUtn29dFU4ZmwB29CkwOwkn23iKKdK25+Xuxo:p22AvYf5KkTXYFUtn2Lu4/B2E5Jf5Kkl
MD5: 45A3A113D1D331EC1E23637DC284FABD
SHA1: F84CB85CE7CBE0251B95F10E83A588876C78DFEB
SHA-256: BD93CDD7CB4F1B046607A394D44FE055FB11605CB39FD473DA0E499BBB3E725F
SHA-512: DBAD6A1634C7F9650D0F8A946BB477F38D29480832946FAA648AE8EF8289B2E09E67D38ABBC8BC04DBBB4331B8A679383AEF585DD9E358952B082CF5857F19CA
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.901 1a80 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/10/27-05:08:30.902 1a80 Recovering log #3.2021/10/27-05:08:30.903 1a80 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 358
Entropy (8bit): 5.14653007931941
Encrypted: false
SSDEEP: 6:ma29f0Aq2Pwkn23iKKdK25+XuoIFUtn29dFU4ZmwB29CkwOwkn23iKKdK25+Xuxo:p22AvYf5KkTXYFUtn2Lu4/B2E5Jf5Kkl
MD5: 45A3A113D1D331EC1E23637DC284FABD
SHA1: F84CB85CE7CBE0251B95F10E83A588876C78DFEB
SHA-256: BD93CDD7CB4F1B046607A394D44FE055FB11605CB39FD473DA0E499BBB3E725F
SHA-512: DBAD6A1634C7F9650D0F8A946BB477F38D29480832946FAA648AE8EF8289B2E09E67D38ABBC8BC04DBBB4331B8A679383AEF585DD9E358952B082CF5857F19CA
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.901 1a80 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/10/27-05:08:30.902 1a80 Recovering log #3.2021/10/27-05:08:30.903 1a80 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Copyright Joe Security LLC 2021 Page 21 of 44
Size (bytes): 330
Entropy (8bit): 5.264617664419558
Encrypted: false
SSDEEP: 6:ma29O+q2Pwkn23iKKdKWT5g1IdqIFUtn29bHZZmwB29sd3VkwOwkn23iKKdKWT5i:p2BvYf5Kkg5gSRFUtn2P/B2adF5Jf5Kg
MD5: CC225808EDACFA7A7C7C67C13EABAB41
SHA1: EDAC4F430C2590A850A00817E87FE94A8AF77AA9
SHA-256: DD702A517D37DB37335746F30DA113A8A1957EDF5EA09F0985BA64ECA92766C8
SHA-512: D87BFE106BF769F620040AB386AF843954D578ACE20466726160F95B2C567249EDD90BCE8B971C148969D36190AD38CA0FB3F2841E09DA3A2A9EA84CBBD87637
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.746 1bb8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/10/27-05:08:30.747 1bb8 Recovering log #3.2021/10/27-05:08:30.748 1bb8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldtm (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 330
Entropy (8bit): 5.264617664419558
Encrypted: false
SSDEEP: 6:ma29O+q2Pwkn23iKKdKWT5g1IdqIFUtn29bHZZmwB29sd3VkwOwkn23iKKdKWT5i:p2BvYf5Kkg5gSRFUtn2P/B2adF5Jf5Kg
MD5: CC225808EDACFA7A7C7C67C13EABAB41
SHA1: EDAC4F430C2590A850A00817E87FE94A8AF77AA9
SHA-256: DD702A517D37DB37335746F30DA113A8A1957EDF5EA09F0985BA64ECA92766C8
SHA-512: D87BFE106BF769F620040AB386AF843954D578ACE20466726160F95B2C567249EDD90BCE8B971C148969D36190AD38CA0FB3F2841E09DA3A2A9EA84CBBD87637
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:30.746 1bb8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/10/27-05:08:30.747 1bb8 Recovering log #3.2021/10/27-05:08:30.748 1bb8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: SQLite 3.x database, last written using SQLite version 3032001
Category: dropped
Size (bytes): 118784
Entropy (8bit): 0.665019940563209
Encrypted: false
SSDEEP: 192:QNVFJ2s9HOmGDJo+JiNE7JGYm21+bDo3irhnydVj3XBBE3uztVseKV22cyN+:vKHzJU3iVy/BBE3uI+
MD5: 3F7F7D9032EFC19AD4EBEA188AD0F8AF
SHA1: FDADA7548877B1C6A8E9666B7DC89D69BFC388BF
SHA-256: ACDFFBA4C499313293A881F136167646AF654800A0F3E3825DCF3828CC218CE5
SHA-512: BF94AAB510A993F3726CD996C30FD53A072575ADDCF80895E4984F064E6650DD5FB6AC5020BBAD0ECC1B4A4B8220E14076B7DC7B4F33CC64B4147C7C4497B301
Malicious: false
Reputation: low
Preview:SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider CacheProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 805
Entropy (8bit): 5.483223491940286
Encrypted: false
SSDEEP: 24:VwJNmkFNHTGiyb0oELekfrAhzAhvEN5h2Ahp051:VwJNNFNHTXywoENAhzAhvEN5h2Ahpc
MD5: 8770A6376E205E38D5E3E44690F44F57
SHA1: D887DDCF262DCDF982925D776A5B9EBA063F52B7
SHA-256: 77B1937583432E2C6A92A025853137895190F08CC61BECA8ABEF2E33CF0B1F4E
SHA-512: 5F39266A743AA842A410D06C800ECB331ABD7DE72D5E3DA80B52980F216DE44705E47C8B0FCC374BDC352FC2F8ABD5E6CC7E5BF1CDC8B7ED02B9CD33B48659E2
Copyright Joe Security LLC 2021 Page 22 of 44
Malicious: false
Reputation: low
Preview:.............">....http..innovatus..media..us..https..au..com..innovatusmedia*^......au......com......http......https......innovatus......innovatusmedia......media......us..2.........a...........c........d.........e.........h.........i..........m..........n.........o..........p.........s...........t...........u...........v....:S...................................................................................B.....M...... .......*.http://us.innovatus.media/2.Innovatus Media:................S...... .......*.https://us.innovatus.media/2.Innovatus Media:.....................P...... ........*.http://innovatusmedia.com.au/2.Innovatus Media:.................P...... ........*.https://innovatus.media/2.Innovatus Media:.....................J9.........................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Sessiona} (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 26230
Entropy (8bit): 3.3801985759758932
Encrypted: false
SSDEEP: 192:3HhNJfnW1s+nW1m++XnW1+lQrrtXnW101Kj0uK6b9iM16a24z4YrgOum64X4yscp:v16i2+7Z7hy777E7d70
MD5: F8EF37426F3FEBB6F5A33A65B8B77E35
SHA1: D301184137B3CD5E861649161126635EAE555C86
SHA-256: 16FA2A391412F6918369F9B8FC12EEB4CBBBB9A415C787B93521FF7B3ADE2447
SHA-512: 5135878F5BF8C12324E7DFA66E1D08A5D6FCB048FCF3E54CD1C8BB879DEF9F031B2217AB7E0A461C45E0C132F6B9F5E6AEEBDBDB4508F49E5D458A371E6F844F
Malicious: false
Reputation: low
Preview:SNSS....................................................!.............................................1..,.......$...a4db1a9d_4b55_4443_9cb8_c2a72dda7724........................h.................................................................................5..0.......&...{730C75E3-B87A-4292-818B-DC8F984D08AE}...........................................................https://innovatus.media/....|...x.......p...................................h.......`.........................................................m.L.....m.L...........................................8.......h.t.t.p.s.:././.i.n.n.o.v.a.t.u.s...m.e.d.i.a./.................................8.......0.......8....................................................................... ...........................................................http://innovatusmedia.com.au/........?./.-/.............................................................................................................https://us.innovatus.media/..................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsdb (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 8
Entropy (8bit): 1.8112781244591325
Encrypted: false
SSDEEP: 3:3Dtn:3h
MD5: 0686D6159557E1162D04C44240103333
SHA1: 053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256: 3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512: 884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious: false
Reputation: low
Preview:SNSS....
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 6212
Entropy (8bit): 5.551947265281529
Encrypted: false
SSDEEP: 96:M0OMggdbzfvvbQ5fgGKrS0Vf2QHgQKzXiwpWpQdOGb6vzSi3jHf3:9OMpd3fvvE5fgPVZHgQcdWl
MD5: 3A8A661FDEABDDFFB03220208B338308
SHA1: 1D3A3AE46701E5B53A38E0AE219176E9C60DEA12
SHA-256: CEAEC4095BE974E658E69018705934A6DA7B0F946084E69292628BD4D336E7EE
SHA-512: D9010EAE5917BC1D40C6259408242EE8F1DE6A19CF034915BFCE75796C286C9CC6D28CB125157B75FA73F3E0EED708920F020A8522B53999370670EAA0426FC9
Malicious: false
Reputation: low
Preview:.ch@.................VERSION.1.8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..............Q_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.persistent.CloudProvider7.{"cloudEnabled":false,"notifiedHangoutsPrivacy":false}.S_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.persistent.IdentityService6.{"signedIn":false,"userEmail":null,"kioskAuth":false}.Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..285164000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2020-09-30 09:28:42.02][INFO][mr.Init] MR instance ID: a3f601d9-09ed-4d73-b6cf-2acd12d4689c\n","[2020-09-30 09:28:42.02][INFO][mr.Init] Native Cast MRP is disabled.\n","[2020-09-30 09:28:42.02][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2020-09-30 09:28:42.02][INFO
Copyright Joe Security LLC 2021 Page 23 of 44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 329
Entropy (8bit): 5.2051593782113015
Encrypted: false
SSDEEP: 6:ma29HFz3+q2Pwkn23iKKdK8a2jMGIFUtn29BFBCWZmwB29KVkwOwkn23iKKdK8as:p2hFz3+vYf5Kk8EFUtn2OW/B2oV5Jf5i
MD5: 3B4F4983D3ACFECF3CF1F4FCD9C932BA
SHA1: 2EA256D8A22D9907B53F5267E059F408009AB6A1
SHA-256: 7151C53B3B41B8A71729D2AABC926AF6F81CC3FC9F91C8AD886FB4DC1824DD17
SHA-512: 10778A9FCCB0311FD6E7EA2ADE84A25DDE6F61F97A59EEBEECD18A8633133EA12EE5745FE30B62BC0189C3932B223579A03D491C0D2A3588FDA86B92B5F2C89B
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:06.932 dcc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/10/27-05:08:06.934 dcc Recovering log #3.2021/10/27-05:08:06.935 dcc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.oldp (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 329
Entropy (8bit): 5.2051593782113015
Encrypted: false
SSDEEP: 6:ma29HFz3+q2Pwkn23iKKdK8a2jMGIFUtn29BFBCWZmwB29KVkwOwkn23iKKdK8as:p2hFz3+vYf5Kk8EFUtn2OW/B2oV5Jf5i
MD5: 3B4F4983D3ACFECF3CF1F4FCD9C932BA
SHA1: 2EA256D8A22D9907B53F5267E059F408009AB6A1
SHA-256: 7151C53B3B41B8A71729D2AABC926AF6F81CC3FC9F91C8AD886FB4DC1824DD17
SHA-512: 10778A9FCCB0311FD6E7EA2ADE84A25DDE6F61F97A59EEBEECD18A8633133EA12EE5745FE30B62BC0189C3932B223579A03D491C0D2A3588FDA86B92B5F2C89B
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:06.932 dcc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/10/27-05:08:06.934 dcc Recovering log #3.2021/10/27-05:08:06.935 dcc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action PredictorProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: SQLite 3.x database, last written using SQLite version 3032001
Category: dropped
Size (bytes): 36864
Entropy (8bit): 0.6327069808514486
Encrypted: false
SSDEEP: 96:POqAuhjspnWOvJPTNAscBWkkSpU9sGarGjDGp/l:nWPTNAscokkYMsGaEYN
MD5: 55990FEAF49F2E6BE43C46379F0A4F17
SHA1: D12D0F2A173C37D5D182AD6EE2596C051AD60190
SHA-256: C4F1CB3DC0732701291C16ED39A6FCF53A40777B9936E88C0E01B86106A1AEF8
SHA-512: 500965298111EFEDA216D818CD742702DA112B8339056022ABA41A97E251433D6C3AA274A892EC5165496789A9FEA62A8E280E7F31429673BBF9F6E2F9E4104F
Malicious: false
Reputation: low
Preview:SQLite format 3......@ ..........................................................................C.......,......\.t.+.>...,............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 3473
Entropy (8bit): 4.884843136744451
Encrypted: false
SSDEEP: 96:6FGX0G70GhIGpyGzRDYLiEHYDBKGzUGaCGjHGESHG/OG6mhM:6Fe0i0sIIyGzRDYLiEHYDBKSUpCQHrSP
MD5: 494384A177157C36E9017D1FFB39F0BF
Copyright Joe Security LLC 2021 Page 24 of 44
SHA1: CE5D9754A70CD84CEE77C9180DB92C69715BE105
SHA-256: 07CF0A5189FAD30A4AA721F4F6DA1B15100991115833EACFA1E2DC84A1B54337
SHA-512: BFB80EEC0C0B5D9E487047703BE49826321A4D249422E0C81E978E6C8A310F41C7B4B8F849229BA87484FDF4831DD6A98FF994D0FDA5CE3D341CE615C15F2F1C
Malicious: false
Reputation: low
Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607497410","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":27387},"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607334226","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34287},"server":"https://ssl.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607463627","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31787},"server":"https://fonts.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607318875","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":23359},"server":"https://apis.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateP (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 3299
Entropy (8bit): 4.911997470114523
Encrypted: false
SSDEEP: 96:JzMaKDHGXOKewtdE6rc1EbIuGDbGoGNAqPC/M:JzMaKDHGXOKewtdE6rcKb5abHwDPCU
MD5: 60856E95815DFDC210199C77F9480997
SHA1: 95995F78304920E0C7A9076F6F2CF3DB0BFB94E8
SHA-256: 4E8B445D7704F61C0B9AD4359B6FF25E304FCEC21ACC9F8478E418FABD5B581A
SHA-512: A9F281DE7D54717805B633CD202C1F6E0F052D2F4C868513F501C729E6F7AA106F778F62E5445941F93F1C159382DC257FE2A3976FDFC2799C09401456A7E1E5
Malicious: false
Reputation: low
Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"isolation":[],"server":"https://www.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13282369688895041","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13282369710977829","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.googleuserco
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 334
Entropy (8bit): 5.23002811732452
Encrypted: false
SSDEEP: 6:ma29CL6Fr+q2Pwkn23iKKdKgXz4rRIFUtn29CL2FbZmwB29CLx3VkwOwkn23iKK2:p2oSSvYf5KkgXiuFUtn2oeb/B2o75JfR
MD5: 9B38F63B8D9C2DCE7CC5A844DCACBDED
SHA1: E2AF6FB89CA80F0D6690F69E08C89D05C361337D
SHA-256: 1FB43634F8E10475535E792AA4834C281CAC25124CE30DC699DB3AFFD3D324A6
SHA-512: 1DF0B916C56FDD95AC243BD187CC6C42117E9BF5C7EDD32E35C6EEE4B9C9419D45C656B9EDF71FE5A6443FA30BE96ABB4C422E12817F6C008BF8648253D36F94
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.494 1498 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/10/27-05:08:07.498 1498 Recovering log #3.2021/10/27-05:08:07.499 1498 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldMP (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 334
Entropy (8bit): 5.23002811732452
Encrypted: false
SSDEEP: 6:ma29CL6Fr+q2Pwkn23iKKdKgXz4rRIFUtn29CL2FbZmwB29CLx3VkwOwkn23iKK2:p2oSSvYf5KkgXiuFUtn2oeb/B2o75JfR
MD5: 9B38F63B8D9C2DCE7CC5A844DCACBDED
SHA1: E2AF6FB89CA80F0D6690F69E08C89D05C361337D
SHA-256: 1FB43634F8E10475535E792AA4834C281CAC25124CE30DC699DB3AFFD3D324A6
SHA-512: 1DF0B916C56FDD95AC243BD187CC6C42117E9BF5C7EDD32E35C6EEE4B9C9419D45C656B9EDF71FE5A6443FA30BE96ABB4C422E12817F6C008BF8648253D36F94
Malicious: false
Copyright Joe Security LLC 2021 Page 25 of 44
Reputation: low
Preview:2021/10/27-05:08:07.494 1498 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/10/27-05:08:07.498 1498 Recovering log #3.2021/10/27-05:08:07.499 1498 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldMP (copy)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 5655
Entropy (8bit): 4.9986954459628175
Encrypted: false
SSDEEP: 96:nBLpiD9pIKI75k0JCrwRWL8TEkg1T1k9OSvbOTlVuHn:nBLG9pIJh4rwYKEkgN1k9rh
MD5: BFE4A8F2FC06233581E21BC11C2208C7
SHA1: E8F9A799A7B7DC9567EF9BA1843984AD40E97922
SHA-256: C497FEBC7F24FC5F3D5B50CF258021AE2BF9ED3B229FFAE8A6F459FA0C352CA9
SHA-512: 04E8BBC9C6EA3F1259EEF46A827817728FB9534B3BF87DEEC5E95490A3ABE1A8D11B0896B9F729917DA774AD7E28A54A538D97EA4D612B95455C224D6832001C
Malicious: false
Reputation: low
Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13279777687457674","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 5153
Entropy (8bit): 4.962400241604828
Encrypted: false
SSDEEP: 96:nBLwt9pIKIc5k0JCKL8TEkg1QbOTlVuHn:nBLc9pIOh4KKEkgW
MD5: B1D8EEE84B8DB0BC8770190A8E7BEC1C
SHA1: A05B7818818F8813D8F72811655FCA4AFEAFB89D
SHA-256: E36909910103D9FDB0C60C1F9EA7CDD6B107EE0AE7AB1D7CF8329E791345BD63
SHA-512: 553023C5BFB7EFAE4103C08DB98E223EC15AD77EA51DC068E9345299475136B1417ED8ED41A91F17AB0DB09EEA7DBD64BD2B62ADE9B1E0037D1AF692A451497A
Malicious: false
Reputation: low
Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13279777687457674","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManagerProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: SQLite 3.x database, last written using SQLite version 3032001
Category: dropped
Size (bytes): 53248
Entropy (8bit): 0.3622955737774043
Encrypted: false
SSDEEP: 48:TzLbCIG+6bDdsDaKgJgKtHIm50I9a+U1cVB:vCIG+6bDdsDaBJvtHIm50I4sX
MD5: DDC1F7FC68A5177438E7C01DE312606D
SHA1: 4DCA224B74B46D928D62140D5531B155BDC172AE
SHA-256: 3B02C2DC7E07BC74D914284428336BEA95F7A69A37098313BE7217548AD4C555
SHA-512: 59449DA60333927917FEDAAAF3B38E8A58DEF24403AA7D49934223275E9B5AE6A5F35FAAFF656DFB6134F203DC4A18950F0CBDED0020934B503E60569A606FF1
Malicious: false
Reputation: low
Preview:SQLite format 3......@ ..........................................................................C..........g.....*.W.L.[......."......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Copyright Joe Security LLC 2021 Page 26 of 44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NELProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: SQLite 3.x database, last written using SQLite version 3032001
Category: dropped
Size (bytes): 36864
Entropy (8bit): 1.3361262186671161
Encrypted: false
SSDEEP: 96:QIElwQF8mpcSasvy1bVzHdyU+9DyCERzyruzJE:QIElwQF8mpcSasa1bVzcU+9uCERekJE
MD5: CBBBCD065BB82E7BEDB7E466D738B660
SHA1: 113B05EDD0EB63AF407BD2A21EA6F2A655928FB5
SHA-256: FE23A13F4ECAD97206976576041BC3EFDC48E344BCE3C42F140151F6A3C7F350
SHA-512: EC9741924E7BEF9B5209FD4212BB4D25057946ABA193612D989AC831539035EECE201D6C6DA1B3FF380703E5E8B39A3C6FC256EA28D56C91B7DA3F07A9F05634
Malicious: false
Reputation: low
Preview:SQLite format 3......@ ..........................................................................C..........g...^.........j............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: UTF-8 Unicode text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 19185
Entropy (8bit): 5.571031046586699
Encrypted: false
SSDEEP: 384:V1wtvLl57Xf1kXqKf/pUZNCgVLH2HfDsrUsHGW8q45:2LlZf1kXqKf/pUZNCgVLH2HfArUgGpqu
MD5: C20835A5FD0269E12C6FA4D851C39E63
SHA1: 0853C5430A24B9E100637740727CCD6BF2EAE0A3
SHA-256: 7C9539FCA239221636B92F5AACF318B4EDF9D977C0E49A51A86D9C11B0E173C6
SHA-512: 6A04D088573BFB47A62EE391C2C2AD0AB3DFD33F6291459ADF91075C520D25C1374873CCF056BEE43266E1E9114EF1A6FC568BA044FA15DF0479233BD5CBDA5C
Malicious: false
Reputation: low
Preview:{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13279777686878156","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: UTF-8 Unicode text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 17092
Entropy (8bit): 5.583638250936512
Encrypted: false
SSDEEP: 384:V1wtvLl57Xf1kXqKf/pUZNCgVLH2HfDsrUaTq4G:2LlZf1kXqKf/pUZNCgVLH2HfArUKqB
MD5: DA08763D4A9D79CCEF7D48853E105413
SHA1: 872AB664B9502C09BC89444AE0FAEED51C0E41D7
SHA-256: E4D302F356DF465174F11D065D5FD72D1AA486D8EBDD753BC9C6B63BCD4DE828
SHA-512: 18F3C89259F4BC58716C7D55D03E4D027D776165A9D943E90A0BBC166B628C07675A532AE507CF8417DE7567E6EC973D3AAADE13BE94EBE42D66FE20054BFFFA
Malicious: false
Reputation: low
Preview:{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13279777686878156","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Copyright Joe Security LLC 2021 Page 27 of 44
Category: dropped
Size (bytes): 936
Entropy (8bit): 4.525732054222743
Encrypted: false
SSDEEP: 24:Ra0ZZZZZZZZZZZZZZZZZZ8oaj24BV359627xIDo6Tqhy3as:tZZZZZZZZZZZZZZZZZZ8B1J9wb+0qs
MD5: 4CD965FDE98D7F4C0E45DDBAFEC05B27
SHA1: 55440ECCEED4EC393A68B8259DD4FB778C7998DB
SHA-256: 4A381CA0A245A24FA0142AB572DA2CB8FE203A399FD6CBC2AA9CB370AA8B3A83
SHA-512: D909266CE3D805E11F8FF27153461B7C0604B1755678DA46658847F76E342823D0B1177312A2B6DD209052022BDCD6ACECB7A135BD98B2A3BFE9EF1B39C1870A
Malicious: false
Reputation: low
Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f................<.tf................next-map-id.1.Gnamespace-a4db1a9d_4b55_4443_9cb8_c2a72dda7724-https://www.youtube.com/.0..;(.................map-0-__sak.sbff................next-map-id.2.Gnamespace-cdd54d3b_6a80_43a3_8993_e099a2eba365-https://www.youtube.com/.16.L..................map-1-__sak...Xf................next-map-id.3.Gnamespace-2c11b4ce_168f_4ffb_8aad_ec8d3a10022c-https://www.youtube.com/.2.b...................map-2-__sak..7g................next-map-id.4.Hnamespace-20b90989_f56b_4a0b_9938_6fd8fedcfe7b-https://www.linkedin.com/.3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 320
Entropy (8bit): 5.172906647075497
Encrypted: false
SSDEEP: 6:ma29CLWk8i+q2Pwkn23iKKdKrQMxIFUtn29CLG8mZmwB29CLcSNVkwOwkn23iKKS:p2oikH+vYf5KkCFUtn2o9m/B2oIiV5J7
MD5: CBE9FC08B32B837EBEB878E81566E48B
SHA1: 2E226297C7BBD5437C9E063704930D415A0F8CF4
SHA-256: 34B0E50E5EB561EA3EDCE6E708E4F93DD3CFCBAD3D9A928ACF75923A5457AFE4
SHA-512: 3AF8F5B5C3014F76E01C8276B2FD45538C8DF3B331CD96B4DDB256B306D3C40D7A5C543DBAE8B2892986BCCF0DDA2B16BD99A2610654C5AC32BA6DEBC5DCE93F
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.390 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/10/27-05:08:07.410 1bdc Recovering log #3.2021/10/27-05:08:07.411 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 320
Entropy (8bit): 5.172906647075497
Encrypted: false
SSDEEP: 6:ma29CLWk8i+q2Pwkn23iKKdKrQMxIFUtn29CLG8mZmwB29CLcSNVkwOwkn23iKKS:p2oikH+vYf5KkCFUtn2o9m/B2oIiV5J7
MD5: CBE9FC08B32B837EBEB878E81566E48B
SHA1: 2E226297C7BBD5437C9E063704930D415A0F8CF4
SHA-256: 34B0E50E5EB561EA3EDCE6E708E4F93DD3CFCBAD3D9A928ACF75923A5457AFE4
SHA-512: 3AF8F5B5C3014F76E01C8276B2FD45538C8DF3B331CD96B4DDB256B306D3C40D7A5C543DBAE8B2892986BCCF0DDA2B16BD99A2610654C5AC32BA6DEBC5DCE93F
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.390 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/10/27-05:08:07.410 1bdc Recovering log #3.2021/10/27-05:08:07.411 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 100
Entropy (8bit): 4.45507223434285
Encrypted: false
SSDEEP: 3:ZtlXt0diERFvqlPt9WTIyDHJ:ZtlXt084FmuTIyDp
MD5: BAC12467CD129E9A501E8537DC782D7F
SHA1: 2D9A0B79EF9BEB5C905F9B9A81E967BD20895E93
Copyright Joe Security LLC 2021 Page 28 of 44
SHA-256: 0AA19390F10F8E10D91D4E44ED590A76721C1AD17CEA2EEAF1E8D7CB3B602702
SHA-512: 680A3EB44087D13C075BE6456E67F30FE03BE4D79E5E5347866335897E10FB4A295560B96982470A71C021ECFEEE76787F3160BA703A3001ED565E318B10FD7D
Malicious: false
Reputation: low
Preview:.-..!................database_metadata.20..t5............... 2d82f0364b38ac84b316d400cfb08f3f......
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 348
Entropy (8bit): 5.179522696774029
Encrypted: false
SSDEEP: 6:ma296+q2Pwkn23iKKdK7Uh2ghZIFUtn29/8mZmwB295SNVkwOwkn23iKKdK7Uh2w:p2I+vYf5KkIhHh2FUtn2Jn/B26V5Jf5m
MD5: 5B27219FA4D3B01597FB474A2E7587A0
SHA1: D6A44BC94700FB1E7D272B39A1952D3AFEA400DF
SHA-256: 54516EE75249CB600B0EB757E2B5DD23C7AD197778B74F12566C40F966AA62E2
SHA-512: 1CE36073AF4D096FD3BBA77DE18050E0B0E397B806A2BE1492BAD2CC4C2F86042930AADC78BE38FE74077DE2D204A0F86E9648F6E7EB56E9365F1CB408AB5217
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:06.904 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/10/27-05:08:06.910 1bdc Recovering log #3.2021/10/27-05:08:06.911 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldMP (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 348
Entropy (8bit): 5.179522696774029
Encrypted: false
SSDEEP: 6:ma296+q2Pwkn23iKKdK7Uh2ghZIFUtn29/8mZmwB295SNVkwOwkn23iKKdK7Uh2w:p2I+vYf5KkIhHh2FUtn2Jn/B26V5Jf5m
MD5: 5B27219FA4D3B01597FB474A2E7587A0
SHA1: D6A44BC94700FB1E7D272B39A1952D3AFEA400DF
SHA-256: 54516EE75249CB600B0EB757E2B5DD23C7AD197778B74F12566C40F966AA62E2
SHA-512: 1CE36073AF4D096FD3BBA77DE18050E0B0E397B806A2BE1492BAD2CC4C2F86042930AADC78BE38FE74077DE2D204A0F86E9648F6E7EB56E9365F1CB408AB5217
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:06.904 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/10/27-05:08:06.910 1bdc Recovering log #3.2021/10/27-05:08:06.911 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 270336
Entropy (8bit): 0.0012471779557650352
Encrypted: false
SSDEEP: 3:MsEllllkEthXllkl2zE:/M/xT02z
MD5: F50F89A0A91564D0B8A211F8921AA7DE
SHA1: 112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
SHA-256: B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
SHA-512: BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
Malicious: false
Reputation: low
Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Copyright Joe Security LLC 2021 Page 29 of 44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 430
Entropy (8bit): 5.238272608151603
Encrypted: false
SSDEEP: 12:p2oR+vYf5KkFFUtn2o5ec/B2o4V5Jf5KkOJ:2Yf5KkfgL8Jf5KkK
MD5: 91DFBB098642813B4B35111DD6910D63
SHA1: 5228F8D0154DF88A82B4AE4F3DEAD47D2EBFE9C4
SHA-256: C42CABBC62D0654A5FAE52665446DCDADDE18A45DBC33915618B52E0C6CB3CB0
SHA-512: BFAF7641593F726D7DB7DAD30D238F97CF9788E0103E4F257C6052CBA7C5FFFDB34E992BE5CC187DD3EBC34E1837E7D78233E0F027E53D39321C99CA8FF93AFD
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.431 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/10/27-05:08:07.442 1bdc Recovering log #3.2021/10/27-05:08:07.443 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 430
Entropy (8bit): 5.238272608151603
Encrypted: false
SSDEEP: 12:p2oR+vYf5KkFFUtn2o5ec/B2o4V5Jf5KkOJ:2Yf5KkfgL8Jf5KkK
MD5: 91DFBB098642813B4B35111DD6910D63
SHA1: 5228F8D0154DF88A82B4AE4F3DEAD47D2EBFE9C4
SHA-256: C42CABBC62D0654A5FAE52665446DCDADDE18A45DBC33915618B52E0C6CB3CB0
SHA-512: BFAF7641593F726D7DB7DAD30D238F97CF9788E0103E4F257C6052CBA7C5FFFDB34E992BE5CC187DD3EBC34E1837E7D78233E0F027E53D39321C99CA8FF93AFD
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.431 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/10/27-05:08:07.442 1bdc Recovering log #3.2021/10/27-05:08:07.443 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 325
Entropy (8bit): 4.971623449303805
Encrypted: false
SSDEEP: 6:YHpoNXR8+eq7JdV5p7DHJShsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHfHYhsBdLJlyH7E4f3K33y
MD5: 8CA9278965B437DFC789E755E4C61B82
SHA1: 5776B6C90CA1D2DDC765ED673B5E6DC8E167F0D6
SHA-256: A57D9231244C1FBDE58A1BF50CAD3A1E3EA28D042BFA272782B65139446E7C51
SHA-512: 3065FE0743AD88E02F8C8FF6CF03B832B616DD08061EAE25A5106422228D45EB999EE2CBE4E9C96D5FFC108CB817766240E27BF97E3E5C2A58081D369E2968F8
Malicious: false
Reputation: low
Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516514667526","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 432
Entropy (8bit): 5.275602560878752
Encrypted: false
SSDEEP: 12:p2oGZ+vYf5KkmiuFUtn2oAn/B2o9V5Jf5Kkm2J:2eYf5KkSguFJf5Kkr
MD5: 3192C445AFBA7BF2D5D35063EE815DF4
Copyright Joe Security LLC 2021 Page 30 of 44
SHA1: 2392124BA3833B81E8D5CA403D1AF88C0B41A669
SHA-256: EEACF991E1D9F0BE10BC30CC9BB0753C1115C7E283DAA3CF772B28EE66E3BC15
SHA-512: 59697F2AB2B5EC54B7E2A79AB0A5CB0B52883F3113A76828D31C8B7FCAC43856B5176DD95F85F0DCB6A40DDFD40C6641AFA6577EADF45A648EF12A17B5DFBC4D
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.490 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/10/27-05:08:07.492 1bdc Recovering log #3.2021/10/27-05:08:07.493 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 432
Entropy (8bit): 5.275602560878752
Encrypted: false
SSDEEP: 12:p2oGZ+vYf5KkmiuFUtn2oAn/B2o9V5Jf5Kkm2J:2eYf5KkSguFJf5Kkr
MD5: 3192C445AFBA7BF2D5D35063EE815DF4
SHA1: 2392124BA3833B81E8D5CA403D1AF88C0B41A669
SHA-256: EEACF991E1D9F0BE10BC30CC9BB0753C1115C7E283DAA3CF772B28EE66E3BC15
SHA-512: 59697F2AB2B5EC54B7E2A79AB0A5CB0B52883F3113A76828D31C8B7FCAC43856B5176DD95F85F0DCB6A40DDFD40C6641AFA6577EADF45A648EF12A17B5DFBC4D
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:07.490 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/10/27-05:08:07.492 1bdc Recovering log #3.2021/10/27-05:08:07.493 1bdc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 80
Entropy (8bit): 3.4921535629071894
Encrypted: false
SSDEEP: 3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
MD5: 69449520FD9C139C534E2970342C6BD8
SHA1: 230FE369A09DEF748F8CC23AD70FD19ED8D1B885
SHA-256: 3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
SHA-512: EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
Malicious: false
Reputation: low
Preview:*...#................version.1..namespace-..&f.................&f...............
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 418
Entropy (8bit): 5.243354470762251
Encrypted: false
SSDEEP: 6:ma29p+q2Pwkn23iKKdKusNpZQMxIFUtn29bZmwB29QVkwOwkn23iKKdKusNpZQMT:p2OvYf5KkMFUtn2R/B2q5Jf5KkTJ
MD5: ADCCAE0ECD8A3076632BD619DE247619
SHA1: 02274DEEEE6844D36E1FF067F5F5CE21DCFCCD2D
SHA-256: 9A118DA3E86E4A178D27E17E90E035559E63CFAB3517B4F4320FDB19A4232D0A
SHA-512: D4B67D8BDACCD31650E99371258D77077A49B3ED00EF0EAE7F223F5C5FBE6ADB87F467244F0F78D9DDE635902A9249844B5B3536EBFA611979A30B8E993D4E35
Malicious: false
Reputation: low
Copyright Joe Security LLC 2021 Page 31 of 44
Preview:2021/10/27-05:08:22.914 1be8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/10/27-05:08:22.916 1be8 Recovering log #3.2021/10/27-05:08:22.917 1be8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 418
Entropy (8bit): 5.243354470762251
Encrypted: false
SSDEEP: 6:ma29p+q2Pwkn23iKKdKusNpZQMxIFUtn29bZmwB29QVkwOwkn23iKKdKusNpZQMT:p2OvYf5KkMFUtn2R/B2q5Jf5KkTJ
MD5: ADCCAE0ECD8A3076632BD619DE247619
SHA1: 02274DEEEE6844D36E1FF067F5F5CE21DCFCCD2D
SHA-256: 9A118DA3E86E4A178D27E17E90E035559E63CFAB3517B4F4320FDB19A4232D0A
SHA-512: D4B67D8BDACCD31650E99371258D77077A49B3ED00EF0EAE7F223F5C5FBE6ADB87F467244F0F78D9DDE635902A9249844B5B3536EBFA611979A30B8E993D4E35
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:22.914 1be8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/10/27-05:08:22.916 1be8 Recovering log #3.2021/10/27-05:08:22.917 1be8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\f5f9c149-9e3f-4341-b53b-22ac0bb51e27.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 325
Entropy (8bit): 4.971623449303805
Encrypted: false
SSDEEP: 6:YHpoNXR8+eq7JdV5p7DHJShsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHfHYhsBdLJlyH7E4f3K33y
MD5: 8CA9278965B437DFC789E755E4C61B82
SHA1: 5776B6C90CA1D2DDC765ED673B5E6DC8E167F0D6
SHA-256: A57D9231244C1FBDE58A1BF50CAD3A1E3EA28D042BFA272782B65139446E7C51
SHA-512: 3065FE0743AD88E02F8C8FF6CF03B832B616DD08061EAE25A5106422228D45EB999EE2CBE4E9C96D5FFC108CB817766240E27BF97E3E5C2A58081D369E2968F8
Malicious: false
Reputation: low
Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516514667526","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\6e0fe57e-50f0-4ac8-b237-1faf6675c084.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 325
Entropy (8bit): 4.9616384877719995
Encrypted: false
SSDEEP: 6:YHpoNXR8+eq7JdV5pirhsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHirhsBdLJlyH7E4f3K33y
MD5: B0429187E1BE99DE4D548DC5B2EDEA0A
SHA1: B3E07BEE5D753BF1B613BD2DE665C7C21E8184F6
SHA-256: D8DABBF936DAB4F17437ECA255020EA847D76D6B789F9486010C95E995CFED03
SHA-512: 233F7BDAA848A295E9F58CA52761829FE1044DA1DE1FBCAC407FADC8C7ABA1E4FFD7CA7A4FBE649E83FD1815DC2E3619ACB2A22CE5B2C7241E474CDB9AF2F7ED
Malicious: false
Reputation: low
Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516523181804","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Copyright Joe Security LLC 2021 Page 32 of 44
Size (bytes): 270336
Entropy (8bit): 0.0012471779557650352
Encrypted: false
SSDEEP: 3:MsEllllkEthXllkl2zE:/M/xT02z
MD5: F50F89A0A91564D0B8A211F8921AA7DE
SHA1: 112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
SHA-256: B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
SHA-512: BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
Malicious: false
Reputation: low
Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 430
Entropy (8bit): 5.203265518250199
Encrypted: false
SSDEEP: 12:p2oOvYf5KkkGHArBFUtn2Y/B29I5Jf5KkkGHAryJ:ZMYf5KkkGgPgrJf5KkkGga
MD5: 8BE9535667D31A2F091F81D3C8A8E083
SHA1: 352909D83106B516C9162C700172540AF77B0D32
SHA-256: 1E413C0999A8783FD045F1AB66FAAED0A2F18D4E2BB78E2EDD07C5775A596D6D
SHA-512: 4E1501969AA6797DE47D45FB18089A7EA4407BAAADA3C9B930BDBF59CD221F83416F81086D5161CED16874B0D5024C9F9D28EFAA42848344EBB47066BE6D91D6
Malicious: false
Reputation: low
Preview:2021/10/27-05:09:18.811 1598 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/10/27-05:09:18.815 1598 Recovering log #3.2021/10/27-05:09:18.817 1598 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 430
Entropy (8bit): 5.203265518250199
Encrypted: false
SSDEEP: 12:p2oOvYf5KkkGHArBFUtn2Y/B29I5Jf5KkkGHAryJ:ZMYf5KkkGgPgrJf5KkkGga
MD5: 8BE9535667D31A2F091F81D3C8A8E083
SHA1: 352909D83106B516C9162C700172540AF77B0D32
SHA-256: 1E413C0999A8783FD045F1AB66FAAED0A2F18D4E2BB78E2EDD07C5775A596D6D
SHA-512: 4E1501969AA6797DE47D45FB18089A7EA4407BAAADA3C9B930BDBF59CD221F83416F81086D5161CED16874B0D5024C9F9D28EFAA42848344EBB47066BE6D91D6
Malicious: false
Reputation: low
Preview:2021/10/27-05:09:18.811 1598 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/10/27-05:09:18.815 1598 Recovering log #3.2021/10/27-05:09:18.817 1598 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 325
Entropy (8bit): 4.9616384877719995
Encrypted: false
SSDEEP: 6:YHpoNXR8+eq7JdV5pirhsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHirhsBdLJlyH7E4f3K33y
MD5: B0429187E1BE99DE4D548DC5B2EDEA0A
SHA1: B3E07BEE5D753BF1B613BD2DE665C7C21E8184F6
Copyright Joe Security LLC 2021 Page 33 of 44
SHA-256: D8DABBF936DAB4F17437ECA255020EA847D76D6B789F9486010C95E995CFED03
SHA-512: 233F7BDAA848A295E9F58CA52761829FE1044DA1DE1FBCAC407FADC8C7ABA1E4FFD7CA7A4FBE649E83FD1815DC2E3619ACB2A22CE5B2C7241E474CDB9AF2F7ED
Malicious: false
Reputation: low
Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516523181804","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 432
Entropy (8bit): 5.210853182972162
Encrypted: false
SSDEEP: 12:p2XvYf5KkkGHArqiuFUtn22/B205Jf5KkkGHArq2J:cYf5KkkGgCgbJf5KkkGg7
MD5: 4E84C597FE9661C7288A83CD6ADE76B8
SHA1: BD2674CB46988A7E3868608D5B04155D8F8AD586
SHA-256: E6FF9C8A0F0FD944464CC6B108A03E950D5DF64B699E25F6D4EA8C9F0EC6F860
SHA-512: 2B450EF77441242932883196F553F0AF316F6F1AB4D6A27217C6DD747BA51F482C4321E0D8687F706152FFBFE6A5CFBDBA8B7CB2DB51E583336D3D5D0AA75429
Malicious: false
Reputation: low
Preview:2021/10/27-05:09:18.812 1908 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/10/27-05:09:18.816 1908 Recovering log #3.2021/10/27-05:09:18.818 1908 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 432
Entropy (8bit): 5.210853182972162
Encrypted: false
SSDEEP: 12:p2XvYf5KkkGHArqiuFUtn22/B205Jf5KkkGHArq2J:cYf5KkkGgCgbJf5KkkGg7
MD5: 4E84C597FE9661C7288A83CD6ADE76B8
SHA1: BD2674CB46988A7E3868608D5B04155D8F8AD586
SHA-256: E6FF9C8A0F0FD944464CC6B108A03E950D5DF64B699E25F6D4EA8C9F0EC6F860
SHA-512: 2B450EF77441242932883196F553F0AF316F6F1AB4D6A27217C6DD747BA51F482C4321E0D8687F706152FFBFE6A5CFBDBA8B7CB2DB51E583336D3D5D0AA75429
Malicious: false
Reputation: low
Preview:2021/10/27-05:09:18.812 1908 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/10/27-05:09:18.816 1908 Recovering log #3.2021/10/27-05:09:18.818 1908 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 80
Entropy (8bit): 3.4921535629071894
Encrypted: false
SSDEEP: 3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
MD5: 69449520FD9C139C534E2970342C6BD8
SHA1: 230FE369A09DEF748F8CC23AD70FD19ED8D1B885
SHA-256: 3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
SHA-512: EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
Malicious: false
Reputation: low
Preview:*...#................version.1..namespace-..&f.................&f...............
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
Copyright Joe Security LLC 2021 Page 34 of 44
File Type: ASCII text
Category: dropped
Size (bytes): 418
Entropy (8bit): 5.21579320039827
Encrypted: false
SSDEEP: 12:p2YIvYf5KkkGHArAFUtn27x/B285Jf5KkkGHArfJ:qYf5KkkGgkgYJf5KkkGgV
MD5: 82C06D2436D547D1FEB4C04C99D0726E
SHA1: 6A0E9556B339A12EC7E0BF0912B01E702E5A8C32
SHA-256: EFB3655052BE9F3014FB123ECD51553B7B76C90C5A563E0309FB564B784EBC44
SHA-512: 3FEA26D00A35CC4C6B57E33210931B331C4518F12178B62D86AF0E10697028E29655EE41BC643F512AEEF3E39135DE11D17707C3B5C711E10A1807B5AB42C0BD
Malicious: false
Reputation: low
Preview:2021/10/27-05:09:34.449 1908 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/10/27-05:09:34.451 1908 Recovering log #3.2021/10/27-05:09:34.452 1908 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old. (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 418
Entropy (8bit): 5.21579320039827
Encrypted: false
SSDEEP: 12:p2YIvYf5KkkGHArAFUtn27x/B285Jf5KkkGHArfJ:qYf5KkkGgkgYJf5KkkGgV
MD5: 82C06D2436D547D1FEB4C04C99D0726E
SHA1: 6A0E9556B339A12EC7E0BF0912B01E702E5A8C32
SHA-256: EFB3655052BE9F3014FB123ECD51553B7B76C90C5A563E0309FB564B784EBC44
SHA-512: 3FEA26D00A35CC4C6B57E33210931B331C4518F12178B62D86AF0E10697028E29655EE41BC643F512AEEF3E39135DE11D17707C3B5C711E10A1807B5AB42C0BD
Malicious: false
Reputation: low
Preview:2021/10/27-05:09:34.449 1908 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/10/27-05:09:34.451 1908 Recovering log #3.2021/10/27-05:09:34.452 1908 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.logProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 198
Entropy (8bit): 2.871724756892511
Encrypted: false
SSDEEP: 3:sLollttz6sjlGXU2tk0lkGgGgGgGgGgGgGg:qolXtWswXU2tkEtttttt
MD5: 1F7F208858A1F652FA7AE45C3C7510C9
SHA1: E3B7E0FB73EE579B9E8B6E29F9D9CCD783050A5D
SHA-256: 81B396566964F665632A83714FF09AFE24C96E8E5401A588B943D721669DE6F4
SHA-512: CFB0EA1566CD946F39159F01DCECCCD98FF4DCC10CD30F85E9BB86AF8661ACF8B9AD0E6C3E915FDAC93959C64158723673EB877ECFEC078C1C82A2E11066BA01
Malicious: false
Reputation: low
Preview:...n'................_mts_schema_descriptor.....F..................F..................F..................F..................F..................F..................F..................F................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 324
Entropy (8bit): 5.232821753427821
Encrypted: false
SSDEEP: 6:ma29gHU+q2Pwkn23iKKdKpIFUtn29j4XZmwB295fVkwOwkn23iKKdKa/WLJ:p2yvYf5KkmFUtn2W/B2F5Jf5KkaUJ
MD5: AF0BC1E48489B9FE3B9E404117150B96
SHA1: 963290E7C5BCE044EEAB68B62A2B312D34B265CC
SHA-256: 0A32951764E105B23496233DA195F5A8A0F40FE8E88DDC038E5A18A57DE610C0
SHA-512: 491897506998D1687D8AC75285BD276433113B4B2675DB2522A6DACFA98DD066A3F54A2C0886C109F8906867E48714B71B95DC76F86837069168F444B1C1EA9A
Malicious: false
Copyright Joe Security LLC 2021 Page 35 of 44
Reputation: low
Preview:2021/10/27-05:08:06.905 1be8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/10/27-05:08:06.915 1be8 Recovering log #3.2021/10/27-05:08:06.916 1be8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 324
Entropy (8bit): 5.232821753427821
Encrypted: false
SSDEEP: 6:ma29gHU+q2Pwkn23iKKdKpIFUtn29j4XZmwB295fVkwOwkn23iKKdKa/WLJ:p2yvYf5KkmFUtn2W/B2F5Jf5KkaUJ
MD5: AF0BC1E48489B9FE3B9E404117150B96
SHA1: 963290E7C5BCE044EEAB68B62A2B312D34B265CC
SHA-256: 0A32951764E105B23496233DA195F5A8A0F40FE8E88DDC038E5A18A57DE610C0
SHA-512: 491897506998D1687D8AC75285BD276433113B4B2675DB2522A6DACFA98DD066A3F54A2C0886C109F8906867E48714B71B95DC76F86837069168F444B1C1EA9A
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:06.905 1be8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/10/27-05:08:06.915 1be8 Recovering log #3.2021/10/27-05:08:06.916 1be8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 402
Entropy (8bit): 5.292010263636402
Encrypted: false
SSDEEP: 12:p2zuLvYf5KkkOrsFUtn2zu/Z/B2zu/z5Jf5KkkOrzJ:ZLYf5Kk+gvT9Jf5Kkn
MD5: F8E17D627B159963BBB7121B93451567
SHA1: 2A6AF7087AB18FC64E1E3AC024A1E83FBC0A11D9
SHA-256: 45FA0462D28806FB001F3211F739C3A94FBE78402ADF505A3D7842B104CEFCEE
SHA-512: 4E518D879B9DC76D2A3405399C188B378A832A905BE3A47D29A46F8A43076668084293DF8A148585E37B1B0264980793C1568DC261A8FC6EE355FF337E66C6F9
Malicious: false
Reputation: low
Preview:2021/10/27-05:10:11.858 15d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/10/27-05:10:11.859 15d4 Recovering log #3.2021/10/27-05:10:11.859 15d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 372
Entropy (8bit): 5.45900350295434
Encrypted: false
SSDEEP: 6:YAQNCT++0XI1YDr9cyR8wXwlmUUAnIMOb3Wx0gcVT+uD1rNSTWhh4Dj8wXwlmUUT:YJ+0XI2pcO+UAnIgxEIw1rNgmh4r+UAo
MD5: 90276E0A549F8E861DDB3AC139F2EEB3
SHA1: 4B86B726F67C3CD849C203C901FAA88AA7289448
SHA-256: D2B61735DB129EB022C56F66BBE78BD2F6054C55935B5BA09830C97AE9A9CB1A
SHA-512: D0B0EAB8292EEC2C010018A3C0670EE4FC4D350423BA97EE74BC646F0BB1FD61887CB6AF2C4AF69CE8DC01876E5A31F24D88B98BBE974B83A6508E29FFA50B0D
Malicious: false
Reputation: low
Preview:{"expect_ct":[],"sts":[{"expiry":1666840132.479832,"host":"kYxWDeIDVgesBS02XkmPRTIpB0nkimBvKZESXctn8eA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1635304132.479836},{"expiry":1666840101.500568,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1635304101.500573}],"version":2}
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\000001.dbtmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Copyright Joe Security LLC 2021 Page 36 of 44
Size (bytes): 16
Entropy (8bit): 3.2743974703476995
Encrypted: false
SSDEEP: 3:1sjgWIV//Uv:1qIFUv
MD5: 46295CAC801E5D4857D09837238A6394
SHA1: 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
SHA-256: 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
SHA-512: 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
Malicious: false
Reputation: low
Preview:MANIFEST-000001.
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\000001.dbtmp
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\CURRENTi= (copy)Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 16
Entropy (8bit): 3.2743974703476995
Encrypted: false
SSDEEP: 3:1sjgWIV//Uv:1qIFUv
MD5: 46295CAC801E5D4857D09837238A6394
SHA1: 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
SHA-256: 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
SHA-512: 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
Malicious: false
Reputation: low
Preview:MANIFEST-000001.
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\LOGProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 140
Entropy (8bit): 5.233543447183232
Encrypted: false
SSDEEP: 3:tUKj769dwhUgFNLKqFkPt+kiE2J5iKKKc64E/uMBZL2FK5WIV//Uv:ma29aBFN+q2Pwkn23iKKdKmAZkIFUv
MD5: 2EF4314DADD1F97C86BB0B5DC67711DC
SHA1: 3D29CDCF7FC8ECB96493BCCF07B66748177B01E9
SHA-256: 5F39262BA6772727B5F78BFF2989642782B3A6FFCE317B60B9DB79CEEE2A792E
SHA-512: D0B1406C1F2D6F9E6D4153AF3F11CF4E94583C817DC88A2BD1ADAE10C96FA5B544AF5B4327B55F4AFAF03666875AE6FA1C8D3B032552C71F4FD9653A21A25C6E
Malicious: false
Reputation: low
Preview:2021/10/27-05:08:43.013 1bdc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats/MANIFEST-000001.
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\MANIFEST-000001Process: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: PGP\011Secret Key -
Category: dropped
Size (bytes): 41
Entropy (8bit): 4.704993772857998
Encrypted: false
SSDEEP: 3:scoBAIxQRDKIVjn:scoBY7jn
MD5: 5AF87DFD673BA2115E2FCF5CFDB727AB
SHA1: D5B5BBF396DC291274584EF71F444F420B6056F1
SHA-256: F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
SHA-512: DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
Malicious: false
Reputation: low
Preview:.|.."....leveldb.BytewiseComparator......
Copyright Joe Security LLC 2021 Page 37 of 44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited LinksProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: data
Category: dropped
Size (bytes): 131072
Entropy (8bit): 0.013111088358203111
Encrypted: false
SSDEEP: 3:ImtV9Q+Xa/lVn5lXYEjQll9rl/ReR4gZGE0plMolrz1D3EllKbxlllll:IiV9QAed51perl/4Rr0goLEiVl/l
MD5: EED4BBF17A7BC76DF3C2EC59278ACC45
SHA1: CB5366816094A79E0C214027626BDBAC561258D9
SHA-256: CA595E37BA4B9BF54A6D88F1B11D7D782E8EED16B57276EE6CF20AC496A51A10
SHA-512: B791ED603D4CB7B9AFF8141DE62C1BB0A8BC3ADE73193C88E7BA8BF292C695E0B447BC931C109D211FFE085EAA9583644F95DD8E2F5338D800B62903839D1C64
Malicious: false
Reputation: low
Preview:VLnk.....?........g..H..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a9805856-1cd6-48ee-a54f-53b1b3346737.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 5153
Entropy (8bit): 4.962400241604828
Encrypted: false
SSDEEP: 96:nBLwt9pIKIc5k0JCKL8TEkg1QbOTlVuHn:nBLc9pIOh4KKEkgW
MD5: B1D8EEE84B8DB0BC8770190A8E7BEC1C
SHA1: A05B7818818F8813D8F72811655FCA4AFEAFB89D
SHA-256: E36909910103D9FDB0C60C1F9EA7CDD6B107EE0AE7AB1D7CF8329E791345BD63
SHA-512: 553023C5BFB7EFAE4103C08DB98E223EC15AD77EA51DC068E9345299475136B1417ED8ED41A91F17AB0DB09EEA7DBD64BD2B62ADE9B1E0037D1AF692A451497A
Malicious: false
Reputation: low
Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13279777687457674","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d6383c06-da21-4cd9-969a-8d3ffa4a10a2.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: UTF-8 Unicode text, with very long lines, with no line terminators
Category: dropped
Size (bytes): 17092
Entropy (8bit): 5.583638250936512
Encrypted: false
SSDEEP: 384:V1wtvLl57Xf1kXqKf/pUZNCgVLH2HfDsrUaTq4G:2LlZf1kXqKf/pUZNCgVLH2HfArUKqB
MD5: DA08763D4A9D79CCEF7D48853E105413
SHA1: 872AB664B9502C09BC89444AE0FAEED51C0E41D7
SHA-256: E4D302F356DF465174F11D065D5FD72D1AA486D8EBDD753BC9C6B63BCD4DE828
SHA-512: 18F3C89259F4BC58716C7D55D03E4D027D776165A9D943E90A0BBC166B628C07675A532AE507CF8417DE7567E6EC973D3AAADE13BE94EBE42D66FE20054BFFFA
Malicious: false
Reputation: low
Preview:{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13279777686878156","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d93c4c7c-d9d8-4da2-a9bf-257d05f6b6cf.tmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: UTF-8 Unicode text, with very long lines, with no line terminators
Copyright Joe Security LLC 2021 Page 38 of 44
Static File Info
No static file info
Network Port Distribution
Category: dropped
Size (bytes): 16745
Entropy (8bit): 5.578033242906299
Encrypted: false
SSDEEP: 384:V1wteLl57Xf1kXqKf/pUZNCgVLH2HfDsrUKgq4/:lLlZf1kXqKf/pUZNCgVLH2HfArU9qs
MD5: 2751611DF17F29F53E4DD05FE8B57CBF
SHA1: CBCBC267893B86FCA511AE0CDEA1200FBE67C648
SHA-256: B3DC7A69DABDAAD161AAA44EE296B4BDD8A796C1F6CDC37EB4817A5160C448E5
SHA-512: 7DDAC011270ADA9BC062B65D801A4ABD436CE4189ACD3145FE63BF898593A8C2CB3D6CB74E9875C42C886EBF18FEE392B2C524E0A03B46EFE4CDF78F92834330
Malicious: false
Reputation: low
Preview:{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13279777686878156","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d93c4c7c-d9d8-4da2-a9bf-257d05f6b6cf.tmp
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmpProcess: C:\Program Files\Google\Chrome\Application\chrome.exe
File Type: ASCII text
Category: dropped
Size (bytes): 16
Entropy (8bit): 3.2743974703476995
Encrypted: false
SSDEEP: 3:1sjgWIV//Rv:1qIFJ
MD5: 6752A1D65B201C13B62EA44016EB221F
SHA1: 58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
SHA-256: 0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
SHA-512: 9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
Malicious: false
Reputation: low
Preview:MANIFEST-000004.
Network Behavior
Timestamp Source IP Dest IP Trans ID OP Code Name Type Class
Oct 27, 2021 05:08:08.929975033 CEST 192.168.2.4 8.8.8.8 0x1aa9 Standard query (0)
innovatusmedia.com.au
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:08.933588982 CEST 192.168.2.4 8.8.8.8 0xd261 Standard query (0)
accounts.google.com
A (IP address) IN (0x0001)
TCP Packets
UDP Packets
DNS Queries
Copyright Joe Security LLC 2021 Page 39 of 44
Oct 27, 2021 05:08:08.934194088 CEST 192.168.2.4 8.8.8.8 0x1106 Standard query (0)
clients2.google.com
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:09.189086914 CEST 192.168.2.4 8.8.8.8 0x2572 Standard query (0)
innovatus.media A (IP address) IN (0x0001)
Oct 27, 2021 05:08:11.276102066 CEST 192.168.2.4 8.8.8.8 0x53f9 Standard query (0)
s.w.org A (IP address) IN (0x0001)
Oct 27, 2021 05:08:19.020338058 CEST 192.168.2.4 8.8.8.8 0xeca9 Standard query (0)
us.innovatus.media
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.630276918 CEST 192.168.2.4 8.8.8.8 0xa5ca Standard query (0)
www.youtube.com
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:31.195974112 CEST 192.168.2.4 8.8.8.8 0xd7b3 Standard query (0)
clients2.googleusercontent.com
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:39.702755928 CEST 192.168.2.4 8.8.8.8 0x4eb1 Standard query (0)
googleads.g.doubleclick.net
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:39.717660904 CEST 192.168.2.4 8.8.8.8 0x5ff9 Standard query (0)
static.doubleclick.net
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:40.516988039 CEST 192.168.2.4 8.8.8.8 0xa6bc Standard query (0)
www.google.com A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.244836092 CEST 192.168.2.4 8.8.8.8 0xd9f0 Standard query (0)
yt3.ggpht.com A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.739242077 CEST 192.168.2.4 8.8.8.8 0xfe41 Standard query (0)
r3---sn-5hnekn7k.googlevideo.com
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.745085001 CEST 192.168.2.4 8.8.8.8 0xf8f Standard query (0)
i.ytimg.com A (IP address) IN (0x0001)
Oct 27, 2021 05:08:43.529853106 CEST 192.168.2.4 8.8.8.8 0xc8d Standard query (0)
us.innovatus.media
A (IP address) IN (0x0001)
Oct 27, 2021 05:08:44.529665947 CEST 192.168.2.4 8.8.8.8 0xc8d Standard query (0)
us.innovatus.media
A (IP address) IN (0x0001)
Oct 27, 2021 05:09:02.829413891 CEST 192.168.2.4 8.8.8.8 0xc606 Standard query (0)
www.linkedin.com
A (IP address) IN (0x0001)
Oct 27, 2021 05:09:04.323975086 CEST 192.168.2.4 8.8.8.8 0x5c67 Standard query (0)
static-exp1.licdn.com
A (IP address) IN (0x0001)
Oct 27, 2021 05:09:14.436101913 CEST 192.168.2.4 8.8.8.8 0xe9fc Standard query (0)
sb.scorecardresearch.com
A (IP address) IN (0x0001)
Oct 27, 2021 05:09:14.556298018 CEST 192.168.2.4 8.8.8.8 0x2a79 Standard query (0)
platform.linkedin.com
A (IP address) IN (0x0001)
Oct 27, 2021 05:09:17.212097883 CEST 192.168.2.4 8.8.8.8 0x8219 Standard query (0)
s.w.org A (IP address) IN (0x0001)
Oct 27, 2021 05:09:37.608779907 CEST 192.168.2.4 8.8.8.8 0xbe5d Standard query (0)
r3---sn-5hne6nzs.googlevideo.com
A (IP address) IN (0x0001)
Timestamp Source IP Dest IP Trans ID OP Code Name Type Class
Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class
Oct 27, 2021 05:08:08.952900887 CEST
8.8.8.8 192.168.2.4 0x1106 No error (0) clients2.google.com
clients.l.google.com CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:08:08.952900887 CEST
8.8.8.8 192.168.2.4 0x1106 No error (0) clients.l.google.com
172.217.168.46 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:08.960057974 CEST
8.8.8.8 192.168.2.4 0xd261 No error (0) accounts.google.com
172.217.168.13 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:08.977577925 CEST
8.8.8.8 192.168.2.4 0x1aa9 No error (0) innovatusmedia.com.au
15.197.142.173 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:08.977577925 CEST
8.8.8.8 192.168.2.4 0x1aa9 No error (0) innovatusmedia.com.au
3.33.152.147 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:09.240780115 CEST
8.8.8.8 192.168.2.4 0x2572 No error (0) innovatus.media 35.189.21.238 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:11.292411089 CEST
8.8.8.8 192.168.2.4 0x53f9 No error (0) s.w.org 192.0.77.48 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:11.301070929 CEST
8.8.8.8 192.168.2.4 0xb0a5 No error (0) gstaticadssl.l.google.com
172.217.168.35 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:19.075050116 CEST
8.8.8.8 192.168.2.4 0xeca9 No error (0) us.innovatus.media
innovamedia.wpengine.com
CNAME (Canonical name)
IN (0x0001)
DNS Answers
Copyright Joe Security LLC 2021 Page 40 of 44
Oct 27, 2021 05:08:19.075050116 CEST
8.8.8.8 192.168.2.4 0xeca9 No error (0) innovamedia.wpengine.com
35.189.21.238 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) www.youtube.com
youtube-ui.l.google.com CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.181.238 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
172.217.16.142 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
216.58.212.174 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.74.206 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.186.46 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.186.78 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.186.110 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.186.142 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.186.174 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
172.217.18.110 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.184.238 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
172.217.23.110 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
216.58.212.142 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.185.78 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.185.110 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:29.648452044 CEST
8.8.8.8 192.168.2.4 0xa5ca No error (0) youtube-ui.l.google.com
142.250.185.142 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:31.235635996 CEST
8.8.8.8 192.168.2.4 0xd7b3 No error (0) clients2.googleusercontent.com
googlehosted.l.googleusercontent.com
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:08:31.235635996 CEST
8.8.8.8 192.168.2.4 0xd7b3 No error (0) googlehosted.l.googleusercontent.com
142.250.203.97 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:39.729185104 CEST
8.8.8.8 192.168.2.4 0x4eb1 No error (0) googleads.g.doubleclick.net
172.217.168.34 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:39.742091894 CEST
8.8.8.8 192.168.2.4 0x5ff9 No error (0) static.doubleclick.net
static-doubleclick-net.l.google.com
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:08:39.742091894 CEST
8.8.8.8 192.168.2.4 0x5ff9 No error (0) static-doubleclick-net.l.google.com
172.217.168.6 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:40.542038918 CEST
8.8.8.8 192.168.2.4 0xa6bc No error (0) www.google.com
172.217.168.4 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.284712076 CEST
8.8.8.8 192.168.2.4 0xd9f0 No error (0) yt3.ggpht.com photos-ugc.l.googleusercontent.com
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:08:41.284712076 CEST
8.8.8.8 192.168.2.4 0xd9f0 No error (0) photos-ugc.l.googleusercontent.com
172.217.168.33 A (IP address) IN (0x0001)
Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class
Copyright Joe Security LLC 2021 Page 41 of 44
Oct 27, 2021 05:08:41.772124052 CEST
8.8.8.8 192.168.2.4 0xf8f No error (0) i.ytimg.com 172.217.168.22 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.772124052 CEST
8.8.8.8 192.168.2.4 0xf8f No error (0) i.ytimg.com 172.217.168.54 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.772124052 CEST
8.8.8.8 192.168.2.4 0xf8f No error (0) i.ytimg.com 172.217.168.86 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.772124052 CEST
8.8.8.8 192.168.2.4 0xf8f No error (0) i.ytimg.com 142.250.203.118 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.772124052 CEST
8.8.8.8 192.168.2.4 0xf8f No error (0) i.ytimg.com 216.58.215.246 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:41.776824951 CEST
8.8.8.8 192.168.2.4 0xfe41 No error (0) r3---sn-5hnekn7k.googlevideo.com
r3.sn-5hnekn7k.googlevideo.com
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:08:41.776824951 CEST
8.8.8.8 192.168.2.4 0xfe41 No error (0) r3.sn-5hnekn7k.googlevideo.com
209.85.226.72 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:44.584283113 CEST
8.8.8.8 192.168.2.4 0xc8d No error (0) us.innovatus.media
innovamedia.wpengine.com
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:08:44.584283113 CEST
8.8.8.8 192.168.2.4 0xc8d No error (0) innovamedia.wpengine.com
35.189.21.238 A (IP address) IN (0x0001)
Oct 27, 2021 05:08:44.584353924 CEST
8.8.8.8 192.168.2.4 0xc8d No error (0) us.innovatus.media
innovamedia.wpengine.com
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:08:44.584353924 CEST
8.8.8.8 192.168.2.4 0xc8d No error (0) innovamedia.wpengine.com
35.189.21.238 A (IP address) IN (0x0001)
Oct 27, 2021 05:09:02.848490000 CEST
8.8.8.8 192.168.2.4 0xc606 No error (0) www.linkedin.com
www-linkedin-com.l-0005.l-msedge.net
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:09:04.347110987 CEST
8.8.8.8 192.168.2.4 0x5c67 No error (0) static-exp1.licdn.com
2-01-2c3e-003d.cdx.cedexis.net
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:09:14.456381083 CEST
8.8.8.8 192.168.2.4 0xe9fc No error (0) sb.scorecardresearch.com
52.222.174.20 A (IP address) IN (0x0001)
Oct 27, 2021 05:09:14.456381083 CEST
8.8.8.8 192.168.2.4 0xe9fc No error (0) sb.scorecardresearch.com
52.222.174.22 A (IP address) IN (0x0001)
Oct 27, 2021 05:09:14.456381083 CEST
8.8.8.8 192.168.2.4 0xe9fc No error (0) sb.scorecardresearch.com
52.222.174.113 A (IP address) IN (0x0001)
Oct 27, 2021 05:09:14.456381083 CEST
8.8.8.8 192.168.2.4 0xe9fc No error (0) sb.scorecardresearch.com
52.222.174.42 A (IP address) IN (0x0001)
Oct 27, 2021 05:09:14.577866077 CEST
8.8.8.8 192.168.2.4 0x2a79 No error (0) platform.linkedin.com
2-01-2c3e-0055.cdx.cedexis.net
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:09:15.491259098 CEST
8.8.8.8 192.168.2.4 0x5a43 No error (0) gstaticadssl.l.google.com
172.217.168.35 A (IP address) IN (0x0001)
Oct 27, 2021 05:09:17.229928017 CEST
8.8.8.8 192.168.2.4 0x8219 No error (0) s.w.org 192.0.77.48 A (IP address) IN (0x0001)
Oct 27, 2021 05:09:37.635550976 CEST
8.8.8.8 192.168.2.4 0xbe5d No error (0) r3---sn-5hne6nzs.googlevideo.com
r3.sn-5hne6nzs.googlevideo.com
CNAME (Canonical name)
IN (0x0001)
Oct 27, 2021 05:09:37.635550976 CEST
8.8.8.8 192.168.2.4 0xbe5d No error (0) r3.sn-5hne6nzs.googlevideo.com
74.125.8.104 A (IP address) IN (0x0001)
Timestamp Source IP Dest IP Trans ID Reply Code Name CName Address Type Class
innovatusmedia.com.au
us.innovatus.media
HTTP Request Dependency Graph
Copyright Joe Security LLC 2021 Page 42 of 44
Code Manipulations
Statistics
Behavior
Click to jump to process
System Behavior
File ActivitiesFile Activities
Registry ActivitiesRegistry Activities
Start time: 05:08:05
Start date: 27/10/2021
Path: C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit): false
Commandline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://innovatusmedia.com.au'
Imagebase: 0x7ff609c80000
File size: 2150896 bytes
MD5 hash: C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges: true
Has administrator privileges: true
Programmed in: C, C++ or other language
Reputation: low
Show Windows behavior
Show Windows behavior
Start time: 05:08:06
Start date: 27/10/2021
Path: C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit): false
Commandline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1512,14104144083061678150,13823328614914360892,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8
Imagebase: 0x7ff609c80000
File size: 2150896 bytes
MD5 hash: C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges: true
Has administrator privileges: true
Programmed in: C, C++ or other language
Reputation: low
Analysis Process: chrome.exe PID: 7000 Parent PID: 2932Analysis Process: chrome.exe PID: 7000 Parent PID: 2932
General
Key Value ModifiedKey Value Modified
Analysis Process: chrome.exe PID: 204 Parent PID: 7000Analysis Process: chrome.exe PID: 204 Parent PID: 7000
General
Copyright Joe Security LLC 2021 Page 43 of 44
Joe Sandbox Cloud Basic 33.0.0 White Diamond
Disassembly
Code Analysis
Copyright Joe Security LLC
File ActivitiesFile Activities Show Windows behavior
Start time: 05:08:42
Start date: 27/10/2021
Path: C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit): false
Commandline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1512,14104144083061678150,13823328614914360892,131072 --lang=en-GB --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=2272 /prefetch:8
Imagebase: 0x7ff609c80000
File size: 2150896 bytes
MD5 hash: C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges: false
Has administrator privileges: false
Programmed in: C, C++ or other language
Reputation: low
File ActivitiesFile Activities
Registry ActivitiesRegistry Activities
Start time: 05:08:42
Start date: 27/10/2021
Path: C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit): false
Commandline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1512,14104144083061678150,13823328614914360892,131072 --lang=en-GB --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=2140 /prefetch:8
Imagebase: 0x7ff609c80000
File size: 2150896 bytes
MD5 hash: C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges: true
Has administrator privileges: true
Programmed in: C, C++ or other language
Reputation: low
Show Windows behavior
Show Windows behavior
Analysis Process: chrome.exe PID: 6208 Parent PID: 7000Analysis Process: chrome.exe PID: 6208 Parent PID: 7000
General
Analysis Process: chrome.exe PID: 4664 Parent PID: 7000Analysis Process: chrome.exe PID: 4664 Parent PID: 7000
General
Copyright Joe Security LLC 2021 Page 44 of 44