Automated Malware Analysis Report for Audio 804.Htm

ID: 347 Sample Name: Audio_804.htm Cookbook: defaultwindowsinteractivecookbook.jbs Time: 16:30:09 Date: 25/08/2021 Version: 33.0.0 White Diamond Table of Contents

Table of Contents 2 Windows Analysis Report Audio_804.htm 3 Overview 3 General Information 3 Detection 3 Signatures 3 Classification 3 Process Tree 3 Yara Overview 3 Sigma Overview 3 Jbx Signature Overview 3 Phishing: 4 Mitre Att&ck Matrix 4 Screenshots 4 Thumbnails 4 Antivirus, Machine Learning and Genetic Malware Detection 5 Initial Sample 5 Dropped Files 5 Unpacked PE Files 5 Domains 5 URLs 6 Domains and IPs 6 Contacted Domains 6 Contacted URLs 6 Contacted IPs 6 Public 6 Private 7 General Information 7 Created / dropped Files 8 Static File Info 39 General 39 File Icon 39

Overview

General Information Detection Signatures Classification

Sample Audio_804.htm Name: PPhhiiisshhiiinngg ssiiitttee ddeettteeccttteedd (((bbaasseedd oonn fffaavv…

Analysis ID: 347 YPYaharrirsaah ddineegttte esccittteed dd HeHttttemclltlPPehdhii is(sbhha11s00ed on fav MD5: e952e02f0014846… YYaarrraa ddeettteeccttteedd CHCatamppttltcPchhaais PhP1hh0iiisshh SHA1: Ransomware 5618b4895079e0… Yara detected Captcha Phish HYHTaTrMaL Ld bebotoeddcyyt e ccdoo nCntttaapiiinntscs h llloaow wP nhnuiusmhbbeerrr oofff … Miner Spreading SHA256: 2d8edc328f9ba84… IHInnTvvaMalliLidd bTTo&&dCCy lcliinonknk tffaooiununsnd dlow number of mmaallliiiccciiioouusss IIInnvvaallliiidd TT&&CC llliiinnkk fffoouunndd malicious

Most interesting Screenshot: Evader Phishing sssuusssppiiiccciiioouusss SISnuuvssappliiidicc iiioTou&ussC ff foloirnrrmk fUUoRuRnLLd fffoouunndd suspicious

cccllleeaann

clean NSNouo s HHpTiTcMioLuL s ttti iittftlloleer mfffoo uuUnnRddL found Exploiter Banker

No HTML title found Captcha Phish Spyware Trojan / Bot HTMLPhisher Adware Score: 64 Range: 0 - 100 Whitelisted: false Confidence: 100%

Process Tree

System is start chrome.exe (PID: 7648 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation --single-argument C:\Users\eyup\Desktop\Audio _804.htm MD5: 2A7452F3E3165FECBFCCAD71B04E5C37) chrome.exe (PID: 7844 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle= 1708,16046178134959786270,2934930332338490908,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:8 MD5: 2A7452F3E3165FECBFCCAD71B04E5C37) cleanup

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

• Phishing • Compliance • Software Vulnerabilities • Networking • System Summary

Phishing:

Phishing site detected (based on favicon image match)

Yara detected HtmlPhish10

Yara detected Captcha Phish

Mitre Att&ck Matrix

Remote Initial Privilege Defense Credential Lateral Command Network Service Access Execution Persistence Escalation Evasion Access Discovery Movement Collection Exfiltration and Control Effects Effects Impact Valid Windows Path Process Masquerading 1 OS System Remote Data from Exfiltration Encrypted Eavesdrop on Remotely Modify Accounts Management Interception Injection 1 Credential Service Services Local Over Other Channel 2 Insecure Track Device System Instrumentation Dumping Discovery System Network Network Without Partition Medium Communication Authorization Default Scheduled Boot or Extra Process LSASS Application Remote Data from Exfiltration Non- Exploit SS7 to Remotely Device Accounts Task/Job Logon Window Injection 1 Memory Window Desktop Removable Over Application Redirect Phone Wipe Data Lockout Initialization Memory Discovery Protocol Media Bluetooth Layer Calls/SMS Without Scripts Injection 1 Protocol 1 Authorization Domain At (Linux) Logon Script Logon Obfuscated Files Security Query SMB/Windows Data from Automated Application Exploit SS7 to Obtain Delete Accounts (Windows) Script or Information 1 Account Registry Admin Shares Network Exfiltration Layer Track Device Device Device (Windows) Manager Shared Protocol 2 Location Cloud Data Drive Backups Local At (Windows) Logon Script Logon Extra Window NTDS System Distributed Input Scheduled Protocol SIM Card Carrier Accounts (Mac) Script Memory Network Component Capture Transfer Impersonation Swap Billing (Mac) Injection 1 Configuration Object Model Fraud Discovery

Screenshots

Thumbnails This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

Domains and IPs

Contacted Domains

Name IP Active Malicious Antivirus Detection Reputation stackpath.bootstrapcdn.com 104.18.10.207 true false high gstaticadssl.l.google.com 142.250.186.99 true false high accounts.google.com 142.250.105.84 true false high www.google.com 142.250.184.196 true false high clients.l.google.com 216.58.212.174 true false high bm.jb-voice.online 23.254.225.193 true false unknown googlehosted.l.googleusercontent.com 64.233.177.132 true false high clients2.googleusercontent.com unknown unknown false high clients2.google.com unknown unknown false high

Contacted URLs

Name Malicious Antivirus Detection Reputation file:///C:/Users/eyup/Desktop/Audio_804.htm true low https://bm.jb-voice.online/main/ true unknown https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k= false high 6Le94fcbAAAAABywQgCe83EvePvALoj4UwC4ClAa&cb=m2u6y7vjiuq8 https://bm.jb-voice.online/main/main.php true unknown

Contacted IPs

No. of IPs < 25% 25% < No. of IPs < 50% 50% < No. of IPs < 75% 75% < No. of IPs

Public

IP Domain Country Flag ASN ASN Name Malicious 142.250.184.196 www.google.com United States 15169 GOOGLEUS false 104.18.10.207 stackpath.bootstrapcdn.co United States 13335 CLOUDFLARENETUS false m Copyright Joe Security LLC 2021 Page 6 of 39 IP Domain Country Flag ASN ASN Name Malicious 142.250.186.170 unknown United States 15169 GOOGLEUS false 142.250.105.84 accounts.google.com United States 15169 GOOGLEUS false 216.58.212.142 unknown United States 15169 GOOGLEUS false 142.250.185.227 unknown United States 15169 GOOGLEUS false 169.254.95.3 unknown Reserved 6966 USDOSUS false 142.250.181.227 unknown United States 15169 GOOGLEUS false 239.255.255.250 unknown Reserved unknown unknown false 23.254.225.193 bm.jb-voice.online United States 54290 HOSTWINDSUS false 143.204.98.115 unknown United States 16509 AMAZON-02US false 64.233.177.132 googlehosted.l.googleuser United States 15169 GOOGLEUS false content.com 142.250.184.227 unknown United States 15169 GOOGLEUS false 216.58.212.174 clients.l.google.com United States 15169 GOOGLEUS false 142.250.186.99 gstaticadssl.l.google.com United States 15169 GOOGLEUS false 142.250.74.195 unknown United States 15169 GOOGLEUS false 104.16.19.94 unknown United States 13335 CLOUDFLARENETUS false 209.85.226.8 unknown United States 15169 GOOGLEUS false 142.250.186.138 unknown United States 15169 GOOGLEUS false

Private

IP 192.168.2.2 192.168.2.1 127.0.0.1

General Information

Joe Sandbox Version: 33.0.0 White Diamond Analysis ID: 347 Start date: 25.08.2021 Start time: 16:30:09 Joe Sandbox Product: CloudBasic Hypervisor based Inspection enabled: false Report type: light Sample file name: Audio_804.htm Cookbook file name: defaultwindowsinteractivecookbook.jbs Number of analysed new started processes 14 analysed: Number of new started drivers analysed: 0 Number of existing processes analysed: 0 Number of existing drivers analysed: 0 Number of injected processes analysed: 0 Technologies: EGA enabled Analysis Mode: stream Detection: MAL Classification: mal64.phis.winHTM@29/141@6/218 Warnings: Show All Exclude process from analysis (whitelisted): CompPkgSrv.exe Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 142.250.74.195, 216.58.212.142, 209.85.226.8, 142.250.185.227, 142.250.186.170, 20.190.160.136, 20.190.160.8, 20.190.160.67, 20.190.160.73, 20.190.160.6, 20.190.160.71, 20.190.160.69, 20.190.160.129, 93.184.220.29, 20.190.160.134, 20.190.160.75, 20.190.160.132, 20.199.120.182, 204.79.197.200, 13.107.21.200, 20.50.102.62, 142.250.184.227 Excluded domains from analysis (whitelisted): ssl.gstatic.com, cs9.wac.phicdn.net, www.tm.lg.prod.aadmsa.akadns.net, clientservices.googleapis.com, arc.msn.com, r3.sn-5hnekn76.gvt1.com, www.tm.a.prd.aadg.trafficmanager.net, wns.notify.trafficmanager.net, redirector.gvt1.com, ocsp.digicert.com, login.live.com, www-bing-com.dual-a-0001.a-msedge.net, arc.trafficmanager.net, www.gstatic.com, www.bing.com, client.wns.windows.com, content-autofill.googleapis.com, fonts.gstatic.com, dual-a-0001.a-msedge.net, www.tm.a.prd.aadg.akadns.net, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, login.msa.msidentity.com, r3---sn-5hnekn76.gvt1.com, a-0001.a-afdentry.net.trafficmanager.net, www.tm.lg.prod.aadmsa.trafficmanager.net Not all processes where analyzed, report is missing behavior information Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtSetInformationFile calls found.

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\69be466d-1ca8-4062-b354-199db9a22de9.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 81541 Entropy (8bit): 6.077344623381297 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user ":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time": {"network_time_mapping":{"local":1.629934243319878e+12,"network":1.629901845e+12,"ticks":6734580740.0,"uncertainty":3441155.0}},"os_crypt":{"encrypted_key":"RF BBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACanWu3FyjzSb22qOd7JcKxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOvzHMHSfF9+m4oxy+22fHMcQg44kCf1BX y1OZZbdvKzAAAAAA6AAAAAAgAAIAAAAPTENVQ24xIsJc/ZQEp5QqLyGws8rV509kXnSOO5wySTMAAAAH5bXPykNQD+rPcaJzuKSNgUUlUVuRFSP9klMm9Irm EdAB20jsgAMb2dc/upU0MueUAAAAChrUBvSOw+ZaWzDX+CTHaJdop4I956Us1Y1/MTm0kr4uGgJ1iujCKCl39idN0Kk67uULB9hxw0UYLGUi8ZC41p"},"password_man ager":{"os_password_blank":true,"os_password_last_changed":"13274407881585443"},"plugins":{"metadata":{"adobe-flash-player":{"disp

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\93410536-7453-418b-ac5a-203f42980477.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 81541 Entropy (8bit): 6.0773439250639285 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user ":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time": {"network_time_mapping":{"local":1.629934243319878e+12,"network":1.629901845e+12,"ticks":6734580740.0,"uncertainty":3441155.0}},"os_crypt":{"encrypted_key":"RF BBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACanWu3FyjzSb22qOd7JcKxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOvzHMHSfF9+m4oxy+22fHMcQg44kCf1BX y1OZZbdvKzAAAAAA6AAAAAAgAAIAAAAPTENVQ24xIsJc/ZQEp5QqLyGws8rV509kXnSOO5wySTMAAAAH5bXPykNQD+rPcaJzuKSNgUUlUVuRFSP9klMm9Irm EdAB20jsgAMb2dc/upU0MueUAAAAChrUBvSOw+ZaWzDX+CTHaJdop4I956Us1Y1/MTm0kr4uGgJ1iujCKCl39idN0Kk67uULB9hxw0UYLGUi8ZC41p"},"password_man ager":{"os_password_blank":true,"os_password_last_changed":"13266608258956374"},"plugins":{"metadata":{"adobe-flash-player":{"disp

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 40 Entropy (8bit): 3.254162526001658 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: sdPC...... ^"/...B.$.J.|.

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\237eee9a-063e-45c8-988e-c179f637b6ba.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe

Copyright Joe Security LLC 2021 Page 8 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\237eee9a-063e-45c8-988e-c179f637b6ba.tmp File Type: UTF-8 Unicode text, with very long lines, with no line terminators Category: dropped Size (bytes): 15861 Entropy (8bit): 5.576929942019316 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","sy stem.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events": [],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13274407840614140","location":5,"manifest":{"a pp":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt l3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVG ijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\3752b71b-160f-4ece-9873-706957819cb3.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel Category: dropped Size (bytes): 181072 Entropy (8bit): 5.774426487043815 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ...... H...... p...... h...n...... n...((.... .h...... 00...... %..~H..@@.... .(B..&n..``...... N...... (....D...... 2v...M..(...... ]..X\.).H...>..Z...... \..._...V...F...A...A...... ^..Wb...f.)[email protected]...[.....z...`...J.....9...E...k...R.D...... G...A.....;...E...h..XKd..KW...... D...>...=..X.... GQ.JW..;M..8K..@H..=;...... JV.YKV.IT.BS.Y...... (...... [[email protected]...... X...]...`...\...K...D...A...;...... 3...\...e... V...h.).d.G.<[email protected]...^..Td...X.....e....v.....:...E...=..T`...d...h.B.....?...;...O...B...A...b.!.g...Ru...... 9...8...P...C...C...l..U].M.5@...... [email protected]..=K..Ob..Me..5R. .AX..;V..++...... BL..KW..KW..DO..BL..EN..AJ..;1...... HT.UIV.FT.BQ.U......

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\594a6a03-1749-42cf-acde-b9554b71fe7d.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 3513 Entropy (8bit): 4.9469212035964 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13274407841201834","alternate_error_pages":{"backup":true},"autocomplete":{"retention_pol icy_last_version":91},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work _area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2694},"default _apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13274407841202518"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chr ome_version":"91.0.4472.77"},"federated_learning":{"floc_id":{"compute_time":"13274407841282386","finch_config_version":"1","history_begin_time":"0","history_en d_time":"0","sorting_lsh_version":"0"}},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"d3823259-da28- 4900-92cb-91058df1dbba"}},

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\79b5c5ef-f1dd-48a2-867a-8f0839a634c6.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 4364 Copyright Joe Security LLC 2021 Page 9 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\79b5c5ef-f1dd-48a2-867a-8f0839a634c6.tmp Entropy (8bit): 5.047503300958908 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13274407841201834","alternate_error_pages":{"backup":true},"autocomplete":{"retention_pol icy_last_version":91},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work _area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2694,"this_wee k_services_downstream_foreground_kb":{"112189210":0,"115188287":30,"21145003":1042,"35565745":1,"5151071":1,"6019475":81,"88863520":0}},"default_apps_ install_state":2,"domain_diversity":{"last_reporting_timestamp":"13274407841202518"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_ve rsion":"91.0.4472.77"},"federated_learning":{"floc_id":{"compute_time":"13274407841282386","finch_config_version":"1","history_begin_time":"0","history_end_time ":"0","sorting_lsh_version":"0"}},"gaia_

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\8452dff1-57e8-4321-91c6-15830bed378e.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 3513 Entropy (8bit): 4.946898059421682 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13274407841201834","alternate_error_pages":{"backup":true},"autocomplete":{"retention_pol icy_last_version":91},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work _area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2694},"default _apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13274407841202518"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chr ome_version":"91.0.4472.77"},"federated_learning":{"floc_id":{"compute_time":"13274407841282386","finch_config_version":"1","history_begin_time":"0","history_en d_time":"0","sorting_lsh_version":"0"}},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"d3823259-da28- 4900-92cb-91058df1dbba"}},

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0848c0f6eb669b6b_0 Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 246 Entropy (8bit): 5.618083345066778 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: 0\r..m...... r...... _keyhttps://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js .https://jb-voice.online/.A..Eo...... k.6..)/...... J..f.)9..a..].+:B.OU....$..{^.A..Eo...... a......

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3732fd04034f266a_0 Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 289 Entropy (8bit): 5.798961524088794 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709

Copyright Joe Security LLC 2021 Page 10 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3732fd04034f266a_0 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: 0\r..m...... m.....(M...._keyhttps://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js .https://google.com/.A..Eo...... N9=..)/..,..1 41DF69EF8679BDF2CC1F2C2CC4BFE0FC4E313401A03BDD3FEB94F2490A48D9B._..K....A.IE..$(..._VMt..[Q....A..Eo...... #}.L......

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d41faeec310c0cb9_0 Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 227 Entropy (8bit): 5.502043376537575 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: 0\r..m...... _....G...... _keyhttps://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js .https://jb-voice.online/.A..Eo...... )/...... O...... +m.%...BM.%I].N.D.R c.n.o.B.k....A..Eo......

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa58175ce6caab9c_0 Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 404648 Entropy (8bit): 6.235602191328381 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: 0\r..m...... @...... ]....141DF69EF8679BDF2CC1F2C2CC4BFE0FC4E313401A03BDD3FEB94F2490A48D9B...... H..TP....`.+....W..$S.8..`*.....L`.....$S....`.1.....L`...... Rb...... x...... Qb...... z...... QbRkc.....v.....Qb...x....S.....QbR...... H.....Qb>l.a....B.....QbVW...... Vp....Qbr7...... fg....QbJ...... kC....Qb..,.....d9....Qb..!.....Tk....Qb...}....ha. ...Qbjh...... $R....QbvT...... XH....Qb...x....WV....QbV...... xk....QbB...... nA....Qb...... lm....QbZ.P.....Jh....Qb.y.....OX....Qb.KO.....vf....Qb..0.....Ag....Qb...... oV....Qb..s.....bN. ...Qb.%...... wX....Qb:...... vR....QbbVV3....Jl....Qb...... C_....Qb.o*[email protected]...... YR....Qbb...... zq....QbZ..l....QO....QbN...... nK....Qb...... GQ....Qb...... hN.. ..QbB,...... K_....QbR.n.....dB....Qb.xD.....FY....Qb...... FZ....Qb...... Kk....Qb^..y....mq....Qbj..Y....J8....Qb.uA.....Zf....Qb...... mo....Qb...T....Hh....Qb...... xR....Qb..K.....hl.. ..Qbr..{....oD....QbZ...... XL....QbBD.6....nn....Qb......

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\comput ed_hashes.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 11217 Entropy (8bit): 6.069602775336632 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low

Copyright Joe Security LLC 2021 Page 11 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\comput ed_hashes.json Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZ rQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMB N2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FF FY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=", "yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWE vYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5 n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAF Mms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\9121.329.0.0_1\_metadata\c omputed_hashes.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 25683 Entropy (8bit): 6.059803400561034 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/ 3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq 4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["/0XLYLvR7GDi1lXEsqI5OOorLaHGVkQU9sW9wrxd/qs=","ugdSYfR9jET/5OpIYWZUyc Wy9FcBX/jb/7/hmW5DVR0=","Z2vShQRg9avHHQwTkYjAyfnFnhHQ6Ce+ob00hRV0V2Q=","lIb7yaoAR7pQ0ZDpBU1ZzIKa+hURf3edJBILNvUO6lk=","5mpQSSRBXvB C9O0QpFoDxFGOcDS5Iua0gICy3D+t0UM=","EkWgzDTb1zblDgz7APE/G19fsHn/TJJuw3JbNsqGNCY=","Mb/n/cgw5oibXHqBfMwXremke8GY9oWJPhuY1Y2CrpQ="," cb+9vKl/3iDYu97Gc5yEsJnJ2QWd4dpd1E3pt/3yaqQ=","17+40sjnss/mFRm6idVmlEZTl+kWrR1GSzedHRD8yZI=","fTKSj8L49Jxlk/4helP5XYqHFlye2npO9oJ4k1tBSDo=", "5YuJx+3UKRLS1jKYLhPFxnoj13kXTJWbUvqDjH49cSU=","bpIVoxhooXfnSfnMX0AAp0lf2rlVVA4pjcPLwgfO6HM=","UUtXQCPzpyCsqMlcbuKPxsSWFpRWF1bXuIn AT+MwwDY=","oUPx37oUjuP+dzILoj48jtLskRlThmZSi2d5kfYzTb0=","f

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000001.dbtmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text Category: dropped Size (bytes): 16 Entropy (8bit): 3.2743974703476995 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: MANIFEST-000001.

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text Category: dropped Size (bytes): 16 Entropy (8bit): 3.2743974703476995 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: MANIFEST-000001.

Copyright Joe Security LLC 2021 Page 12 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001 Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: PGP\011Secret Key - Category: dropped Size (bytes): 41 Entropy (8bit): 4.704993772857998 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: .|.."....leveldb.BytewiseComparator......

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Google Profile.icoeb (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel Category: dropped Size (bytes): 181072 Entropy (8bit): 5.774426487043815 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ...... H...... p...... h...n...... n...((.... .h...... 00...... %..~H..@@.... .(B..&n..``...... N...... (....D...... 2v...M..(...... ]..X\.).H...>..Z...... \..._...V...F...A...A...... ^..Wb...f.)[email protected]...[.....z...`...J.....9...E...k...R.D...... G...A.....;...E...h..XKd..KW...... D...>...=..X.... GQ.JW..;M..8K..@H..=;...... JV.YKV.IT.BS.Y...... (...... [[email protected]...... X...]...`...\...K...D...A...;...... 3...\...e... V...h.).d.G.<[email protected]...^..Td...X.....e....v.....:...E...=..T`...d...h.B.....?...;...O...B...A...b.!.g...Ru...... 9...8...P...C...C...l..U].M.5@...... [email protected]..=K..Ob..Me..5R. .AX..;V..++...... BL..KW..KW..DO..BL..EN..AJ..;1...... HT.UIV.FT.BQ.U......

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 939 Entropy (8bit): 5.572620642162645 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ...... "b....365..com..https..login..microsoft..office..www..804..audio..c..desktop..eyup..file..htm..users*...... 365...... 804...... audio...... c...... com...... desktop...... eyup...... file...... htm...... https...... login...... microsoft...... office...... users...... www..2...... 0...... 3...... 4...... 5...... 6...... 8...... a...... c...... d...... e...... f...... g...... h...... i...... k...... l...... m...... n...... o...... p...... r...... s...... t...... u...... w...... y...:...... "...... "...... "...... "...... "...... "...... "...... "B...... *.https://www.office.com/2#Office 365 Login | Microsoft Office:...... :...... :...... O."...... *+file:///C:/Users/eyup/Desktop/Audio_804.htm2.:...... J!...... "...... $(

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 3513 Entropy (8bit): 4.946898059421682 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E

Copyright Joe Security LLC 2021 Page 13 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy) SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13274407841201834","alternate_error_pages":{"backup":true},"autocomplete":{"retention_pol icy_last_version":91},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work _area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2694},"default _apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13274407841202518"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chr ome_version":"91.0.4472.77"},"federated_learning":{"floc_id":{"compute_time":"13274407841282386","finch_config_version":"1","history_begin_time":"0","history_en d_time":"0","sorting_lsh_version":"0"}},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"d3823259-da28- 4900-92cb-91058df1dbba"}},

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Preferences.. (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 4364 Entropy (8bit): 5.047503300958908 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13274407841201834","alternate_error_pages":{"backup":true},"autocomplete":{"retention_pol icy_last_version":91},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work _area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2694,"this_wee k_services_downstream_foreground_kb":{"112189210":0,"115188287":30,"21145003":1042,"35565745":1,"5151071":1,"6019475":81,"88863520":0}},"default_apps_ install_state":2,"domain_diversity":{"last_reporting_timestamp":"13274407841202518"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_ve rsion":"91.0.4472.77"},"federated_learning":{"floc_id":{"compute_time":"13274407841282386","finch_config_version":"1","history_begin_time":"0","history_end_time ":"0","sorting_lsh_version":"0"}},"gaia_

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Preferences3. (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 3513 Entropy (8bit): 4.9469212035964 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13274407841201834","alternate_error_pages":{"backup":true},"autocomplete":{"retention_pol icy_last_version":91},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work _area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2694},"default _apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13274407841202518"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chr ome_version":"91.0.4472.77"},"federated_learning":{"floc_id":{"compute_time":"13274407841282386","finch_config_version":"1","history_begin_time":"0","history_en d_time":"0","sorting_lsh_version":"0"}},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"d3823259-da28- 4900-92cb-91058df1dbba"}},

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with no line terminators Category: dropped Size (bytes): 15861 Entropy (8bit): 5.576929942019316 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709

Copyright Joe Security LLC 2021 Page 14 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy) SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","sy stem.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events": [],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13274407840614140","location":5,"manifest":{"a pp":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt l3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVG ijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences. (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with no line terminators Category: dropped Size (bytes): 15219 Entropy (8bit): 5.577334032951208 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","sy stem.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events": [],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13274407840614140","location":5,"manifest":{"a pp":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt l3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVG ijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencescs (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with no line terminators Category: dropped Size (bytes): 17951 Entropy (8bit): 5.564437805231248 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","sy stem.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events": [],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13274407840614140","location":5,"manifest":{"a pp":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt l3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVG ijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\cdfb02d4-0f2d-437e-9cd8-e24e277df12a.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with no line terminators Category: dropped Size (bytes): 15219 Entropy (8bit): 5.577334032951208 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855

Copyright Joe Security LLC 2021 Page 15 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\cdfb02d4-0f2d-437e-9cd8-e24e277df12a.tmp SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","sy stem.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events": [],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13274407840614140","location":5,"manifest":{"a pp":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt l3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVG ijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000014.dbtmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text Category: dropped Size (bytes): 16 Entropy (8bit): 3.5 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: MANIFEST-000014.

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text Category: dropped Size (bytes): 16 Entropy (8bit): 3.5 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: MANIFEST-000014.

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\e4016c7a-a9a5-4de9-9261-84b5684d79a2.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: very short file (no magic) Category: dropped Size (bytes): 1 Entropy (8bit): 0.0 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: .

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\f0748631-b5e4-4f1c-86ee-f39c6f94ea75.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped

Copyright Joe Security LLC 2021 Page 16 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\f0748631-b5e4-4f1c-86ee-f39c6f94ea75.tmp Size (bytes): 4033 Entropy (8bit): 5.0120954605671875 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13274407841201834","alternate_error_pages":{"backup":true},"autocomplete":{"retention_pol icy_last_version":91},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work _area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2694,"this_wee k_services_downstream_foreground_kb":{"112189210":0,"115188287":30,"21145003":1042,"35565745":1,"5151071":1,"6019475":81,"88863520":0}},"default_apps_ install_state":2,"domain_diversity":{"last_reporting_timestamp":"13274407841202518"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_ve rsion":"91.0.4472.77"},"federated_learning":{"floc_id":{"compute_time":"13274407841282386","finch_config_version":"1","history_begin_time":"0","history_end_time ":"0","sorting_lsh_version":"0"}},"gaia_

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Default\f60a5380-172e-464a-8928-0e7c268efce4.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with no line terminators Category: dropped Size (bytes): 17951 Entropy (8bit): 5.564437805231248 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","sy stem.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events": [],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13274407840614140","location":5,"manifest":{"a pp":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt l3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVG ijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Last Browser Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 106 Entropy (8bit): 3.138546519832722 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Last Version Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with no line terminators Category: dropped Size (bytes): 12 Entropy (8bit): 2.6258145836939115 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 Copyright Joe Security LLC 2021 Page 17 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Last Version SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: 91.0.4472.77

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Local State (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 81541 Entropy (8bit): 6.077344623381297 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user ":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time": {"network_time_mapping":{"local":1.629934243319878e+12,"network":1.629901845e+12,"ticks":6734580740.0,"uncertainty":3441155.0}},"os_crypt":{"encrypted_key":"RF BBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACanWu3FyjzSb22qOd7JcKxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOvzHMHSfF9+m4oxy+22fHMcQg44kCf1BX y1OZZbdvKzAAAAAA6AAAAAAgAAIAAAAPTENVQ24xIsJc/ZQEp5QqLyGws8rV509kXnSOO5wySTMAAAAH5bXPykNQD+rPcaJzuKSNgUUlUVuRFSP9klMm9Irm EdAB20jsgAMb2dc/upU0MueUAAAAChrUBvSOw+ZaWzDX+CTHaJdop4I956Us1Y1/MTm0kr4uGgJ1iujCKCl39idN0Kk67uULB9hxw0UYLGUi8ZC41p"},"password_man ager":{"os_password_blank":true,"os_password_last_changed":"13274407881585443"},"plugins":{"metadata":{"adobe-flash-player":{"disp

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Local State00 (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with CRLF line terminators Category: dropped Size (bytes): 743 Entropy (8bit): 4.913927107235852 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "app_description": {.. "message": "...... Chrome ...-...... ".. },.. "app_name": {.. "message": "...... Chrome ...-...... ".. },.. "craw_app_unavailable": {.. "message": "...... ".. },.. "craw_connect_to_network": {.. "message": "...... ".. },.. "iap_unavailable": {.. "message": "...... ".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "...... Chrome.".. }..}..

C:\Users\eyup\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy) Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 101616 Entropy (8bit): 3.758661402196638 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ...... T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l...... puA...c .:.\.p.r.o.g.r.a.m. .f.i.l.e.s. .(.x.8.6.).\.m.i.c.r.o.s.o.f.t. .o.n.e.d.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\...... f.i.l.e.s.y.n.c.s.h.e.l.l.6.4...d.l.l...... M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i .v.e."...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.....2.1...0.8.3...0.4.2.5...0.0.0.3.....T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v .e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....C8. ...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.7.-.Z.i.p.\.7.-.z.i.p ...d.l.l...... n\....%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.7.-.z.i.p.\...... 7.-.z.i.p...d.l.l...... 7.-.Z.i.p...... 7.-.Z.i.p. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n...... 1.9...0.0...... C8.....

Copyright Joe Security LLC 2021 Page 18 of 39 C:\Users\eyup\AppData\Local\Google\Chrome\User Data\a8770ee8-39c7-4eff-b51f-1e851e580f2b.tmp Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: data Category: dropped Size (bytes): 101616 Entropy (8bit): 3.758661402196638 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ...... T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l...... puA...c .:.\.p.r.o.g.r.a.m. .f.i.l.e.s. .(.x.8.6.).\.m.i.c.r.o.s.o.f.t. .o.n.e.d.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\...... f.i.l.e.s.y.n.c.s.h.e.l.l.6.4...d.l.l...... M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i .v.e."...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.....2.1...0.8.3...0.4.2.5...0.0.0.3.....T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v .e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....C8. ...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.7.-.Z.i.p.\.7.-.z.i.p ...d.l.l...... n\....%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.7.-.z.i.p.\...... 7.-.z.i.p...d.l.l...... 7.-.Z.i.p...... 7.-.Z.i.p. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n...... 1.9...0.0...... C8.....

C:\Users\eyup\AppData\Local\Temp\27e8e560-d57b-45cc-b94f-6ac99fb89b3a.tmp

Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Category: dropped Size (bytes): 153143 Entropy (8bit): 7.9977669387909645 Encrypted: true SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ...... Ys...5x....:.t|[email protected]%e.7.(...... ^)..]U.}.#.D.....a...... vY.vY...... r...... ?...... x...../y.%....>....7....2..~...{....R.....9.._\e..[f...... x.K+.....%...t4.S.27r+i<.m.=.~.... n".e..~YY\N."%..u5.....\.S~`...29.....aR...... {k.u-...E<]..4.5);.!.X....G.9=.s:...~.97.uC.<4%.fo.U.;.....f...... {..M._/...*..%3dgs0.j.q..T!.$.I....{..*.K\/.yqB...... ]I.1.9S.g.kuv..}q Z7r.....m.Fv./.5...~O..wL"..sA...Y.?.<...|..|.....|5.Z{...@..{..:.1...... /..j...Y.v.~..a...... >$.5./O.*c.ve..1...M...... d.]a.U.H.Ut..|.W...;K..vu...cS.h...r..Z.[.[./..">..&a|.i..?.b..^...B..k#nW...... 9.....}...B...... 9...... ?...... W5.~...?.}F...}...n...y)a.Z.K[.....!...... <../...... *.L.3....W. ...[...\>...J<..+Y.Jx-.q..)....x...&?.<]..8N.,O..w...9...... v.;^../..Ob}.M5..^..{....Z.. ...+.....$....5S."[email protected]...]+u#.;...N...... t.4....n.....L...:k...... _...2.t...... E...... ,J.?.y.,a..y.(./..i}.]S

C:\Users\eyup\AppData\Local\Temp\9b9be64b-7eed-46d8-9704-ee46cfdadc82.tmp

Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Category: dropped Size (bytes): 101891 Entropy (8bit): 7.9971613680976565 Encrypted: true SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ...... {..0...... &xqH.....zyIBv9....=...+...... I6....3#[email protected]].W7...h4..H...7.^...... Bg.....`.;.S...P...... z.3...... 9~.P..{..-.z...... b.:...... >..'....I8...... 'v.M'E.?bA...N8.'.8I.._...< v&.pT{.L'Ne...#.S!].T.-+...r)5.j.U.8q....X..VPo.....F.o..A.~~.?.w...... eNJ..a)....i....:?._^..v.<=ei...i...... Q...8k...... ~j.c.W...... ~...Q.yq..^9..z...... S..b.E..L3|.9S.pa...a....5...J.\.2l..s..4.. ...S.u..o.|.Q.K.0.=...... 0....xj.4....Mie..C..3...... WN...... 4Vs.B..N.bD...VK%...mb...{{....pd..7..G.....}.J;"..4,...... A.R|0d..)..M...... ;;.8.h.C.u..pkM..Z@...... r..U....H...],..l:~p. .8`....3....5.*.t../S{.{`.^kB=f...... ZR..L.$t..D%I..xB../.{rb..h8.!...... Z.0...... {PuK%Vv...RR.*...... j.vw.[B..$..|&..eZEW.Z[&..d>.o...... @..t.z.O.12C...... Kk..oS.[.0.M...<.zq#*g.r...... "0+.[.....Tb.E....F...U..U0...G...... [email protected].#R.]...+.;.M[..x,...J.l...... &y.n.....j>..0.|W.+.S.0X.S.E..L....R.....W.u.g.S.&^.g..N/..

C:\Users\eyup\AppData\Local\Temp\bcd0a2c1-29e2-4871-b2dc-f14e90471e27.tmp

Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Category: dropped Size (bytes): 30948 Entropy (8bit): 7.99105089802474

Encrypted: true SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ...... y..../...*D4e.sH.v.{...... mv9MR...&..b.`.P."...... r.....X...9s.s..w..;...>.}8...O.ep....O.]...$KO.tu...2?Yfi.'ove..T.....(.N7.R..[...... *."...... '7.j...... #.n..e1..Fr...... j5xH.~.*...yvw....y.....vI...... IWT..)...|...\..<=.V.C..}.fF..T.....~.~..:).....i...2./D.}...]..<+3T..Z.Q9*0...... 3..7.e..p.:..-.P..n.}j....U...."...|Gm...AdQ:*...gz%n..:...K.o[...".n...(V..A...U.D.~ x.Q..X.tw.F..,.Q...k.9.w...... 2....t...... XF....E./...Hu.%..].....7.T...X.\$4.~.....`..e\....}.X...`A...J.....k...$IO..OS:...=...R...q...... FE.H.)M..WX/...... 6.._..ry..J..`.q.'....x^..[r..Z.Y:..0.. .g.y....#.1.'...F7M.6...S....7.To.G.... `#...... -."...^....;..8..{.6VhL?%uU...K....O9.`Y....b.5.,zP.+\..!.1wK.j.P].....jW.!.j...i3.v.<..n.P..g....~.x..z.8...2^..U.f.bt#.+.U..N...... !.[.!#.C.A.xy..... p...n.mU,.....=...... h .ME..T/....lT\h,.U...... (.U ...Tf.?Zd8.2.V...... *..../....Oyh.j.._.I.k..u...).3.r.3...j...... O....+],...

C:\Users\eyup\AppData\Local\Temp\f189e433-6f12-4153-8e56-ab5dd4a3d9e3.tmp

Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: Google Chrome extension, version 3 Category: dropped Size (bytes): 817417 Entropy (8bit): 7.993168779212537 Encrypted: true SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: Cr24...... 0.."0...*.H...... 0...... \7c.<...... Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ...... [...L|....3>/....u.:T.7...(.yM...?V.k.|1..n. ...... T.C.[+ .IzI.Z.....<...... p9.U.C..3z..|.K..2O.O..... %....X....V...... /O....:[email protected]#...I.lW.?.I<3...... 'FY..d.X..m.T..Z.Y.S7...... c.*..q.i6.. U<....L.j.q.....0v...... oV....x.ev.#...X...*.m|}t...... 0..0...*.H...... 0...... Mbh=.[O}.+..U.KHF( n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$...... l-m...... ?..k...~'m..Y...}.J.il.....0YT....Eog....]..;L...s..-...F=*.O...fR...... *Y.iaL.#..0 .M.su.{...... j...m..1_..C..._`8...z....[0Y0...*.H.=....*.H.=....B...... r...2..+Y.I...k..bR.j5Sl..8...... H"i.-l..`.Q.{...H0F.!....a.*<...[.8g...s.&..4.U

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\am\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 17307 Entropy (8bit): 5.461848619761356 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "1282768764603190 75": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "1802762746589457177": {.. "message": "...".. },.. "1850397500312020388": {.. "message": ".$START_LINK$Google Home ...... $END_LINK$ ...... Chromecast ...... ? $START_SPAN$*$END_SPAN$",.. "placeholde

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ar\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 16809 Entropy (8bit): 5.458298990148825 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855

Copyright Joe Security LLC 2021 Page 20 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ar\messages.json SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ".. },.. "128276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "1802762746589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... Chromecast .. $START_LINK$..... Google Home$END_LINK$. $START_SPAN$*$END_SPAN$",.. "pl aceholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\bg\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 18086 Entropy (8bit): 5.408731329060678 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... -...... ?".. },.. "12827687 6460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... , ...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "18027627 46589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... Chromecast . $START_LINK$...... Google Hom e$END_LINK$? $START_SPAN$*$END_SPAN$",.. "p

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\bn\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 19695 Entropy (8bit): 5.315564774032776 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "128 276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "18027627 46589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "$START_LINK$ Google

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ca\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15504 Entropy (8bit): 5.242147131052711 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low

Copyright Joe Security LLC 2021 Page 21 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ca\messages.json Preview: {.. "1018984561488520517": {.. "message": "Es congela".. },.. "1213957982723875920": {.. "message": "Quina de les opcions.seg.ents descriu millor la vostra xarxa?".. },.. "128276876460319075": {.. "message": "Detecci. de dispositius".. },.. "1428448869078126731": {.. "message": "Flu.desa del v.deo".. },.. "1522 140683318860351": {.. "message": "S'ha produ.t un error en la connexi.. Torneu-ho a provar.".. },.. "1550904064710828958": {.. "message": "Correcta".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Pots veure el Chromecast a l'$START_LINK$aplicaci. Google.Home$END_LINK$?$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\cs\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15552 Entropy (8bit): 5.406413558584244 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Video zamrz.".. },.. "1213957982723875920": {.. "message": "Kter. popis nejl.pe vystihuje va.i s..?".. },.. "128276876460319075": {.. "message": "Zji..ov.n. za..zen.".. },.. "1428448869078126731": {.. "message": "Plynulost videa".. },.. "1522140683318860351": {.. "message": "P.ipojen. se nezda.ilo. Zkuste to pros.m znovu.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "m essage": "Perfektn.".. },.. "1802762746589457177": {.. "message": "Hlasitost".. },.. "1850397500312020388": {.. "message": "Vid.te sv.j Chromecast v.$ST ART_LINK$aplikaci Google Home $END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. " END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\da\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15340 Entropy (8bit): 5.2479291792849105 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket af f.lgende udsagn beskriver bedst dit netv.rk?".. },.. "128276876460319075": {.. "message": "Enhedsregistrering".. },.. "1428448869078126731": {.. "message": "Videostabilitet".. },.. "152214068331 8860351": {.. "message": "Forbindelsen blev afbrudt. Pr.v igen.".. },.. "1550904064710828958": {.. "message": "Problemfri".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lydstyrke".. },.. "1850397500312020388": {.. "message": "Kan du se din Chromecast i $ START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "STAR

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\de\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15555 Entropy (8bit): 5.258022363187752 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low

Copyright Joe Security LLC 2021 Page 22 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\de\messages.json Preview: {.. "1018984561488520517": {.. "message": "H.ngenbleiben".. },.. "1213957982723875920": {.. "message": "Welche dieser Aussagen beschreibt dein Netzwerk am besten?".. },.. "128276876460319075": {.. "message": "Ger.teerkennung".. },.. "1428448869078126731": {.. "message": "Videowiedergabequalit.t".. },.. "1522140683318860351": {.. "message": "Fehler beim Herstellen der Verbindung. Bitte versuche es noch einmal.".. },.. "1550904064710828958": {.. "message": "St.rungsfrei".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lautst.rke".. },.. "18503975003 12020388": {.. "message": "Siehst du deinen Chromecast in der $START_LINK$Google Home App$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholde rs": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\el\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 17941 Entropy (8bit): 5.465343004010711 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ;".. },.. "1282768 76460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "1802762746589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... Chromecast .... $START_LINK$...... Google Home$END_LINK$; $START_SPAN $*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\en\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 14897 Entropy (8bit): 5.197356586852831 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Freezes".. },.. "1213957982723875920": {.. "message": "Which of the following best describes your network?".. },.. "128276876460319075": {.. "message": "Device Discovery".. },.. "1428448869078126731": {.. "message": "Video Smoothness".. },.. "1522140683318860 351": {.. "message": "Connection failed. Please try again.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Are you able to see your Chrom ecast in the $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\es\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15560 Entropy (8bit): 5.236752363299121 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low

Copyright Joe Security LLC 2021 Page 23 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\es\messages.json Preview: {.. "1018984561488520517": {.. "message": "Congelaci.n de im.genes".. },.. "1213957982723875920": {.. "message": ".Cu.l de las siguientes respuestas descr ibe mejor tu red?".. },.. "128276876460319075": {.. "message": "Detecci.n de dispositivo".. },.. "1428448869078126731": {.. "message": "Fluidez del v.deo".. },.. "1522140683318860351": {.. "message": "Error en la conexi.n. Vuelve a intentarlo.".. },.. "1550904064710828958": {.. "message": "V.deo fluido".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volumen".. },.. "1850397500312020388": {.. "message": ".Puedes ver tu Chromecast en la $START_LINK$aplicaci.n Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\et\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15139 Entropy (8bit): 5.228213017029721 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Hangub".. },.. "1213957982723875920": {.. "message": "Milline j.rgmistest v.idetest kirjeldab k.ige paremini teie v.rku?".. },.. "128276876460319075": {.. "message": "Seadme tuvastamine".. },.. "1428448869078126731": {.. "message": "Video sujuvus".. },.. "152 2140683318860351": {.. "message": ".hendamine eba.nnestus. Proovige uuesti.".. },.. "1550904064710828958": {.. "message": ".htlane".. },.. "163668674768 7494376": {.. "message": "T.iuslik".. },.. "1802762746589457177": {.. "message": "Helitugevus".. },.. "1850397500312020388": {.. "message": "Kas n.ete oma Chromecasti $START_LINK$rakenduses Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "conte nt": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\fa\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 17007 Entropy (8bit): 5.486206928823098 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ".. },.. "128 276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... Chromecast ...... $START_LINK$ ...... Google Home$END_LINK$ ...... $START_SPA N$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\fi\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15268 Entropy (8bit): 5.268402902466895 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low

Copyright Joe Security LLC 2021 Page 24 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\fi\messages.json Preview: {.. "1018984561488520517": {.. "message": "Pys.htyy".. },.. "1213957982723875920": {.. "message": "Mik. seuraavista kuvaa parhaiten verkkoasi?".. },.. "128276876460319075": {.. "message": "Laitteiden tunnistaminen".. },.. "1428448869078126731": {.. "message": "Videon tasaisuus".. },.. "152214068331886 0351": {.. "message": "Yhteys ep.onnistui. Yrit. uudelleen.".. },.. "1550904064710828958": {.. "message": "Tasainen".. },.. "1636686747687494376": {.. "message": "T.ydellinen".. },.. "1802762746589457177": {.. "message": "..nenvoimakkuus".. },.. "1850397500312020388": {.. "message": "N.etk. Chromecastisi $START_LINK$Google Home .sovelluksessa$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\fil\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15570 Entropy (8bit): 5.1924418176212646 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Hindi gumagalaw".. },.. "1213957982723875920": {.. "message": "Alin sa sumusunod ang pinakamahusay na naglalarawan sa iyong network?".. },.. "128276876460319075": {.. "message": "Pagtuklas ng Device".. },.. "1428448869078126731": {.. "message": "Pagka-s mooth ng Video".. },.. "1522140683318860351": {.. "message": "Hindi nakakonekta. Pakisubukang muli.".. },.. "1550904064710828958": {.. "message": "Smoot h".. },.. "1636686747687494376": {.. "message": "Perpekto".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Nakikita mo ba ang iyong Chromecast sa $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\fr\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15826 Entropy (8bit): 5.277877116547859 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Se fige".. },.. "1213957982723875920": {.. "message": "Parmi les propositions suivantes, laquelle d.crit le mieux votre r.seau.?".. },.. "128276876460319075": {.. "message": "D.tection d'appareils".. },.. "1428448869078126731": {.. "message": "Fluidit. de la vid.o".. },.. "1522140683318860351": {.. "message": ".chec de la connexion. Veuillez r.essayer.".. },.. "1550904064710828958": {.. "message": "Fluide".. },.. "163 6686747687494376": {.. "message": "Parfaite".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Votre Chromecast est-il visible dans l'$START_LINK$application Google.Home$END_LINK$.? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\gu\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 19260 Entropy (8bit): 5.326067910239208 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "128276876 460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... $START_LINK$ Google Home ..$END_LINK$... Chromecast.. Copyright Joe Security LLC 2021 Page 25 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\hi\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 19387 Entropy (8bit): 5.329218714975947 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "128276 876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "...... $START_LINK$ Google Home ...... $END_LINK$ ...... Ch

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\hu\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15682 Entropy (8bit): 5.354505633120392 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Lefagy".. },.. "1213957982723875920": {.. "message": "Az al.bbiak k.z.l melyik jellemzi legjobban h.l.zat.t?".. },.. "128276876460319075": {.. "message": "Eszk.zfelfedez.s".. },.. "1428448869078126731": {.. "message": "Vide. folyamatoss.ga".. },.. "1522140683318860351" : {.. "message": "Sikertelen kapcsol.d.s. K.rj.k, pr.b.lja .jra.".. },.. "1550904064710828958": {.. "message": "Folyamatos".. },.. "1636686747687494376": {.. "message": "T.k.letes".. },.. "1802762746589457177": {.. "message": "Hanger.".. },.. "1850397500312020388": {.. "message": "L.tja a Chromecastot a $STA RT_LINK$Google Home alkalmaz.sban$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\id\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15070 Entropy (8bit): 5.190057470347349 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Membeku".. },.. "1213957982723875920": {.. "message": "Dari berikut ini, manakah yang paling mendeskripsikan jaringan Anda?".. },.. "128276876460319075": {.. "message": "Penemuan Perangkat".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Coba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376" : {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Bisakah Anda melihat Chromecast di $START_LINK$aplikasi Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": " $1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\it\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15256 Entropy (8bit): 5.210663765771143

Copyright Joe Security LLC 2021 Page 26 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\it\messages.json Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Si blocca".. },.. "1213957982723875920": {.. "message": "Quale delle seguenti definizioni descrive meglio la tua rete?".. },.. "128276876460319075": {.. "message": "Rilevamento dispositivi".. },.. "1428448869078126731": {.. "message": "Uniformit. video".. },.. "1522140 683318860351": {.. "message": "Connessione non riuscita. Riprova.".. },.. "1550904064710828958": {.. "message": "Fluido".. },.. "1636686747687494376": {.. "message": "Perfetta".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Riesci a vedere il tuo dispositivo Chromecast nell'$START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ja\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 16519 Entropy (8bit): 5.675556017051063 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": "...... ".. },.. "128276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "15509040 64710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..".. },.. "18503975 00312020388": {.. "message": "$START_LINK$Google Home ...$END_LINK$. Chromecast ...... $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_ LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\kn\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 20406 Entropy (8bit): 5.312117131662377 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "1 28276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "180276274658 9457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": ".... $

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ko\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with CRLF line terminators Category: dropped Size (bytes): 15480 Entropy (8bit): 5.617756574352461 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Copyright Joe Security LLC 2021 Page 27 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ko\messages.json Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "128276876460319075": {.. "message": ".. ..".. },.. "1428448869078126731": {.. "message": "... ..".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "155090406471082 8958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "...".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020 388": {.. "message": "$START_LINK$Google Home .$END_LINK$. Chromecast...... ? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\lt\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15802 Entropy (8bit): 5.354550839818046 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Stringa".. },.. "1213957982723875920": {.. "message": "Kuris i. toliau pateikt. teigini. geriausiai apib.dina j.s. tinkl. ?".. },.. "128276876460319075": {.. "message": ".renginio suradimas".. },.. "1428448869078126731": {.. "message": "Vaizdo .ra.o sklandumas".. },.. " 1522140683318860351": {.. "message": ".vyko ry.io klaida. Bandykite dar kart..".. },.. "1550904064710828958": {.. "message": "Leid.iama skland.iai".. },.. "1636686747687494376": {.. "message": "Puiki".. },.. "1802762746589457177": {.. "message": "Garsumas".. },.. "1850397500312020388": {.. "message": "Ar .Chromecast. rodomas $START_LINK$programoje .Google Home.$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\lv\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15891 Entropy (8bit): 5.36794040601742 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": ".Iesald.ts. att.ls".. },.. "1213957982723875920": {.. "message": "Kur. no t.l.k min.tajiem apgalvojumiem vislab.k raksturo j.su t.klu?".. },.. "128276876460319075": {.. "message": "Ier.ces atra.ana".. },.. "1428448869078126731": {.. "message": "Video vienm.r.ba".. },.. "1522140683318860351": {.. "message": "Neizdev.s izveidot savienojumu. L.dzu, m..iniet v.lreiz.".. },.. "1550904064710828958": {.. "message": "Vienm.r.gs a tt.ls".. },.. "1636686747687494376": {.. "message": "Nevainojama".. },.. "1802762746589457177": {.. "message": "Ska.ums".. },.. "1850397500312020388": {.. "message": "Vai j.su Chromecast ier.ce ir redzama $START_LINK$lietotn. Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2"..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ml\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 20995 Entropy (8bit): 5.346788032166745 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low

Copyright Joe Security LLC 2021 Page 28 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ml\messages.json Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "128276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. " 1802762746589457177": {.. "message"

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\mr\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 19625 Entropy (8bit): 5.311040089989635 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "128276 876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "....".. },.. "18027627 46589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... $START_LINK$ Goo

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ms\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15330 Entropy (8bit): 5.193447909498091 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Tidak bergerak".. },.. "1213957982723875920": {.. "message": "Antara yang berikut, manakah yang terbaik menggambarkan rangkaian anda?".. },.. "128276876460319075": {.. "message": "Penemuan Peranti".. },.. "1428448869078126731": {.. "message": "Kelancara n Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Sila cuba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Kelantangan".. },.. "1850397500312020388": {.. "me ssage": "Adakah anda dapat melihat Chromecast anda dalam $START_LINK$ apl Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\nb\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15155 Entropy (8bit): 5.2408655429422515 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket av f.lgende eksempler beskriver nettverket ditt b est?".. },.. "128276876460319075": {.. "message": "Enhetsgjenkjenning".. },.. "1428448869078126731": {.. "message": "Videojevnhet".. },.. "152214068 3318860351": {.. "message": "Tilkoblingen mislyktes. Pr.v p. nytt.".. },.. "1550904064710828958": {.. "message": "Jevn".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Ser du Chromecasten din i $START_LINK$Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START_SPAN":

Copyright Joe Security LLC 2021 Page 29 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\nl\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15321 Entropy (8bit): 5.221228928144735 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Loopt vast".. },.. "1213957982723875920": {.. "message": "Welke beschrijving past het beste bij je netwerk?".. },.. "128276876460319075": {.. "message": "Apparaatdetectie".. },.. "1428448869078126731": {.. "message": "Vloeiendheid van de video".. },.. "152214 0683318860351": {.. "message": "Kan geen verbinding maken. Probeer het opnieuw.".. },.. "1550904064710828958": {.. "message": "Vloeiend".. },.. "1636686 747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Zie je je Chromecast in de $START_LINK$Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$ 1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\pl\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15418 Entropy (8bit): 5.346020722930065 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Zatrzymuje si.".. },.. "1213957982723875920": {.. "message": "Kt.ra z tych opcji najlepiej opisuje Twoj. sie.?".. },.. "128276876460319075": {.. "message": "Wykrywanie urz.dze.".. },.. "1428448869078126731": {.. "message": "P.ynno.. obrazu".. },.. "1522140683318860351": {.. "message": "Nie uda.o si. nawi.za. po..czenia. Spr.buj ponownie.".. },.. "1550904064710828958": {.. "message": "P.ynna".. },.. "1636686747687494376": {.. "message": "Idealna".. },.. "1802762746589457177": {.. "message": "G.o.no..".. },.. "1850397500312020388": {.. "message": "Czy Chromecasta wida. w.$S TART_LINK$aplikacji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\pt\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15475 Entropy (8bit): 5.239856689212255 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Congela".. },.. "1213957982723875920": {.. "message": "Qual das seguintes alternativas melhor descreve sua rede?".. },.. "128276876460319075": {.. "message": "Detec..o de dispositivos".. },.. "1428448869078126731": {.. "message": "Suavidade da reprodu..o do v.deo ".. },.. "1522140683318860351": {.. "message": "Falha na conex.o. Tente novamente.".. },.. "1550904064710828958": {.. "message": "Suave".. },.. "163 6686747687494376": {.. "message": "Perfeita".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": ". poss.vel encontrar seu Chromecast no $START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ro\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped

Copyright Joe Security LLC 2021 Page 30 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ro\messages.json Size (bytes): 15655 Entropy (8bit): 5.288239072087021 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Redare cu bloc.ri".. },.. "1213957982723875920": {.. "message": "Care dintre urm.toarele descrie cel mai bine r e.eaua ta?".. },.. "128276876460319075": {.. "message": "Descoperirea dispozitivelor".. },.. "1428448869078126731": {.. "message": "Calitatea red.rii vi deoclipului".. },.. "1522140683318860351": {.. "message": "Conexiunea nu s-a stabilit. .ncerca.i din nou.".. },.. "1550904064710828958": {.. "message": "Redare lin.".. },.. "1636686747687494376": {.. "message": "Redare perfect.".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500 312020388": {.. "message": "Chromecastul dvs. apare .n $START_LINK$ aplica.ia Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ru\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 17686 Entropy (8bit): 5.471928545648783 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "12 8276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "1802762746589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... Chromecast . $START_LINK$......

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\sk\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15733 Entropy (8bit): 5.409011445299871 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Zam.za".. },.. "1213957982723875920": {.. "message": "Ktor. z nasleduj.cich skuto.nost. najlep.ie popisuj. va.u sie.?".. },.. "128276876460319075": {.. "message": "Vyh.ad.vanie zariaden.".. },.. "1428448869078126731": {.. "message": "Plynulos. videa".. },.. " 1522140683318860351": {.. "message": "Pripojenie zlyhalo. Sk.ste to znova.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687 494376": {.. "message": "V.born.".. },.. "1802762746589457177": {.. "message": "Hlasitos.".. },.. "1850397500312020388": {.. "message": "Vid.te svoj Chromecast v.$START_LINK$aplik.cii Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": " $1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\sl\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15628 Entropy (8bit): 5.292871661441512 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E

Copyright Joe Security LLC 2021 Page 31 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\sl\messages.json SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Zamrzne".. },.. "1213957982723875920": {.. "message": "Kaj od tega najbolje opi.e va.e omre.je?".. },.. "12 8276876460319075": {.. "message": "Odkrivanje naprav".. },.. "1428448869078126731": {.. "message": "Teko.e predvajanje videoposnetka".. },.. "1522140683 318860351": {.. "message": "Vzpostavitev povezave ni uspela. Poskusite znova.".. },.. "1550904064710828958": {.. "message": "Teko.e".. },.. "16366867476 87494376": {.. "message": "Odli.no".. },.. "1802762746589457177": {.. "message": "Glasnost".. },.. "1850397500312020388": {.. "message": "Ali je Ch romecast viden v $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\sr\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 17766 Entropy (8bit): 5.432888569680161 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "12827687646 0319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "18027627 46589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... Chromecast . $START_LINK$...... Google Hom e$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\sv\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15135 Entropy (8bit): 5.258962752997426 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Fastnar tillf.lligt".. },.. "1213957982723875920": {.. "message": "Vilket av f.ljande beskriver ditt n.tverk b.st?".. },.. "128276876460319075": {.. "message": "Enhetsidentifiering".. },.. "1428448869078126731": {.. "message": "J.mn videouppspelning".. },.. "1522140683 318860351": {.. "message": "Det gick inte att ansluta. F.rs.k igen.".. },.. "1550904064710828958": {.. "message": "Flyter p.".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Volym".. },.. "1850397500312020388": {.. "message": "Visas din Chromecast i $START _LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\sw\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15156 Entropy (8bit): 5.216902945207334 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false

Copyright Joe Security LLC 2021 Page 32 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\sw\messages.json Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Inasita kucheza".. },.. "1213957982723875920": {.. "message": "Ni gani kati ya zifuatazo inaelezea mtandao wako vizuri?".. },.. "128276876460319075": {.. "message": "Kupata Kifaa".. },.. "1428448869078126731": {.. "message": "Ulaini wa Kutiririsha Video".. },.. "152214 0683318860351": {.. "message": "Imeshindwa kuunganisha. Tafadhali jaribu tena.".. },.. "1550904064710828958": {.. "message": "Laini".. },.. "16366867476 87494376": {.. "message": "Bora".. },.. "1802762746589457177": {.. "message": "Sauti".. },.. "1850397500312020388": {.. "message": "Je, unaweza kuona Chromecast yako katika $START_LINK$ programu ya Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\ta\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 20531 Entropy (8bit): 5.2537196877590056 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "1 28276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "mess age": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "1802762 746589457177": {.. "message": "...... "

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\te\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 20496 Entropy (8bit): 5.301173454436774 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "12827 6876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "1802762 746589457177": {.. "message": "...... ".. },.. "185039750031202038

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\th\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 18849 Entropy (8bit): 5.3815746250038305 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "....".. },.. "1213957982723875920": {.. "message": "...... ".. },.. "128276876460319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "1802762746589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... Chromecast ..... $

Copyright Joe Security LLC 2021 Page 33 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\tr\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 15542 Entropy (8bit): 5.336342457334077 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "Donuyor".. },.. "1213957982723875920": {.. "message": "A..n.z. a.a..dakilerden hangisi en iyi .ekilde tan.mlar?".. },.. "128276876460319075": {.. "message": "Cihaz Bulma".. },.. "1428448869078126731": {.. "message": "Videonun D.zg.n Oynat.lmas.".. },.. "15221 40683318860351": {.. "message": "Ba.lant. ba.ar.s.z oldu. L.tfen tekrar deneyin.".. },.. "1550904064710828958": {.. "message": "D.zg.n".. },.. "16366867 47687494376": {.. "message": "M.kemmel".. },.. "1802762746589457177": {.. "message": "Ses d.zeyi".. },.. "1850397500312020388": {.. "message": "Chr omecast'inizi $START_LINK$Google Home uygulamas.nda$END_LINK$ g.rebiliyor musunuz? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_L INK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\uk\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 17539 Entropy (8bit): 5.492873573147444 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "...... ".. },.. "1213957982723875920": {.. "message": "...... ?".. },.. "1282768764 60319075": {.. "message": "...... ".. },.. "1428448869078126731": {.. "message": "...... ".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "...... ".. },.. "1636686747687494376": {.. "message": "...... ".. },.. "1802 762746589457177": {.. "message": "...... ".. },.. "1850397500312020388": {.. "message": "...... Chromecast . $START_LINK$...... Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeho

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\vi\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 16011 Entropy (8bit): 5.466848470908827 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "D.ng h.nh".. },.. "1213957982723875920": {.. "message": "Tr..ng h.p n.o sau ..y m. t. ..ng nh.t m.ng c.a b.n?".. },.. "128276876460319075": {.. "message": "Kh.m ph. thi.t b.".. },.. "1428448869078126731": {.. "message": ".. m..t c.a video".. },.. "1522140683318860351": {.. "message": "K.t n.i kh.ng th.nh c.ng. Vui l.ng th. l.i.".. },.. "1550904064710828958": {.. "message": "M..t m.".. },.. "1636686747687494376": {.. "message": "Ho.n h.o".. },.. "1802762746589457177": {.. "message": ".m l..ng".. },.. "1850397500312020388": {.. "message": "B.n c. th. nh.n th.y Chromecast c.a m.nh trong $START_LINK$.ng d.ng Google Home$END_LINK$ kh.ng? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "conte

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\zh\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with CRLF line terminators Category: dropped Size (bytes): 14773

Copyright Joe Security LLC 2021 Page 34 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\zh\messages.json Entropy (8bit): 5.670562029027517 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "..".. },.. "1213957982723875920": {.. "message": "...... ".. },.. "128276876460319075": {.. "message": "....".. },.. "1428448869078126731": {.. "message": ".....".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "..".. },.. "1636686747687494376": {.. "message": "..".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "... $START_LINK$Google Home ..$END_LINK$...... Chromecast ..$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "co ntent": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START_SPAN": {.

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_locales\zh_TW\messages.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: UTF-8 Unicode text, with CRLF line terminators Category: modified Size (bytes): 14981 Entropy (8bit): 5.7019494203747865 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "1018984561488520517": {.. "message": "....".. },.. "1213957982723875920": {.. "message": "...... ".. },.. "128276876460319075": {.. "message": "....".. },.. "1428448869078126731": {.. "message": ".....".. },.. "1522140683318860351": {.. "message": "...... ".. },.. "1550904064710828958": {.. "message": "..".. },.. "1636686747687494376": {.. "message": "..".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. " message": ".... $START_LINK$Google Home ....$END_LINK$...... Chromecast ..$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\_metadata\verified_contents.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with no line terminators Category: dropped Size (bytes): 8873 Entropy (8bit): 5.784250383272806 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: [{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiO lt7InBhdGgiOiJfbG9jYWxlcy9hbS9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiZmxYTGNaVTNJSWstTnZiaDlMb0FDQl9lUDc0ODMtUmlkNXliYnQxczBRMCJ9LHs icGF0aCI6Il9sb2NhbGVzL2FyL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJKd3ZSZF9wQ1JYWEJtWXZRSTFpWVd3Uk1TRVh4QTNjVnRXV2F5amhYWVVFIn0seyJwY XRoIjoiX2xvY2FsZXMvYmcvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6Ik5FVEw0bjRHWTdGTUVyQnNWVFVpTDFoTERfdGVBRVJOSkVhZk5HT1FUZ0Eif Sx7InBhdGgiOiJfbG9jYWxlcy9ibi9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiWWtEUkRMZktna3h5QXFpNS1YNjN3VWlDYU9DaTJ3ZDg5cHp4dnBmMlR5ZyJ9LHs icGF0aCI6Il9sb2NhbGVzL2NhL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJuUUVGbHpDY2Jzdm5oRlhEdDd2aVZhZnQ2NWlXZFExTkdWc29idEVxVmRnIn0seyJwY XRoIjoiX2xvY2FsZXMvY3MvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6InhaWk1DMlNaT2ZiUl91bHRRWXNtWEdWUGZBaEJfVjNIdHVSeGlQMlhwR0kifSx7InBhdGg iOiJfbG9jYWxlcy9kYS9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiWlBQdnFIMVBHaFIxZkh6Qzd

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\angular.js Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines Category: dropped Size (bytes): 609224 Entropy (8bit): 5.410844677248803 Encrypted: false SSDEEP:

Copyright Joe Security LLC 2021 Page 35 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\angular.js MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: //third_party/javascript/angular/v1_6/angular.min.js./*. AngularJS v1.6.4-local+sha.617b36117. (c) 2010-2018 Google, Inc. http://angularjs.org. License: MIT.*/.'use strict'; (function(ia){'use strict';function Rf(a){if(fa(a))R(a.objectMaxDepth)&&(de.objectMaxDepth=fd(a.objectMaxDepth)?a.objectMaxDepth:NaN);else return de}function fd(a){ret urn Pa(a)&&0

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\background_script.js Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines Category: dropped Size (bytes): 2089 Entropy (8bit): 5.164133634887889 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: 'use strict';hb("mr.TestProvider");var ry,Aw,sy=hb("mr.Init"),ty=function(a){void 0!==a.use_views_dialog&&sy.info("Using the "+(a.use_views_dialog?"Views (Harmo ny)":"WebUI")+" dialog.");void 0!==a.enable_cast_sink_query&&sy.info("Native Cast MRP is "+(a.enable_cast_sink_query?"disabled":"enabled")+".");void 0!==a.use_m irroring_service&&sy.info("Native Mirroring Service is "+(a.use_mirroring_service?"enabled":"disabled")+".")};us().init();ry=new Ib("MediaRouter.Provider.WakeDuration");A w=new Rw;.var uy=(new Promise(function(a,b){switch(window.location.host){case "enhhojjnijigcajfphajepfemndkmdlo":a();break;case "pkedcjkdefgpdelpbcmbm eomcjbeemfm":chrome.management.get("enhhojjnijigcajfphajepfemndkmdlo",function(c){chrome.runtime.lastError||!c.enabled?a():b(Error("Dev extension is enabled"))} );break;default:b(Error("Unknown extension id"))}})).then(function(){return chrome.mojoPrivate&&chrome.mojoPrivate.requireAsync?new Promise(function(a){chrome.m ojoPrivate.requireAsync("media_router_bi

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\cast_sender.js Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines Category: dropped Size (bytes): 49641 Entropy (8bit): 5.3010524124405975 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: (function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.'use strict';var f,aa=function(a){var b=0;return function(){return b

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\common.js Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines Category: dropped Size (bytes): 40599 Entropy (8bit): 5.431223846320552 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 Copyright Joe Security LLC 2021 Page 36 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\common.js SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: /*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.'use strict';var k,aa=function(a){var b=0;return function(){return b

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\feedback.css Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text Category: dropped Size (bytes): 3116 Entropy (8bit): 5.0201551881561635 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: :root {. --paper-blue-500: rgb(33, 150, 243);. --paper-blue-500-dark: rgba(33, 150, 243, 0.87);. --paper-blue-500-light: rgba(33, 150, 243, 0.26);.};..body {. font-size: 12px;. height: inherit;.}..#description,.#required-legend {. margin-top: 22px;.}..#description,.#form-buttons,.#required-legend,.#title {. padding: 0 17px;.}...informative {. font-size: 13px;. line-height: 13px;.}..#feedback-confirmation {. width: initial;.}..#feedback-fine-log-warning {. color: rgb(219, 68, 55);. margin: 10px 0;.}..#feedback-type- toggle,..question {. padding: 16px 17px;.}..#form {. -webkit-padding-end: 24px;. -webkit-padding-start: 24px;. background-color: white;. color: rgba(0, 0, 0, 0.87);. box- shadow: 0 1px 4px 0 rgba(0, 0, 0, 0.37);. margin: -100px auto 48px auto;. padding: 34px 17px;. width: 720px;. z-index: 1;.}..#form-buttons {. flex-direction: row;. di splay: flex;. justify-content: flex-end;. margin-top: 34px;.}..#header {. margin-bottom: 22px;.}..#header-banner {.

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\feedback.html Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: HTML document, ASCII text Category: dropped Size (bytes): 15606 Entropy (8bit): 4.340710080778977 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: ... . Chrome Media Router feedback. . . . . . ...

. . Tell us what's happening with Google Cast.. .

. =h.length)&&(a.psdJson=h)}g||(b={invalidPsd:!0})}b=[a,b,c];d.GOOGLE_FEEDBACK_START_ARGUMENTS=b;c=a.serverUri||"//www.google.com/tools/feedba ck";if(g=d.GOOGLE_FEEDBACK_START)g.apply(d,b);.else{d=c+"/load.js?";for(var n in a)b=a[n],null==b||Sa(b)||(d+=encodeURIComponent(n)+"="+encodeURICompo nent(b)+"&");a=dg(Uf(e),"SCRIPT");f&&a.setAttribute("nonce",f);Xe(a,fg(d));e.body.appendChild(a)}};w("userfeedback.api.startFeedback",fh);var gh=function(){this.j=this.h= this.u=this.modelName=this.l=this.g=this.hd="";this.C=this.o=this.m=!1};var hh=chrome.i18n.getMessage("4163185390680253103"),ih=chrome.i18n.getMessage ("492097680647953484"),jh=chrome.i18n.getMessage("2575016469

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\manifest.json Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines, with CRLF line terminators Category: dropped Size (bytes): 2092 Entropy (8bit): 5.316299969845825 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: {.. "background": {.. "persistent": false,.. "scripts": [ "common.js", "mirroring_common.js", "background_script.js" ].. },.. "content_security_policy": "default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://apis.google.com https://feedback.googleusercontent.com https://www.google.com htt ps://www.gstatic.com; child-src https://accounts.google.com https://content.googleapis.com https://www.google.com; connect-src 'self' http://*:* https://*:*; font-src htt ps://fonts.gstatic.com;",.. "default_locale": "en",.. "description": "Provider for discovery and services for mirroring of Chrome Media Router",.. "externally_connectable": { .. "ids": [ "idmofbkcelhplfjnmmdolenpigiiiecc", "ggedfkijiiammpnbdadhllnehapomdge", "njjegkblellcjnakomndbaloifhcoccg" ].. },.. "key": "MIGfMA0GCSqGSIb 3DQEBAQUAA4GNADCBiQKBgQDNTWJoPZ9bT32yKxuuVa9LSEYobjPoXCLX3dgsZ9djDrWKNikTECjdRe3/AFXb+v8jkmmtYQPnOgSYn06J/QodDlCIG6l470+ gkOoobUM7f

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\material_css_min.css Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines Category: dropped Size (bytes): 322554 Entropy (8bit): 5.071302554556422 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low Preview: /*!. * AngularJS Material Design. * https://github.com/angular/material. * @license MIT. * v1.1.20. */body,html{height:100%;position:relative}body{margin:0;padding:0}[tab index="-1"]:focus{outline:none}.inset{padding:10px}a.md-no-style,button.md-no-style{font-weight:400;background-color:inherit;text-align:left;border:none;padding:0;margin: 0}button,input,select,textarea{vertical-align:baseline}button,html input[type=button],input[type=reset],input[type=submit]{cursor:pointer;-webkit-appearance:button}button [disabled],html input[type=button][disabled],input[type=reset][disabled],input[type=submit][disabled]{cursor:default}textarea{vertical-align:top;overflow:auto}input[type= search]{-webkit-appearance:textfield;box-sizing:content-box;-webkit-box-sizing:content-box}input[type=search]::-webkit-search-cancel-button,input[type=search]::-webkit-se arch-decoration{-webkit-appearance:none}input:-webkit-autofill{text-shadow:none}.md-visually-hidden{border:0;clip:rect(0 0 0 0);height:1px;margin:-1px

C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\mirroring_cast_streaming.js Process: C:\Program Files\Google\Chrome\Application\chrome.exe File Type: ASCII text, with very long lines Category: dropped Size (bytes): 36397 Entropy (8bit): 5.3050514645467945 Encrypted: false SSDEEP: MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 SHA-256: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855 SHA-512: CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E Malicious: false Reputation: low

Copyright Joe Security LLC 2021 Page 38 of 39 C:\Users\eyup\AppData\Local\Temp\scoped_dir7648_1370172304\CRX_INSTALL\mirroring_cast_streaming.js Preview: 'use strict';var vy={TAB:0,Um:1,Hu:2},wy=function(){return new Db("MediaRouter.CastStreaming.Session.Launch")},xy=function(){return new Kb("MediaRouter.CastStre aming.Session.Length")},yy=function(a){Ob("MediaRouter.CastStreaming.Start.Success",a,vy)};var zy=hb("mr.mirror.cast.LogUploader");function Ay(a,b,c){By("raw_ev ents.log.gz",a,b,c);return b?"https://crash.corp.google.com/samples?reportid=&q="+encodeURIComponent("UserComments='"+b+"'"):""}.function By(a,b,c,d){if(0==b.si ze)zy.info("Trying to upload an empty file to Crash"),d&&d(null);else{var e=new FormData;e.append("prod","Cast");e.append("ver",chrome.runtime.getManifest().ver sion);e.append(a,b);c&&e.append("comments",c);cy("https://clients2.google.com/cr/report",function(f){f=f.target;var g=null;my(f)?(g=oy(f),zy.info("Upload to Crash succeed ed: "+g)):zy.info("Upload to Crash failed. HTTP status: "+f.za());d&&d(g)},"POST",e,void 0,3E4)}};var Cy=function(){this.g=0;Vm(this)},Ey=function(){Dy||(Dy=new Cy);return Dy},Fy=function(){

Static File Info

General File type: HTML document, ASCII text, with very long lines, with CRLF line terminators Entropy (8bit): 6.000104499248153 TrID: HyperText Markup Language (12001/1) 18.75% HyperText Markup Language (12001/1) 18.75% HyperText Markup Language (11501/1) 17.97% HyperText Markup Language (11501/1) 17.97% HyperText Markup Language (11001/1) 17.19% File name: Audio_804.htm File size: 2416 MD5: e952e02f00148461d6ec78bee51a2555 SHA1: 5618b4895079e0f7de34c98cb9ea1d3e112a4421 SHA256: 2d8edc328f9ba84687d953b0a52aaf37fe144da4b2f0d3c 75885e48763e8ee99 SHA512: 8a9fa26290ccd587f99fe5e876ade3b4862ac151cf58c92 aa58143fc5f084523bdefe087a1c22b63393676bec867ba 031e43f5f0712ab412191e226ab86d0218 SSDEEP: 48:XhmTGoyH5kWQV1COFF8fm9HJH19HJW9HJu9Ho 1R:VH5kW2C01aeo1R File Content Preview: .......... ....

File Icon

Icon Hash: e8d6a08c8882c461