Edit tour

Windows Analysis Report
https://www.ultraviewer.net/en/

Overview

General Information

Sample URL:	https://www.ultraviewer.net/en/
Analysis ID:	1373365

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Creates files inside the system directory

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 1368 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.ultraviewer.net/en/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5428 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1804,i,16945670540944234940,16362104419648313103,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.ultraviewer.net/en/	HTTP Parser: No favicon
Source: https://www.ultraviewer.net/en/	HTTP Parser: No favicon
Source: https://www.ultraviewer.net/en/	HTTP Parser: No favicon

Source: unknown

HTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49911 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49909 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49912 version: TLS 1.2

Source: unknown

HTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49911 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103

Source: unknown

DNS traffic detected: queries for: www.ultraviewer.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49909 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49912 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_1368_1866682719

Source: classification engine

Classification label: clean1.win@14/226@14/175

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.ultraviewer.net/en/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1804,i,16945670540944234940,16362104419648313103,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1804,i,16945670540944234940,16362104419648313103,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact	Resource Development	Reconnaissance
Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	11 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	2 Encrypted Channel	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Abuse Accessibility Features	Acquire Infrastructure	Gather Victim Identity Information
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	1 Non-Application Layer Protocol	SIM Card Swap	Obtain Device Cloud Backups	Network Denial of Service	Domains	Credentials
Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	2 Application Layer Protocol			Data Encrypted for Impact	DNS Server	Email Addresses

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.ultraviewer.net/en/	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
scontent.xx.fbcdn.net	31.13.66.19	true	false	high
accounts.google.com	142.251.163.84	true	false	high
cdn-aws.ultraviewer.net	159.223.149.135	true	false	high
www.google.com	172.253.62.104	true	false	high
clients.l.google.com	172.253.62.102	true	false	high
clients1.google.com	unknown	unknown	false	high
clients2.google.com	unknown	unknown	false	high
connect.facebook.net	unknown	unknown	false	high
www.ultraviewer.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.ultraviewer.net/en/	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
142.251.179.95	unknown	United States	15169	GOOGLEUS	false
159.223.149.135	cdn-aws.ultraviewer.net	United States	46118	CELANESE-US	false
142.250.31.113	unknown	United States	15169	GOOGLEUS	false
31.13.66.19	scontent.xx.fbcdn.net	Ireland	32934	FACEBOOKUS	false
137.184.91.152	unknown	United States	11003	PANDGUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.253.115.100	unknown	United States	15169	GOOGLEUS	false
142.250.31.94	unknown	United States	15169	GOOGLEUS	false
142.251.16.94	unknown	United States	15169	GOOGLEUS	false
172.253.62.104	www.google.com	United States	15169	GOOGLEUS	false
172.253.115.97	unknown	United States	15169	GOOGLEUS	false
172.253.115.94	unknown	United States	15169	GOOGLEUS	false
142.251.163.84	accounts.google.com	United States	15169	GOOGLEUS	false
172.253.62.102	clients.l.google.com	United States	15169	GOOGLEUS	false
172.253.115.95	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	38.0.0 Ammolite
Analysis ID:	1373365
Start date and time:	2024-01-11 22:33:01 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://www.ultraviewer.net/en/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@14/226@14/175

Warnings

Exclude process from analysis (whitelisted): SIHClient.exe
Excluded IPs from analysis (whitelisted): 172.253.115.94, 34.104.35.123, 172.253.115.95, 142.250.31.94, 172.253.115.97, 142.250.31.113, 142.250.31.102, 142.250.31.100, 142.250.31.138, 142.250.31.101, 142.250.31.139
Excluded domains from analysis (whitelisted): fonts.googleapis.com, edgedl.me.gvt1.com, fonts.gstatic.com, www.googletagmanager.com, clientservices.googleapis.com, www.google-analytics.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://www.ultraviewer.net/en/

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9834617062021453
Encrypted:	false
SSDEEP:
MD5:	FE4CB60BFE6A2E76905437B224AC4A8B
SHA1:	96A400AE5B07ECA8220F19D6BC1443C2C7B37C38
SHA-256:	F7DC7FE807BAEB6DC5524F0FF8FE8DA9023BE3C847F95E8AFB36CABDBE57D699
SHA-512:	05DDDFAF7E98E1D2F91B31AC79B9A2A836DE7CB427022DFAD3050CE0B0EF05D0933FAD4F8C43E158339E84FFD3909B55856B2B0EFD757FE03322ADE215BC6A1E
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,...../...D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.99902409299203
Encrypted:	false
SSDEEP:
MD5:	049B1996C7E9C5B379D17F46C43B09B4
SHA1:	DA2BE20E9AEED341AEB76A7DE4F0319CCAA851A7
SHA-256:	C37FFD48A706C40DC5F47F805186A288A4640E58DCB6C2230FF538834DB55186
SHA-512:	490BD340ED38D37FD8CC94C9A0C5538F5A34FE95DFC22D06DADF3344BBAC1B3DD6C6D27695C09F870841F300B34A786B6A7841B2F98CF4969E0A73BA4178B8CD
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.........D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.007696770296936
Encrypted:	false
SSDEEP:
MD5:	1A332896D70AB1FC8705304D98C8BF66
SHA1:	0AC0387667466B5037B05105E2C33A060AAA8650
SHA-256:	DF930DF8E76B913E62A00CB7D8C69BEB78FF9AED8C4AC10F9DC6E7C18804F4A4
SHA-512:	C87AD5ADFECAF81E38E97D66FB535BD9F789C781B8CA932218C09A96FF9DA243CEB27342D8B65ABBBD26B6340A4E1E2C77A697F4FEE49D02C8E9AF5E01131EC6
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9973715840869564
Encrypted:	false
SSDEEP:
MD5:	08FB8AF2A478359D186403948050AEDE
SHA1:	10928916F1B4B0CAF065D19EBAC9135E2D451525
SHA-256:	D7389CFC88E07483B21CFD9B1FBF15550D91E23CA62DA7A3224E1D6F05CAB013
SHA-512:	80554B37C91AAB5FD1871880AE8B4B18C0580BF055F67FA475507E45E519A8E59D1A24E64BB53721F1B8A23B5CAA88685868B1997C84F62227BEDBF6F25ADD69
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....w...D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.986172489092828
Encrypted:	false
SSDEEP:
MD5:	7E1706FE63F147B47E7DECA80EA10E91
SHA1:	F2DA24824B8CBB8E354D094E793051BE72EAE814
SHA-256:	B3FABC027DDD6A54C5E4C470D85E0AB96E4D1F5680268BDA947CE0693A195D3F
SHA-512:	7A9F60F44E16A694F21ECF287753EC00F419BA5B44F046ECC0837FF3C3DE97D6388165EB62E19B0F6E644A1D57CF179A0416491F51625817FEF6A5E99A8ADFD1
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....%...D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 11 20:33:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9963018857161403
Encrypted:	false
SSDEEP:
MD5:	0A24AEA1A19858B2B6E5A96FF3D4C5A4
SHA1:	C7EC464C1FE8B7CDD3BE10482F33788A674EB7F6
SHA-256:	1E17F8280040676BA33C05E0BFC536AD523292F3170C95A4DE8998BE1B9A709A
SHA-512:	924260D071BEB91E7410D47D335CA5D905FD0ADE00A6698417D2B3DEBD805CD7EFE724BD5564BCF2AAC96F6EC2AE27687E892D6232F4E9870EC901B0E43393BB
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....O...D..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I+X'.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V+X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V+X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V+X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V+X/............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............)......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 58 x 58, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2568
Entropy (8bit):	7.612534958207389
Encrypted:	false
SSDEEP:
MD5:	2C823874A90E531F468A21D0188D7CE5
SHA1:	5480634060E586E86C12B46F69515E67D0D4D2DA
SHA-256:	09C5950DD911B5D7F2647DE135F453015915404C66C7F9354CCDA1036230EB84
SHA-512:	3077A00AE66A339A8678FA5B5D972496DA40F0A354A4F5DC5FB035B53138FF318D455AE407414B7EE8C767C545A1A1166989788535E36B2040119CCEF8FBC1D7
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...:...:......J(....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:6EA19CF3DE6311E2997080101E562746" xmpMM:DocumentID="xmp.did:6EA19CF4DE6311E2997080101E562746"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6EA19CF1DE6311E2997080101E562746" stRef:documentID="xmp.did:6EA19CF2DE6311E2997080101E562746"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......~IDATx..{HdU....:::..*;A..ZSP...!..A..A.,A....GTB...cB$.. ....e-hhR...C1.um}m.o.m..q.G.c...6....X.=..3{..s..<.

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1391
Entropy (8bit):	4.985157585580186
Encrypted:	false
SSDEEP:
MD5:	ECED4D1DE19CCFF762AA0C0C41683FBF
SHA1:	D26DB2BFBA4C46D50790D401A7EAAAA108514E46
SHA-256:	E16DE1384321BD8D510BC8B2BC30BFB8C075F64D81541CEC6BDE4212FD455D14
SHA-512:	D518CF003AA606D34FA19A1BA9D2048C636B9D412059D8E5E72AFF0A830789AFA3AEF35AF1156607497DB9A46965980928201BB7DE897FA91D1AAD2FB827A911
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/topmenu/topmenu_gzip.css
Preview:	/* Dropdown Button /...dropbtn {.. /background-color: #686868;/.. color: white;.. padding: 16px;.. font-size: 16px;.. border: none;.. cursor: pointer;..}..../ Dropdown button on hover & focus /...dropbtn:hover, .dropbtn:focus {.. background-color: #ddd;..}..../ The container <div> - needed to position the dropdown content /...dropdown {.. position: relative;.. display: inline-block;...float: left;...padding: 0px 0px 0px 0px;..}..../ Dropdown Content (Hidden by Default) /...dropdown-content {.. display: none;.. position: absolute;.. background-color: #f1f1f1;.. min-width: 160px;.. z-index: 99999;...box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2);...margin-top: 4px;...border-top: 1px solid #505050;..}..../ Links inside the dropdown */...dropdown-content a {.. margin: 0;..border: none;..display: block;..padding: 4px 12px 4px 12px;..font-size: 11px;..color: #fff;..background: #454545 url(../images/spacer.gif) no-repeat center bottom;..wi

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1293
Entropy (8bit):	6.803670257641756
Encrypted:	false
SSDEEP:
MD5:	F49EAED4DBA010A6A60C124850E6A5B0
SHA1:	92AD327ECEB87BD6BEB4E0969C89FAFCFF95D9D3
SHA-256:	F629FD7E9AE4A6BBBE7239B9F789DA7AACE8BD4EC94A5A1A54A62FDA01E521D3
SHA-512:	96E053CF144641423DA8A2310E475F359F151A563DE8052D72E3655748904D40C79F582AAB1B8ACAE59D9678DE56FCD624A70F2A5A974C3D6E875FC960A23EC6
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF4DB930E2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF4DB931E2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF4DB92EE2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF4DB92FE2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>[.V.....IDATx.R.j.P..<...Q..E!".v#..\|.....?..~@..+i.Mi5..E..A..G...T.t6.w.93gNF....1......h4.J.r......^.......+.QH.D\.X

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 315 x 190, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	9521
Entropy (8bit):	7.949309168138699
Encrypted:	false
SSDEEP:
MD5:	1C331B98A5FA6AA42708CE0E28303D72
SHA1:	FC2AA9B95F5C6077DDFADBC7E5659A8E4B9AE595
SHA-256:	88D3EDEFB31D2B4AFCFE08E8A89914FA3B18C56C3D0231F821A1B2633D1FE99E
SHA-512:	DE2456AAE08CBB34D1D4C7F9A32F0B23908461BA731FC66BFDF2C613C9B1BC0B11D2B793024B1DC541D97BBAD2B3B3CB0CA2E91C435D546BBFE9FBE5FBEB6D0C
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...;..........?O....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:EC75A2AFE2E111E295A6F59474B38855" xmpMM:DocumentID="xmp.did:EC75A2B0E2E111E295A6F59474B38855"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EC75A2ADE2E111E295A6F59474B38855" stRef:documentID="xmp.did:EC75A2AEE2E111E295A6F59474B38855"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..._..!.IDATx..].v.6..[...?..K.3..` ,.[.......M.@..o............zWx2&...[...?..../....M.....e/.J.e..#.t:.......>...k

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1316
Entropy (8bit):	6.868966485740872
Encrypted:	false
SSDEEP:
MD5:	594ADEEE8B12E382C5F4F9FCE674A0AB
SHA1:	A00D6270DC4298E1CFC25C23D11376ADCC8EF001
SHA-256:	F26B7A8C11B9B792B5C36320D7CA14892F36B25144DCE4791EF856F261CD623D
SHA-512:	4E35B55909B3E6C40C673900F4B1BF514EA0F326FE71CBA8B7E8F758353FDBCAB35A23D95B987A929653724BDBDB1683C06241EC3D6535647883AD8C6C941DC3
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/top_si4.png
Preview:	.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF86F1A1E2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF86F1A2E2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF86F19FE2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF86F1A0E2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>~.. ....IDATx.R.N.@...>LZM...e....0....L..(q..P...M..@L........ x.I.N{.w..$I.%.?J^o........v.Z...`0`A..b..8..q.V(..m

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	7561
Entropy (8bit):	7.94765125694092
Encrypted:	false
SSDEEP:
MD5:	3845A544E2EDC47C4884BA9E8BDC4A59
SHA1:	D31BA1A40FECC36E2E1E769B3A3A367AA166420F
SHA-256:	4FD3A0491A2C3DFE7E930E0A916A2B78BF601466E967B6AA5DE5A83222EA6B4F
SHA-512:	2DAEBC58E6BD4CA42CF0AD0327F8C6BA9602C9E1D140887490EFF4BBC5C7965612C6A75F3C0013FCEB59B5AEDA1A9E3EE70C030437559E8C92F49B47DFB86AD5
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/home/file-share-icon.png
Preview:	.PNG........IHDR...@...@......iq....PIDATx..[y.\e..o...;.$...B..$!@'....D....<..2.. ...a."".H.&$.,.8r..A\!a9.H.....t..Z..}.U.<..3..:y.....{............k_._....\|......>..7...^..;.......x../o.......I.w...........?9...s.r.[.........5.C.......m.?..._.{..3z?.W..v"%.....<.e5.......u.{......{.@...g..}y...{F......+.9q(X....k.+.o.5.........5..{/....+.68....@P)B...J...,.....A .X...`...>k........`...}\|.....cz..........w.b.$O...=...g.........=...o.9.KO..s..KC.E.]..RB............z.@....<...:..k..\|~."o.UX.9"..0..F..~.(.KP{...............p...5..dr..J..q6^..~I.G...z+.\|5.......j8G.D@@.5i..b.+.........h....]........X.../.r.....5w.g..D./.^.2....u.z5x....@..".........m2.:.9M.r..BU.....2..?....]..I........8...h.{...M.8.$..r....\|.rS...8.\...~9.a.......X.y...b..0PP..c-..-.@......~L.C....3G^..%j{....2.......J%. .O%3.JA..a.6.O....;......i'..L6..T.</..B.....TI............B\.~..H....rX.Q.B.7...J......6G..F\|U.<.7...u$*.....e...^i..=p.....K.d..{......)..D@Lj8.?.

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 10 x 5, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	943
Entropy (8bit):	5.836843928845756
Encrypted:	false
SSDEEP:
MD5:	30BC70DD5FEECA7790C4E5DB9F052763
SHA1:	4ABF9E2468A65E030C35C2E76F5C4C2FAC78BECA
SHA-256:	E7DEA787A5F4A8EAB26BBFF86CCC9BE8385E54BC0BE7AEEA1204D978F8157DA0
SHA-512:	A78762AEBF5EAFB9A315DD02588CC8FAF473AC5AA2169346875E15529A2A537B6939107523BC0F98CA0866A4B86E22F12F30C819290D2482321A9105039D8D0F
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............\|d}h....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:FB7021A9E51B11E290B88987BB5E52F5" xmpMM:DocumentID="xmp.did:FB7021AAE51B11E290B88987BB5E52F5"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FB7021A7E51B11E290B88987BB5E52F5" stRef:documentID="xmp.did:FB7021A8E51B11E290B88987BB5E52F5"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>H..n...%IDATx.bd``Pc .0..<....U.B......... .....\w.......IEND.B`.

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3780
Entropy (8bit):	7.870846299577784
Encrypted:	false
SSDEEP:
MD5:	AD24C16EE551568039001F6E52D83CBE
SHA1:	CB198C62F4009A565BC94AD475A85B3252E56852
SHA-256:	57A2B751D42F5F532C317271C78776D18F48B705102E62907E7708A4BCE99C15
SHA-512:	3348D746E4DC322FE9700A11289DA819B96C1B01D7CD751D43EDFF11D6F629D37EE3958368D48927EED97BFF134473C0824A442725287E7D44B1EEBE6C602D19
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/home/window-remote-desktop-icon.png
Preview:	.PNG........IHDR...@...@......iq.....IDATx..{t.....sw...MH...y.$D $...y)...?...i...F+......"....V.ZAD...~&$..j6B...V.J.s7...w...;3..\|.E.......~....wf..~.E.....r.@g.@g.k.Xc......k....O.,.H..../.....!...........hg....Ij...!...5c..!.8x........RYY.999........'...EB...\|..GQ..m+.+.G.....Q........... ..(Xj.....)v../....sBiy9....N........tBCs.7..b..g".../q..A..".V...e........e..$.C.;.c.... --..(,k...L8..7$......C.C.-.m..8.&J....;.d...pYV..._R..=..c.$@..!PUUe.PRRB...;...z......#],n#M.2......@...iWt3k..>.j?.IFZ. ....-....>.w.. 77...!.9v@.\. .~.P."... ..o;C.#.(l.5.(.u&....Q.N.....0........P..0...@...V..1.X.G."u.A2b............`.<0....M<....]1..in.8r(TWW[....k.*..j.b..G.!n..!TOpl.9@;.....!.n....G.?.r=.i..k.......#N.....HN...T.L.V...=.. 55...V.s@.\j....... ..E.F.>.Z.k....... ....... ....uE..$b.2..\A.!.O...>q09g(.>}.m......1..N?. .6....^..1.Bk..~}.....\|.{...?......z.........f.._.h.NQ..p.....l.4.Z......9.....jn.....kKC.m>.&..M.E..O.eH......L..N..k.+..

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 90, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1037
Entropy (8bit):	6.211738798420359
Encrypted:	false
SSDEEP:
MD5:	0CD6B83F144D4559AF0F3A1E3C8CCFAC
SHA1:	F66ACBDED998767B8E22126467BAA743C254BF7F
SHA-256:	AB4B59C566062E671B43B2CC57C690E10EA8E3030F3BE0282C034C547248D69F
SHA-512:	7A1C9C8FEAF08A2797CD444134E699C211D6434EAD6EC488368A59BF4E93C0FC7ECD86D21BD141A8AC6D072C87C037BA4BD9EAA5E17D57BAFBA4874C46B17DEC
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......Z......k......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:9461BAC5E51D11E2AF14C3160922EEEA" xmpMM:DocumentID="xmp.did:9461BAC6E51D11E2AF14C3160922EEEA"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:9461BAC3E51D11E2AF14C3160922EEEA" stRef:documentID="xmp.did:9461BAC4E51D11E2AF14C3160922EEEA"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......IDATx..[.. ............>...vv.M...9gf".:=..k..H..b.....l[.."8_.5U.2Vi.e..T.....L...w...v.[ew........D..a.....

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32089)
Category:	downloaded
Size (bytes):	92629
Entropy (8bit):	5.303443527492463
Encrypted:	false
SSDEEP:
MD5:	397754BA49E9E0CF4E7C190DA78DDA05
SHA1:	AE49E56999D82802727455F0BA83B63ACD90A22B
SHA-256:	C12F6098E641AACA96C60215800F18F5671039AECF812217FAB3C0D152F6ADB4
SHA-512:	8C64754F77507AB2C24A6FC818419B9DD3F0CECCC9065290E41AFDBEE0743F0DA2CB13B2FBB00AFA525C082F1E697CB3FFD76EF9B902CB81D7C41CA1C641DFFB
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/universal/jquery191.min_gzip.js
Preview:	/! jQuery v1.9.1 \| (c) 2005, 2012 jQuery Foundation, Inc. \| jquery.org/license.//@ sourceMappingURL=jquery.min.map./(function(e,t){var n,r,i=typeof t,o=e.document,a=e.location,s=e.jQuery,u=e.$,l={},c=[],p="1.9.1",f=c.concat,d=c.push,h=c.slice,g=c.indexOf,m=l.toString,y=l.hasOwnProperty,v=p.trim,b=function(e,t){return new b.fn.init(e,t,r)},x=/[+-]?(?:\d\.\|)\d+(?:[eE][+-]?\d+\|)/.source,w=/\S+/g,T=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,N=/^(?:(<[\w\W]+>)[^>]\|#([\w-]))$/,C=/^<(\w+)\s\/?>(?:<\/\1>\|)$/,k=/^[\],:{}\s]$/,E=/(?:^\|:\|,)(?:\s\[)+/g,S=/\\(?:["\\\/bfnrt]\|u[\da-fA-F]{4})/g,A=/"[^"\\\r\n]*"\|true\|false\|null\|-?(?:\d+\.\|)\d+(?:[eE][+-]?\d+\|)/g,j=/^-ms-/,D=/-([\da-z])/gi,L=function(e,t){return t.toUpperCase()},H=function(e){(o.addEventListener\|\|"load"===e.type\|\|"complete"===o.readyState)&&(q(),b.ready())},q=function(){o.addEventListener?(o.removeEventListener("DOMContentLoaded",H,!1),e.removeEventListener("load",H,!1)):(o.detachEvent("onreadystatechange",H),e.detachEvent("onload",H)

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1880
Entropy (8bit):	7.343599551607813
Encrypted:	false
SSDEEP:
MD5:	C4ED2835DBC872E66AF68F09CF38E983
SHA1:	CA3124D25D3D39A20A5BE2CAD9B6376C97B19DD8
SHA-256:	5D278FD1EF8F5E708CB824FC7F89C4D0E48D4DF596196F21BCFDEDA53A3613F2
SHA-512:	3642748311ED4EEA08652F5A56AA4E168435AC1765326FC568523D3ED380DDF1FFA69EC3C07657090875F6DF537D66D6CA187CA6FECD95F2760E035575FFD50F
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.../.../.....s'......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C469A2F7E2E111E29028B5CC73DB5C73" xmpMM:DocumentID="xmp.did:C469A2F8E2E111E29028B5CC73DB5C73"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C469A2F5E2E111E29028B5CC73DB5C73" stRef:documentID="xmp.did:C469A2F6E2E111E29028B5CC73DB5C73"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..0B....IDATx..-P.@......jP`P.`....<.xjP`....5Ea........`......L1.\....^n....Kv&.nf.<.......f]D.$..G.T.....3..E@.X.B.

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1256
Entropy (8bit):	6.753748897817563
Encrypted:	false
SSDEEP:
MD5:	851A1DA173CF8FC1018A41D9292D04BC
SHA1:	1F4E3156CCCE85E55A7CA50185B80FD6EE298E3E
SHA-256:	13C03D0497EBCFBD7B72A83061E3593C39EE46D646DFAB26F7819222002B22E7
SHA-512:	3345378C56F2E4843697145F6C5D28EC00F016A7973CD890D28370A150F838A4AE38C55F2DF0C2B5CBD80EFD90BE32B529D585B851E99036C7B1A39023DD4686
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/social-icon4.png
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:138E3783DE7A11E298348EC6CA2C4608" xmpMM:DocumentID="xmp.did:138E3784DE7A11E298348EC6CA2C4608"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:138E3781DE7A11E298348EC6CA2C4608" stRef:documentID="xmp.did:138E3782DE7A11E298348EC6CA2C4608"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>U......^IDATx..K.1...&...."*.A..."(8...k7.....I.3..[Wup..D.'.D.T:..A..j.7.N..Z..........8.rY...D.>.5.q..T...1...)G..k

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 40 x 90, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1755
Entropy (8bit):	7.302042396729564
Encrypted:	false
SSDEEP:
MD5:	4FD66937DDDE25A3E7C975BBA4E1C223
SHA1:	C9BE1A9BE02202B557C5DC7DFAC1529CE13434CF
SHA-256:	C5D8DEDF9AEB4E45B1A7A98988206408DD0B9B7CF505DEBCBCF7A483F7B3C53C
SHA-512:	47A8867DAC89FCB3C6F1B7B802F2340B2E646666A16647EA7B0BEA0069F5962C27EED385AB3B1E490BEC349ECFFF3818FEDD38102134993AC0C94AC2BBF686D5
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...(...Z.............tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:BD98CEB1E63911E29DD7A38565FB0E7F" xmpMM:DocumentID="xmp.did:BD98CEB2E63911E29DD7A38565FB0E7F"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:BD98CEAFE63911E29DD7A38565FB0E7F" stRef:documentID="xmp.did:BD98CEB0E63911E29DD7A38565FB0E7F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>t.\....QIDATx....0.....PX..7.........r..J\..7.....B=...f..d..H.).....g<..)x....)...q.b....n.K........j..9.N.T.....

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1131
Entropy (8bit):	6.482059871374059
Encrypted:	false
SSDEEP:
MD5:	CED2772979CA0E1D52A9FC5BE83B1727
SHA1:	F906C1D5C642F8A6045F3C9F602AE0086CFA5F5B
SHA-256:	5636669C72371D30CBDB9466E144A78797760C9FBDE2A76746334F69D07E428B
SHA-512:	D8CA929F94F22DA1F79CFA8694316B939707A72D80EB5AA6F19B218EFC63469FB2A58840497EE57951A473CAA4C1C1E8A535A7A0FB50EB009BE0E50B00DDEFF1
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............Vu\.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DECDB083DE7811E282F694C34A24D0BE" xmpMM:DocumentID="xmp.did:DECDB084DE7811E282F694C34A24D0BE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DECDB081DE7811E282F694C34A24D0BE" stRef:documentID="xmp.did:DECDB082DE7811E282F694C34A24D0BE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..y....IDATx..j.P...DR....(}.....C'....P.:...k..}.uq.O..&..]..uwQP\...N 8(9..$..&..<..S.+d9.&.7.w.;.e...,o...KV...P

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1427
Entropy (8bit):	7.019217539541492
Encrypted:	false
SSDEEP:
MD5:	6199A3BC2A57E7CAF9846CBCA6CE8C38
SHA1:	3B8867AFD7E1FB07D9C48AC9B9776F218A8EBE51
SHA-256:	C1E2119409CABECECEE42FDEDE926C0AA042317A7F954FFB5A631499D7E4F5A1
SHA-512:	87361860B5B73B5E6ED1E318A1B70220C000416A51AF0ADA1926E19543DFE82A16F369A3446BD294F793A647F202542E758F4884063243AA0199AB9FA78C6913
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/top_si3.png
Preview:	.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF86F19DE2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF86F19EE2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF4DB936E2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF86F19CE2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx..=..Q...\|$.L&.801.".H..*.J....v6Z...$..J..........%.!.!......\|...w$i,v..g.s...{.(..M?}..l6k.\....;.V.c.^

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:
MD5:	5C7914A399A50124D9D7F052FF8D5F8D
SHA1:	7229ABDEB209E0A5DCD821A5B751054253F6CB03
SHA-256:	5C6400593EB22D155DEB13D15E8C7825B45953B3541A48019792FF9057AA8FC6
SHA-512:	A9B86B4058B1BFD7CBE4D4CAAA75500B14A8B6FE0AC456F385D5A81EB96344F70626FB21024EEEBE3A3143BEDFBDCDC372F51B2404096DA40B58E561C56CEC72
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAk8ZeG7vBYF2BIFDRcQTe4=?alt=proto
Preview:	CgkKBw0XEE3uGgA=

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3
Category:	dropped
Size (bytes):	1854
Entropy (8bit):	6.917208989691094
Encrypted:	false
SSDEEP:
MD5:	39FFD175538CC7AEADB44F50C951ECA1
SHA1:	D2FBE6BBB2695E87A5F52280EEB74A3B0599572F
SHA-256:	2313512380F0EF924EA55D84E23AF8FDCBF40B6D4DBA4F39C6A310E03DBB1296
SHA-512:	7F76A04DACF33125E4F1EE3445A56D4DC436847AE1494FFB0D275C8787B0ECBD63A6629E153AD11CC6AFB34AA703A7BA6AA23DD756EF132BF4F02ED69DF628AC
Malicious:	false
Reputation:	low
Preview:	......Exif..II*.................Ducky.......F.....mhttp://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:EA0624A2E2D511E2A2F1DEDFB0E2F987" xmpMM:InstanceID="xmp.iid:EA0624A1E2D511E2A2F1DEDFB0E2F987" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...............................................................

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x500, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	27948
Entropy (8bit):	7.9924947425463655
Encrypted:	true
SSDEEP:
MD5:	BDB1256CB4668C3012EC5369BFECD1BC
SHA1:	3822E817DEB90B5CFB8F628BC485261636209BCD
SHA-256:	EE5653DD1175EF96379F665AC90574D0F90E4C9157A28035D3FD17270BEB5CEA
SHA-512:	40541E50B4BDA7780FFC39614B7D4D223A86C945182D76282F589A4AACA0D1D39D1CACF437790B474391FA9C11C4428BE0E24B69D91B137A59275B74A2FFC5C1
Malicious:	false
Reputation:	low
Preview:	RIFF$m..WEBPVP8 .m..0~.......>.H.L..#+!.hy`..gn..<...O....RUN..j..Xq.....\|k..9.A.-e...{.......{.<........{.5..?.z..;.N.....\|...............g...~..s.[..~....../.c...?............../.......{....M......?..ut..c.O..&.o......~.z.X[.......W...?.xW..P_.........7.>...{y..._...P.A...G..............A.......o.<......3..........s>... pi.t4.....\..7.?......,O.-..P.G.....Fd.7."L......p.H.;c..x.K....[...f.a.>].(....7........)G...._.t,...e..i.<B.._O9n...N.K#._Nvi.....4..y.LfRT..3W..[W..:."n......u?..#...}:.jN.$.Vjod5....h'.k.,&.\V...#.^g..h.....2....N....88P...q...8..9......4B^.1.l\|.[....bX6..j.....?...&.d>z.1o..D..6.eu..,..).....=k.H!...zv.$.....'./3.....'!.w.....t.\.S.$$..-....;%..j}/.w.....uG.8.L..~..B.h..~...B...].L....h...[H~......g...m?@..<.WyX.f+.6..y#O\#..."..P....a+.@.\4......]....2]y.&..D.P.D+muKk......S`..x......p3.....k6..9.:Q.e..G?.....)..V#.x...l.....(.a..<....I.........`M0D......b......c......[...H.w..B...q..b.Ymw......*.sk`g.\|..(...

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2698
Entropy (8bit):	7.615394138279834
Encrypted:	false
SSDEEP:
MD5:	8ED318419502F05FAF6F31A20CF09149
SHA1:	AB857000BB2E90B1D7DDBBD3A2E697ECEFB1FD58
SHA-256:	D411A883CF2E510B7DF4878E3D7D6C4156F70BAF3364523241D6E98116B0043B
SHA-512:	1DDC016B179862B2440DAFCD9B2387C6907820A3CE01C9EFA4EE4A33BB5A716FDD0C87C38537A74959D1BB77D18A240141687B9DD187B8B908837CF9BD7C5ADA
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7CCA40B6E46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7C0B84A0E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.N.Z....IDATx.Wkl.U.>3.....}o[.-... P,.(.*4.b.!.!../c

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6869), with CRLF line terminators
Category:	downloaded
Size (bytes):	17331
Entropy (8bit):	5.4940113122997305
Encrypted:	false
SSDEEP:
MD5:	A32F049A77974F646743FE2A4055A47E
SHA1:	CF174DB59A35F9228F0756E9908AAFB4250337B9
SHA-256:	81005379B1CE39D2B075FC9A52D4E0E2D82BFAC3271D22301BC791260DCC0561
SHA-512:	8D3D584ACCD918E0E0A0C558CB7B82D6C730009FEF3826CCF39ACFFE5D703873F6CF3B6A37FE2F4C2A1FA560DD0AB5C5E48B9676D686559AC2E13A028EB9F30B
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/revolutionslider/rs-plugin/js/jquery.themepunch.plugins.min_gzip.js
Preview:	/******************************************...-.THEMEPUNCH TOOLS Ver. 1.0 -... Last Update of Tools 28.03.2013..******************************************/...../!.. * jQuery Transit - CSS3 transitions and transformations.. * Copyright(c) 2011 Rico Sta. Cruz <rico@ricostacruz.com>.. * MIT Licensed... .. http://ricostacruz.com/jquery.transit.. * http://github.com/rstacruz/jquery.transit.. /..../!..jQuery WaitForImages....Copyright (c) 2012 Alex Dickson....Permission is hereby granted, free of charge, to any person..obtaining a copy of this software and associated documentation..files (the "Software"), to deal in the Software without..restriction, including without limitation the rights to use,..copy, modify, merge, publish, distribute, sublicense, and/or sell..copies of the Software, and to permit persons to whom the..Software is furnished to do so, subject to the following..conditions:....The above copyright notice and this permission notice shall be..included in all copi

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	2056
Entropy (8bit):	5.200833525729719
Encrypted:	false
SSDEEP:
MD5:	3A1C23DCE4C65F4A87C444D929342924
SHA1:	AD52EEA34B4F71EBD3CE9DC0D672BD98FFA45A9A
SHA-256:	ED268325F04E9B8C8070FF13315A3E77D65D3BC88DDCF949F35055690A34913C
SHA-512:	FA1A53D9CACC831C14D3F52549B58ACD506C7197A0CFFF10ADE2D91756C28EA0776BD7CA36606B91267484C2ACC39A705879E9F5653E68284DC6647C035F5043
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/revolutionslider/css/fullwidth.css
Preview:	/-----------------------------------------------------------------------------....REVOLUTION RESPONSIVE BASIC STYLES OF HTML DOCUMENT....Screen Stylesheet....version: .1.0..date: .26/06/12..author:..themepunch..email: .support@themepunch.com..website: .http://www.themepunch.com..-----------------------------------------------------------------------------/...... /*******************************************************************************************....-.SET THE SCREEN SIZES FOR THE BANNER IF YOU WISH TO MAKE THE BANNER RESOPONSIVE .-.. *******************************************************************************************/.... /.-.THE BANNER CONTAINER (Padding, Shadow, Border etc. ).-.*/....... .fullwidthbanner-container{....width:100% !important;....position:relative;....padding:0;....margin-top: -20px;....max-height:405px !important;....overflow:hidden;....background: url(../../../images/sliders/revolution/slider-bg.jpg) no-repeat center top;....borde

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13165)
Category:	downloaded
Size (bytes):	304370
Entropy (8bit):	5.503431950786741
Encrypted:	false
SSDEEP:
MD5:	4344E7C89ECC4BD66828F3657F003839
SHA1:	7098F1F4A49CC8A42F29DAE759E6670163EA66F0
SHA-256:	625286758A22D7384A8232B5BEC5D4E000D15F399E7009F4E8E739B77274EED5
SHA-512:	CA4204477167105363317660CDA7999576DF71A0A51A92FE506A55C8A35464A421A472174A1B3308078256C2C931822DC7A9ED4E26B0D97A5C1B0B81D329EA8B
Malicious:	false
Reputation:	low
URL:	https://connect.facebook.net/en_US/sdk.js?hash=4cc4493715d4d76a9f9ea0bd6910d823
Preview:	/1705001629,,JIT Construction: v1010774876,en_US/../*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved.. . You are hereby granted a non-exclusive, worldwide, royalty-free license to use,. * copy, modify, and distribute this software in source code or binary form for use. * in connection with the web services and APIs provided by Facebook.. . As with any software that integrates with the Facebook platform, your use of. * this software is subject to the Facebook Platform Policy. * [http://developers.facebook.com/policy/]. This copyright notice shall be. * included in all copies or substantial portions of the software.. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS. * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR. * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER. * IN AN ACTION OF CO

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1393
Entropy (8bit):	6.996993667584285
Encrypted:	false
SSDEEP:
MD5:	879ED8C6B09181F4010B6C5256D9F237
SHA1:	42677C5D505F7499BB786E3589A0342560C681A3
SHA-256:	C2FFA6AA3A16650381B0C094CBC82362D2152CA20147116E103FDFC362AAA5BF
SHA-512:	9BD5490A22B2934E8236A12EC2D06FA2D5BB3C2078D22CC9630D483D0BD0A8080DFE599D4A2BBA1EC482A32762B427A315DF6D1BA6D31ECCB09867DC438630BF
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/top_si5.png
Preview:	.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF86F1A5E2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF86F1A6E2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF86F1A3E2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF86F1A4E2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>?.......IDATx..KK.Q....4w....nZj..v...uYK.]....o.w.N..B7..$..JQ..QLR..\fr.\..t.....>r8.{..r&.h4...dq..7.l..,.J..7..f.

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 40, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2340
Entropy (8bit):	7.550520325371966
Encrypted:	false
SSDEEP:
MD5:	C11903E874C3AEFE8285A5DDAC70CF31
SHA1:	93E1B559AECAACD014AE56D48C08BEFA0F8C5A3B
SHA-256:	49A22943625EAA958CD4F7E0CC4C5495452573ED9D18A4A6B7337760A747AE7F
SHA-512:	86B6F96E5A526EEBF8E92D6852381FE07AF2E314DC835AD71C978BA3387287AC18E83A2A27BB5FE45B41F67F9DE4C5C9FC1BC06606A03305A99452920CEBE855
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...x...(.....5.>%....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:FD41336BDE8011E28D4EC08B01E5CF1B" xmpMM:DocumentID="xmp.did:FD41336CDE8011E28D4EC08B01E5CF1B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FD413369DE8011E28D4EC08B01E5CF1B" stRef:documentID="xmp.did:FD41336ADE8011E28D4EC08B01E5CF1B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx..[Mh$E........3..x..).........^.......$x0...Q.xP...G..E. ....I6..4..4I.$&......g.]..........z_..

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1233
Entropy (8bit):	7.773231974777998
Encrypted:	false
SSDEEP:
MD5:	B84E764079D81661FD6D3822539C0A6C
SHA1:	E80B30FE36606E95CC1F11842FD319ADE3E26E39
SHA-256:	C4D3832FB20517BBD18BC0A543BBA43C3662ABB1572797ADA20FABB6DB0AE315
SHA-512:	6889A1EE30F95CF1115E5876293B8C2B48F362E60E21A1F2741ED0B6FF4E49C1147031BB1231EA05A3EFFDC3779CCEA89EB8A8702DF99999CBDC61B3B87D5C07
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/greyscale/easy-to-install.png
Preview:	.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<...sIDATx.WIHdW..58.F.58k.........FE.J..t6....EC\d.d.& ..!..P#.. ..B..KPQ.l.r....C....-...EU.\|x.....{...tssC..d2Q..b..&%%....V..j....N...^....uxx..\|.L...p.DGG?p8.O+*......sm........W...\sss?...z..LNN.......V....[=.LQTT.mlll...}....................o...\|k=""B[...\|111....'0..t:.......:......)..."##.c%.H.`...C.../.....c..d............U.X.;jjj4@..o.............w'.V.....=...U.0..........vww5@.Ze..b.......w..SXX..[...... P.....(...R]]...Q.?.v333....=....9....C#..L!.fffhuuUc.3.vvv...!...\|.m3.k.....%...S\|.".B(.m6.UWW..i..F..8.........':0.......8...k5B...\.-. .........H.).. >>.. j,.}'''.@r>--.!o...3...*.jMA..i...@....n.Soo...VD._!.!...'.X.4Jsafss.zzz..rQVV.....R^...1!.aK.1.B....T..Hq..o..,I.V../d0\7<.FU(..."U.d[JJ.V....o...../..5....f.....]..:@$$$PUU.........5.}r.lq........E..;..FO..%=.........q.i..<@....#w............}.`.~}`K.,,,....7.@..8.s~..........YZZ...jW..7K466vK..M.....@. ...Wk....Ow.

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	4293
Entropy (8bit):	4.957796747834386
Encrypted:	false
SSDEEP:
MD5:	67138AC18F582361A75799BD8D8B0130
SHA1:	0BBF84DDC096B20E4DC18E0517119D56713F5498
SHA-256:	7D3EAC9FB94FCC6D78F4B51F40F6CB0E0D677B010F291D2057AB9458F515E327
SHA-512:	D8059B9CBD79AB067C84CB415043CE4E058BABEE74E28D1446C78151EE394C910A93B25CAB29A78C5C663A76A7A0098E70BC08C274D7247259D34D604DA5F025
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/jcarousel/skin_gzip.css
Preview:	.jcarousel-skin-tango .jcarousel-container {...padding: 0px;...margin: 14px 0px 0px 0px;..}.....jcarousel-skin-tango .jcarousel-direction-rtl {...direction: rtl;..}.....jcarousel-skin-tango .jcarousel-container-horizontal {.. width: 100%;...text-align: left;...float: left;..}...jcarousel-skin-tango .jcarousel-container-horizontal strong {...font-size: 12px;...color: #333;...display: block;...margin-top: 40px;...font-family: 'Open Sans';...font-weight: 600;...text-align: right;..}...jcarousel-skin-tango .jcarousel-container-horizontal i {...font-family: 'Open Sans';...font-size: 10px;...font-weight: 600;...color: #999;...display: block;...margin-top: -6px;...text-align: right;...font-style: normal;..}...jcarousel-skin-tango .jcarousel-container-horizontal p {...text-align: center;..}.....jcarousel-skin-tango .jcarousel-clip {.. overflow: hidden;..}.....jcarousel-skin-tango .jcarousel-clip-horizontal {.. width: 100%;..}.......jcarousel-skin-tango .jcarousel-item {.. width: 43

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	334
Entropy (8bit):	7.103902253394033
Encrypted:	false
SSDEEP:
MD5:	0415E7B35F9BC9C0112C267237A5DAB8
SHA1:	8331264197C49769E0278ACFB02C6A4A636398F9
SHA-256:	C28FE26A9B3D14A73390E3183CFB25B63BA48E92D7ED86F815FD306BC15AF84B
SHA-512:	F974FE3AA004B33AB06C65CF73F67E7756D99CE7A2863095E07EA653FF2213B8A529AEF5D2F17EAB4F9E41EC0DC251867DE5CBFF8D575528AC0CE525A89EBB39
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/greyscale/experience.png
Preview:	.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..W... .,...?.......&.i.x.H"r.e.}...>:..&...'.@k....L...w.^...]$4.^.h(,.'\*Y..@.7=...xV.........~.r...X:..G.....(.(.;..G.\J..xD...L;i9RCv\|.._rf4....1.......<.A.3..N..T.i....GwVs..K.../H...2+....I...x...2n......T`.k..{.-........Bb....IEND.B`.

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 12 x 7, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1009
Entropy (8bit):	6.114511469801055
Encrypted:	false
SSDEEP:
MD5:	78F9A53DB1B8A1C624C6B6A09F5EA7E5
SHA1:	7B02296ABED6BCED7647DF9FB4F7706952A14A1C
SHA-256:	631CB804A6DC250BF97E9E1E2998D78DD7C8AE278D975C79B99DE06CB3212CEF
SHA-512:	9B9948CB01D86C8C3B416F4C6779656A3216AAAEFD04895676F4AC2F11BE1CBBE98AD9717FDBD40EE9FDF2D38F1B9E7E5E5E7F977AF14D6E93B2A6EB56E5DF04
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/menu-arrow.png
Preview:	.PNG........IHDR.............<..$....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:0A47B0C3E46011E28325EF947EF503E5" xmpMM:DocumentID="xmp.did:0A47B0C4E46011E28325EF947EF503E5"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:0A47B0C1E46011E28325EF947EF503E5" stRef:documentID="xmp.did:0A47B0C2E46011E28325EF947EF503E5"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>*..P...gIDATx.btuuub``......A......n@....o@.......4...R ...LH..4-..E0...$..G@\...@.......`...x".$..O.4..&..`.Z...._.....

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3323
Entropy (8bit):	7.710693431615424
Encrypted:	false
SSDEEP:
MD5:	CA86F5DB84FA0C962DB731D708388D97
SHA1:	315649FF97383FD3E5FE2B08B090C4109E079590
SHA-256:	F14C2D894A1BBD27974821F6A0461E9AE759D99425EAEE3132EFC16EA3994E37
SHA-512:	12C860A49A17F5E21AA6BDEBFCC2F5BB7921FD4BF122EEFC17CECFE9A8904DCC1D112E447AD2DC25F1D67F750068EEAE9859F8D145A8A46FFC23258781CB140C
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7DCBBEB7E46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7DCBBEB6E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.(.....-IDATx..WYlT....2.>^.7L.A4x..*RH..5Ti.-.DQ"R.

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 5 x 8, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1076
Entropy (8bit):	6.086271248906207
Encrypted:	false
SSDEEP:
MD5:	2895ECB193C7382C42D0099E0B963853
SHA1:	0BA26A6513F19A9E241048AF0F47F60AD5F192C4
SHA-256:	BB2C8C0B659FCD7D4879F18B39C19989480E50764D28116EDD817F66BB6BF08F
SHA-512:	8FB832585628B413972718781929054E6CA9100076DBB606CA8BE844C4BF7DF7ABCDFA9C226818B5B1F4CCDA09C7CC01204025A7B209AD04A24FA7891F6BE008
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............1.5;....tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7DCBBEB3E46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7DCBBEB2E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>X.....fIDATx.btuu=............E.x5..!..A%...<Xp.]7..

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 25 x 19, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1378
Entropy (8bit):	6.920811491935039
Encrypted:	false
SSDEEP:
MD5:	27883A5B8AF38DA4097C37D61EE15426
SHA1:	5848F429B7A0034368DEB7C4906C12C58ADA67C7
SHA-256:	20B740059FE7F8A5F2A940EF3841AD8A27ED878F10416374545A4964D1F3B285
SHA-512:	9E6824E1C31C3DD31132948E3727E92D28CE0A62D27317F2191BE62FA1E9F8BD71600F7B86991DA6134A6660A5BCD4228D504668D1C013313099DF52FBFB05DC
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/quotes2.png
Preview:	.PNG........IHDR.............er......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:231D25A3E31411E2B9C78CA8BEB6E30C" xmpMM:DocumentID="xmp.did:231D25A4E31411E2B9C78CA8BEB6E30C"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:231D25A1E31411E2B9C78CA8BEB6E30C" stRef:documentID="xmp.did:231D25A2E31411E2B9C78CA8BEB6E30C"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx...+Dq...1Q.$JBfA6.......V,<..........)Y....@6.BV..W..Ch...{.\....{....y.=.w....i.T.NP......1pc..t._.xa

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 25 x 21, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1380
Entropy (8bit):	6.889801663963832
Encrypted:	false
SSDEEP:
MD5:	B69676EB375D512A9412EE08235B47BF
SHA1:	33A7B6E0C096FA1190AE6C502C36F66AB09D9569
SHA-256:	01933D471BAFE9EDC7B3F87E97317C0ACA4B3222284DA3174BCF28F6D4E27A59
SHA-512:	FE7363CA85E2D8D6F771047B9E27616A17C305A7E538B1BFF987AC5A64464E0E768B8E4571C77B2663911885DC59DC43E954C9860A1C9B789B253E46D49B05A9
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............+E.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:E829403FE31311E2BD7689B58604BC66" xmpMM:DocumentID="xmp.did:E8294040E31311E2BD7689B58604BC66"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E829403DE31311E2BD7689B58604BC66" stRef:documentID="xmp.did:E829403EE31311E2BD7689B58604BC66"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.<n.....IDATx..K(EQ...9n.L..&R$...P..1.L.....d$yE.....2RR..I$&.....JW..R.Q....c..>...n.....k.u.H$.)T...*.....C..9..

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	1969
Entropy (8bit):	7.348767453604753
Encrypted:	false
SSDEEP:
MD5:	9B329720751608C657EDDA315269D9CF
SHA1:	D92DA25CE9C4F41BCFB45AEB64F5DC4BD1547FBA
SHA-256:	FC4C5AA9FABAF2D362E1D1ED1DF6AB03A74499BCADFEE0E7AF4FDA22FC22AC99
SHA-512:	5B6DD6107451AE56CB25113360BC201C14FCCFE205D5110CEB6726C79CADEB9B2C8A61E9AE636C0E92C751B7CD0D988DE7CB6CA9EC5DC50516D2D00CF6710656
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/site-icon27.png
Preview:	.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:08F1B215E2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:08F1B214E2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...;....IDATx..YKjQ...Wi.........\|...W./.K......h .

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1686
Entropy (8bit):	7.838211845852403
Encrypted:	false
SSDEEP:
MD5:	0237BDECD6C1665A4F4984936B590BC4
SHA1:	B09F5844F87170F3BA4BDCD06C57D65ABE71467E
SHA-256:	248CD4D5EA440511B37899AAF5D7329516F8027CB22F1DCC27D6D39D18C2772B
SHA-512:	152AAC836CBE4ED64E27C0B9818BC5FBFE7FA7B0049FD69009DBD88AEAEB3464EF4AECC97E53A55CC0218E4988273D74082D1DA8F4A291A824AE000A4918F862
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<...8IDATx..{h.e...s...sv..7r^...g.&L.A.dQ......#.(..RQT.C..?..0.,0\..'..#&..6.E...n:w;;s}./....s~...~.<...\|..}.kzz........JSSSc...Lff.IHH0..............y..z{{G.6._7.....[&//.dgg....5w...".....111a.s..f....1.<...O....$%%.2w..r65.p.....r...~u.....INN~.55u.}6{.............l...'..._.}..eee.z.^. .F.zzz.n.........<z.......}>_....IOO....(..V...1.&.\|....z...........eE.e.,X.Gx...J.C.m9.......!.,,.x..................K.z..q....G...l...5....].zu..e../.....c...)....j.8..13.iY..7o...K}.....qs..m.....C..LII.".u....#.......7...1..P.dT......5e..W..X:!Y.&J1bY.F.........3..Z.`.=kJJJLEE.eI.jC....X.I'...O.....<.......}....dP..PG,..D...gB5}..qt. ...UTTd.hmnn..w{{.~...@i.a..uF..p....<Va.&3...q......v.......C.2~..\.r...ttt......q.........o.........c."...XD.&T.#6DbO...]]].0....w........#CP~.....F........h!..n.K..S.".8........m..3...SV..6=Pf.{.0..^..)...hd..}../ ./^4.....jz......X....a[.z

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	6312
Entropy (8bit):	7.901884136191714
Encrypted:	false
SSDEEP:
MD5:	46214108E0DB37FBE0FAD3B1188E1F68
SHA1:	D473BFE775E869A09C6079739692ED2578FA1700
SHA-256:	B6E6DB1187B2ACF27AC1CC81E8EEFD091BF34E9FCAF0F04BCE7F0E5DA11CD61C
SHA-512:	CFC38ED316B18164472A30618076EA149F762E154C5FBB243133F874747E2E8AF28499960322A2362F541BFC4327D62A2AA4662EAE300754BDFD23ADB64CF90B
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...@...@......iq....oIDATx..[..]e...o_{...N.....!..M.(...D....d.QA<.......2..Ga.$...P...-.H d#Kw.[z.~.......}...!`.0...Mw..~.........>~..1...1.....(d.....q..&.........[.1.a\|..iF...f.. .o....]C....[........q.....A.6s&6L.J...aYE....f.Q....0uuu..&.o.....Z[.Zd^s?.N....5.g1V.g.x<......e....s.. ...~.y..v9.n..w...D2..X.B.0....?4.......>.[..W...~.....?N.p2.`\|.....x.e..K/_..jjiLE........[.Ug.C....d.y)....8.....c.....=E.W.......d.....!...?2..z......}.&.....P.Y..k].9...:.....7p......d*..]p........_..v..S^$.q...e.j..2.<^/]{....e..........;...j...L..:.\|.!P_......+.H`...J.....h:...z....3O.%..92....j.&F]aq.\|..[a..Y0k.$.....p.a3...}.s..Z....".a.e.....L. %g..........?.^...{.b..'F3.~.....2...[q..4sJ....n...v;.l.r......`.1G...S..L.f@F1 .Jc2.....I..`<....Vlc&<...p...:}.Y.#....../..A...7.i.`.).....;.Np.m.%N........c.[...@.d_.?.@.@1!.....X<........~....w.B....................3fL..@...7.<.r:..P...:.A..............k?...3 ..dJiB<..X<...A:\|....x......

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1310
Entropy (8bit):	7.766384028147226
Encrypted:	false
SSDEEP:
MD5:	D50D47D9923CAF6F153ECA98B821671A
SHA1:	BF5DBA0EA05880495C691ACE07E5334E85FF3E03
SHA-256:	652AC68A5DB02C5283FC329528B4A7D5ECABEC88F4D49AEB5A60631C456F0CBE
SHA-512:	990004EB4CDDA5EDDF77418C8853BE5EDF0C742191F5BB50E980F1DE60FFF7C98E4ED8D8CB8B17EC672E4759105E4F0AF555FD1FFD7100D8408D78DAA1D24AF9
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.V[H.U.^....%/X)6). ..1j....D.0..2..".=$.....LB!Rd..............BJ....E.3........+...mX.....k..[k.Jk-g......J).^..A.0~.K.c\|..$.......}........J9...........O0W`.\.{...=._b.}.......CL..4.....@N.J9<<....7..W\|..:....`?.a...jRRR$55U..........."""tFF..Jz~~>\|qq.. .....02.A....&77W<..,,,HHH......p...+...j}}....b........-~6..{.A..III...'....T......dffj^\WW.....sz``@...$&&..w.#..1./.@.,.Y^^...>...#]]]...U"##.........m...T....v.%::...y.I\|....NC.#.....^.......t.K{zz4..K5...idGG...-.X.4.....A.."0.\|.#.'w@D.R....].....WWW.]...........Z... ..j.S.?..?!?.b..P...T.tpp ......#...B.........`.....dzz.Z;.........^.~...r..i...u1]....Kdff.WLjP&.....2..1l.@>.b.....e......Z..p...Bc.....7fl.7.. .#\v.......$.$*.7..G X..y..=......9..I.R..._.S....-..QDtHP.$9...g>.\..k..I.\dx!yB..67.BX...\|.`...a....Fyx...h.7.< c&''}c....\p.. j4S.>n.E.=.p...A~GnrV...1...L.......B.8cBW.j.....#\|.u...T(ma39.......

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1400
Entropy (8bit):	6.954417504413543
Encrypted:	false
SSDEEP:
MD5:	6BD8543ABB382E162B5E8B1BC77FD527
SHA1:	040998E7A237F93D8E38181A4FF11B4B43C009ED
SHA-256:	B53F352BBA1DC48BEED06680F2F28C4FDA20F452F3E337890D1B455468E1C2AA
SHA-512:	661AD9C2EE8080E8369F164DB8765534FA8509CBB1AA4B3390790C51805B5A4F54CBF037F8919F9B77FC37B5B84D69897D984556D65F49F41FBDEDE3A8191776
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/top_si2.png
Preview:	.PNG........IHDR.............;.J....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DF4DB934E2CB11E2AC98DF8B3826C87A" xmpMM:DocumentID="xmp.did:DF4DB935E2CB11E2AC98DF8B3826C87A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DF4DB932E2CB11E2AC98DF8B3826C87A" stRef:documentID="xmp.did:DF4DB933E2CB11E2AC98DF8B3826C87A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...F....IDATx.SKK.Q..s.Qqt..LE....].*\...~...E..}..6P....QGgt.....cS.....;.w.#x.....j..\.."......2.f3..t.b.`.PH/.JG.^.c

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	6630
Entropy (8bit):	5.108846038361713
Encrypted:	false
SSDEEP:
MD5:	227B4EFD92735A5DC57DCEFF6361536B
SHA1:	36EC9A976A74E5E387764C8E5AE56333E733C6B7
SHA-256:	26B9E00213443AD97A65A6B6A43C34FEA09696540559B306D6246624931E6867
SHA-512:	2A69727E7183F1E968848049D33B295959E5CDE5620537BDB4B6780988A1A0051973A641B6375495AA4DB73B530595746F404CC6ED12A072E5D6BE2B3EB752C2
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/css/reset_gzip.css
Preview:	/* http://meyerweb.com/eric/tools/css/reset/ /../ v1.0 \| 20080212 /..html, body, div, span, applet, object, iframe,..h1, h2, h3, h4, h5, h6, p, blockquote, pre,..a, abbr, acronym, address, big, cite, code,..del, dfn, em, font, img, ins, kbd, q, s, samp,..small, strike, strong, sub, sup, tt, var,..b, u, i, center,..dl, dt, dd, ol, ul, li,..fieldset, form, label, legend,..table, caption, tbody, tfoot, thead, tr, th, td {..margin: 0;..padding: 0;..border: 0;..outline: 0;..font-size: 100%;..vertical-align: baseline;..background: transparent;..}....body {...padding: 0px;...margin: 0px;...line-height: 1;...background: #fff;..}....body, input, textarea {...font: 13px "Trebuchet MS", Arial, Helvetica, sans-serif;...font-weight: normal;...font-style: normal;...line-height: 22px;...color: #727272;..}..../ Headings */..h1, ..h2,..h3,..h4,..h5,..h6 {...font-family: "Arial";...font-weight: normal;...color: #454545;...text-transform: uppercase;..}..h1 a, ..h2 a, ..h3 a, ..h4 a, ..h5 a, ..h6 a {

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	7215
Entropy (8bit):	5.160920003483505
Encrypted:	false
SSDEEP:
MD5:	F337887E5ECBE7DA8651CBD51E6727C3
SHA1:	ECFC411F7FB645A6D793DA0233C7E39363E14C82
SHA-256:	0173B867AA0B0F3855728E8062B528DA52E2FF7ED55DF09D170F5999E6C3B45F
SHA-512:	6E5E17C27B87198D4C7C1D15C8B272EAFB647D7883A0465290F79F974538527B1BA7FA02477C6ACAD6D2E367E729B644AE3D1EC95CF6D8FF5EA75FB8550A9ADD
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/mainmenu/ddsmoothmenu_gzip.js
Preview:	// Smooth Navigational Menu- By Dynamic Drive DHTML code library: http://www.dynamicdrive.com.// Script Download/ instructions page: http://www.dynamicdrive.com/dynamicindex1/ddlevelsmenu/.// Menu created: Nov 12, 2008..// Dec 12th, 08" (v1.01): Fixed Shadow issue when multiple LIs within the same UL (level) contain sub menus: http://www.dynamicdrive.com/forums/showthread.php?t=39177&highlight=smooth..// Feb 11th, 09" (v1.02): The currently active main menu item (LI A) now gets a CSS class of ".selected", including sub menu items...// May 1st, 09" (v1.3):.// 1) Now supports vertical (side bar) menu mode- set "orientation" to 'v'.// 2) In IE6, shadows are now always disabled..// July 27th, 09" (v1.31): Fixed bug so shadows can be disabled if desired..// Feb 2nd, 10" (v1.4): Adds ability to specify delay before sub menus appear and disappear, respectively. See showhidedelay variable below..var ddsmoothmenu={..//Specify full URL to down and right arrow images (23 is pa

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2532
Entropy (8bit):	7.5695863641020065
Encrypted:	false
SSDEEP:
MD5:	D0935324B48240317B50FE6EA099B0F9
SHA1:	77F2002D4CCCFB4475707B17057FF317076EF5F6
SHA-256:	A8C83968A805D951A8262B1580E16856984E41D253C5BEEC7017835DCBFFF25E
SHA-512:	C391471FB66A8AB6D0414F09262B0804FC95D1744E63853D698B5FCFFFBF55E872DB5CDD25B15797E82A89B69EB432ADE782F3E1821638E33F154EC66BA46BDC
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/host-includes-icon1.png
Preview:	.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7C0B8499E46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7C0B8498E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......IDATx..W]lSe...o{..um7.Q.[.Y.6...C....#Q.x'

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	2415
Entropy (8bit):	5.090209404343178
Encrypted:	false
SSDEEP:
MD5:	636B42352A470D61319A2E6E878F24C2
SHA1:	347B92251E6BCBF6570F9074DD536360366EABAB
SHA-256:	532B90B24D3ED2696331E46929E9A77D42A1C27D078B7D6667497080FB160160
SHA-512:	25FCA720133213BDA6EB0D082F21F5DE4CDC53FDA9F548F17D9923CFE1FA757FAD31CB15AAA44615EFBD7828CC0A78571BB935A7CCB5CDF7859079E8C8EEBCEE
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/page/home.js
Preview:	//scroll up.. $(document).ready(function(){...//slider...$('.slider_button1').on('click',function (e) {... e.preventDefault();..... var target = this.hash;... var $target = $(target);..... $('html, body').stop().animate({... 'scrollTop': $target.offset().top... }, 600, 'swing', function () {... window.location.hash = target;... });...});..... ....var tpj=jQuery;....// slide banner....if (tpj.fn.cssOriginal!=undefined)....tpj.fn.css = tpj.fn.cssOriginal;......tpj('.fullwidthbanner').revolution(.....{...........delay:6000,......startwidth:1000,......startheight:425,..............onHoverStop:"on",......// Stop Banner Timet at Hover on Slide on/off........thumbWidth:100,.......// Thumb With and Height and Amount (only if navigation Tyope set to thumb !)......thumbHeight:50,......thumbAmount:0,........hideThumbs:0,......navigationType:"none",....// bullet, thumb, none......navigationArrows:"solo",....// nexttobullets, solo (old name verticalcentered), non

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	984
Entropy (8bit):	7.735263361527396
Encrypted:	false
SSDEEP:
MD5:	A73BD6DF6CA28AAD4FF328911CF8E00C
SHA1:	7EDFFA3641EA0EE5A302486035D795A1CD5EB5A5
SHA-256:	32BAC65C869081C40BB243D665269295323CD383E00D0467C40C59D97B1B87A7
SHA-512:	8C5CA63E4B92F6CAA078F20A44932F86522CC4FAF00FBD1E280F2EADBCAEF8459F72850F0FD0EC4B46D152B917C0A7C248211E26ED4622AAC863E774ADFCF81D
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...zIDATx..iH.A...]K.......Z.-......JW...n.... ..$....b3..P22.....#..N++Z"........e.v..C.?.y.g.y......D4G1F4S1.....8...-(<.0\;^..<P.nK..... ..f.7H.qcS.....v7..K`!........A...Z.Xp...n_.....0.G`c..$..A{.].&...w$u.F&...$..C5l..A=..E...v..d.[.r@..v.".....o..U....A...T.+R.....{.1.A_W..v./.n........>\|..:./.d..Ve.x.-.s).,.N....L...J.<..IJ(,..H......c....^.K....q.u..t..r-..;.2..!.iX.2..b.........=..\|.X.7....G!.....ht..Zz.F...;..:....n...nqN9.....J....O.89(%...qm..aW...w..x...p.b...Z......N.....4..K=......#.r...dZm.m....s..........DQz....s"...<.....^..V+.D.\P....9\|^..0$...l..Ql\.."...z.w.$r..e.yl..%.0.....L.R0../..<tfm.R...V...XO..JJ....8.>./.:..<......P..Z0(...fG+)'n/.H8.....C...`1B..wj.R.Q.25.5..B5.Rt...\..I.:M....)......../q=...........I.]...t...z.@L.w..I...f.u!..by...c..;../...(Wc....G>..g<O..Q.cZ..Jb.......(.r%......L.$..r...w...../....". z[!.....IEND.B`.

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	939
Entropy (8bit):	4.811473071614874
Encrypted:	false
SSDEEP:
MD5:	668F5D40A0E1BA1AB13BBF104CBCFAB0
SHA1:	5E40F241A3B84DBD159E86AD63789CBDA78431C3
SHA-256:	56B9B957ED6E124B5059FCCF47C9820B5BEE5A5360C3F8C4399123FD928AB64C
SHA-512:	511061D2201C463403E37D51B39364F3AC04F90089E303BDDDB0C4FBB2689A79FEA0C64640A980251149E25F5F2F72242EA0A621A30BEFBD08215E5A59BB81D8
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/accordion/custom_gzip.js
Preview:	./* ---------------------------------------------------------------------- /.../.Accordion.../* ---------------------------------------------------------------------- */......(function() {......var $container = $('.acc-container'),.....$trigger = $('.acc-trigger');......$container.hide();....$trigger.first().addClass('active').next().show();......var fullWidth = $container.outerWidth(true);....$trigger.css('width', fullWidth);....$container.css('width', fullWidth);........$trigger.on('click', function(e) {.....if( $(this).next().is(':hidden') ) {......$trigger.removeClass('active').next().slideUp(300);......$(this).toggleClass('active').next().slideDown(300);.....}.....e.preventDefault();....});......// Resize....$(window).on('resize', function() {.....fullWidth = $container.outerWidth(true).....$trigger.css('width', $trigger.parent().width() );.....$container.css('width', $container.parent().width() );....});.....})();..

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 270x270, components 3
Category:	dropped
Size (bytes):	5070
Entropy (8bit):	7.486579518517788
Encrypted:	false
SSDEEP:
MD5:	A509DAAB56DE29A764762C2A9A3F97E0
SHA1:	5AD5561AE27F623E2D1A9164F74FFEA162B3E087
SHA-256:	492745496E88F96A10263A6DEC125E8FCC872184F3C611756CFB6DD56CA66A58
SHA-512:	8D72A7F773603EEF10147DBAB8554E7D2969340174E38AB036B96451609BD7E2188B6C1EEDE125F27F0ABB5C8CB56F70EF5BCBFDD2222B2543AAB54C09B66980
Malicious:	false
Reputation:	low
Preview:	......Exif..II*.................Ducky.......F.....)http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:581CC345DE6811E28DE2C4216B8D0DC0" xmpMM:DocumentID="xmp.did:581CC346DE6811E28DE2C4216B8D0DC0"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:581CC343DE6811E28DE2C4216B8D0DC0" stRef:documentID="xmp.did:581CC344DE6811E28DE2C4216B8D0DC0"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Category:	downloaded
Size (bytes):	102
Entropy (8bit):	4.748358249927075
Encrypted:	false
SSDEEP:
MD5:	2B222D3E6F15C9B6D6142B008A6E639F
SHA1:	D12C41C9757EAB80F6A8995974D11AD3A6DCD6E0
SHA-256:	625607C8CE9F2B0B1EB7232DDE49DD88D14ADF849178067F10B761657B215AE8
SHA-512:	2F249A390FA5B9AF387F31E9469CD9E9126306E5DECE6186B151FE2D788620FFA0A41F1875B55B8A05391AF572C0EA10C402CB2162C7A35156CB48A60C17C998
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/api/display_login_info.aspx?lang=en
Preview:	..<a href="https://console.ultraviewer.net/?lang=en" target="_blank"><strong>Log in .</strong></a>..

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 550 x 300, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	91952
Entropy (8bit):	7.9928783603906775
Encrypted:	true
SSDEEP:
MD5:	2015E9C637B41F8123D0CFBD29BD1561
SHA1:	B34D4332F819C70E28C6CF9E420EEABCBCD95F58
SHA-256:	C79CFC4C349192F32BCC56FC95724AF748419B42AC8BED2B29DA3DA754806F98
SHA-512:	DD896F78A59F0B16E5D5AD602F60E754BC02987FE6ED474BD27D00837DAB4CA455D7363AF6723225CAFA30CEA7F34B199196F42EEFE8AF3371DBBBEC53F12995
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/home/remote-control-software.png
Preview:	.PNG........IHDR...&...,.......x.....tEXtSoftware.Adobe ImageReadyq.e<..f.IDATx..w.\.}&...{zr..`.s`.i..HY..m...t...{...w...{......9>.k..%J"%.")."A.$2..af.L..3..o\|U.gz..`..P.>.r.o.[U.n..~....8...O6....@.u..........8........=..P....&..T.....].d.?..L....i.y...O.....B^.]4M.K.F._...i..g.'.^M.........a..7..z........9-0...q/...U.q..(V.....-..d&...'.[@X. ..B..@........0fW.R.I..>]7e..pp.S.D.EA2..#.N....r)..r.o..G.j..D./o.k...P$...C...y\.!...".....e.pH:.lYI...Q.n.[............q.c...;x.+;2.6..Dq...O......f...T\...$&.i...+.$j.Y#......z.-x.A.4?h.?3.K...v>.'...,J..X.5...hY......&}.N...-CY....].wd...+.......(...Pf;..kD.....M.u....T.7c..-.....>..'/.}.F.l.h...4........k[.{...-.....\..t.,RdF..D...C...gjj.===.q#..0;788...^<..CK"'..x..TM.V.A......I....A..5..Kx......[.....-....S.y.A.....H....{....#.z......g,.V.."..`L....Nln...&].2...~.K...g.{..;.?.&...d.ZR...mb&..7.G...[6.n.H7....I...@ .3.&...\|..i...pa.x.....Ll..<....L`rr...V..]O~..W......O=....X..\|:..A$..H.... .F<...

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with very long lines (302), with CRLF line terminators
Category:	downloaded
Size (bytes):	1168
Entropy (8bit):	4.978415345967992
Encrypted:	false
SSDEEP:
MD5:	BA86141EAA9DF12545F94A14A3139E30
SHA1:	D6195E6E93F576AA9E9055F0BE8DDAE255593109
SHA-256:	E1BE0578A0C36063F6FDECBCFB2151F0BC8366610E9C13329F3FFFCC601F1453
SHA-512:	FDBA49976D1554ADC5C0907AD512064877256E551DC05D3FEBB1B89AAC2D8E7D6B472A6C4AA52ED84B180B4CF2486D5012D5C9D7745DCF09ECC4B4CD1D318E4E
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/accordion/accordion_gzip.css
Preview:	./.ACCORDION /.....acc-trigger { cursor: pointer; display: block; margin: 0 0 0 0; width: 100%;.}...acc-trigger:last-of-type, .acc-container:last-of-type { margin-bottom: 20px; }...no-js .acc-trigger:last-of-type { border-bottom: none; }...acc-trigger a { background: url(../../images/accordion-ico.png) no-repeat 20px 13px; display: block; padding: 11px 20px 11px 50px; text-decoration: none; text-shadow: none; font-family: 'Arial'; font-size: 14px; font-weight: 600; color: #727272; border: 1px solid #eee; border-bottom: 1px solid #eee;}...acc-trigger a:hover { background-color: #eee; }...acc-trigger a:hover, .acc-trigger.active a, .acc-trigger.active a:hover { color: #25aae2; border-bottom: 1px solid #fff; }...acc-trigger.active a:hover { background-color: transparent; }...acc-trigger.active { cursor: default; background:#fff;}...acc-trigger.active:last-of-type { border-bottom: none; margin-bottom: 0; }...acc-trigger.active a { background-position: 20px -58px; cursor: default;.}..

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3512
Entropy (8bit):	7.7480698482352945
Encrypted:	false
SSDEEP:
MD5:	B196B88B4662F58284ABA1253D7632D8
SHA1:	4FF42EFEE6F337D33C5531A5C862E692AEFA81A8
SHA-256:	FBDC1C0B8C5AF97B7720C36F92E3AD0C899AFCEE96C1C0D49D9B3374D330FD2C
SHA-512:	20F9EFC1846D666F3EAA3992383484CF22C9BA55DD7E5D5C7B4A3484280A546DE5785A44695849EFC8B042141B2ED5DE1A4518242BE868C4674492CC10C23CD2
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:7CCA40BAE46211E28F5EBCAC7CDA5A39" xmpMM:InstanceID="xmp.iid:7CCA40B9E46211E28F5EBCAC7CDA5A39" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7AA1CB465FE4E2119FF2EE4D58CFE928" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.\|WyP....=.3.0........x.........u....r5

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1175
Entropy (8bit):	6.623592656242711
Encrypted:	false
SSDEEP:
MD5:	B81ADF2DBC894795540510779E4EE5A9
SHA1:	2569CCF0E3B481E6B9EE7BA6E559CDEF846C206E
SHA-256:	DDB241AAFBBA62C3709C0A1C670362BF68079B1AA9EB2EBFB2BF741AD6FEB31A
SHA-512:	7905E34533BAFA53940EB6C5BDDAA8991FDBDF4E4CDEC428B0E9AF4F1AF704D99D188D5023473FCF90692D83A345C733B5A24E0D310B81001B9DE119590433E3
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............Vu\.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C6C1B8C7DE7811E2B408895C7451B749" xmpMM:DocumentID="xmp.did:C6C1B8C8DE7811E2B408895C7451B749"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C6C1B8C5DE7811E2B408895C7451B749" stRef:documentID="xmp.did:C6C1B8C6DE7811E2B408895C7451B749"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>U.......IDATx.l.1KBQ.....Xj .!N9......@".\m.Z.....[A.V4..!..C...C 5.A....x..^...y.}..L...U.,....np.'<*...=.....p..{}g.

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 115 x 77, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	16995
Entropy (8bit):	7.978908836150592
Encrypted:	false
SSDEEP:
MD5:	13AFD4E014AB196A6C338E9E0C13A226
SHA1:	773266E89C0A0095953CEBE1A84FDC31B19F8EC2
SHA-256:	82DC5AA7DCDBF16D428984D5ABCF8C17DFDF046B6802ED7429477BF2265B8ED5
SHA-512:	AE55CAC682008AB34E3F52344121D4256590F7DDCF83185DA93F6B1CCE25FDAE01DEF84334D57A07C53DBC78B93BC222CBE635DD8E71E1C98D082D8C135F37F4
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/upload/peter.png
Preview:	.PNG........IHDR...s...M......Q.l....tEXtSoftware.Adobe ImageReadyq.e<...&tEXtCopyright.(c) Goodluz \| Dreamstime.com.%s....iTXtCopyright.....(c) Goodluz \| Dreamstime.com......A.IDATx.t.i...y.......wu..==.p..p.lJ.(...eZF.C.m$0.D..?...g._."DP.%r.E....Y..2.p..u...k.u.o.....VU.tuOu-w9.=.......nOT\|(..(.,..C.."...X.3M.5..o%.9=.?..C....u..I..$.!3.~/3y....z";.!c...r!............Y..I..j...G.,.+.z.0.zo:.ldR..FJ.Z...J..5K..........KQ.HL:Y.X..1.....J...Gb..(/rU.....R!3.A.._.).B..........Br..i.e..Z].d....?\|.. dE>.=.c.$$.S..sdZ.\......O,%......Y...........O..i)Ea..c.iV$Y.aA...&Q......6..3.M..H&Y.....8.4U......../l^N..d.X...y.eY....z.))b.L..2..4.u.TI. \.w+....v\.%.....4..$.+F..Z..(....#.8.i.Y.#.2..Sm..++$.RUFR...}.wf\|....O..O.3..w~...G.3M.k....x..nj.n$i..Tl...I.7Q.j....?.@.uM7.....7..V.Q.y.,I.<?......tIBkh....(......@K.a....z,.....Wn...)...A".4..\cy,qI)'.u."6.!c.($."xs.W*A.....z>_9.i...D2.....7%.:.$Qu].....z%.cE.J...6m..$..V.nEJZ.?sl.v.#.~. .G{...M...u+n...B.qL

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	1619
Entropy (8bit):	7.1020718457268215
Encrypted:	false
SSDEEP:
MD5:	CD86A0116D0E35DDCC39B978730CB494
SHA1:	B7CE5A5818F4A66672F2CD3E35BBB702BD908172
SHA-256:	76B50E1A0F5516AEA4343F9CC587AE51AD18776264C0265911DC7FF1ACBBC6B1
SHA-512:	BD9A521FF9ACD1DE507FA02D22B0750299433B9DA4A0DBBDD3E09F888C6D4937DF78D8B5DC2B922703A220D545CE573862FBB9148D53205C5D72658356F4B560
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:0A2A0620E2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:0A2A061FE2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>).....IDATx..."A..G-.../^D...Q.E\|.O....I..*....<xp

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1522
Entropy (8bit):	4.873258481997283
Encrypted:	false
SSDEEP:
MD5:	597C33E93F152B6CD4EA705FF053BB26
SHA1:	291D765AA1268D0BFF5E9DED4C72E7AF477693B9
SHA-256:	6F9B2D87B30EF2717353CACBA8082632E6E1376310E18C3F3428933BC9FBBB53
SHA-512:	2E6B0F11C46E5132AF2BE4534BBA0CD6B9227A96112FA66B313F4D6740568D4E14569D8EB8AAB14C362A46DE7047F0CA1302753EFDC45303B78DE97CD77F8882
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/topmenu/topmenu_gzip.js
Preview:	.../* When the user clicks on the button,..toggle between hiding and showing the dropdown content */..function myFunction() {.. //document.getElementById("myDropdown").classList.toggle("show");...toggleClass(document.getElementById("myDropdown"), 'show');..}....function hasClass(ele, cls) {.. return ele.getAttribute('class').indexOf(cls) > -1;..}..function removeClass(ele, cls) {.. if (ele.classList) {.. ele.classList.remove(cls);.. } else if (hasClass(ele, cls)) {.. ele.setAttribute('class', ele.getAttribute('class').replace(cls, ' ').replace(' ' , ' '));.. }..}..function addClass(ele, cls) {.. if (ele.classList) {.. ele.classList.add(cls);.. } else if (!hasClass(ele, cls)) {.. ele.setAttribute('class', ele.getAttribute('class') + ' ' + cls);.. }..}..function toggleClass(ele, cls) {..if (hasClass(ele, cls)) {..removeClass(ele, cls);..} else {..addClass(ele, cls);..}..}....// Close the dropdown menu if the user clicks outside of it..

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	2063
Entropy (8bit):	7.401213742177446
Encrypted:	false
SSDEEP:
MD5:	1326EA82D42AB28D0076217901E0222D
SHA1:	8847D056E73BEB618C6782967C591F4355E9479A
SHA-256:	A939B691914713AEEBC11192C59BA524488E4326E9CF3E6C5A00836F6B20333B
SHA-512:	BE628443AA7FA379298D1C525DC58789D65DA92A7A50BEEA5D2BB462BB64BAD032A3A4C4D148072861E0652542E7F3A55840991D179597AB4C01BEF8A625ECF3
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:0B0099C1E2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:0B0099C0E2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>O.Q....AIDATx..OUk..p.........%.0...:...;.J.I.3H.h

Chrome Cache Entry: 191

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	608
Entropy (8bit):	3.216928172084248
Encrypted:	false
SSDEEP:
MD5:	A6F22CFB8CF1AB3A85ABA371DE332F81
SHA1:	402EA8055924D4E6FD038C2E20CC14B17EF5FAB8
SHA-256:	ABB2DB2FE2FD3744C2E9E84DC57031DCB25E33CD6BD8510701F3BB68A699E9F0
SHA-512:	72129C7A5E1791388FA0AB31A6B3FDAAF0A50024EA9C0648BA41719AF2EDDFC860FC1A2F43D864AA671D28EF248F606BB135635D2C2E4E3A54B4E0A507221EB4
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/mainmenu/scripts_gzip.js
Preview:	/-----------------------------------------------------------------------------------/../.SELECTNAV../-----------------------------------------------------------------------------------/....$(document).ready(function() {...selectnav('tiny', {....label: '--- Navigation --- ',....indent: '-'...});..});..../-----------------------------------------------------------------------------------/../.MENU../-----------------------------------------------------------------------------------/..ddsmoothmenu.init({...mainmenuid: "menu",...orientation: 'h',...classname: 'menu',...contentsource: "markup"..})

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	1966
Entropy (8bit):	7.357055028790166
Encrypted:	false
SSDEEP:
MD5:	AE87B55AFD85694DE521D941DCFC74C9
SHA1:	6DA6FB53CB9DF1871882C76948C8A07B01F55D5A
SHA-256:	5B4816757C6E466A26F48CD8294AEC25E9C01CFEA9F42BEB354C1151FBABA31D
SHA-512:	0FF28AFA3B20CF93BE1B8D1F0AE72F3786EE808ACD9EF0FFB46506D88BD597E4946391E6909FBF140EB13336D91EF080F264823032B12A975E1891E4DA014B02
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:0B0099C5E2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:0B0099C4E2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.{......IDATx..YK+A....q_b..."QAP.$....../.!......

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3538
Entropy (8bit):	7.895435600841743
Encrypted:	false
SSDEEP:
MD5:	4F3CC6B56A414F24A2385835675E9F18
SHA1:	9929EC20F8D0D87D4BC6810005A87683E8D1A378
SHA-256:	8A52BF34158AB2A2C13EFEE50A861A84909214C6BFE7FD5BF5F8164A7FDC16F6
SHA-512:	A5F94F1D7E93E84EDE09D84E7DAAE55A746ACB3966B48F990E2CF78650410D97D082A44483E1EE129053AA3CCCEDA1689C84A0714FF1EBFFCE68ABE45C72BCB6
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/logo.png
Preview:	.PNG........IHDR...@...@......iq.....IDATx..ytT.........K..\B..E..FY.%....U.j)B .......#V.`.P.TP...d...Eb[.j..I.AMH...........m3..Ir.I..d&o.....Q.........q7.c1.4."..1.k{.m^J...P.\.C)m.D.K.h..ec.....^p.t.[@..LH......)....q...7..ao..D.(4..nI.>...v\|.X./...<....4..3At!U.5(..>.~$c..5.T}.>.pD.I.......Uc..........R..$.....u.8.x...*....B...N.e.B........D...}....P3.b...8~..qM8Q.c.W...oJ._Hs...`..4..".(..../..k...k.@\|...z.j+.{.#.3A..G...E..j..4.0....Bb DI..1...q..1.......4.....S.o..j.(..(...........T}M..H...$I...kX...>.......#...0.v.\..&....n....\.:.jt..[..1.....^o.....).0r.a.!....>I.u.(.....Q..T..KP8....ATb...n.......e..9...p.6.?..H....P....R..qAy.$.........$....E...+.W.q ~.osLb....7.=B...;.t....50......g+@.......!.W.....hP\|..k..[.#....9&0....^.......(.84..tn..8.xd..>nTK.. H..v?.P=.bv...h.."...9"\|&..a...b..+.....7...:!L..u..X....D..D.x........Ff.r\.x..0.b..b....?...BG.y..q..\.i.....+.$..t.qU.[.#.....7!.:H.{.........Q.h`&.+.....':...]..@.S..

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 7 x 13, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1030
Entropy (8bit):	6.170982116501406
Encrypted:	false
SSDEEP:
MD5:	3BC82BD71FC748CF23A983E8E57660EF
SHA1:	D94F59E6C5908A4ABE50C27A703D0FDD44AAD351
SHA-256:	C9835A208A1374F1F771422C39248D529D254FAA2700BD31163238861628CF67
SHA-512:	DADF00FD24046F213BB5733F93B7DE357963ACA6988B7461AB4A9B4629861F93B8D0715EC47637A3649E46D44BD62DCCD62D40FB91E7A7EB8865B0E46EFB3C9C
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............e.t.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:4F178D5BE46311E296EBE2656F7499D3" xmpMM:DocumentID="xmp.did:4F178D5CE46311E296EBE2656F7499D3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4F178D59E46311E296EBE2656F7499D3" stRef:documentID="xmp.did:4F178D5AE46311E296EBE2656F7499D3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>"......\|IDATx.b....]...H >....X......6I.0..5@..M..4.x%..`...}.. ...@..g....8...;..._.$?.q.._dA.x...Nt.}..h...$HG..oG...t.

Chrome Cache Entry: 208

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x500, components 3
Category:	dropped
Size (bytes):	89998
Entropy (8bit):	7.7703144669901265
Encrypted:	false
SSDEEP:
MD5:	CB5F7B7505CA66395E428A9970213842
SHA1:	96362C405BCFC06D516C89A33B9751C572092171
SHA-256:	C2A14AFD5DEE17CC57D760172676BD2EE713DD3FEBDFE7C8238D8EDB553F281C
SHA-512:	A927A1BF63AD1F495E97240611211AB8A41B74827477FBEA6779F853CF05C6A1F118A4A6C929AE71046869F98DF1606AC21EC0BF95960D4D518B957520C5DACC
Malicious:	false
Reputation:	low
Preview:	......Exif..II*.................Ducky.......F.....)http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:B113E3D1DD8F11E299B5CE635A2CFA4A" xmpMM:DocumentID="xmp.did:B113E3D2DD8F11E299B5CE635A2CFA4A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:B113E3CFDD8F11E299B5CE635A2CFA4A" stRef:documentID="xmp.did:B113E3D0DD8F11E299B5CE635A2CFA4A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1163
Entropy (8bit):	6.497589605042422
Encrypted:	false
SSDEEP:
MD5:	872ED6CEF414E3C6DF614A7BE0EA4AC8
SHA1:	F11ECB3D41596BEF991324C65028A26E56125AFE
SHA-256:	87E631D2270CC22B151FBB427232C7F34382C59A4554187BDA843D7F7CD3D7CC
SHA-512:	AC0E33D2B734022E0B8DEA9B48626E32E32DE2BFCEC79F48210752EE3BC5E71C58E61003B93CCB3CB9C58A1E3802D89ABF8896D958567AC06F4A90665B14836F
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............V.W....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:D3FD7C91E00911E2AC9EF0B5E9A55B9C" xmpMM:DocumentID="xmp.did:D3FD7C92E00911E2AC9EF0B5E9A55B9C"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:D3FD7C8FE00911E2AC9EF0B5E9A55B9C" stRef:documentID="xmp.did:D3FD7C90E00911E2AC9EF0B5E9A55B9C"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.>3.....IDATx.b...?....b. v.b3 V.....S@......7.] ...+...O......E6$....'.\..A1.DC..s...E.w.y..dP.......... ...;..@..0...{

Chrome Cache Entry: 211

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	929
Entropy (8bit):	5.797039716721852
Encrypted:	false
SSDEEP:
MD5:	CA73A5D0BA52C0E7E0F04FF587D249E2
SHA1:	EAE45C23B81203553AA1F842F121A4D02AA52707
SHA-256:	1F0372A3DEC4494A341BF343766F249A3EE22C42756606CD98458D1F901E7DCA
SHA-512:	9C1C3124B6C3C0B33BFB064EC7557C1D5F12E9863B4DC94C546B05D77CDA50BC36FC7CBBB540DE29374B5A54AB7A1881CC38F4A3EC71B882C81408029F05D8DD
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...............s....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:CD26C533DE7B11E2AE0CBE91FC64DAA9" xmpMM:DocumentID="xmp.did:CD26C534DE7B11E2AE0CBE91FC64DAA9"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:CD26C531DE7B11E2AE0CBE91FC64DAA9" stRef:documentID="xmp.did:CD26C532DE7B11E2AE0CBE91FC64DAA9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.v......IDATx.bTTTd```....R........>&......IEND.B`.

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 160 x 45, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4655
Entropy (8bit):	7.852389508420169
Encrypted:	false
SSDEEP:
MD5:	32C4F5E837F29EBED047DD5DC206B230
SHA1:	196BCCB1B565C6AC2AD46B9ACD95D9F55BD03AA6
SHA-256:	EBE860B774EFA92FA1E39D95D99AA8ED4A4D81502CD228FB642E6D414DAD917A
SHA-512:	F0914F184523535C3D7D6595821AFF28EDA32F9E56FA9D4142158E95A4293EECDCDFAC7DF8F1C59A8CF67A9A8526A73B1B3596D72F915C123E7B83CCAB04D784
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......-.....).`+....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:FC777C5DDD9311E29C80CA7181E8D864" xmpMM:DocumentID="xmp.did:FC777C5EDD9311E29C80CA7181E8D864"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FC777C5BDD9311E29C80CA7181E8D864" stRef:documentID="xmp.did:FC777C5CDD9311E29C80CA7181E8D864"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..D.....IDATx..].]W.^..//....h..H...qjZT..?.....Y...D.:..J.......@jI!d...P,.*4.......?.}9.....}.{....{...k.....~..

Chrome Cache Entry: 214

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 19 x 90, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1034
Entropy (8bit):	6.132147235897752
Encrypted:	false
SSDEEP:
MD5:	F82715D2DE9891AB0C5E1B5FAF722C09
SHA1:	B7DB36D46EBCF4588AAD25E26363A467D211E737
SHA-256:	899AE59966E4EBE8902F5CD90876DF226CEB485D3472E058BC6C0D93835E8910
SHA-512:	AD940B633A1D2B48764FE5B217195F801934CE64C9A75D76ABBD356D32DDBB71874BA9BEF57F139E01F8902CCF4B88FDFEB994DEC4C9ACD67D15CB0A4D327A85
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/accordion-ico.png
Preview:	.PNG........IHDR.......Z.....Z.mh....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:050FED55DFA611E2A807FF0A3DEF0726" xmpMM:DocumentID="xmp.did:050FED56DFA611E2A807FF0A3DEF0726"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:050FED53DFA611E2A807FF0A3DEF0726" stRef:documentID="xmp.did:050FED54DFA611E2A807FF0A3DEF0726"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>e......IDATx...1.. ..a0\......L....DB06.DM.76...NDU..)C...........}X}..Z.Y..x...g.fFg``````````````.ciZ6.V.....`.G..

Chrome Cache Entry: 215

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (44227), with CRLF line terminators
Category:	downloaded
Size (bytes):	44511
Entropy (8bit):	5.1411490825856765
Encrypted:	false
SSDEEP:
MD5:	2A6AC298FB4709F2FA5E27E22D1B6DE9
SHA1:	0EB9DE61DEAB30DEB608AD9A03161FCA4DB385F8
SHA-256:	780C9A5870BD05C9DE1E8ABB4CCA1814D4C601C5A12F311FDBF9839F0378B430
SHA-512:	8DABB888B313B7164F9B9D415AAE475BBD99E95E9538982BB941354B06B1ADCAB3258B0B62F39B702161895856AFE071859818AC06F55FFC322CAA5DF191770E
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/css/style-min2_gzip.css
Preview:	figure figcaption{text-align:center}#logo{float:left;padding:0;margin:0;height:90px}.site_logo{padding:0;margin:31px 0 0 0;float:left}.site_logo h1{padding:0;margin:0;float:left;line-height:27px;font-family:'Open Sans',sans-serif;font-weight:700;text-transform:uppercase;font-size:34px;color:#25aae2}.site_logo h1 i{color:#454545;font-style:normal;font-weight:400}#site_wrapper{width:100%;margin:auto auto auto auto}#page_wrapper_full{width:100%;margin:auto auto auto auto}.container_full{width:100%;margin:auto auto auto auto}.container{width:1000px;margin:auto auto auto auto}.one_fifth,.one_fourth,.one_half,.one_third,.three_fourth,.two_third{position:relative;margin-right:3%;float:left}.one_full{width:100%}.one_half{width:48.5%}.one_third{width:31.33%}.one_fourth{width:22.75%}.one_fifth{width:17.6%}.two_third{width:65.66%}.three_fourth{width:74.25%}.last{margin-right:0!important;clear:right}#access .menu{list-style:none;font-weight:400;position:relative;float:right;font-family:'Open Sans'

Chrome Cache Entry: 216

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3339
Entropy (8bit):	7.931285889033341
Encrypted:	false
SSDEEP:
MD5:	D8F5E1C99D59C75128816E331F5106FF
SHA1:	864452BFC38E3FE55B9C4F0E7624FFC0E24C4846
SHA-256:	C9B8F512922531CC744F402D004723419EC384BF8EA4FDADF03C4C0A01F729B2
SHA-512:	5246C03B2A1AD425336E0286FE42286F7DAEC33FD410EA03FA95CC8D840A2127AECF59A6F5775FD37DE01991A4D7D636D00F7E45D8A670BD6A2A2F3187F80F45
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/home/global-icon.png
Preview:	.PNG........IHDR...@...@......iq.....IDATx..[.tT...i...@BH.%..PA...HG@A.."MC....C(.........."\|.K..bB.$..>...L...$df.!U.{..2y....w.9...F.{H....L....>.g"..=t,.\}.....3....O.sM....AG7"....H.KM...Hh..D..jz45..& ...5_.......EM.1...xL.c.......2.@..!.w...J./,D......'^G.F..!.....;C...2.@...pmF..nP.Bjm...7.a..0....S.>.CJ...y@S..&.!O"..id...E.=......../.`.T.n."..W....~}F ...0.h..d.85...k.@....b..=..rt.}...h..)?...ow. =.J....../V"..w.m..w..a.....g.p.,\Z0...W!wv..K...B/.."P..T{.P.u.C...>...-CAF.^$h:c=.].....?L...`.>...f...c......x..\|....B.........u.......q.....1...D...,.......H...X.........1.}MD.U\|.B.C.q...C....O.....a..D..O.......@....]....(\|.0..W=../#...9....Aj.....!k......6%..u..i..C.~...E.#t.V1.R.9X....M...n^F.5G..S/...(rZ.B.p.h.F..#7..n..^.9.<....g....QF..N...O.9.%..vW?.V.~p...1.g#..q.m...x2b?.&..H.l....!jJ...e86n.....j"....>.t.B.._..;.p}.B..\........w.^7G.#d.."..$..c..z..G.3.X<.......Q....d....m....]v:..o..........!...TiC..............

Chrome Cache Entry: 217

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	1853
Entropy (8bit):	7.287191849400952
Encrypted:	false
SSDEEP:
MD5:	5E04DF32271DB274156751C688DA3411
SHA1:	D564EB3E367E02D2F8DC06067FA07956757977F5
SHA-256:	3A897796AC049564F0252EE502283026A7970D5847E3D8A5F1A18E28BC29C12E
SHA-512:	E03094EB04266D1FF46D2EE380D0C9213CF3F6DEE95755220FCA1B22BFF0C723FB65A87752DA1CF6DA37191A8F1DEB67CC16E271C3D5AE14325BF7913E93179B
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/site-icon22.png
Preview:	.PNG........IHDR...#.........4Z......tEXtSoftware.Adobe ImageReadyq.e<...diTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:254354A516DBE211ACC9E53F5CF63648" xmpMM:DocumentID="xmp.did:0A2A061CE2EE11E290D786F5D7F73E47" xmpMM:InstanceID="xmp.iid:0A2A061BE2EE11E290D786F5D7F73E47" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:503341BCBBE2E211A051C70423D089B0" stRef:documentID="xmp.did:254354A516DBE211ACC9E53F5CF63648"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.J.H...oIDATx...KrQ..z.T...^i.h.B.....-..Z.Z.I..(?

Chrome Cache Entry: 219

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1632)
Category:	downloaded
Size (bytes):	23268
Entropy (8bit):	5.358541206794557
Encrypted:	false
SSDEEP:
MD5:	DD07D087F2D8A90710AA028C7B813AB6
SHA1:	314ECB775E3ADCEB95C436121EC776D645BE06C9
SHA-256:	195354A23B1FDD59189B86BC6EEC46B02F52EF00833D1C453D537FE7C667787C
SHA-512:	C1469DC582A66AA8DEE4708E9B7470DA45EA3BAF124F239722D0FDD8F2587B670748123B0B2917DFE2FB1C867AB97E895572F74401A514383E7ABE4268A17C2D
Malicious:	false
Reputation:	low
URL:	"https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek

Chrome Cache Entry: 220

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Category:	downloaded
Size (bytes):	48236
Entropy (8bit):	7.994912604882335
Encrypted:	true
SSDEEP:
MD5:	015C126A3520C9A8F6A27979D0266E96
SHA1:	2ACF956561D44434A6D84204670CF849D3215D5F
SHA-256:	3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
SHA-512:	02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Preview:	wOF2.......l......D...............................O..B..h?HVAR.x.`?STAT.$'...0+...\|.../V........+..2.0..6.6.$..`. ..~......[B4q.....t..P.M_.z...1..R.S...u.#..R....fR.1.N.v.N.P...;.2........!Z......Qs...5f.G.K.an2&....2.........C.H.t..N!.....nh.<(.vN.....j.._.L.P.t..Ai.%.............._I.i,..o,C.].H.X9.....a.=N....k.....n.L..k.f.u..{...:.}^\[..~5...Z`...........`!...%4..,...K0..&.a/....P....S....m.Z......u...D.j.F...f.0`I.`.`.h#..)(FQ.F!o$........S.).MV8%Rh...r...x...T]$.=......Y...!.3.&U..."....Q....{.l/0..d..4iJ/..}...3....i[Z..NG.WD...>.[U..Q.h..@m.=..S...1C2...d...<..v.?.q.f..n...OUz.....&Z......Z."..N.....n...9.B..C..W....}...W..6Zs.i.+Z........jB.n..x.8M.....q..@I....-.%..,C,..K..#.2...4)/.v_..x.<....t.....%[.4?.=j.V..jj''..W.u..q....I.L.=......E...\.M.7{.>......W........C.`...,9$......\..o........y...4A..m.P.,X..=?.:................wF`..+.P..........M!.4.......l.>M..t.ff5r..^..Z.g...!fA,hIIQ...e.R>B.AH.VuX..>..\.=.ky...1>C....>C.c.;...6D.

Chrome Cache Entry: 222

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (1460)
Category:	downloaded
Size (bytes):	1568
Entropy (8bit):	5.277214456604328
Encrypted:	false
SSDEEP:
MD5:	ACBAF6DA269779456F80CF69E9195756
SHA1:	385B3FFE56175C1C388D29EFB78831C57AA6609B
SHA-256:	2F52DB50D5FE2A2C78CA08850BCB12C93016BF7BA856BE8422995A9F1732E763
SHA-512:	E5FEEBB09F8A67C56B4001D2511F6916AA884864900EA69F789EE98BBE7635CBF621714DF937D15B5E7BFB5B771306503D88753C986537795677EF6115992E90
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/mainmenu/selectnav_gzip.js
Preview:	/!. SelectNav.js (v. 0.1). * Converts your <ul>/<ol> navigation into a dropdown list for small screens. */window.selectnav=function(){"use strict";var a=function(a,b){function l(a){var b;a\|\|(a=window.event),a.target?b=a.target:a.srcElement&&(b=a.srcElement),b.nodeType===3&&(b=b.parentNode),b.value&&(window.location.href=b.value)}function m(a){var b=a.nodeName.toLowerCase();return b==="ul"\|\|b==="ol"}function n(a){for(var b=1;document.getElementById("selectnav"+b);b++);return a?"selectnav"+b:"selectnav"+(b-1)}function o(a){i++;var b=a.children.length,c="",k="",l=i-1;if(!b)return;if(l){while(l--)k+=g;k+=" "}for(var p=0;p<b;p++){var q=a.children[p].children[0],r=q.innerText\|\|q.textContent,s="";d&&(s=q.className.search(d)!==-1\|\|q.parentElement.className.search(d)!==-1?j:""),e&&!s&&(s=q.href===document.URL?j:""),c+='<option value="'+q.href+'" '+s+">"+k+r+"</option>";if(f){var t=a.children[p].children[1];t&&m(t)&&(c+=o(t))}}return i===1&&h&&(c='<option value="">'+h+"</option>"+c),i===1&&(c

Chrome Cache Entry: 223

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1234
Entropy (8bit):	6.696448744876896
Encrypted:	false
SSDEEP:
MD5:	8AA5F3B891BF4B114DF1BAA8ACA7A441
SHA1:	42DDBE46BB195746D9EE72D6638BF84FA1C92481
SHA-256:	F4C5FD42C0DAA8171A5D8ADE2263478A09474E8B185F101153D9844C77E85EEA
SHA-512:	07F5955DDFCBD98EF9B672B1927199E710B4CB6E3947F4F052EBF2C1CCE6C20DCFD0DBD9B6420ED5600DF64C4DA9269ECF4EA5E1ACC2D7BBED6C676954DD53FB
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/social-icon6.png
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:E4AF1BD9DE7A11E296FFB06E23A5AACD" xmpMM:DocumentID="xmp.did:E4AF1BDADE7A11E296FFB06E23A5AACD"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E4AF1BD7DE7A11E296FFB06E23A5AACD" stRef:documentID="xmp.did:E4AF1BD8DE7A11E296FFB06E23A5AACD"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..j....HIDATx...OD.a...wk....k.^.:M.d;u.H..eY...(...u...)...).2D..e...%kW.;}.<.X...[=\|........$<.3...S.......s7f.W.`.K{

Chrome Cache Entry: 224

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 76 x 40, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1596
Entropy (8bit):	7.151444646451189
Encrypted:	false
SSDEEP:
MD5:	A73D083C9CA27C6CC3312BE0B29E28B1
SHA1:	AE45D2D4308097CAF99CC8CD12C99F1BCD38CFE3
SHA-256:	CA09FEF27EC6D871E7A6B03E0EA403AE1482340DEA75D3FB0FE53D44871C21A2
SHA-512:	6D56CF7D81E473BF11F46604BF58E624CD00613C2721BE57E5313847C4E85F78B5B937986A04D7171D35620655A59664BC4F03322F5D50A7B1364641D5E8226C
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...L...(.....T..g....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:91B83A65DEE211E295E5C638C09D3E8D" xmpMM:DocumentID="xmp.did:91B83A66DEE211E295E5C638C09D3E8D"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:91B83A63DEE211E295E5C638C09D3E8D" stRef:documentID="xmp.did:91B83A64DEE211E295E5C638C09D3E8D"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.h......IDATx..Z.m.0.........L.y...XO~M;.........I'.3A.....N....8...U..... D..#...$x~.\f.9>).J....)aJ.B.S......~...H..k/

Chrome Cache Entry: 225

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 260 x 140, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	11121
Entropy (8bit):	7.972660517942987
Encrypted:	false
SSDEEP:
MD5:	4851B487C31DA32B55989E722C66F0C4
SHA1:	BBEDF4ED76174884265B65C5E5B458C5C7E99954
SHA-256:	783640C01962E7D0D5783D2281DBD3C22C9107403A8E0464D9B853EF04721983
SHA-512:	6BF2AFA750FDEA28C746250F7A2DBDA8BB8396B2DADD2B7189E0FE4B590D18022AE50F709EFBDB8E9271D3E50DEF0D094C19A0664E73AD3FDD1115DA83C88082
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/website3.png
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<..+.IDATx..}....u..Y...v%....B.[`..m.#l.....}!~.K.>'....Yx&_..`'1y.........2......X%. ...6..n..t......g..;=.:..f....:..s.,.c...)RDIS].H."....)R..H."....)R..H..FHO{......O}f....W., .qt..K0w!..l@(..Cq3.DM...}..c......Ky..$......Z.0.......?..y.9oX.]z..y..../?{...\q`./......U...C5.2..L....._z...._.Q....!......tC.$.,@dP...B.\|b:..f+..R..3.y...=.... x<.$.,.G.).......6...7.Uq.9.D..Y..a..U..o.\|.!.7..DQ...8O ...i.yw...P5..gt(...^\|.E..s.=...O.B"...n_z.......#....h1\y.p....AeY8,..e.N.yL<.%`....... ...uOn....C.kI.,....l.v.8..k...../..2......!_(........o^..7.).T.P.>...~.....k.....;W.)....V.....\|../.k.me....1?x....z&e.]...n.:}..T.0M.......\ .."(..d.Y.H..}q....u.g.w\|...p.B....T......v.[....... ..={.U.K......G./._..%p..nCu,..x&..G....ud...o.................}.i.av.l.V.D.>.k..c....R..H..k.5F...Y(.....0E..8&.K.ZuN#m.o...R......+.T..?...R#M.....r.j.0..f.=/.....h{d.D.S..7p?.8

Chrome Cache Entry: 226

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1676
Entropy (8bit):	7.821386022511317
Encrypted:	false
SSDEEP:
MD5:	3F1EB31C7D45216BD08BEA45BE496351
SHA1:	EEA78093AFF84F9B92F560C258335847A16C0F14
SHA-256:	5D2CAE116D6B7B9E3AD6BD9C0D9F060D33028232DC800F169E9D474C7745FF3E
SHA-512:	B336D10165F30C40CDDE9691450BD59C8324C32823C0C4ADE8B2067E43D40DD0CE8E7C2A79AA493DECEBBAAD37FF1C30759BFF0ED25043FF901E2FA7F3BEA72B
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/greyscale/user-group-icon.png
Preview:	.PNG........IHDR.............;0......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..IL.W...{...AEq...ZQ.).....h.EYh..m.6m...T...6$m..m.PuaB..0.F..eCP....8.".......{}.....r..9..........3{%.,.Q....DGGw....EFF6ko.....a.7r..>v....c......O......>Y.f..^........\.b...k....Xr.!..#""./Y..u..f....k...W..G......@C..5.....9.bccmll...{'........w...^...Z.=##.>}jSSSNV..'O.......+.....".].re@.L.!)J7+....c.o.>.....,_.....;@.(.q.y.n.1.......OO.?m;....&&&:P.P...1)Xff..]..1..gK.}f9k...n...Zxx....X\|\|........>=.(..x388.D....l+,,ti.......R."......0Nj.,X`J...q.].\|..?...\p4.BS.'..v......oD...m..........v..E.....t..pNNNLYYY........m.E6..\|....s..?nUUUC..<(.^s0bE.#......l.X..@RN....x.MDZZZ.y..M.Ler...C..l.b...;}.t......]Z..!.b.`..~?.dG..qQ.......N......s..l.=v3..d......Ku..>..t.=QD.C...{.Z{{{0*....:.v.r.&Z:..z...b.....Rc .......3-'O..a.h..=j.... d.{z..f.....J.kjjj.>8^..p......I5......[......3.D...n.ms$...8d..N..K..}pf...+W.....Z\\.c0.8.,X....8....)..6. .7..

Chrome Cache Entry: 228

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 167x150, components 3
Category:	downloaded
Size (bytes):	8840
Entropy (8bit):	7.930078781050075
Encrypted:	false
SSDEEP:
MD5:	56FC20452D06B35F3C6921A3171BF222
SHA1:	277025F0FD6AF4A69224C0CA492ED972D9B99E04
SHA-256:	D32B2C3E1ADBF5578E631E2B997ED29F7B59AE0A55D1602207C8329923394E02
SHA-512:	DF43CD2B47C82E8DA830D5D46E91B74900472F41F86035B08F655B06C093B066412B9AA2860CAE3B8967160EF997D72C5DFA4ACD8160527D97035CB74EBFF084
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/Late-Boy-Running.jpg
Preview:	......JFIF.....d.d......Ducky.......<......Adobe.d.............................................................................................................................................................................................................................................!.1"..A.Qaq2B#........R3$.br....CS..4%.......................!1.AQ.".aq.....2.....B#.Rb...............?.................Q.O.....i..3.{.[..+T..Q!.F#r.DR.l<.U..O`.roz..J.b...{NR.e.....C.I.S.%F....V.7d....\...=.A.......w..;....X}.~..B....-W.TF..\).j0.M.IK7.fm...9_RO.N..bo..g.E\|I.k.k..,wVe...m...5o..?.A.....M._.E..Z.I.egSo...e....6.e}..u.O(.D..v...].....................Z....c....'j.L.z...<...%[..).P...> .W...t...p......`,.b..#.I.C[...BW.`2..N.Y.......f.._....]..r......uH.......&J.u..A.h...;...Goj(fc..5.%y..sx.M....S...e..K.Q$..w8..-p._(..-jc.#._o.J..I......9...U.'s......tX".......u.Y.J.:.Mzx4.@4.@4.@4.@4.@4.@4./....d..w.F.s..b&*..:zJ..f..7'..F...S.U..;.+.."..`..9.U..N.Um...5

Chrome Cache Entry: 229

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 90, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	960
Entropy (8bit):	5.956407553486782
Encrypted:	false
SSDEEP:
MD5:	074A7A7F90B8A4DBECF62FCC758D9C97
SHA1:	F8369E86C5A27ED91932D3AA217CA27D4ECFEBD5
SHA-256:	24AACBD3D9A515B670FDF18E2A0FAEBD26A3B06C5F035B09D5309E425CD12679
SHA-512:	0FE7FE07D352CA90E63962610AE934F4885645435B7C4F8B7F479DC25FF042069B3E413071CA27D368B49949F28790B151F2AC6EFB3CFF039E10D2214D8CF5E7
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/menu-bg.png
Preview:	.PNG........IHDR.......Z.............tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:E89E30E7E51C11E29838932712D4CB47" xmpMM:DocumentID="xmp.did:E89E30E8E51C11E29838932712D4CB47"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E89E30E5E51C11E29838932712D4CB47" stRef:documentID="xmp.did:E89E30E6E51C11E29838932712D4CB47"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......6IDATx.b...L.`@...TM.J.h...Z.=..S...K.T.M.B.."..(. ...I'....i....IEND.B`.

Chrome Cache Entry: 232

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 160 x 45, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	6279
Entropy (8bit):	7.904507418921273
Encrypted:	false
SSDEEP:
MD5:	D82EE81E8A874DB52A10B96A0A8982A2
SHA1:	4B58F655D2920D6FA8D7FFE694D11B2B643AE14A
SHA-256:	F2C565B92D3F5BA043186E417A1A2DE10F6FD22DAD0BBC0AD71A35869947FCD6
SHA-512:	E4E73AD618B094248E4F9B716DCE21B2C3D22F77608F739F71D3DB55F48BEFF3A48E25CF7D654F06A488FAF95FF88A41F99C9C9E4CF99D19938365C946FC8D9F
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......-.....).`+....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:08502B8DDD9411E2B41BF2844BE0EA3E" xmpMM:DocumentID="xmp.did:08502B8EDD9411E2B41BF2844BE0EA3E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:08502B8BDD9411E2B41BF2844BE0EA3E" stRef:documentID="xmp.did:08502B8CDD9411E2B41BF2844BE0EA3E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>B.H.....IDATx..]M.m.Q...vw^L.......D.t0f...!...@AA.....!db@...2.L...ADqh.i....(....1...........:..w{zO.y..}.^?.j.U.

Chrome Cache Entry: 234

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1774
Entropy (8bit):	7.284770016089314
Encrypted:	false
SSDEEP:
MD5:	D673A70A94A7D2BEEA8A141487B1C91A
SHA1:	88E706C86DA9771E7041059079299EDFBCA2DB2A
SHA-256:	D8216E0CDF56BE6E2FC954F27FCA881EE637A4F7EADDAD4024309675AA97D3F5
SHA-512:	A72A092751E0EFD9145AB93E3EFFADCF0B71939FBB3CCD9A4E955FBF9D08F534CBDFC993B54A60BFC72602EE455227A97D04A4647537397B73FD6F0D907E760B
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:214D466BDE7A11E2BB2AEEA3CC98268A" xmpMM:DocumentID="xmp.did:214D466CDE7A11E2BB2AEEA3CC98268A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:214D4669DE7A11E2BB2AEEA3CC98268A" stRef:documentID="xmp.did:214D466ADE7A11E2BB2AEEA3CC98268A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>+(0....dIDATx..]HSa....}.....1.)........`..!^t.Eu.E...W.D.........&.X.HI.Bj&!x...9..<..szw0...~..}.y...&..N-.h...c..

Chrome Cache Entry: 235

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	25525
Entropy (8bit):	5.20953005129482
Encrypted:	false
SSDEEP:
MD5:	70705BBEEB177DC1F7BD3685E03E111D
SHA1:	F3C6B8F21DC4EF0EF3CC6967CADC84920A62D864
SHA-256:	96B6D23E97DCDAFE0984E0C258ECA5482AC283A901F3A2E0EEBF709F776D78D2
SHA-512:	A6777BE3B4AB0FBAA96D8C297B935FE89324D7052D35E8700702F43E8496EAE8DAE454719E4FE12FCC81EB4F862A8BB789180CEBEAE755FF9C2136319948C3BC
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/revolutionslider/rs-plugin/css/settings.css
Preview:	/-----------------------------------------------------------------------------.....-.Revolution Slider 1.5.3 -......Screen Stylesheet....version: .2.1..date: .09/18/11..last update: 06.12.2012..author:..themepunch..email: .info@themepunch.com..website: .http://www.themepunch.com..-----------------------------------------------------------------------------/....../-----------------------------------------------------------------------------.....-.Revolution Slider 2.0 Captions -......Screen Stylesheet....version: .1.4.5..date: .09/18/11..last update: 06.12.2012..author:..themepunch..email: .info@themepunch.com..website: .http://www.themepunch.com..-----------------------------------------------------------------------------/......../***********************...-.CAPTIONS.-..************************/.....tp-hide-revslider,.tp-caption.tp-hidden-caption.{.visibility:hidden !important; display:none !important;}.....tp-caption { z-index:1;}...tp-caption.big_wh

Chrome Cache Entry: 237

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1 x 10, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	125
Entropy (8bit):	5.449940422825115
Encrypted:	false
SSDEEP:
MD5:	BA593BD9FC9E07110F3DC74F728B3768
SHA1:	9620E53C9E0A5B5D55E15B23F556E2089E903FC1
SHA-256:	A15348B049A18C85702DDE38F379AA78D3809AF8C07ADCF25236C69B03F6F746
SHA-512:	DAA17291DEACD922E08AA3BA67D1D4BBB1D0859CE0F0FB3DC9F5F330805AD4D66DEE5104DB61DDB63F94906A76EF8240252675791B97764C94BB6C956BFD8D97
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............u.4J....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b.......... ..."A.?.8..0......\.h....IEND.B`.

Chrome Cache Entry: 238

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Category:	downloaded
Size (bytes):	180848
Entropy (8bit):	5.601124518326296
Encrypted:	false
SSDEEP:
MD5:	3955C7672EC8057F07288CDA17E5C6D8
SHA1:	5DE1048E3836E7A4AA124FE3D932E48CF1EB088E
SHA-256:	5DC6DBAB0FC0AB92262615AF24D6582709C654D2919E4B40F8EC6888083F364F
SHA-512:	03FC8EF40F6ABCC8763441B9B713598D6114FEB60B67CC8A44D910C2F02615E4CB6CDA9BA8CD797216B0C44011BB82D9EA5AB3371D3DC8F2E0B447B3EF41B3B6
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/ultraviewer.ico
Preview:	............ ..J............ .(....J..``.... ......R..HH.... ..T......@@.... .(B...<..00.... ..%..0~.. .... .............. ............... .h........PNG........IHDR.............\r.f....pHYs..........o.d.. .IDATx..}y.$E....K.]...A.f.).@..A\F.Ap.... ......8.6>.....::.........4K...<..lZ.n....@..23.?r...n..........Y..sN..`..k.{..`X....^..\F.[..v.c;.X....F..3...l.....F.p.8DT.0.`.......%.me.9..c....<...#..2...F.nW@.1V~...).^...B.$)..c{.lw....q.0.10...P......e..0.b..&....?.."... .I")...i.=.8....z..976...!...-4..-.z.+?}.b)..R..I.C..>..+..C`< 8C.d..f0...1\.@H..=R...e.....M...............j.....!AR.... z.q~.7...a<...C...7.h....2.=c.20.$\.m`....7F..0.Q.`,Nr!.!\|...<A..\|.....f.c..,..a0..q.@.j... ).... ....@x...WM..F.N@..y..O.9*.x.p..`.0...7J..0M..ap.&...z.D..>.`........![.........K.....x.....JR<......s....:dj.5.h.Z....=c.nR..I...7......L.i....H....\|......J...l..7.....&..I-.4.8c.p..T._.x.....$.]..k87n}..Uc.}..$.....=c.R..$.}..o`.9.M..m..zx"..(..$yY......$..AfT.

Chrome Cache Entry: 239

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1957)
Category:	downloaded
Size (bytes):	3093
Entropy (8bit):	5.586238726999888
Encrypted:	false
SSDEEP:
MD5:	B0BD3BB7D048E1D4A62DC6810FD20559
SHA1:	76B30E9DCF16AEE79C5E7599176B91A393A0E5EC
SHA-256:	47C097BA886258C41E67574DC6BE31B96DBF9BEDC7C2DA9D45A06235BF1B1A93
SHA-512:	068D343A68273EA8688A09ED5244688C024BB607A655EE29F48BC4A2151DB9A8EA61D6B8511F8FC2313B7AA25DF09AA841E6EADAE3A26CF768C05155F0EAF71C
Malicious:	false
Reputation:	low
URL:	https://connect.facebook.net/en_US/sdk.js
Preview:	/1705008213,,JIT Construction: v1010778471,en_US/../*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved.. . You are hereby granted a non-exclusive, worldwide, royalty-free license to use,. * copy, modify, and distribute this software in source code or binary form for use. * in connection with the web services and APIs provided by Facebook.. . As with any software that integrates with the Facebook platform, your use of. * this software is subject to the Facebook Platform Policy. * [http://developers.facebook.com/policy/]. This copyright notice shall be. * included in all copies or substantial portions of the software.. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS. * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR. * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER. * IN AN ACTION OF CO

Chrome Cache Entry: 242

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 35 x 25, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1138
Entropy (8bit):	7.724678253442209
Encrypted:	false
SSDEEP:
MD5:	F416B1C2F4E5FC2897A7F797C5BBBF7D
SHA1:	67929401D9307183C38100BBC1190A4759895396
SHA-256:	A68955AAC73ECA3006C3C5CE0CA43F35D21EEE61FC3EE7FEC39EEF8F819BABC4
SHA-512:	07383FC5C7BBC3B452E933A544EA831CE3624F514E908A5F3B37C10E6BB1D770A8A69A21002C8A1D7CB4448EDA2669B0A93EE4EEE943FA61047E7187B7D1F92C
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/greyscale/update-icon.png
Preview:	.PNG........IHDR...#..........8......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.W]KTA.~.C].Vr.6.\Q.rE.-..."......6....QD..B..].v+^tS.........~....;r.s....s..y.y..}g.%.L.yeddD,..p.[..V.U.......... .....5.w.....K.r....\|\|.........w.......?l6..g...`.b..Vj.N..... .Xc.X.....L.`43.w.........Z]].455).rss...:kC..1..A....c.......F...x.^)//.<;...n...V<.TS..k.999..........1.{zz..a.....3.^#.We..0..2..x.]..D..1.W......A}.F^...fF.d.3y...D..p8,...rxx(`.d.........+....r...5.0..._...>............h.._0G:;;....(.nj.q..n.c./;;;.a4....Sn"..D...AR....\|w`...M'I3....v~......!..[....9..[x.lZ.3.8.....%........X....E.Z..Z.....:"Xi. VVV$.....Yggge}}].....'.K....Og#m&...m.b.%d.z.vyyY.{.}UD......t...y....y.....Y.)((.#..H...&...9fmmM...~......c.6..D2Izi.0Z.....n).F.Y%%%.F(@n.["...5.......9(.9#Y-"...6fW.Bi.z.V..L8.....\2...o...`..F)^..@C..B....A.]...7C.1....=... .m<....5.Q.L.L\|x..~.v..........m...C....8Y!#...C_...a~.....8.\....]...T.....y.P.....(^S4C.......R@......RE.....lll.

Chrome Cache Entry: 244

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1290
Entropy (8bit):	6.737304427104644
Encrypted:	false
SSDEEP:
MD5:	D7C111F6E44A17B4DB6470BAA919297C
SHA1:	8CBBA2488ACC93BEE6CB17EE863A58F6733BCD88
SHA-256:	CA078DD8CD0E464D81DD8EB932DD4475F5B97A4D6F87DBB4982B92D536312562
SHA-512:	3900C0DDD13C7B158D82409FE5D0ED3EE5786D6B46073B9972C1C6A4D9A04691C2FF461682A8A8E03E1976AF0B0CB4BCA817B524C4E2A9670858B90FA2DEF1F7
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:17837EEDDE7A11E2BEAC867B22081DE9" xmpMM:DocumentID="xmp.did:17837EEEDE7A11E2BEAC867B22081DE9"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:17837EEBDE7A11E2BEAC867B22081DE9" stRef:documentID="xmp.did:17837EECDE7A11E2BEAC867B22081DE9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx...+DQ..qc.fDJ.."Q2.v.&.VY(..M..?.....,P66.#"C.FlL!.....4....o.t.sK3.>.{.y..\..gB..UU.U..u ..<...8...}W..}.`

Chrome Cache Entry: 246

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 40 x 90, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1734
Entropy (8bit):	7.255879374354705
Encrypted:	false
SSDEEP:
MD5:	1580EA8678BAD6D4F2F41279A7CBBB46
SHA1:	FE6390D36992C7E86B8F176EA314B9C12F7ACD90
SHA-256:	E1DFF36C732C35EFB287A87339C06F12F4CC84C75CF4BDC73A8A3BA1936D236F
SHA-512:	B92E689EB04AE7562D2D16D2C3BE92FC368614326ED109C4421F30A96FA3EABF96DB13C4EA82D0E18146092348E7696FD32450F8CBFD1E93589D4C64860E8A9A
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/revolutionslider/rs-plugin/assets/large_left.png
Preview:	.PNG........IHDR...(...Z.............tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:887E8AD1D94611E2A1D5B966297BDF2A" xmpMM:DocumentID="xmp.did:887E8AD2D94611E2A1D5B966297BDF2A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:887E8ACFD94611E2A1D5B966297BDF2A" stRef:documentID="xmp.did:887E8AD0D94611E2A1D5B966297BDF2A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......<IDATx..M..0....@b...]UB.U.Q...yz...R.....\|......... .9n N<...#.....cf<..s.n..Y&..q......!..X..2........~..r..

Chrome Cache Entry: 247

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x58, components 3
Category:	downloaded
Size (bytes):	7168
Entropy (8bit):	7.798569891490091
Encrypted:	false
SSDEEP:
MD5:	19028A00E27E8BF53DFCC8C7A4136111
SHA1:	184370AA4946CFBD8601A0F54AFDCE65C1C172BB
SHA-256:	957977E52F07E85720A30F61BED0EF3911B15245F2FD155844C56512F93D3663
SHA-512:	4B23DC79A27532CC1BEBA1698BA4787F8E675D497F213573050C5A3411E5F1B0FA2B0FB8371266A26E1C4306ED994E9C09E0AFF687EA0BBBFDA8B6F486DF8A09
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/tweets-bg.jpg
Preview:	......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................:...............u.................................................................!1AQaq..........2.B."bR....................A1.!Qaq............?....\|...j'.A.""..S....-.0".ZJ.sT....$UK..%..b.U..H..t/.. ..)Gy.!....c%.6...V.!:Z...}...A...N.Q. 5/....R......-......Z...4...)...j+.4@&.... ........S.C...V..(E......4."..%.T0..+.......PkBE..[p#...QTl..~=@V\..2.2....56....=.....}.........j.U~.....Q..(..Em]9a.i..iX"...O...'`...+..[.._.i.`..H-ui.D...vl....UE.e5@.#.....)t@..5...{.@s5....8..1O@,....K.)e..s..T.S.... ......V....bS...s..^...f.C..HI.. .k.....$MYC2.}.....M7w.0.`.^..!.;...d...l..J.b.^.....y(R(B.~.j..D...i....U......]...i.2......Y...j....@BH.^s.....@Y..I..&.i..R....J..a?.F.p.....V....B..j..A..(.++...d......"..-.Z.]v.....e(.H.X..&.(...U&......BT@..`Eq6"%..nX..M....h..,H..

Chrome Cache Entry: 249

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1371
Entropy (8bit):	6.930490999580688
Encrypted:	false
SSDEEP:
MD5:	47BAFB91BA270A3A3C0077D3F8221335
SHA1:	6714BF9D2C9DF11C27E1399B9D1C97A182A360E0
SHA-256:	573EB952FDF4CCDF0257B37FF8B37FA2EA2FB9576F0EBE44506D8D765A03FAE5
SHA-512:	D64DFB939E53B2FC2CAC8AAD165634E00C05632EE2F3EAC2141CD559F1D5239842ACA62DBC5A2FF91F11F283DDA1C531054184ABBDD0E0259FB509B6E2F3CB01
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/social-icon3.png
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:0D7957F1DE7A11E2B07EA660CC69486E" xmpMM:DocumentID="xmp.did:0D7957F2DE7A11E2B07EA660CC69486E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:0D7957EFDE7A11E2B07EA660CC69486E" stRef:documentID="xmp.did:0D7957F0DE7A11E2B07EA660CC69486E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>x..M....IDATx..OH.a...u...6b.$..........!.$..Ry.X.t....'...tZH..%.S.`..`......B..(.9}_.m.L......}......Y..<..#......

Chrome Cache Entry: 251

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (15184), with CRLF line terminators
Category:	downloaded
Size (bytes):	15666
Entropy (8bit):	5.076765590917581
Encrypted:	false
SSDEEP:
MD5:	21EEEC2778AE3350A46C9C5C60FC8D58
SHA1:	7E786E2A49757563949D07308BAB30D7C0042F3A
SHA-256:	F355F61622AEECC97FAAA515265CBC3160E7394C55C0B2D0B156E0031EF91608
SHA-512:	CAD4A633398E79279711F88A026446C358194CD42EA525E76FF3D28B6031FA823D929A64761F67019236A0626DDEE89D1CA9D8390C32561540EE2C846F67FB1E
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/jcarousel/jquery.jcarousel.min_gzip.js
Preview:	/!.. jCarousel - Riding carousels with jQuery.. * http://sorgalla.com/jcarousel/.. .. Copyright (c) 2006 Jan Sorgalla (http://sorgalla.com).. * Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php).. * and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses... .. Built on top of the jQuery library.. * http://jquery.com.. .. Inspired by the "Carousel Component" by Bill Scott.. * http://billwscott.com/carousel/.. */....(function(g){var q={vertical:!1,rtl:!1,start:1,offset:1,size:null,scroll:1,visible:null,animation:"normal",easing:"swing",auto:0,wrap:null,initCallback:null,setupCallback:null,reloadCallback:null,itemLoadCallback:null,itemFirstInCallback:null,itemFirstOutCallback:null,itemLastInCallback:null,itemLastOutCallback:null,itemVisibleInCallback:null,itemVisibleOutCallback:null,animationStepCallback:null,buttonNextHTML:"<div></div>",buttonPrevHTML:"<div></div>",buttonNextEvent:"click",buttonPrevEvent:"click", buttonNextCal

Chrome Cache Entry: 256

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	5228
Entropy (8bit):	7.947666691416988
Encrypted:	false
SSDEEP:
MD5:	E4CB17C7371E815D8332722653B8A049
SHA1:	2E178E93BD6DFE38519FB76D36EE3CA1A29AD3C0
SHA-256:	228880181E4EAAFA8A668EBE13DCD5BC96EEBF6DF5A78C1B0B979C47D13CF4FA
SHA-512:	B5CF10DFE233AF751CA750C295ABA8305771AF1A96BCE54EB17AAB99A901B8863A3A3D7F38F0CC4841226228B70B0CA89C6CDA96BC57B5377FFE388E7649CDA6
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...@...@......iq....3IDATx..[.xTE..{Kw.=..$D@...\..q\q...S.x.. .2.3.]......"." ...&....%.......$d.$..9u.n..........7....:.T..n..~G.=dC.:...V.}G......M..H.id.....x..G..l2YU{..F.....L&\./2.e"<<<...PTT.........'.......&..~K./.w$....t..U...~?...?..?.-...6...O...Z-p..a..YX..-....dU.$`..S.x..O.<.f.I.......S@........v..}.Y.~-..3.k.^R\..}.........lL...#+a/.>\|.V...F..(.....d)..5.U........P.. .....+...W#.X.)...KO....Ck.e...e+.6....\|../6:.i.R..A..OB.....S9aJ..XD.h..]...,8.a.Ho..... ...W......^.:....~=2.w{..R..0..Q...~lm...9..+...[...a6...S.....q(....'.)A.y\H..m.....3..#). &....H....1....i#?.y...@v..W^..[>.]z@N~.......cb..6..d.\|.3..!\...y....x.g.b(.....h.1....=.C.....l......N...:^......1.g.]S+......~VSf....T. ..+.' ....X0k....}..i.......%x......w.'J..X....M..LmG._..f...O.4..W..#x..D.h.b.b..E....ukCO...W........,-...2z..8...[..%x...E..\.W.}r....E.l...T....I..............D.......P.J*..h..R.a!t...Z.....#.!@sr.a..`Z!.y.'8....l@.<..+QL.\|/6

Chrome Cache Entry: 257

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1267
Entropy (8bit):	6.780464964517972
Encrypted:	false
SSDEEP:
MD5:	846C4E47952A51C2F2E3BDA5E66DAB6F
SHA1:	21152F57720999941878622DE1E20C4AC89F4959
SHA-256:	4887B88D32955E74539E853E27D41B6102D72EDA1ADE7590A9EFC6E409E390B4
SHA-512:	F2FAA5A53B51382F055AD8827279DCA7C2E2F13F47536CE853F329555B99FFACCC5E61CB3BA7774D7862451D7CD99BC7D27000154C29698FF5FC0D8B75EB64CE
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:24F64295DE7A11E28AB2831AB0F5F945" xmpMM:DocumentID="xmp.did:24F64296DE7A11E28AB2831AB0F5F945"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:24F64293DE7A11E28AB2831AB0F5F945" stRef:documentID="xmp.did:24F64294DE7A11E28AB2831AB0F5F945"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......iIDATx....+DQ....uaA.&.(...,d.....F...l..2YH..D,f7.+.,(.,$.,0..."E4..g..;.b.......g.w..u....@.......'...4Z.

Chrome Cache Entry: 258

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	585
Entropy (8bit):	4.589799476364919
Encrypted:	false
SSDEEP:
MD5:	D6D2EF755D24B0096F604FEBB93A7244
SHA1:	8DA3E40A6526CDB44CC2A8E0C7253FA8634D384C
SHA-256:	845B3FC645ABB3D96944193FA2AF2E193B6F012A72D612D43BC652FD09DB478D
SHA-512:	F2882E0571C4BA100E419B8E3A65D7B2F01E39CFE38A1FFBD7428259BA92332444F502EFB0DC0476482B285844A9F30B36E717493A5E69DFD7C29CE1171F44E9
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/page/global.js
Preview:	//scroll up.. $(document).ready(function(){.. .. $(window).scroll(function(){.. if ($(this).scrollTop() > 100) {.. $('.scrollup').fadeIn();.. } else {.. $('.scrollup').fadeOut();.. }.. });.. .. $('.scrollup').click(function(){.. $("html, body").animate({ scrollTop: 0 }, 500);.. return false;.. });........// display loggedin .... $.ajax({url: "/api/display_login_info.aspx?lang=" + cLanguage, success: function(result){....$(".dropdown").html(result);....}});.. .. });

Chrome Cache Entry: 262

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7711)
Category:	downloaded
Size (bytes):	259947
Entropy (8bit):	5.563764289887954
Encrypted:	false
SSDEEP:
MD5:	EA4287285CC9D00D2F16A09115C9582D
SHA1:	AE04918277DBD512969F268CB168E25DA38AD416
SHA-256:	A5CDB3503CD557C8A1D63433B177E8F0FF94441F0EC311EE3DCBCCA350E91001
SHA-512:	CF4C85A5D79196625FB760BBF332C56929C8839AD73631229DA2F6DF20D2F456B71AD18B5140FE5EACF517031D975B1A0D26F9BA379A45488AA704B88BFC4E50
Malicious:	false
Reputation:	low
URL:	https://www.googletagmanager.com/gtag/js?id=G-8J20SLZ4R2
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":0,"function":"__c","vtp_value":0}],. "tags":[{"function":"__gct","vtp_trackingId":"G-8J20SLZ4R2","vtp_sessionDuration":0,"tag_id":1},{"function":"__ogt_event_create","vtp_eventName":"bat_dau_thanh_toan","vtp_isCopy":true,"vtp_instanceDestinationId":"G-8J20SLZ4R2","vtp_precompiledRule":["map","new_event_name","bat_dau_thanh_toan","merge_source_event_params",true,"event_name_predicate",["map","values",["list",["map","type","event_name"],["map","type","const","const_value","page_view"]],"type","eq"],"conditions",["list",["map","predicates",["list",["map","values",["list",["map","type","event_param","event_param",["map","param_name","page_location"]],["map","type","const","const_value","buy_serikey"]],"type","cn"]]]]],"tag_id":3},{"function":"__ogt_event_create","vt

Chrome Cache Entry: 263

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 28 x 40, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1557
Entropy (8bit):	7.17035541191537
Encrypted:	false
SSDEEP:
MD5:	778EE0057450F5AAF88F202189228915
SHA1:	4D2CE58DF71DFA89601E38ED0FAA84815DF8F23B
SHA-256:	3D58698358EE37FC535096F352D71F403C034D0BFF9F82DCC5EB234DA19825B0
SHA-512:	F68F6D508CCD115A00F5D88759BD63036C4E6660283B02CB38A50CC496D13672D44EE2BAA3FC9445DEE4A44A4457CFBA8C8E8DC13ADB4EDC0B870A21660F924C
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......(......./....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:85A5FD67DE7D11E2A5C9D8692156AFEC" xmpMM:DocumentID="xmp.did:85A5FD68DE7D11E2A5C9D8692156AFEC"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:85A5FD65DE7D11E2A5C9D8692156AFEC" stRef:documentID="xmp.did:85A5FD66DE7D11E2A5C9D8692156AFEC"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...i....IDATx..[..a..gve...,.)..ZZ..Z.C.7..H...F.s.8.L...CKag.l....(..Z...9..=...y...3.._;......}7...#}9*"}<B.P0..

Chrome Cache Entry: 264

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2x2, components 3
Category:	dropped
Size (bytes):	1123
Entropy (8bit):	5.794813529688611
Encrypted:	false
SSDEEP:
MD5:	FB203FAF6105F6A3BFA6FBB5F6C1FE3E
SHA1:	47D1E23138FFC8D5DA9271066107EB21C088462A
SHA-256:	DCB2485B7981AFA35FE73AD033D7AC9EA17AE0A98A0E6148CD15371A513BE660
SHA-512:	85A855E3240C9B29F0011592A5F224CAE84B43D246451700665B837F0962BB400578194368A274237B1DEAC481128C5ECCF53A6AEF254B01C8E64114F47B1541
Malicious:	false
Reputation:	low
Preview:	......Exif..II*.................Ducky.......F.....)http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C2FBCB33DE6911E2B1BEC4C59FAC90BC" xmpMM:DocumentID="xmp.did:C2FBCB34DE6911E2B1BEC4C59FAC90BC"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C2FBCB31DE6911E2B1BEC4C59FAC90BC" stRef:documentID="xmp.did:C2FBCB32DE6911E2B1BEC4C59FAC90BC"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................................................................................................................

Chrome Cache Entry: 265

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23742), with no line terminators
Category:	downloaded
Size (bytes):	23742
Entropy (8bit):	5.050574160426022
Encrypted:	false
SSDEEP:
MD5:	453E03A8B59BFF8F8F753052B2BC3538
SHA1:	C10EBA597ACC708937A038856106C5A01FC7A677
SHA-256:	1937F331CF7A217A70AD388C02B75B4DF48615DA9A38D1A66F785A1AC33B5E8B
SHA-512:	4474562976F8A6400C2BF9CF44A747C6B941BD0E6092CC57FCE4AEFC286CE120A8F9C4C89EA7AB17389D660C4379E466443E0D01CE5769BC176DB449A2C5F846
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/css/responsive-leyouts-min_gzip.css
Preview:	@media only screen and (min-width:768px) and (max-width:999px){#logo{width:215px;margin-left:-30px}.site_logo h1{font-size:20px}.container{width:727px;margin:auto auto auto auto}#access .menu{width:500px}#access .menu ul li a{padding:40px 4px 34px 4px}#access .menu ul li a:hover{padding:40px 4px 34px 4px}#access .menu ul li a.active{padding:40px 4px 34px 4px}.date_wrap{width:18%}.date{padding-left:0}.top_contact_info{float:left;width:100%}.features_section .sections{margin-right:6px}.features_section .sections .right{width:52%;padding:10px 0 0 18px}.whats_new .contarea{width:84%}.features_section_two .sections{margin-right:6px}.ad_one .but{margin-bottom:18px;width:50%;margin-left:18%}.ad_one .carve{width:226px}.ad_two .carve{width:226px}ul.whyus_list{margin:0;width:100%}.slider_button1{font-size:12px;width:120px;height:35px;line-height:37px;margin-left:3px;background:url(../images/sbut-01.png) no-repeat -25px -6px}.slider_button2{font-size:12px;width:120px;height:35px;line-height:37px;

Chrome Cache Entry: 267

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (381), with CRLF line terminators
Category:	downloaded
Size (bytes):	35667
Entropy (8bit):	4.937784253916781
Encrypted:	false
SSDEEP:
MD5:	E2C74349F2D582098A7E4EB10A4E737E
SHA1:	D07F3515C604D85B29E5CBB58DF9E9FDF52A08AE
SHA-256:	A412C8678BB81E0BBAE0BBDDC6BC908A0F512E341F23C21592B632E2BDB2CA0C
SHA-512:	7A3F512239CDA9FBFC69F1EA04CC29F6D3B1508C5090CE31502D052FFE72A2DFDDA5CD98F10A12A01F6A14EEDAAE57D5027253B8F50741C70632EDFFDB71B690
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/en/
Preview:	..<!doctype html>.... [if IE 7 ]> <html lang="en-gb" class="isie ie7 oldie no-js"> <![endif]-->.. [if IE 8 ]> <html lang="en-gb" class="isie ie8 oldie no-js"> <![endif]-->.. [if IE 9 ]> <html lang="en-gb" class="isie ie9 no-js"> <![endif]-->.. [if (gt IE 9)\|!(IE)]> > <html lang="en-gb" class="no-js"> <![endif]-->......<head>...<style>../* page title */..@media (min-width:320px) { ....page_title {....background: url(/images/sliders/revolution/slider-bg-mobile.jpg) no-repeat center top;...}..}..@media (min-width:600px) {....page_title {....background: url(/images/sliders/revolution/slider-bg.jpg) no-repeat center top;...}..}...page_title {...width: 100%;...min-height: 50px;...padding-top: 20px;...margin: -20px 0px 0px 0px;..}...page_title .leaft_title {...width: 68%;...display: block;...float: left;...text-align: left;...margin: 0px 0 0 0px;..}...page_title .leaft_title h1 { ...font-size: 22px;...line-height: 30px;...color: #fff;...font-weight: 600;...text-tr

Chrome Cache Entry: 268

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1268
Entropy (8bit):	6.743565739389761
Encrypted:	false
SSDEEP:
MD5:	EDBD216592F8DCD53D3033D413A8BDBA
SHA1:	AE968F8EAD532265F624C45199E506FD722F19CB
SHA-256:	3F8FA4AE6970F42FF7A750989F96441A460475CC4534F43ED597D8E96A5FB097
SHA-512:	FDAC31F7F899EB5791C14D978916AAAFFE09F4625C56D2651E21AE823AD62E23E6A814D7DC0644ADF45CA607CE0DC48C55D90984286193C4017E749BB27AA2C6
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:091FEDC3DE7A11E28426D65CE9EC159A" xmpMM:DocumentID="xmp.did:091FEDC4DE7A11E28426D65CE9EC159A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:091FEDC1DE7A11E28426D65CE9EC159A" stRef:documentID="xmp.did:091FEDC2DE7A11E28426D65CE9EC159A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.v.....jIDATx...+DQ...y.B....fa1I..Y.B..[..Y.!.Y.")..... +.I.....X.fp}....z?g......{....E.U!.oE.)...5tb.5....x.I

Chrome Cache Entry: 269

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 24 x 24
Category:	downloaded
Size (bytes):	2545
Entropy (8bit):	7.144078312196678
Encrypted:	false
SSDEEP:
MD5:	4B3AFB84B2B71EF56DF09997A350BD04
SHA1:	ACCDAC8A7ABEAB0E21C49539AAD0A973ADDB28EF
SHA-256:	9034D5D34015E4B05D2C1D1A8DC9F6EC9D59BD96D305EB9E24E24E65C591A645
SHA-512:	D65078B5D13873ADB363472B5C358F6B42C128B530F8FEBA9776F8E4906CC97F20EE7BF1E823336CDA8049147A9C7FA5E4016F07F96EC154F3774FBDE1A564B6
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/revolutionslider/rs-plugin/assets/loader.gif
Preview:	GIF89a...........................................vvv......hhh..........................................!..Created with ajaxload.info.!.......!..NETSCAPE2.0.....,........... .$.AeZ...<...Q46.<...A.......H.a....:....ID0.F...a\xG.3...!...O:-....Rj...TJ..........t...........~."...ds]......)t...-"...i;H>.n.Qg]_......R.3.....GI?.....v$...j3!.!.......,........... .$.0eZ..y..0..q ..P..W...)";..qX.^..D50......<H3.!.....k-.n..a. .(.i...d.$P@y.w`.J..#.....?..y........o...g.....f....'8..{..'C.p`j.n."...2.{.`x...jy.4...C,.4..o#n.$.....!.!.......,........... .$. eZ...$.2.....q....E. ....p$H@D/.....G.D.j8v#..P((D..... ..N.(3..#.y....(@...gUx.kK.).....?K...............$..."...........K.....W......x..?.G...#.W....n.h.K,.....+.....!.!.......,........... .$ .eZ..Y.$1..Q(c......O'"............. 1....q.d"..A.....V.x8p..4988.MRC.@....e.3@.iI.)..'.?I.........@.......,.....#.........5..,.....".E..z...?..@.E...@.....).....*!.!.......,........... .$.(e..$....C.E1..;...('2$..

Chrome Cache Entry: 270

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (55901), with CRLF line terminators
Category:	downloaded
Size (bytes):	56235
Entropy (8bit):	5.14692740363503
Encrypted:	false
SSDEEP:
MD5:	E28129CF4DF03D30010AEF096FC3A3D8
SHA1:	D44D06B4EAE3DFC289F1FACBA5E2F97626A253FA
SHA-256:	B3DD18609EFF4243F3A46AC351D68CA5EDF7F0A13065FD11D44F76C642254647
SHA-512:	25A0348C4CCD964844817423B70BB4730AB0C4E36B07F7329EFE8E8413D5BE5D478BAD06F5AD54CD4C1995607E0A98664F2E2D412EA02126090AF6B078DE9E1F
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/js/revolutionslider/rs-plugin/js/jquery.themepunch.revolution.min_gzip.js
Preview:	/*************************************************************************.. jquery.themepunch.revolution.js - jQuery Plugin for kenburn Slider.. * @version: 2.3.9 (03.04.2013).. * @requires jQuery v1.7 or later (tested on 1.9).. * @author ThemePunch..*************************************************************************/....(function(e,t){function n(e){var t=[],n;var r=window.location.href.slice(window.location.href.indexOf(e)+1).split("_");for(var i=0;i<r.length;i++){r[i]=r[i].replace("%3D","=");n=r[i].split("=");t.push(n[0]);t[n[0]]=n[1]}return t}function r(t,n){t.find(".defaultimg").each(function(r){d(e(this),n);n.height=Math.round(n.startheight(n.width/n.startwidth));t.height(n.height);d(e(this),n);try{t.parent().find(".tp-bannershadow").css({width:n.width})}catch(s){}var o=t.find(">ul >li:eq("+n.act+") .slotholder");var u=t.find(">ul >li:eq("+n.next+") .slotholder");b(t,n);u.find(".defaultimg").css({opacity:0});o.find(".defaultimg").css({opacity:1});w(t,n);var a=t.find(">

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 36, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	1010
Entropy (8bit):	6.165496799581702
Encrypted:	false
SSDEEP:
MD5:	0A7A1491892895F2D9006938C90417AA
SHA1:	ABCCAC0C1E03A6DA8BE1B8EF2A26834BB62BEBF0
SHA-256:	0DD46DE8783CA7645BCE87BDDC1BCB45F12D66E37288C0A4D9B0736B498B2CBD
SHA-512:	E4F67EF915416D110D58F0F22155260EB2D5C62D70F7A40410B37439C768EBC0BBC0F0EFAC9EE6D78628480D3EAB507D57D449B7EA5ACC5815A8FE5719CA4713
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......$.....,!\|X....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:73E4F6DBE2E311E2A8E9E53BFAA8ED74" xmpMM:DocumentID="xmp.did:73E4F6DCE2E311E2A8E9E53BFAA8ED74"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:73E4F6D9E2E311E2A8E9E53BFAA8ED74" stRef:documentID="xmp.did:73E4F6DAE2E311E2A8E9E53BFAA8ED74"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>l.....hIDATx.LO... ..._..?............r..]p.Z.`I.g.j.....3.f......;.....1....k.{6x...d....T.,.8.......'....r0./k...

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	756
Entropy (8bit):	7.435711057812167
Encrypted:	false
SSDEEP:
MD5:	8A8739EF40356BFB8F1BD171A896ED93
SHA1:	620501D4ACA42D9C6D06CAB28C6133FFC8234103
SHA-256:	4EC3B3767681A2E861D1B4F21841C536F8AA7A87104D1CDE355AECA9AD855E53
SHA-512:	7CE4FAED1819EF027FCD338766133F1F87D0F17FBC07E06126DAA3EAB5A0C5B25C5099E368C853D3BCD9176F2A4B99EC6C2FD3852C41F318E5DA1FA4D6CBE26B
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...@...@......iq.....IDATx...?o.@......iR;.....R.'.H.{..3#HL.W.;00....].B.C7...H,,..P.)@!...9.[C.?Rr.{....q.~...s.....!.......`..A..@..I...*.......J[................6...o.y.XZZ.0,..I...V7..r...@.tN&.U.,.....C....y.a...D.u.u..s.......K.p....'Kv..DN-'.^.kl.'......<....Je.I..@..K.JVMRW.e.f.e....V_o.1..h......./..wc...W.x...........n5.(. .. .. .. .. ..(.@.g..O...._\|,.n?\|...o..q..wN..}........g..{..^.Xy......O..2.x"w....?.B\|q...u....a..6....;......o....... .E...Y.@..i....Ds..4A.7%.~N.......w_..K.oFh.$.. .. .. .. .. ...2..m..r..3F..T{.8.,C.e.RkxVj.... /....V.(..=(....7.=O.~....o..)...Q..2..l.%5\..3.S.......I.'..."...G.. /j....'.."... ...y..}.....k...RJ....Q...8............K.0j........./..f....f)nq..L....IEND.B`.

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 100 x 40, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2559
Entropy (8bit):	7.601130717493205
Encrypted:	false
SSDEEP:
MD5:	3198B2B117996E7786410CA4561066BF
SHA1:	06D7860EFB15F076B22B1599C39DD228B8524748
SHA-256:	62F98B720B94DC4200FC1BB1B1ACA7156B139845A0BB7B98BAD9E7A407EDB0B4
SHA-512:	5194317EAEA37C18F3D3D60452FA3E139D5B9B060856575E421062158DD430CEF6E27197410CB0AE668B4459961C478EDF3C0FA9EDE5933A9B0256C25CA68653
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...d...(......x_C....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:A5D49285DEDF11E2999EA1255BC8843A" xmpMM:DocumentID="xmp.did:A5D49286DEDF11E2999EA1255BC8843A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:A5D49283DEDF11E2999EA1255BC8843A" stRef:documentID="xmp.did:A5D49284DEDF11E2999EA1255BC8843A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..5/...uIDATx..[.KcW....etb.c.He.j..-.B.5q..8.......g9..];....... .qQ.]d.........D..vQ...y..9.w.......5.\|..sr.....8...

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 1555x405, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	36782
Entropy (8bit):	7.994804225231806
Encrypted:	true
SSDEEP:
MD5:	169659BF0E95FD1802F87EA6D8268A72
SHA1:	EE97393F826A4729D371963C29469A39E8EB0879
SHA-256:	2EE2C332AAA5CA317677655DB0E6B806E2B01926A2DB9B773E4163B47317A9ED
SHA-512:	7D9A8142C30CF1FA24176B7E554864F74929D44D33EE628E41FB7A7FCE7B690446B32DAA7E0BB4F00840DF8AFD78C494A8B46D940AEA966E16D206727CA5FC59
Malicious:	false
Reputation:	low
URL:	https://www.ultraviewer.net/images/audio-sharing-banner-en.webp
Preview:	RIFF....WEBPVP8 .....s.......>Q&.F..'.!....glb..\|n..^......m.}[$.o........<...[M....oFr<g..8..=>y7...=w?k..........?...\|.........._...........[../...............S.S.G...?...? .................p.......:........3....._\|O...{z.R....{......<.......]\|`...C.>.?.z......~B.........~g\|.~_.#...w"...3.....?.?....c........../.O.o.?.\|.\|.?/.?...+.O..XO............./..>..2.....P....1..X..j.o.^&U...i.. ..7.xz..y6)f..).P....x.....).H....Lgr..8...m.M.... ..Q]8...M.$...BdA..K_...w..{....N.n........e.2}.Tx..w....... X.....3...'Y.q..2........A.....Q.ja....:.....?.2..M..M8.]slVO....\......:..iC.z..l>....#.=.......lP5o..k..Q..~.....9...1....0..3..._R.R.}+.h.UE...-.<.&j9R......3m+..m..6.69..'.S..Se.D{. ...U...~......b..-.....Y+..Xr..T{..F./G.++.7.~.b.3-C.U...\|.l!.=...l.......h..R.R.............'j...P....?Gq.....($...6.U.:...A,..),.}........\..A.......8..T...v.....9.....4.s....-.!...u.]..g..{..-#..&.K]..i.......V..R/h..U......\|o.y.sB...!g..s2..._.1.:.R....&

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 4 x 7, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	963
Entropy (8bit):	5.894792571533947
Encrypted:	false
SSDEEP:
MD5:	257E52093321EECA074868B60B5A66B3
SHA1:	D2F71FA04C37CE404B529B00069163449CB4C6A7
SHA-256:	C5E5E2949860422A27B7B73DEBC9BDDC868C468C36583B233748522E39B62BBB
SHA-512:	B67DD997E006F28F2DA233D205ED2C45CC8F5FB1357A08000DBC59057864AEC7CADBD46B0D618BC7A75AAA188B9A08F44A9179DD391E5850D8864022F340C09C
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR............./e......tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:7C3DBD87DE7311E2AECAA1E097761E6C" xmpMM:DocumentID="xmp.did:7C3DBD88DE7311E2AECAA1E097761E6C"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7C3DBD85DE7311E2AECAA1E097761E6C" stRef:documentID="xmp.did:7C3DBD86DE7311E2AECAA1E097761E6C"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...q...9IDATx.b.9s.. `.a&. .5k...(`JKKcD.d.)C.@..R.,%%...U.8 ..`..L ....p....IEND.B`.

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1146
Entropy (8bit):	6.450082511480491
Encrypted:	false
SSDEEP:
MD5:	4E979F5FD5CC217D7B3AF0B51B8C3ED1
SHA1:	3575EA36432F993E7AD6CF8FFB835121C0CFD33E
SHA-256:	A3113F35AC8B83ABB1EB7C1156D0A2123ECF9DBA4BCD045A5881619234B4639F
SHA-512:	7DAE4AC46350A91007321C1CBA93202339F42873DE551B2054D253F2A83557F63910906A18134B34C5F54DDFA12A8D94D8B9885009FE27323294E98893E4CA3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:DA32043DDE7911E2B286BD8B2D1EA82E" xmpMM:DocumentID="xmp.did:DA32043EDE7911E2B286BD8B2D1EA82E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DA32043BDE7911E2B286BD8B2D1EA82E" stRef:documentID="xmp.did:DA32043CDE7911E2B286BD8B2D1EA82E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...1....IDATx.b...?......X.......7..... ..`V .....1.jlzX............l.......@....c.2../.W@.\|G............b@....h......

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.ultraviewer.net/en/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 116

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 130

Chrome Cache Entry: 132

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 156

Windows Analysis Report
https://www.ultraviewer.net/en/