Edit tour

Windows Analysis Report
https://u36994941.ct.sendgrid.net/ls/click?upn=tOup2TSJrDS9qUw3t0G4sV8ZLpnhZboJgZodoAlLMD4zyuM-2BIgx4YyEM-2FGZc26MSZSsquKr6XT0CyfkYLGhvTw-3D-3DGgDh_1X3ig9KHikF1BTjPqHDJXw3PehiBQMgXrxAgrC9F-2FDWD9KrOR799igXgyb1N833ZU0-2B7Ii3Q2vzEzAYqEU9f0jLjJA-2BYffggNCRfaKaRy9CPm2qF2srWccbYwgKD-2B-2FbNF-2FBLIln38XDr

Overview

General Information

Sample URL:	https://u36994941.ct.sendgrid.net/ls/click?upn=tOup2TSJrDS9qUw3t0G4sV8ZLpnhZboJgZodoAlLMD4zyuM-2BIgx4YyEM-2FGZc26MSZSsquKr6XT0CyfkYLGhvTw-3D-3DGgDh_1X3ig9KHikF1BTjPqHDJXw3PehiBQMgXrxAgrC9F-2FDWD9KrOR7
Analysis ID:	1303605

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Phishing site detected (based on favicon image match)

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 2344 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://u36994941.ct.sendgrid.net/ls/click?upn=tOup2TSJrDS9qUw3t0G4sV8ZLpnhZboJgZodoAlLMD4zyuM-2BIgx4YyEM-2FGZc26MSZSsquKr6XT0CyfkYLGhvTw-3D-3DGgDh_1X3ig9KHikF1BTjPqHDJXw3PehiBQMgXrxAgrC9F-2FDWD9KrOR799igXgyb1N833ZU0-2B7Ii3Q2vzEzAYqEU9f0jLjJA-2BYffggNCRfaKaRy9CPm2qF2srWccbYwgKD-2B-2FbNF-2FBLIln38XDrpLzVJPfxLztO-2Bw61rcrhri4mX5INbzHv2LWnFl2L1-2Bs3fuVdtUMWCng6yI2cEuH0Zas6L0T2bzcEwhYjkPLIEQcILQpFMvJfWSNwWA5aQlFkSwsguxw4duKKkQ-2Fg8jjtRfL1ooXj9IjgjqxgFsfnrrY370rLDJO1kfMoMYeBLUKor08dIJygdQZXZ9lI1ao2DJsyJaJ6gil7sNM-2BdU9139ed7uaRANq5EPKlP2arPkznuq5ovDmtsdrPmTZ-2F3kgEblSHwgV3NQHiHlgxDiGi3pXenkE3FQslW8xg8LPM5vB6Tsuy2fZrdCLEOgXeAMAOvJ3e6NONHpOcBh01QBzky2oJ5n4CnPmDlq50KqHmJzX2LW8PLUfAIHBa1uDWXpnwG-2FIhof8UqUGHzA6OEkSIvLuPkQjppz5SQX04SdQB9bJXFcwgkwABLnNIgumnF46HcQuhH-2Fk6stTKhWVxgG2jU2ZIyF8DPsCwJ9rHWjh28Y5DJKwxYv-2BI2SoK3aY-2FVpFckRuMQRoOSsAxsllBqPc1gWEk0f4yfkz98rkhP39FrjbhKAqLU-2BYRBj7KS9pqYlzHhMuL8hho25ewLfP6XwJkcoBQGVpBXDvjGszu-2F3LmNZRa60DyuqIi8cFZVjyZ81mDhvHnMyDyHI1WThoqw-2B6EkiD69ktJo-2F7Zy61B4PDJ8IzJtPiKMvcYaYc7IzAhdqyHr0pODMyKgPQHvqidzS3TCuNUcqx7gEY-3D MD5: C817D9E0D995276EC89E4C89AFC19694)

chrome.exe (PID: 4752 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1908,i,16282173386618026682,13587911242213761514,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: C817D9E0D995276EC89E4C89AFC19694)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

• Phishing
• Compliance
• Networking
• System Summary

Click to jump to signature section

Show All Signature Results

Phishing

Phishing site detected (based on favicon image match)

Source: https://landingpage-mfa-selfservice-micro.softr.app/

Matcher: Template: microsoft matched with high similarity

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Source: unknown

DNS traffic detected: queries for: u36994941.ct.sendgrid.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: classification engine

Classification label: mal48.phis.win@24/78@9/141

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\GoogleUpdater

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://u36994941.ct.sendgrid.net/ls/click?upn=tOup2TSJrDS9qUw3t0G4sV8ZLpnhZboJgZodoAlLMD4zyuM-2BIgx4YyEM-2FGZc26MSZSsquKr6XT0CyfkYLGhvTw-3D-3DGgDh_1X3ig9KHikF1BTjPqHDJXw3PehiBQMgXrxAgrC9F-2FDWD9KrOR799igXgyb1N833ZU0-2B7Ii3Q2vzEzAYqEU9f0jLjJA-2BYffggNCRfaKaRy9CPm2qF2srWccbYwgKD-2B-2FbNF-2FBLIln38XDrpLzVJPfxLztO-2Bw61rcrhri4mX5INbzHv2LWnFl2L1-2Bs3fuVdtUMWCng6yI2cEuH0Zas6L0T2bzcEwhYjkPLIEQcILQpFMvJfWSNwWA5aQlFkSwsguxw4duKKkQ-2Fg8jjtRfL1ooXj9IjgjqxgFsfnrrY370rLDJO1kfMoMYeBLUKor08dIJygdQZXZ9lI1ao2DJsyJaJ6gil7sNM-2BdU9139ed7uaRANq5EPKlP2arPkznuq5ovDmtsdrPmTZ-2F3kgEblSHwgV3NQHiHlgxDiGi3pXenkE3FQslW8xg8LPM5vB6Tsuy2fZrdCLEOgXeAMAOvJ3e6NONHpOcBh01QBzky2oJ5n4CnPmDlq50KqHmJzX2LW8PLUfAIHBa1uDWXpnwG-2FIhof8UqUGHzA6OEkSIvLuPkQjppz5SQX04SdQB9bJXFcwgkwABLnNIgumnF46HcQuhH-2Fk6stTKhWVxgG2jU2ZIyF8DPsCwJ9rHWjh28Y5DJKwxYv-2BI2SoK3aY-2FVpFckRuMQRoOSsAxsllBqPc1gWEk0f4yfkz98rkhP39FrjbhKAqLU-2BYRBj7KS9pqYlzHhMuL8hho25ewLfP6XwJkcoBQGVpBXDvjGszu-2F3LmNZRa60DyuqIi8cFZVjyZ81mDhvHnMyDyHI1WThoqw-2B6EkiD69ktJo-2F7Zy61B4PDJ8IzJtPiKMvcYaYc7IzAhdqyHr0pODMyKgPQHvqidzS3TCuNUcqx7gEY-3D
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1908,i,16282173386618026682,13587911242213761514,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1908,i,16282173386618026682,13587911242213761514,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	2 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	2 Encrypted Channel	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	1 Non-Application Layer Protocol	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	2 Application Layer Protocol	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://u36994941.ct.sendgrid.net/ls/click?upn=tOup2TSJrDS9qUw3t0G4sV8ZLpnhZboJgZodoAlLMD4zyuM-2BIgx4YyEM-2FGZc26MSZSsquKr6XT0CyfkYLGhvTw-3D-3DGgDh_1X3ig9KHikF1BTjPqHDJXw3PehiBQMgXrxAgrC9F-2FDWD9KrOR799igXgyb1N833ZU0-2B7Ii3Q2vzEzAYqEU9f0jLjJA-2BYffggNCRfaKaRy9CPm2qF2srWccbYwgKD-2B-2FbNF-2FBLIln38XDrpLzVJPfxLztO-2Bw61rcrhri4mX5INbzHv2LWnFl2L1-2Bs3fuVdtUMWCng6yI2cEuH0Zas6L0T2bzcEwhYjkPLIEQcILQpFMvJfWSNwWA5aQlFkSwsguxw4duKKkQ-2Fg8jjtRfL1ooXj9IjgjqxgFsfnrrY370rLDJO1kfMoMYeBLUKor08dIJygdQZXZ9lI1ao2DJsyJaJ6gil7sNM-2BdU9139ed7uaRANq5EPKlP2arPkznuq5ovDmtsdrPmTZ-2F3kgEblSHwgV3NQHiHlgxDiGi3pXenkE3FQslW8xg8LPM5vB6Tsuy2fZrdCLEOgXeAMAOvJ3e6NONHpOcBh01QBzky2oJ5n4CnPmDlq50KqHmJzX2LW8PLUfAIHBa1uDWXpnwG-2FIhof8UqUGHzA6OEkSIvLuPkQjppz5SQX04SdQB9bJXFcwgkwABLnNIgumnF46HcQuhH-2Fk6stTKhWVxgG2jU2ZIyF8DPsCwJ9rHWjh28Y5DJKwxYv-2BI2SoK3aY-2FVpFckRuMQRoOSsAxsllBqPc1gWEk0f4yfkz98rkhP39FrjbhKAqLU-2BYRBj7KS9pqYlzHhMuL8hho25ewLfP6XwJkcoBQGVpBXDvjGszu-2F3LmNZRa60DyuqIi8cFZVjyZ81mDhvHnMyDyHI1WThoqw-2B6EkiD69ktJo-2F7Zy61B4PDJ8IzJtPiKMvcYaYc7IzAhdqyHr0pODMyKgPQHvqidzS3TCuNUcqx7gEY-3D	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
accounts.google.com	142.251.2.84	true	false	high
dkauf0r2pwmce.cloudfront.net	18.65.25.31	true	false	high
u36994941.ct.sendgrid.net	167.89.123.122	true	false	high
landingpage-mfa-selfservice-micro.softr.app	3.64.247.100	true	false	unknown
www.google.com	142.251.2.104	true	false	high
clients.l.google.com	142.251.2.102	true	false	high
dualstack.com.imgix.map.fastly.net	146.75.94.208	true	false	unknown
fonts.softr-files.com	3.72.135.223	true	false	unknown
clients2.google.com	unknown	unknown	false	high
assets.softr-files.com	unknown	unknown	false	unknown
softr-prod.imgix.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://landingpage-mfa-selfservice-micro.softr.app/	false		unknown
about:blank	false		low

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
167.89.123.122	u36994941.ct.sendgrid.net	United States	11377	SENDGRIDUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
34.104.35.123	unknown	United States	15169	GOOGLEUS	false
3.64.247.100	landingpage-mfa-selfservice-micro.softr.app	United States	16509	AMAZON-02US	false
18.65.25.31	dkauf0r2pwmce.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
142.251.2.84	accounts.google.com	United States	15169	GOOGLEUS	false
142.251.2.94	unknown	United States	15169	GOOGLEUS	false
3.72.135.223	fonts.softr-files.com	United States	16509	AMAZON-02US	false
142.251.2.102	clients.l.google.com	United States	15169	GOOGLEUS	false
142.251.2.104	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
146.75.94.208	dualstack.com.imgix.map.fastly.net	Sweden	30051	SCCGOVUS	false
142.250.141.94	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1

General Information

Joe Sandbox Version:	38.0.0 Beryl
Analysis ID:	1303605
Start date and time:	2023-09-05 15:49:37 +02:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://u36994941.ct.sendgrid.net/ls/click?upn=tOup2TSJrDS9qUw3t0G4sV8ZLpnhZboJgZodoAlLMD4zyuM-2BIgx4YyEM-2FGZc26MSZSsquKr6XT0CyfkYLGhvTw-3D-3DGgDh_1X3ig9KHikF1BTjPqHDJXw3PehiBQMgXrxAgrC9F-2FDWD9KrOR799igXgyb1N833ZU0-2B7Ii3Q2vzEzAYqEU9f0jLjJA-2BYffggNCRfaKaRy9CPm2qF2srWccbYwgKD-2B-2FbNF-2FBLIln38XDrpLzVJPfxLztO-2Bw61rcrhri4mX5INbzHv2LWnFl2L1-2Bs3fuVdtUMWCng6yI2cEuH0Zas6L0T2bzcEwhYjkPLIEQcILQpFMvJfWSNwWA5aQlFkSwsguxw4duKKkQ-2Fg8jjtRfL1ooXj9IjgjqxgFsfnrrY370rLDJO1kfMoMYeBLUKor08dIJygdQZXZ9lI1ao2DJsyJaJ6gil7sNM-2BdU9139ed7uaRANq5EPKlP2arPkznuq5ovDmtsdrPmTZ-2F3kgEblSHwgV3NQHiHlgxDiGi3pXenkE3FQslW8xg8LPM5vB6Tsuy2fZrdCLEOgXeAMAOvJ3e6NONHpOcBh01QBzky2oJ5n4CnPmDlq50KqHmJzX2LW8PLUfAIHBa1uDWXpnwG-2FIhof8UqUGHzA6OEkSIvLuPkQjppz5SQX04SdQB9bJXFcwgkwABLnNIgumnF46HcQuhH-2Fk6stTKhWVxgG2jU2ZIyF8DPsCwJ9rHWjh28Y5DJKwxYv-2BI2SoK3aY-2FVpFckRuMQRoOSsAxsllBqPc1gWEk0f4yfkz98rkhP39FrjbhKAqLU-2BYRBj7KS9pqYlzHhMuL8hho25ewLfP6XwJkcoBQGVpBXDvjGszu-2F3LmNZRa60DyuqIi8cFZVjyZ81mDhvHnMyDyHI1WThoqw-2B6EkiD69ktJo-2F7Zy61B4PDJ8IzJtPiKMvcYaYc7IzAhdqyHr0pODMyKgPQHvqidzS3TCuNUcqx7gEY-3D
Analysis system description:	Windows 10 64 bit version 1909 (MS Office 2019, IE 11, Chrome 104, Firefox 88, Adobe Reader DC 21, Java 8 u291, 7-Zip)
Number of analysed new started processes analysed:	15
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@24/78@9/141

Warnings

Exclude process from analysis (whitelisted): SIHClient.exe, SgrmBroker.exe, usocoreworker.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.141.94, 34.104.35.123, 142.251.2.94
Excluded domains from analysis (whitelisted): fs.microsoft.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, fonts.gstatic.com, clientservices.googleapis.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://u36994941.ct.sendgrid.net/ls/click?upn=tOup2TSJrDS9qUw3t0G4sV8ZLpnhZboJgZodoAlLMD4zyuM-2BIgx4YyEM-2FGZc26MSZSsquKr6XT0CyfkYLGhvTw-3D-3DGgDh_1X3ig9KHikF1BTjPqHDJXw3PehiBQMgXrxAgrC9F-2FDWD9KrOR799igXgyb1N833ZU0-2B7Ii3Q2vzEzAYqEU9f0jLjJA-2BYffggNCRfaKaRy9CPm2qF2srWccbYwgKD-2B-2FbNF-2FBLIln38XDrpLzVJPfxLztO-2Bw61rcrhri4mX5INbzHv2LWnFl2L1-2Bs3fuVdtUMWCng6yI2cEuH0Zas6L0T2bzcEwhYjkPLIEQcILQpFMvJfWSNwWA5aQlFkSwsguxw4duKKkQ-2Fg8jjtRfL1ooXj9IjgjqxgFsfnrrY370rLDJO1kfMoMYeBLUKor08dIJygdQZXZ9lI1ao2DJsyJaJ6gil7sNM-2BdU9139ed7uaRANq5EPKlP2arPkznuq5ovDmtsdrPmTZ-2F3kgEblSHwgV3NQHiHlgxDiGi3pXenkE3FQslW8xg8LPM5vB6Tsuy2fZrdCLEOgXeAMAOvJ3e6NONHpOcBh01QBzky2oJ5n4CnPmDlq50KqHmJzX2LW8PLUfAIHBa1uDWXpnwG-2FIhof8UqUGHzA6OEkSIvLuPkQjppz5SQX04SdQB9bJXFcwgkwABLnNIgumnF46HcQuhH-2Fk6stTKhWVxgG2jU2ZIyF8DPsCwJ9rHWjh28Y5DJKwxYv-2BI2SoK3aY-2FVpFckRuMQRoOSsAxsllBqPc1gWEk0f4yfkz98rkhP39FrjbhKAqLU-2BYRBj7KS9pqYlzHhMuL8hho25ewLfP6XwJkcoBQGVpBXDvjGszu-2F3LmNZRa60DyuqIi8cFZVjyZ81mDhvHnMyDyHI1WThoqw-2B6EkiD69ktJo-2F7Zy6

Created / dropped Files

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	132436
Entropy (8bit):	5.46565250441504
Encrypted:	false
SSDEEP:
MD5:	CD2E02D240E777E4E2B2CD8314CC5255
SHA1:	553C545F395514B29A616B5517BC85F34B235D46
SHA-256:	F039FEBC8CE629FC2F5864FC6A122D8F3C348BD371EC01CB64B86B9E17CA5CD0
SHA-512:	BC7584C49B30116AA7DF6362240DFBE977325473B765E21CCAD537DC987080DDB1654C7E4D1EE9BC91628414E640C371A2CB9A1C8BB0A719812CA42A098632E6
Malicious:	false
Reputation:	low
Preview:	var renderBlock;(()=>{var e={94184:(e,t)=>{var r;!function(){"use strict";var n={}.hasOwnProperty;function o(){for(var e=[],t=0;t<arguments.length;t++){var r=arguments[t];if(r){var i=typeof r;if("string"===i\|\|"number"===i)e.push(r);else if(Array.isArray(r)){if(r.length){var a=o.apply(null,r);a&&e.push(a)}}else if("object"===i)if(r.toString===Object.prototype.toString)for(var s in r)n.call(r,s)&&r[s]&&e.push(s);else e.push(r.toString())}}return e.join(" ")}e.exports?(o.default=o,e.exports=o):void 0===(r=function(){return o}.apply(t,[]))\|\|(e.exports=r)}()},8679:(e,t,r)=>{"use strict";var n=r(21296),o={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:!0,getDerivedStateFromProps:!0,mixins:!0,propTypes:!0,type:!0},i={name:!0,length:!0,prototype:!0,caller:!0,callee:!0,arguments:!0,arity:!0},a={$$typeof:!0,compare:!0,defaultProps:!0,displayName:!0,propTypes:!0,type:!0},s={};function l(e){return n.isMemo(e)?a:s[e.$$t

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	103504
Entropy (8bit):	5.476361068314225
Encrypted:	false
SSDEEP:
MD5:	678C83DF3B0D45909D0B51A7FAF828B5
SHA1:	17AB4DD5B791AC585A43E6AE234D1EE6D5C7245B
SHA-256:	89BA3B1E99E0C288DEE4BEF34F27F9C3AB2605F9D3D5A6A11181A86DCA929B1B
SHA-512:	8938C9AA6AB6CF55ECAE65685D7105D71343823D66CF778F6A41FE21AE46F4EA7166CFDEC747A32D1FE703477E610AB8EA10A49D9A6B003EC95809A272182D42
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/softr-blocks/prod/blocks/footer5/3.1.0/main.js?t=1684848036526
Preview:	var renderBlock;(()=>{var e={94184:(e,t)=>{var r;!function(){"use strict";var n={}.hasOwnProperty;function o(){for(var e=[],t=0;t<arguments.length;t++){var r=arguments[t];if(r){var i=typeof r;if("string"===i\|\|"number"===i)e.push(r);else if(Array.isArray(r)){if(r.length){var a=o.apply(null,r);a&&e.push(a)}}else if("object"===i)if(r.toString===Object.prototype.toString)for(var s in r)n.call(r,s)&&r[s]&&e.push(s);else e.push(r.toString())}}return e.join(" ")}e.exports?(o.default=o,e.exports=o):void 0===(r=function(){return o}.apply(t,[]))\|\|(e.exports=r)}()},8679:(e,t,r)=>{"use strict";var n=r(21296),o={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:!0,getDerivedStateFromProps:!0,mixins:!0,propTypes:!0,type:!0},i={name:!0,length:!0,prototype:!0,caller:!0,callee:!0,arguments:!0,arity:!0},a={$$typeof:!0,compare:!0,defaultProps:!0,displayName:!0,propTypes:!0,type:!0},s={};function l(e){return n.isMemo(e)?a:s[e.$$t

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301
Category:	downloaded
Size (bytes):	80148
Entropy (8bit):	7.997312972445432
Encrypted:	true
SSDEEP:
MD5:	C500DA19D776384BA69573AE6FE274E7
SHA1:	6290834672ABA86D5B6C1C73B30B57C9C53996F7
SHA-256:	CFE3B7382E477059DA11BE2099914B94F0E2A4F08240C60542C376957B8D9658
SHA-512:	E7391F2B8D8ACD4B82F64927ED98ACC863E09AB4330D46094D548DB9C55E23291304F9B35BC58AE4B175327C786CBC8CA568DBEA110938AB8AA3251CACCF5C8C
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Preview:	wOF2......9...........8..KC.....................?FFTM....`..F.....l..:.6.$..(..,.. ..+...[.y.....#.m...\........-.C%..bl.b.............m."lng.f.ns..$P.<..`.U.<eK%p.9p.q.z....l..P+.;..2....1.V1..%t.....$;N.<N.j..f...Skm....J."...-.j.8to.K)X....D."..kD.s..s....D."..A...t.i.G.].Z#&..k..a...j6...[.......x.36......^......r..L..1ww.......Y&..W{.r2OLG..o.,A$..`...2.-.<....=a...}.VfkO......m...a.E..w.. ...e..!..?.%..K...2..[..,x.Z..'..E...4...Kf....t(\+.....g.mok(.v...^.g>......\.\..7.....T...).0:.g4A...%....X..n...I..%.0r$."... ,s.0U....5A D.O......Vq.+8v..J..N;.K..~W..K.C0L...:?{o...../J6lnL...h..x..nQS...m..l...........'x.U....D]......HQT.FiB...!..u..M...............so..tDn.{.............). ..FAw.Y.....\.f9f6.)..L.6.v..J....m\.u+.W7.X.UJ.5R`.Z_`U..11i....Ln..>#_.p...D.F'.O.H.f.rf.x.....X.1..O_.=Qh....@{...?-........w..$.:Y`..9..W7)..V...IO:.." . ...(..L..<.x...=..Q..D.0...*..H.#.t;?):A_ ..COP...UpbD".!.pm.7....;.......b...(1...m.....sV..`...t....6.......ah

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	203
Entropy (8bit):	4.613908906656448
Encrypted:	false
SSDEEP:
MD5:	EC4B64470A83FED9C85007EFD9576007
SHA1:	39169A6FAEF96C5837C9803CF4908B67DC4876D8
SHA-256:	D4A2FC90C449E58521FC16B32CBDDCAD6F7075B0BBE76E799CA3C964FA83BD68
SHA-512:	DD247F1898E47A26497558F55960718C58877C82A74C50F0D5C8B1AE4B0C220669D146400694E3AB3F17399431CFD6D56FD9D93FF97A7AC5CDF09EFBAFEE01A2
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/softr-blocks/prod/blocks/header1/3.1.0/main.css?t=1686647935137
Preview:	.MuiButtonBase-root{box-shadow:none!important}.success-icon{color:inherit;font-size:inherit;margin-left:10px}.MuiButton-root{display:inline-flex;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 48412, version 1.0
Category:	downloaded
Size (bytes):	48412
Entropy (8bit):	7.9960297576602555
Encrypted:	true
SSDEEP:
MD5:	31A8297826CDCEA344698FF952694A7F
SHA1:	4FA1EE4C471D1C05E9141855EEC5EE09B898D594
SHA-256:	7C7818C25A18E8A38553FCBCBC2AD0B5E964103A7D2E494F82815E3F70BF3FC5
SHA-512:	A303971F0E1EA4759679ADF3BE3DC26DFFB13D9AB6B9D2B3C1CC34F57EA6B7870F18E4B7C8552B9225915A5E9E070FAA37DC17F83B5CD66CDBC9149238692123
Malicious:	false
Reputation:	low
URL:	https://fonts.softr-files.com/google/static/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Preview:	wOF2..............BX.................................:..h?HVAR...`?STAT.$'...0+...\|.../V........+..2.0..\.6.$..`. ..~......[.1qE....M.u.../.V..Y.F..V..@..@.q.1..Z.....I..L..(.:.......5.m....!..8.....oX.Y].!.Z...P'+..#XV.H..>^.R..y!(./.. _n..=..[.e.\!...\|..KXX.sb>.C....o.>....1..G./..{G_.".N.(H$.S...Gz.z...Xf.....PKR.g.>..'.r8..8.v5l.pR.tt.....b.j..&9.m.h..A..D.........K.d.7x...k.q._...lxa.-J<.j.{..}....F.n.../&....u........"M.(.e.$..j"...Rt.......{.B,..F..^..K{e'6Fa....r.v..`..px6..IE'.w&';.......w_..l&.6..%@... .bD..?.^;oF..7...x...k.E..-B."Zt.@....W..g?...`dNE.....n=...Z...+....&.i..QVv.;n.1...7om...s...G... !N..!!x1)-.d...........\|o'....fR[.......K.........F.....%M)../Rs..x.m.L...........Fpu........RJ..+.=..[._Z.J.<.XP..O xAQ]...;..7..gE.{....c.y@_.G.(.5.u>../.n.>......[4.A....D......g.d.r..mw....3.$.!<..^......G....b.......$p....)...t.....py.]..^.p...U P.O..(.h.M@6hN..]......v...zu#!.Y.a..u/......4i.F..X..B.>..}..+I...zz.

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	263437
Entropy (8bit):	5.410323715844121
Encrypted:	false
SSDEEP:
MD5:	744E6F5F44B0E88A79A3FFE4F2567827
SHA1:	8345C4BDB7CB9D17F3ACEAD62D5A6225AC2788FA
SHA-256:	7E65AC1B81510EB0648B59609B07E2F181115518F46F9C033F4EFC587762273F
SHA-512:	DB3702AC298E98F8DE2187985578F940929B098A772FDB740024540A2F3E96204D7B96F6A0B2A155DE3AEEC5F4D2127999AED356306F162B8387A5114014490A
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/softr-blocks/prod/blocks/header1/3.1.0/main.js?t=1686647935137
Preview:	var renderBlock;(()=>{var e={54697:(e,t,n)=>{"use strict";n.d(t,{Z:()=>h});var r=n(11526),o=n(46411),i=n(26686),a=n(88160),s=n(20211),l=n(92190),c=function(e,t,n){for(var r=0,i=0;r=i,i=(0,o.fj)(),38===r&&12===i&&(t[n]=1),!(0,o.r)(i);)(0,o.lp)();return(0,o.tP)(e,o.FK)},u=function(e,t){return(0,o.cE)(function(e,t){var n=-1,r=44;do{switch((0,o.r)(r)){case 0:38===r&&12===(0,o.fj)()&&(t[n]=1),e[n]+=c(o.FK-1,t,n);break;case 2:e[n]+=(0,o.iF)(r);break;case 4:if(44===r){e[++n]=58===(0,o.fj)()?"&\f":"",t[n]=e[n].length;break}default:e[n]+=(0,i.Dp)(r)}}while(r=(0,o.lp)());return e}((0,o.un)(e),t))},d=new WeakMap,p=function(e){if("rule"===e.type&&e.parent&&!(e.length<1)){for(var t=e.value,n=e.parent,r=e.column===n.column&&e.line===n.line;"rule"!==n.type;)if(!(n=n.parent))return;if((1!==e.props.length\|\|58===t.charCodeAt(0)\|\|d.get(n))&&!r){d.set(e,!0);for(var o=[],i=u(t,o),a=n.props,s=0,l=0;s<i.length;s++)for(var c=0;c<a.length;c++,l++)e.props[l]=o[s]?i[s].replace(/&\f/g,a[c]):a[c]+" "+i[s]}}},f=fun

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	21372
Entropy (8bit):	5.400656593623232
Encrypted:	false
SSDEEP:
MD5:	E242717F318767A1CD5B0E63F736F57C
SHA1:	9BFA92B0605B5FC1B0336B4D5E0960B12F342048
SHA-256:	9F51324D006DE92B292CEC921351F8737510FC4844B7D3DDE35D0C4A93FDC933
SHA-512:	5C7DE8B5413767720984E6BE8719A164C5F22BF1A79B278CBC5F5FFBDA0E20F177AFC13BBD4BA7A505AAFA47D57F5BC0D6B75BBE3D5781D7F97CAE84C30A1A8D
Malicious:	false
Reputation:	low
URL:	"https://fonts.softr-files.com/google/api/css?family=Arimo:400,500,600,700,400i,500i,600i,700i&display=swap"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Arimo';. font-style: italic;. font-weight: 400;. font-display: swap;. src: url(https://fonts.softr-files.com/google/static/s/arimo/v28/P5sCzZCDf9_T_10c9C5kiK-u.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Arimo';. font-style: italic;. font-weight: 400;. font-display: swap;. src: url(https://fonts.softr-files.com/google/static/s/arimo/v28/P5sCzZCDf9_T_10c9CdkiK-u.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Arimo';. font-style: italic;. font-weight: 400;. font-display: swap;. src: url(https://fonts.softr-files.com/google/static/s/arimo/v28/P5sCzZCDf9_T_10c9C9kiK-u.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Arimo';. font-style: italic;. font-weight: 400;. font-dis

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	30835
Entropy (8bit):	5.473876545451842
Encrypted:	false
SSDEEP:
MD5:	6745786736B6E9F46217C05D06618EBA
SHA1:	06A9DEC396254F180AD60689FE2CF4DF862D66BC
SHA-256:	C92A441600B5DBAFC827BBA9ECEA2EA870C5DC0778DB8DE36CFC113B7EE27514
SHA-512:	E6B56FE28A11FDB0989F015F3FE26E963A7D7BC8257E7454B63591673607D18D80CA111CFE49B2BBFF0DF2BB47D11A05170EFE9191ECCD841122EB3454937C80
Malicious:	false
Reputation:	low
URL:	"https://fonts.softr-files.com/google/api/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.softr-files.com/google/static/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.softr-files.com/google/static/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.softr-files.com/google/static/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.w

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	119136
Entropy (8bit):	5.447843228550527
Encrypted:	false
SSDEEP:
MD5:	5F7DB929DADB39CDBC86F0C214BB6DDD
SHA1:	469D9C7CFBE559AA2E39618DB794442348003E83
SHA-256:	BE5852A56751E289E8ABE8ECE6EE6216D35FD6B617E83B10010BBBAEF765B4A6
SHA-512:	B3155FB24984DD9773EAC26C4AFDF65E9B460A4703F8AA665CFC7657FB2AAA65845F0FE6C7F28536943D04864265BF3B539AC1FB2C948EFBDB208AF2873F1AE1
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/softr-blocks/prod/blocks/hero1/3.0.2/main.js?t=1691413284665
Preview:	var renderBlock;(()=>{var e={94184:(e,t)=>{var r;!function(){"use strict";var n={}.hasOwnProperty;function o(){for(var e=[],t=0;t<arguments.length;t++){var r=arguments[t];if(r){var i=typeof r;if("string"===i\|\|"number"===i)e.push(r);else if(Array.isArray(r)){if(r.length){var a=o.apply(null,r);a&&e.push(a)}}else if("object"===i)if(r.toString===Object.prototype.toString)for(var s in r)n.call(r,s)&&r[s]&&e.push(s);else e.push(r.toString())}}return e.join(" ")}e.exports?(o.default=o,e.exports=o):void 0===(r=function(){return o}.apply(t,[]))\|\|(e.exports=r)}()},8679:(e,t,r)=>{"use strict";var n=r(21296),o={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:!0,getDerivedStateFromProps:!0,mixins:!0,propTypes:!0,type:!0},i={name:!0,length:!0,prototype:!0,caller:!0,callee:!0,arguments:!0,arity:!0},a={$$typeof:!0,compare:!0,defaultProps:!0,displayName:!0,propTypes:!0,type:!0},s={};function l(e){return n.isMemo(e)?a:s[e.$$t

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 20040, version 1.0
Category:	downloaded
Size (bytes):	20040
Entropy (8bit):	7.988990656521094
Encrypted:	false
SSDEEP:
MD5:	A61C670A24D6794A95A9712F0D12B656
SHA1:	C9B3114B27790109EC51508F51F1A033CCFE0812
SHA-256:	A4F5230D39A7A21971FE62CCDE2443345638D2BEAA369B752820390A687B91B6
SHA-512:	2D546BA3334476E0E3607AEC60B7FAEC310DF853866DB8ECFFD79136AAAB58860696797E193DBF531AB7E79EE10FCB8EE72B344C7D83E4553EF1A8BD4462D6C0
Malicious:	false
Reputation:	low
URL:	https://fonts.softr-files.com/google/static/s/arimo/v28/P5sMzZCDf9_T_10ZxCE.woff2
Preview:	wOF2......NH.......D..M..............................p..>?HVAR...`?STATV.../8....,....f.0.z.6.$..H. .....+...wx...'.v...5....6..0.u.....d..+.........e...P...y'.....MX. 8. ...X.n..d::...mN\|9(......qY.44x.....t..\|.16..&.....'.A..<....."..,.i.._.r.....A..y..3..`\|.8.U`...Q.Z...T...FdU5..e....v.NFw..:.C......MN....y.....A...9.Um..m.fQL,..?.....D...US&.zo.....:.....3..].o.`..)$.G..x.3.S;.$...NX..8.X>.-,..>..O]...e) .\|..{.I.T)/..?~lB\.B.....F...;-..Jo@H.E}Uu.UF..!.`...(..;.....s.........8...Nb.K.~..\hd......C........Z6On.A..}...hz..h....Q.6q:....$$!.@. 5hn....V...FMd.....r..eJ..s...?....n.yr. .K..L.t..L....P.....].c.VSt.../...P...@.....#....C>\~.F.....(!(.@J...u....@n..Dm..,.i<..NjrRO.&rfS...o[{...N...\|^...%a..........3.W.....$....Y....r.AJg..d......q.5......p...b=.-..'.7Ig....)..rH).e{.._...t....:A....8..v......(7.n.....\.Q..S5..S......t.6q.@.,c.....0.0..C;.7......i.k^.P.(q.+..>Q*....P.g..9 @.d.........#..".....yg![oe}$f=.........7.8.8..c.z..tzU......)rT4

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (630)
Category:	dropped
Size (bytes):	10736
Entropy (8bit):	5.326945534063153
Encrypted:	false
SSDEEP:
MD5:	8DB4C5DEFE50C0EF09221C4EFC5189F1
SHA1:	B41DE63895D3776B2D86755C9102941A9793CA2A
SHA-256:	F24E1D0755F8B25546D41A30866735062AED45ABEB74FBE40019F0E85E5FE8C0
SHA-512:	9CCF06C661481B59EC08B1B3D3C9DAF50269EEEDCC2CB2692118C2116BAFE9031E926DE836C1BD401E10DCFE116C4CADD291D12A9F95C71A92A67ED9B3C5A405
Malicious:	false
Reputation:	low
Preview:	/*. @license React. * react.production.min.js. . Copyright (c) Facebook, Inc. and its affiliates.. . This source code is licensed under the MIT license found in the. * LICENSE file in the root directory of this source tree.. */.(function(){'use strict';(function(c,x){"object"===typeof exports&&"undefined"!==typeof module?x(exports):"function"===typeof define&&define.amd?define(["exports"],x):(c=c\|\|self,x(c.React={}))})(this,function(c){function x(a){if(null===a\|\|"object"!==typeof a)return null;a=V&&a[V]\|\|a["@@iterator"];return"function"===typeof a?a:null}function w(a,b,e){this.props=a;this.context=b;this.refs=W;this.updater=e\|\|X}function Y(){}function K(a,b,e){this.props=a;this.context=b;this.refs=W;this.updater=e\|\|X}function Z(a,b,.e){var m,d={},c=null,h=null;if(null!=b)for(m in void 0!==b.ref&&(h=b.ref),void 0!==b.key&&(c=""+b.key),b)aa.call(b,m)&&!ba.hasOwnProperty(m)&&(d[m]=b[m]);var l=arguments.length-2;if(1===l)d.children=e;else if(1<l){for(var f=Array(l),k=0;k<l;k++)f[k

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (59291)
Category:	downloaded
Size (bytes):	117771
Entropy (8bit):	5.453329314204073
Encrypted:	false
SSDEEP:
MD5:	7B9F3055D5F1853DB1E6A2A964DAFD85
SHA1:	2003D10344BEED05406E26BF02E4489DE7858318
SHA-256:	9DC38548CB17D68272B36D44BB329514AB38A3E4D5955342769B42BC340D7700
SHA-512:	4655E9E34C72824736245E1DE99FDE59345B6DC506279B7359D282A27734269EEAF79886333C92C4A94092AA7B85B3298ADCEB9FAAD4CA47F8692A6B44A59C20
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/softr-blocks/prod/blocks/cta2/3.1.1/main.js?t=1686647935147
Preview:	var renderBlock;(()=>{var e={94184:(e,t)=>{var r;!function(){"use strict";var n={}.hasOwnProperty;function o(){for(var e=[],t=0;t<arguments.length;t++){var r=arguments[t];if(r){var i=typeof r;if("string"===i\|\|"number"===i)e.push(r);else if(Array.isArray(r)){if(r.length){var a=o.apply(null,r);a&&e.push(a)}}else if("object"===i)if(r.toString===Object.prototype.toString)for(var s in r)n.call(r,s)&&r[s]&&e.push(s);else e.push(r.toString())}}return e.join(" ")}e.exports?(o.default=o,e.exports=o):void 0===(r=function(){return o}.apply(t,[]))\|\|(e.exports=r)}()},8679:(e,t,r)=>{"use strict";var n=r(21296),o={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:!0,getDerivedStateFromProps:!0,mixins:!0,propTypes:!0,type:!0},i={name:!0,length:!0,prototype:!0,caller:!0,callee:!0,arguments:!0,arity:!0},a={$$typeof:!0,compare:!0,defaultProps:!0,displayName:!0,propTypes:!0,type:!0},s={};function l(e){return n.isMemo(e)?a:s[e.$$t

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (57791)
Category:	downloaded
Size (bytes):	58072
Entropy (8bit):	5.247960089226309
Encrypted:	false
SSDEEP:
MD5:	E1D98D47689E00F8ECBC5D9F61BDB42E
SHA1:	6778FED3CF095A318141A31F455C8F4663885BDE
SHA-256:	0A34A87842C539C1F4FEEC56BBA982FD596B73500046A6E6FE38A22260C6577B
SHA-512:	021E615983F30EC5477FD8B611E8C5045AC6D9900F9A9BB8649B56E0C7D282965A727F8CF501C3B7E1DDFF02F5B44924D5481BCEA7A926BE8A9E166314A07ED0
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/bootstrap/4.3.1/js/bootstrap.min.js
Preview:	/!. Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t=t\|\|self).bootstrap={},t.jQuery,t.Popper)}(this,function(t,g,u){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(o){for(var t=1;t<arguments.length;t++){var r=null!=arguments[t]?arguments[t]:{},e=Object.keys(r);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(r).filter(function(t){return Object.getOwnPropertyDescriptor

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 216 x 46, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	2894
Entropy (8bit):	7.1725627213616425
Encrypted:	false
SSDEEP:
MD5:	2D24DD435AEE44DA7436811489E65C42
SHA1:	EE840B89F192DA15BD8237E18A496F034AB648B8
SHA-256:	64FC6966F1DD4469EE9CF907A844CD9D24B0AD6B55830060E1A6DBB60F3D7CD5
SHA-512:	F50302B2EEBA95C82FE73B48CD5FE8FFBCEC2FAF311432B63158FCD7BF992E7B93A60AD35877FB68319FA844071F4C6B78E22D8806AF64FD5D782FA82588E256
Malicious:	false
Reputation:	low
URL:	https://softr-prod.imgix.net/applications/9e1fcdaf-073c-4bd6-aef6-cf551cf19460/assets/eaed7fdc-a8a4-44b1-a4e4-f702e4372fa8.png
Preview:	.PNG........IHDR.............}5'.....sRGB.........PLTEGpL...gggfff......mmm.P"......fffeeeUUUhhhfffeeeeeedddffffff...gggeeeffffffggg...ffffffeeefffgggjjjfffffffffffffffffffffeeefffiiifffgggfffeeefffdddfffqqqeeefffdddgggffffffggghhhfffhhhffffffaaafff```hhhfffeeeeeeffffffggggggfffgggfffeeegggfffiiifffffffff```mmmffffffffffffffffffeeeeeefffbbbgggiiihhheeeffffffhhhdddfffgggffffffgggffffffcccgggfffeeeffffffffffffffffffffffffeeeffffffffffffbbbhhhffffffdddffffffgggfffffffffeeefffeeefffeeeeeeffffffeeegggeeedddgggfffggggggfffffffffgggfffUUUhhheeejjjfffggggggffffffgggffffffffffffgggeeefffffffff]]]eeeeeefffgggfffeeedddgggfffffffffeeegggffffffffffffffffffkkkfffffffffeeejjjffffffffffffdddeeegggfffgggeeegggfffeeegggfffffffffeeefffeeeeeeffffffgggfffdddffffffcccfffffffffeeeffffffcccfffeeegggfffgggfffffffffc\|......tRNS....:.....V. .`....co..>...:.......<...'.Y..)....!C7A/..1U......Ne..H.g9.w."q..........0+..r.,..6=.h.4.....[......v.F....@..8.m...&.I.Dn.j..a.O*-.p\..;].....(E.i........5LP^..B

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13062)
Category:	downloaded
Size (bytes):	13454
Entropy (8bit):	5.230506727854273
Encrypted:	false
SSDEEP:
MD5:	52D6FB0D394FF9D946143DFB1104719B
SHA1:	BA83927A0B497BCC450A3E40B99BAB9A8241A66C
SHA-256:	107FBB21D462C56B56E6D741C0C9135CBF87BD6E6D02A578A1FFC76C067B9C47
SHA-512:	14E7F8B2E160CFB3AB5A6062CB2596E3CBBFFBA19A6801520C76A0876101BBF187FF5F8E41261CD0D1467867992B4819DEFB94D68BE6CD5CC3E9BC664F8BDACA
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/iframe-resizer/4.2.11/iframeResizer.contentWindow.min.js
Preview:	/! iFrame Resizer (iframeSizer.contentWindow.min.js) - v4.2.11 - 2020-06-02. Desc: Include this file in any page being loaded into an iframe. * to force the iframe to resize to the content size.. * Requires: iframeResizer.min.js on host page.. * Copyright: (c) 2020 David J. Bradshaw - dave@bradshaw.net. * License: MIT. /..!function(d){if("undefined"!=typeof window){var n=!0,o=10,i="",r=0,a="",t=null,u="",c=!1,s={resize:1,click:1},l=128,f=!0,m=1,h="bodyOffset",g=h,p=!0,v="",y={},b=32,w=null,T=!1,E="[iFrameSizer]",O=E.length,S="",M={max:1,min:1,bodyScroll:1,documentElementScroll:1},I="child",N=!0,A=window.parent,C="",z=0,k=!1,e=null,R=16,x=1,L="scroll",F=L,P=window,D=function(){re("onMessage function not defined")},j=function(){},q=function(){},H={height:function(){return re("Custom height calculation function not defined"),document.documentElement.offsetHeight},width:function(){return re("Custom width calculation function not defined"),document.body.scrollWidth}},W={},B=

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (649), with no line terminators
Category:	dropped
Size (bytes):	649
Entropy (8bit):	4.859753029082031
Encrypted:	false
SSDEEP:
MD5:	EECF3258919415CDA7BB1C8203E1C027
SHA1:	8A8B263C1575441AA9071C1EAD65F2DC7B3408BA
SHA-256:	EA0888CA9AE1A2F32F278103B9A680472ADC779AA46F55A7B9E761CB9AC3D8C3
SHA-512:	76F4C6C70FD0E1877F7B3C525EC90E43CA7A30FED19E89D5FCE4B5BEDFFC312F71AE8898158F1E4783A577232C981BAC9512B436F9B35F477EE065308D82E3C7
Malicious:	false
Reputation:	low
Preview:	.feature-grid-10-container .feature-box{background-color:#fff;border-radius:8px;box-shadow:0 0 2rem rgba(0,0,0,.1);height:100%;position:relative}.feature-grid-10-container .feature-box .overlay{align-items:center;background:rgba(0,0,0,.5);border-radius:8px 8px 0 0;display:flex;height:100%;justify-content:center;left:0;opacity:0;position:absolute;top:0;transition:all .4s ease-in-out;width:100%}.feature-grid-10-container .feature-box:hover .overlay{opacity:1;transition:all .4s ease-in-out}.success-icon{color:inherit;font-size:inherit;margin-left:10px}.MuiButton-root{display:inline-flex;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (945)
Category:	downloaded
Size (bytes):	131881
Entropy (8bit):	5.376869797338495
Encrypted:	false
SSDEEP:
MD5:	3EC5FE6799E257B7DDCF84950C045110
SHA1:	357427112ADA241EBDB9CAEBC03F9EF8EB0DE3E9
SHA-256:	659861D6D431DE87E8FED3829A4D0CE48E06B274C4E5D90FB6C87981C43D470E
SHA-512:	D0CD51BE63BDE4CC6CD1A2F9857FB8A406E7B923E9C012C4D1D8A1C4D0E1FB2FFB4CCA36473D349E9FA3311E9F563EAA9E368FB2C984E2C8F6E845E4BD15673E
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/softr-blocks/prod/libs/react/18.2.0/react-dom18.min.js
Preview:	/*. @license React. * react-dom.production.min.js. . Copyright (c) Facebook, Inc. and its affiliates.. . This source code is licensed under the MIT license found in the. * LICENSE file in the root directory of this source tree.. /.(function(){/. Modernizr 3.0.0pre (Custom Build) \| MIT.*/.'use strict';(function(Q,mb){"object"===typeof exports&&"undefined"!==typeof module?mb(exports,require("react")):"function"===typeof define&&define.amd?define(["exports","react"],mb):(Q=Q\|\|self,mb(Q.ReactDOM={},Q.React))})(this,function(Q,mb){function n(a){for(var b="https://reactjs.org/docs/error-decoder.html?invariant="+a,c=1;c<arguments.length;c++)b+="&args[]="+encodeURIComponent(arguments[c]);return"Minified React error #"+a+"; visit "+b+" for the full message or use the non-minified dev environment for full errors and additional helpful warnings."}.function nb(a,b){Ab(a,b);Ab(a+"Capture",b)}function Ab(a,b){$b[a]=b;for(a=0;a<b.length;a++)cg.add(b[a])}function cj(a){if(Zd.call(dg,a))retu

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (58749)
Category:	downloaded
Size (bytes):	58935
Entropy (8bit):	4.71737763289683
Encrypted:	false
SSDEEP:
MD5:	84D8AD2B4FCDC0F0C58247E778133B3A
SHA1:	6F33EAE92D42FE209167139940A0AD6A3C6C167E
SHA-256:	14CBD9B866A9B092E3A2E03A93B128DA5BACA005FD8B44A1956146EAAB7B48B7
SHA-512:	D4F28E808639F7127C0A8F3E344E8567E2CE0192A3CBE298F22AB41B80770B2798EB0607377CADF4F5B45E94AB8959643177B8D0F4CA9D7ACB9D9F7E7E40DAA2
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/font-awesome/5.14.0/css/all.min.css
Preview:	/!. Font Awesome Free 5.14.0 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */..fa,.fab,.fad,.fal,.far,.fas{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:inline-block;font-style:normal;font-variant:normal;text-rendering:auto;line-height:1}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-.0667em}.fa-xs{font-size:.75em}.fa-sm{font-size:.875em}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-fw{text-align:center;width:1.25em}.fa-ul{list-style-type:none;margin-left:2.5em;padding-left:0}.fa-ul>li{position:relative}.fa-li{left:-2em;position:absolute;text-align:center;width:2em;line-height:inherit}.fa-border{border:.08em solid #eee;border-radius:.1em;padding:.2em .25em .15em}.fa-pu

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 640 x 640, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1931
Entropy (8bit):	4.233621079225099
Encrypted:	false
SSDEEP:
MD5:	DEBBC4126B685E8A13A20938C4CA2A8E
SHA1:	8B0305B0C24A1F7D1AE6122AE7D206E42E7B7D1A
SHA-256:	30FA67290A31D16FD6A0355F3EC9059A2D51BE11839519A484B557ECDAFE7196
SHA-512:	BD02E2FCA27AC050C83B0DA5AA6BAF8A7C217F0C62ACE5166B0CB2E611AB2540D5625E641689DBD2BBB1567C523A98546F519BF903DEBB2C8D55160B8AC58385
Malicious:	false
Reputation:	low
URL:	https://softr-prod.imgix.net/applications/9e1fcdaf-073c-4bd6-aef6-cf551cf19460/assets/c6ea5418-8e8b-4974-9053-8d01c9e9d2a5.png?rnd=1693733616521
Preview:	.PNG........IHDR.............;.9.....sRGB........'PLTEGpL.R%...........S$.............S%...........tRNS............,\|......IDATx......@..1.;......ES.xT.E.\|U*...@...........@.. ...(....@.. .... .... .... .... .... ...(....@.. ...@...P... ...@....... ...@...........@.. ...(....@.. .... .... .... .... .... ...(....@.. ...@...P... ...@....... ...@...........@.. ...(....@.. .... .... .... .... ..". ...(....@.. ...@...P... ...@...P... ...@...........@.. ...(....@....@....@....@....@....@.. ...(....@.. ...@...P... ...@...P... ...@...........@.. ...(....@....@....@....@....@....@.. ...(....@.. ...@...P... ...@...P... ...@...........@.. .... .... .... .... .... ........@.. ...(....@.. ...@...P... ...@...P... ...@...........@.. .... .... .... .... .... ........@.. ...(....@.. ...@...P... ...@...P... ...@...........@.. .... .... .... .... .... ........@.. ...(....@.. ...@....@....@.. ...(....@.. ...@...P... .... .... .... .... .... ...@...P... ...@...........@.. ........@.. ...(....@.. ...@

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (20831)
Category:	downloaded
Size (bytes):	21004
Entropy (8bit):	5.2169391810760875
Encrypted:	false
SSDEEP:
MD5:	56456DB9D72A4B380ED3CB63095E6022
SHA1:	6DBCE88AEE15B42F29083DF7A07513CF3B486BA0
SHA-256:	66F3A07E1FA9B64A686B66381E4458DBC8ABF3DBBFF954720C4EEC07B84411C2
SHA-512:	E56BD96B837B26ADD354D0A9E2B8DC04C95CEA94F7959EE05718ED23A224296FAE22D49AFAB160B45963BD99C2C501A3F12517E431EB68A13A327FF8B262B50A
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/popper.js/1.14.7/umd/popper.min.js
Preview:	/. Copyright (C) Federico Zivolo 2019. Distributed under the MIT License (license terms are at http://opensource.org/licenses/MIT).. /(function(e,t){'object'==typeof exports&&'undefined'!=typeof module?module.exports=t():'function'==typeof define&&define.amd?define(t):e.Popper=t()})(this,function(){'use strict';function e(e){return e&&'[object Function]'==={}.toString.call(e)}function t(e,t){if(1!==e.nodeType)return[];var o=e.ownerDocument.defaultView,n=o.getComputedStyle(e,null);return t?n[t]:n}function o(e){return'HTML'===e.nodeName?e:e.parentNode\|\|e.host}function n(e){if(!e)return document.body;switch(e.nodeName){case'HTML':case'BODY':return e.ownerDocument.body;case'#document':return e.body;}var i=t(e),r=i.overflow,p=i.overflowX,s=i.overflowY;return /(auto\|scroll\|overlay)/.test(r+s+p)?e:n(o(e))}function r(e){return 11===e?pe:10===e?se:pe\|\|se}function p(e){if(!e)return document.documentElement;for(var o=r(10)?document.body:null,n=e.offsetParent\|\|null;n===o&&e.nextElementSibling;)n

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (314), with no line terminators
Category:	dropped
Size (bytes):	314
Entropy (8bit):	4.741262420541203
Encrypted:	false
SSDEEP:
MD5:	41958594B85FAE7594C57BC5E5C6CA17
SHA1:	16834D29B8CD4FDE203C49307039F5AE78A086BB
SHA-256:	F319C43825DF96650A2854FF38E0DA0BC33AE2627102D19D69DFE318645374A1
SHA-512:	A9AF3B194FC84C576F57739F56002CEA22AFAC8230E968A10F7ED274FF1C5A2919FC6AE0E4E6E058B150F47A8E6633B66C4AE55D1AF5BD15299FA9AA655F1A30
Malicious:	false
Reputation:	low
Preview:	video{-webkit-backface-visibility:hidden!important;-moz-backface-visibility:hidden!important;-webkit-mask-image:-webkit-radial-gradient(#fff,#000)!important}.success-icon{color:inherit;font-size:inherit;margin-left:10px}.MuiButton-root{display:inline-flex;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}

Chrome Cache Entry: 191

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	157
Entropy (8bit):	4.556404455417995
Encrypted:	false
SSDEEP:
MD5:	C18CC70A92845A5A3E19DFC03A394752
SHA1:	637384A856F489AB8AD2899A5F9753AE9E8B3DE4
SHA-256:	CC7F8EF3F967BA76F3BE3AF3B37E3AF341FFEDB98AF74A59B6E6ACE031382F22
SHA-512:	801BDA467F83BD8E52C5BB13AF0D70C5FF3A4BCA74274F0AC7C0B0F04BCA99A801C4018122FFFDF42D072DB466C15B627D42B5F1FA8F58015F2BB59C44A65BC6
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/softr-blocks/prod/blocks/cta2/3.1.1/main.css?t=1686647935147
Preview:	.success-icon{color:inherit;font-size:inherit;margin-left:10px}.MuiButton-root{display:inline-flex;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1904x349, components 3
Category:	downloaded
Size (bytes):	21194
Entropy (8bit):	7.672875300414456
Encrypted:	false
SSDEEP:
MD5:	F66C00D0A3C96D4FD882E4468A106A53
SHA1:	0157C96679E48E22A4E9BAE4D5D7EF85059AB92E
SHA-256:	0483FE07EB24777DCA93AC87A050A232794CFE714E4369FD207F8D94ED8B6125
SHA-512:	31741DBF216E82DEF904C9DF02EFEF6C21BD597235DC51112E1BD4D8ABAFAE8FB6E8020ED1C5467A735367A4E76EF7A5D059661C3EE8E521E0C0BE1044DAD73C
Malicious:	false
Reputation:	low
URL:	https://softr-prod.imgix.net/applications/9e1fcdaf-073c-4bd6-aef6-cf551cf19460/assets/76bf3921-9bc4-4927-8982-6ee8ceebb9a2.png
Preview:	......JFIF.....H.H...................................+. .. .+&.&#&.&D6006DOB?BO_UU_xrx................................+. .. .+&.&#&.&D6006DOB?BO_UU_xrx.........].p.."..........3.........................................................................................................................................................1...........................................................................................g.@....................................................................................................................................................................................pd........................................................................................1................................s:...s....................,..e.v.{...3]9.W..oYm......~.in.$....CL.#^]...............................1....................................1z]..%......m..v9%h<.KW.s*OM.67...5.7W...;.tl>....gw.i].o?E..Mr.......K.z.H~x_Z...Ne.~e......d..K..R.[u....]y....G..tn..u..6.

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 680x355, components 3
Category:	dropped
Size (bytes):	18198
Entropy (8bit):	7.95312114683479
Encrypted:	false
SSDEEP:
MD5:	51EB3E2866453A574412B87B0425EE0A
SHA1:	FEB0A39B548E94B6FF68F4B7BDA81198A1D7BCEC
SHA-256:	DF4957C84EC03619E49BCF0D14D89E08093A6785975F21EB7528E6F3392BECDF
SHA-512:	A0E218E24BD532E1E80464E2CCC4F0544B5947DD36D5D49F772FEA448C0C225301CC966DCA7B1E0144EC9E52D8298D48A655D18EC136EF3FDA968CA11407357D
Malicious:	false
Reputation:	low
Preview:	......JFIF.....H.H...................................+. .. .+&.&#&.&D6006DOB?BO_UU_xrx................................+. .. .+&.&#&.&D6006DOB?BO_UU_xrx.........c...."..........5...................................................................(.........Sf.6j.=....................e.....F.................U...w........J...x..G.K.+j.>......G.y{U.o..m.s..\|.L"@.......r...J.o..............a...........a.:6X..z..y...n..tyk.<...<...2T...#......oP.R...#.....>........2L`...=.................V..y..F.....S.............;-5].K.>g.....F3....y.E.J,...#`.....v>...7.g=.>...,........V'j..[.-S............a....*7.'.?.F7Q.~..74.l...E.:...y/G.m...k....h^.2..9..T.2.."Y\|D..........a.z..ar.....<.Y.{......L...........C3.ej..z.q;../c.~.g............E.+.h.i.V..~'......]f..E...Z..]....8..omwS...3...d.....O\|.(..../}...0.......<5a...............;4..!......:...s..k..r......g..6.\|u...a[..o.,.n/.....[....kvks.s..._;..sG}(<a.)..3....RQ6{....W.'..>....@......:............}..~....>a.

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (347), with no line terminators
Category:	dropped
Size (bytes):	347
Entropy (8bit):	4.861504661478918
Encrypted:	false
SSDEEP:
MD5:	83977E0CC51C2681CFEDF00C66CE557E
SHA1:	962AC1DA3A5F6138F89D6A027B01CAE4DFFABDE3
SHA-256:	7096BE4445980DFED490377280B7B9D7CCAC6C462726F9441C4CACD3D37E8522
SHA-512:	3779D89829E5E32BDF15E8FCFB498CB9945D3B4133A1A5B4A549C08C700292CA04A979DC4DFFBDCBA5EBF7EA3F36C4FE94848C555937B839893BDEBA112F61C3
Malicious:	false
Reputation:	low
Preview:	.links{display:flex;flex-direction:row;list-style:none;margin-bottom:0;margin-top:24px;padding-bottom:.5rem;padding-left:0}.links .single-link{display:block;padding:.5rem 1rem}.secondary-footer{display:flex;flex-direction:column}@media(max-width:900px){.link-group{margin-top:16px}}@media(max-width:576px){.secondary-footer{flex-direction:column}}

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 77400, version 331.17301
Category:	downloaded
Size (bytes):	77400
Entropy (8bit):	7.9968620605366425
Encrypted:	true
SSDEEP:
MD5:	CAC68C831145804808381A7032FDC7C2
SHA1:	62584B9868428FD75AF3FC5EE2F9918DDA428BE5
SHA-256:	1C87D2B26DE7D55C66037916BBB4CBA6C791DA0E2ADFA378332678FF13E12D9D
SHA-512:	8671036B2E8F56946CCB8ACACB7C646439D0FEDDE7387A748B3C20DD0E233C3594F3D1431A0987CF6BFB4BC7D2CE904D08DCA23DDF09B29C73727DAAD3D7801B
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
Preview:	wOF2.......X..........-..KC.....................?FFTM....`..r.....$....6.$........ .....{[..q...K...b..}..t.O0#...DE.bM.8f.l...H.g....#..M...6.........h`nAb..!....jo...7(0..If0.d...P....9...b......o.tU795.y.....W.......beh..?:.O.....3<;gj..(l.l-s%.%...7q.TI.T...._...a..aZ..+.$Ux..Q34...F.'.4$.1.%....p&..Z.fa.3.....b..1P.=~a.....H.8.f...j.!/~...T9...R...Aj.-..S.......2.K4:o.....~..G.<.U\.ID.hn.".T ........A...Q...t...5.....o......+$..`I...I,.MT..OtH.._1O...H.T!.aM.....2.....r.O..]...+}.ow.g8N.`f._s.8...H....'.3..Y.Y~C..f.r/.;.$..K"/.H.4.$.L......z+_./M.......9..gyI.D..%ihR.#UZhj.......(2lc+6QdL.......&....)..y.4...7..K[i...N.i;..I..<I7.<.x.......r.A...n.H8....................",.......w..T%/. T=R`@./_a.{..?/3...P..?.T.j....?.eU.7s.....\.3^.(...G.us~.=>.W.&.....0;..v.0..AmJ.S.A.j.{.......e....3.`6h*.$..A.w...y]-]I%..qz.'..~..rfN..@M..........h.....D...h......-...wU.`.)4.%G..)@?...a....7..fy...6.4HV.7.,+`......q..G.\|.....wW.....;..0^.,C.0..!.6Qt....Yl..

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (7097)
Category:	downloaded
Size (bytes):	7102
Entropy (8bit):	5.200032716115063
Encrypted:	false
SSDEEP:
MD5:	DD694C727FC5E6F6372E142B66DDB576
SHA1:	E83E76DF57D64C1CF25B3FDBA9EDCBC8069AF228
SHA-256:	46DC1F18EF5FD887B12B7A2866C824A7097B62C6127EE4016F51BAD9118BB6A7
SHA-512:	A9CC1C02E97B77BC94728CF73264000626860DAFA05646835A0657EB011DFF3DC8EB3EB69D00835B712A8A8406F8EF909460A9C6624B747E6C9E1E086833E23C
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/micromodal/0.4.10/micromodal.min.js
Preview:	!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e\|\|self).MicroModal=t()}(this,(function(){"use strict";function e(e,t){for(var o=0;o<t.length;o++){var n=t[o];n.enumerable=n.enumerable\|\|!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}function t(e){return function(e){if(Array.isArray(e))return o(e)}(e)\|\|function(e){if("undefined"!=typeof Symbol&&Symbol.iterator in Object(e))return Array.from(e)}(e)\|\|function(e,t){if(!e)return;if("string"==typeof e)return o(e,t);var n=Object.prototype.toString.call(e).slice(8,-1);"Object"===n&&e.constructor&&(n=e.constructor.name);if("Map"===n\|\|"Set"===n)return Array.from(e);if("Arguments"===n\|\|/^(?:Ui\|I)nt(?:8\|16\|32)(?:Clamped)?Array$/.test(n))return o(e,t)}(e)\|\|function(){throw new TypeError("Invalid attempt to spread non-iterable instance.\nIn order to be iterable, non-array objects must

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	downloaded
Size (bytes):	88145
Entropy (8bit):	5.291106244832159
Encrypted:	false
SSDEEP:
MD5:	220AFD743D9E9643852E31A135A9F3AE
SHA1:	88523924351BAC0B5D560FE0C5781E2556E7693D
SHA-256:	0925E8AD7BD971391A8B1E98BE8E87A6971919EB5B60C196485941C3C1DF089A
SHA-512:	6E722FCE1E8553BE592B1A741972C7F5B7B0CDAFCE230E9D2D587D20283482881C96660682E4095A5F14DF45A96EC193A9B222030C53B1B7BBE8312B2EAE440D
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/jquery/3.4.1/jquery.min.js
Preview:	/! jQuery v3.4.1 \| (c) JS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],E=C.document,r=Object.getPrototypeOf,s=t.slice,g=t.concat,u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?n[o.call(e)]\|\|"object":typeof e}var

Chrome Cache Entry: 203

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65324)
Category:	downloaded
Size (bytes):	155758
Entropy (8bit):	5.06621719317054
Encrypted:	false
SSDEEP:
MD5:	A15C2AC3234AA8F6064EF9C1F7383C37
SHA1:	6E10354828454898FDA80F55F3DECB347FD9ED21
SHA-256:	60B19E5DA6A9234FF9220668A5EC1125C157A268513256188EE80F2D2C8D8D36
SHA-512:	B435CF71A9AE66C59677A3AC285C87EA702A87F32367FE5893CF13E68F9A31FCA0A8D14F6A7D692F23C5027751CE63961CA4FE8D20F35A926FF24AE3EB1D4B30
Malicious:	false
Reputation:	low
URL:	https://assets.softr-files.com/libs/bootstrap/4.3.1/css/bootstrap.min.css
Preview:	/!. Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors. * Copyright 2011-2019 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). /:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace},::after,::before{box-sizing:

Chrome Cache Entry: 205

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1896x415, components 3
Category:	downloaded
Size (bytes):	42450
Entropy (8bit):	7.96112689631823
Encrypted:	false
SSDEEP:
MD5:	F91CEA4BDFFDE2656A644AC454FBB9C8
SHA1:	86070637865ACCFAB0DA1E8AF6D83C9CB3DEE831
SHA-256:	2647F5FFC9E9BEFF98A071987DE550CC6E6AE7213A16A98F8D78C82F10AE3E21
SHA-512:	8A151FC227B13F36509DEAA2C37250762C1F57FC0E89C5BBEB9AD1186321067B6B2D2862073AE3EA3287BDC715C99C7C081231972C0AA4DB6F5DBC6AE14CDA7F
Malicious:	false
Reputation:	low
URL:	https://softr-prod.imgix.net/applications/9e1fcdaf-073c-4bd6-aef6-cf551cf19460/assets/314790a8-f7b7-411d-8cae-9ff244932927.png
Preview:	......JFIF.....H.H...................................+. .. .+&.&#&.&D6006DOB?BO_UU_xrx................................+. .. .+&.&#&.&D6006DOB?BO_UU_xrx...........h.."..........4.................................................................n@..........u.....@:......v. .}.._r...u.........+.....@:...........A.....}....@:......u........@:......v. G_r...u. i..]}.._r.u. G_q....v..(..@..W..:.......`..@;5\.s....1...@.z....w.~....>....Os....^..r.~.........z\|......^...._?W.........[...u...&.........]Jovq.z.....;.....j.?.r.t.0I...t.0.=..Os....u.~n..9.....-.k>.]}..u. ....wN.G$./ar...O".N....1.f:..o`r.._r.u. G_r...u. W_r.u. .}.._r...u. .}.._q......@:......u. .}.._r...\|v. ..8.._r.u. .}.._r...u. .}......4L..UT.(.1..$.B.MYP(4.T......X..HD.@"j..R.,........Z........T$..U.-.&1...`I.1V},.cy#<...~g..P..x.\|.\|I......w....l\........k....g-.\|...t../F...I...{..W.zv>..Yx.\|7w.{...:".^......N..y~.Z..~..Wn.bb...2.n$.n.Z(...eUS0..Ji....".N.@.XL@X..5.TLH..+(..$P.1$UU1.@..U,A@...V...T@

Static File Info

⊘No static file info

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Chrome Cache Entry: 168

Chrome Cache Entry: 169

Chrome Cache Entry: 170

Chrome Cache Entry: 172

Chrome Cache Entry: 173

Chrome Cache Entry: 174

Chrome Cache Entry: 176

Chrome Cache Entry: 177

Chrome Cache Entry: 178

Chrome Cache Entry: 179

Chrome Cache Entry: 181

Chrome Cache Entry: 182

Chrome Cache Entry: 183

Chrome Cache Entry: 184

Chrome Cache Entry: 188

Chrome Cache Entry: 189

Chrome Cache Entry: 190

Chrome Cache Entry: 191

Chrome Cache Entry: 192

Chrome Cache Entry: 193

Chrome Cache Entry: 194

Chrome Cache Entry: 197

Chrome Cache Entry: 198

Chrome Cache Entry: 199

Chrome Cache Entry: 203

Chrome Cache Entry: 205

Static File Info