Edit tour

Windows Analysis Report
https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9

Overview

General Information

Sample URL:	https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9
Analysis ID:	1331275

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Stores files to the Windows start menu directory

Creates files inside the system directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 7096 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 7128 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1928,i,6677703161626257379,8883684861941250797,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

• AV Detection
• Phishing
• Compliance
• Networking
• System Summary
• Boot Survival

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9

Avira URL Cloud: detection malicious, Label: phishing

Source: https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9	HTTP Parser: No favicon
Source: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-get-started?view=o365-worldwide#simulations	HTTP Parser: No favicon
Source: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-simulations?view=o365-worldwide&source=recommendations	HTTP Parser: No favicon
Source: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-simulations?view=o365-worldwide&source=recommendations	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.62.164.112:443 -> 192.168.2.17:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.62.164.112:443 -> 192.168.2.17:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.151.8:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49790 version: TLS 1.2

Source: unknown

DNS traffic detected: queries for: www.attemplate.com

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.62.164.112
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknown	TCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157

Source: unknown	HTTPS traffic detected: 23.62.164.112:443 -> 192.168.2.17:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.62.164.112:443 -> 192.168.2.17:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.151.8:443 -> 192.168.2.17:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.17:49790 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_7096_1401944204

Source: classification engine

Classification label: mal48.win@16/95@38/203

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1928,i,6677703161626257379,8883684861941250797,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1928,i,6677703161626257379,8883684861941250797,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	11 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	2 Encrypted Channel	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	1 Non-Application Layer Protocol	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	2 Application Layer Protocol	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9	100%	Avira URL Cloud	phishing

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
dcs-edge-va6-802167536.us-east-1.elb.amazonaws.com	54.158.162.163	true	false	high
adobetarget.data.adobedc.net	63.140.38.120	true	false	unknown
accounts.google.com	142.251.111.84	true	false	high
part-0012.t-0009.fb-t-msedge.net	13.107.253.40	true	false	unknown
microsoftwindows.112.2o7.net	63.140.38.229	true	false	high
www.google.com	172.253.63.105	true	false	high
clients.l.google.com	142.251.16.138	true	false	high
js.monitor.azure.com	unknown	unknown	false	high
clients1.google.com	unknown	unknown	false	high
clients2.google.com	unknown	unknown	false	high
microsoftmscompoc.tt.omtrdc.net	unknown	unknown	false	unknown
mdec.nelreports.net	unknown	unknown	false	unknown
assets.onestore.ms	unknown	unknown	false	unknown
www.attemplate.com	unknown	unknown	false	unknown
mscom.demdex.net	unknown	unknown	false	high
mem.gfx.ms	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.253.122.139	unknown	United States	15169	GOOGLEUS	false
23.4.187.169	unknown	United States	16625	AKAMAI-ASUS	false
63.140.38.225	unknown	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
204.79.197.200	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.251.111.84	accounts.google.com	United States	15169	GOOGLEUS	false
63.140.38.120	adobetarget.data.adobedc.net	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
20.189.173.6	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
63.140.38.160	unknown	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
23.218.218.171	unknown	United States	6453	AS6453US	false
142.251.16.138	clients.l.google.com	United States	15169	GOOGLEUS	false
142.251.167.95	unknown	United States	15169	GOOGLEUS	false
13.107.253.40	part-0012.t-0009.fb-t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
23.50.125.163	unknown	United States	16625	AKAMAI-ASUS	false
20.42.73.27	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
20.42.73.24	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
20.110.205.119	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.253.115.94	unknown	United States	15169	GOOGLEUS	false
52.5.107.207	unknown	United States	14618	AMAZON-AESUS	false
172.253.63.105	www.google.com	United States	15169	GOOGLEUS	false
13.107.226.40	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
54.158.162.163	dcs-edge-va6-802167536.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
23.50.126.168	unknown	United States	16625	AKAMAI-ASUS	false
23.222.5.134	unknown	United States	8612	TISCALI-IT	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.127.186.111	unknown	United States	20940	AKAMAI-ASN1EU	false
142.251.16.95	unknown	United States	15169	GOOGLEUS	false
142.251.16.94	unknown	United States	15169	GOOGLEUS	false
63.140.38.128	unknown	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
13.89.179.9	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.105.37.60	unknown	United States	16625	AKAMAI-ASUS	false
63.140.38.229	microsoftwindows.112.2o7.net	United States	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false

Private

IP
192.168.2.17

General Information

Joe Sandbox Version:	38.0.0 Ammolite
Analysis ID:	1331275
Start date and time:	2023-10-24 15:11:20 +02:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9
Analysis system description:	Windows 10 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	24
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@16/95@38/203

Warnings

Exclude process from analysis (whitelisted): SgrmBroker.exe, MoUsoCoreWorker.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.251.16.94, 34.104.35.123
Excluded domains from analysis (whitelisted): fs.microsoft.com, edgedl.me.gvt1.com, star-azurefd-prod.trafficmanager.net, clientservices.googleapis.com, global-entry-afdthirdparty-fallback.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 24 12:11:54 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9872089631454046
Encrypted:	false
SSDEEP:
MD5:	272DB859BD64F06233C07A2533F2B111
SHA1:	EB2AF01BCA204F520C2BAEA8DC9E3FEA75A48485
SHA-256:	5F7477E33BE11FB8F273DC2F469EF6AA79988FAD2642DF00B39CCF5372363D75
SHA-512:	88ED6F00272E717C47A835BB97D32D2430DC999C21643E34A42AFAAAE00AFD368EDAEBF3A4284B2496F57013DD1FD801EE5270241E747E60BF89C3ED19515F3C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....V.".{.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXWsi....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXWzi....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXWzi....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXWzi...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXW\|i...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 24 12:11:54 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.003395097124788
Encrypted:	false
SSDEEP:
MD5:	BE2168F975A67C76BE66956D34A957D8
SHA1:	D357A3B63A6EA0C7C5679B91DFE071305251C659
SHA-256:	E1C43D6861863106271E52DC6AB66F93457F021AC2ACC626C4654CD89D7ED792
SHA-512:	08CFC2FD347E2569860DD633DACDC0F2163F4CDB9F2336B1DC6C06D4245BDBFC78B33174D5FCCA5A0A4A627799F2349D257641A8EAAE473934CF5A4C17FB48B3
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....#...{.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXWsi....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXWzi....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXWzi....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXWzi...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXW\|i...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.007963635656486
Encrypted:	false
SSDEEP:
MD5:	98F1588AEDCB67E4FF302E43CEEBBCF4
SHA1:	7FDCD1A109309586E56983F02CCCC948DABD2474
SHA-256:	09DE85F2C940920396B7F45B1C5E2EB8CA343B13FD270981C1D67AB8103F8DE5
SHA-512:	82FE26BE9D60D32083297D879803EDDD066C3BC820404AD8E65D6F5D6468491FD2B17E422A989E50935728E9E2B5783041B2CA17F4E325060F3250F375AC42B1
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXWsi....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXWzi....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXWzi....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXWzi...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 24 12:11:54 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9986552461227576
Encrypted:	false
SSDEEP:
MD5:	13E251A5F5397AB44B297001EB1B4BCC
SHA1:	AC116738F72105249E3B17FB31AF16D192486438
SHA-256:	1141C7D436C8A21841C068C24FAA67446E28D90606FAE8C7D04317D68E599228
SHA-512:	E2B7D995C078EE10AEB6296B3024695547DDFE7AA7CE0AB00E366C209B303C6E96B2D82E6F031A20DAECEE9C40117606F4065C29F9E4DD51E60C617A23E46556
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....`..{.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXWsi....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXWzi....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXWzi....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXWzi...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXW\|i...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 24 12:11:54 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9900297057503944
Encrypted:	false
SSDEEP:
MD5:	0BD32709C009678A7A1629BA69EBC599
SHA1:	C0E3EBE7A776A3757E5C38E1C941571C4B97B0DD
SHA-256:	AFC52E8A722D3CBA58965AA2C7FCA3BB9668F0680B910EDF5D8CDE23D3C2EE2F
SHA-512:	169FCFEF3EA3157901C6AF33E6824BF7F6E5B5E1A8FDBDE9DA5DC246246F4A331D1D0BFE33A29E6FFA8AA782A8C74B3E417A3F421F7B04CDB00AB787FA63E237
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....]...{.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXWsi....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXWzi....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXWzi....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXWzi...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXW\|i...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 24 12:11:54 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	4.001732566941868
Encrypted:	false
SSDEEP:
MD5:	E279664ACC17ABAD91C5DE07AA857E97
SHA1:	D9237A59208528D47F2B2851AB6402B7BB1E867B
SHA-256:	01207BEBE7274B71FE6EDE381613E449084C83F45B1DE1DDEC5042F7A091F8A7
SHA-512:	7D6154DC662F88FA59BA43B3C2B9504BB5A0C01E75DA51BB5A16C8476C8A4162F7010DE80CE9136590A2A5501D5E5AB4E886C7FF4742BEA6CA4E8C7F133F3356
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,........{.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXWsi....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXWzi....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXWzi....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXWzi...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXW\|i...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............8.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1478
Entropy (8bit):	5.030941252322257
Encrypted:	false
SSDEEP:
MD5:	020629EBA820F2E09D8CDA1A753C032B
SHA1:	D91A65036E4C36B07AE3641E32F23F8DD616BD17
SHA-256:	F8AE8A1DC7CE7877B9FB9299183D2EBB3BEFAD0B6489AE785D99047EC2EB92D1
SHA-512:	EF5A5C7A301DE55D103B1BE375D988970D9C4ECD62CE464F730C49E622128F431761D641E1DFAA32CA03F8280B435AE909486806DF62A538B48337725EB63CE1
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/global/67a45209.deprecation.js
Preview:	// ES5 script for back compat with unsupported browsers...!(function () {...'use strict';...// Keep in sync with environment/browser.ts...var supportedBrowser =....typeof Blob === 'function' &&....typeof PerformanceObserver === 'function' &&....typeof Intl === 'object' &&....typeof MutationObserver === 'function' &&....typeof URLSearchParams === 'function' &&....typeof WebSocket === 'function' &&....typeof IntersectionObserver === 'function' &&....typeof queueMicrotask === 'function' &&....typeof TextEncoder === 'function' &&....typeof TextDecoder === 'function' &&....typeof customElements === 'object' &&....typeof HTMLDetailsElement === 'function' &&....typeof AbortController === 'function' &&....typeof AbortSignal === 'function' &&....'entries' in FormData.prototype &&....'toggleAttribute' in Element.prototype &&....'replaceChildren' in Element.prototype &&....// ES2019....'fromEntries' in Object &&....'flatMap' in Array.prototype &&....'trimEnd' in String.prototype &&....// ES2020..

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 489 x 743, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	24288
Entropy (8bit):	7.831823038554078
Encrypted:	false
SSDEEP:
MD5:	0EAC6AAAA29CC4E9F75CDD01230CCFFE
SHA1:	2D2ABE860BF96845093C9FE43119AE567A52D10C
SHA-256:	0783184EFF3A3B8FAD0B327590180822898CE31BC107BCCC0D4505F307F831D7
SHA-512:	834CE212DBD2867A92CE53FE41D2C23A2EF3DB10BADAF2FBED9186DE7FBDBC33770D62DC1991C7B7F3A2F10B75EE99D324C2397A5BD5C938EFF41165C25FBA93
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............,.z....pHYs..........+......tIME.....* ...!.. .IDATx...}tT.}....$m..Mz.Vd=$...q...#...e%"+.j.$.....i0>i.dl@$...ej...P.IX..v%NP... ......'...WO..J...s....w....{..3{F3...~........}...\|..0RDRB.. t.,I..y...0.D".?.:.....$..@H.....).4..!E... .H...H........).y....-$i..$}...m......o.....6...I...I..b.>.?.L..36.?..?..S_.;...y..$...Oy%.J.....7...p.I.--....?_............~Z..pZ.g....-........x...1...~..o....-H.nhhP$..{....E".E".}........w:..t..>.l>.)I......i....@.y-.K..;.......z<>>.._~y......R..^.D.u.>{.....%I.........D...<....)Wq...:\|.Ha\|O...W.....X..;.#...{.{.k..744x..../[.D"..={6P.^..={[......."..cT.>.n..M..!........w.3m...U.Y'.~......Fm.A.!owr}.{.k..M9S.x.....~.m.M.......H$......`R......G....g........=.o.Q..{.5.mz..8.....D"!..d...z..o\|C.DB......+.....t.]QQa....?,.{....[.DB}}}........DB..{o.b....J....$+.I.....o}.[..z.zl/'I...w..&.m.1..<....=.4.m........9.$lg....1.,C...\.8I....V..._............E.J__.....h.$.Tm..n...c....7.

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 19 x 18, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	450
Entropy (8bit):	7.361635497236843
Encrypted:	false
SSDEEP:
MD5:	F98FF715A8F01921EB002D5DFE4378B5
SHA1:	1144C7A49A3F8731728016FEE4B72EAE2078F4E0
SHA-256:	354EAC977C87848852579947EE4D37AE82F92B2A08F4C170829B2A597A10DBB3
SHA-512:	AAA8DF6663F7FFE6E59D35529B69E77919D6DD066B35E20F7011DF9695F7140A74441D537D2AA3989AF7E46F3EE47A7609DEC7D91114D3EF2DABED22253B9B29
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-include-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR................i....pHYs...t...t..f.x....tIME......$.d{`...aIDAT8...KBQ....7._.Ce.e.a--..-.%44...-.AC....T.Kn..Q.A..D.QZX-yE...X.<-Y.7...;..y....+.!...\:$U...#...........}....)...G.d.BOJ. .Bw.g3..Y]...7<.&...Y.Op...z7.....t.U....<q.....#._3..'.j.....Q\|.q..y...Ie...z3...oh.Z.+/..d..{..Y.#._f....=(......V....U..mg.(I.$EQ......Z.k..C...x'&. ,r...^.t.....tb.%. ln.N..<.X..@*.Y...vX8].`..9..L.....`......3........IEND.B`.

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (46360)
Category:	downloaded
Size (bytes):	211616
Entropy (8bit):	5.316241119308088
Encrypted:	false
SSDEEP:
MD5:	5430761F60347B7FCDF57ECC57983A55
SHA1:	8479D037E7A50830C35217AE74688D9C940C771A
SHA-256:	8B56355C9299776E30957957C27967BA19B488FD0192B0D2053F4E6800587446
SHA-512:	524BA8130ECD921E940A89E4B45957A84AF5D256C2CBD2F223660F47C3A70CE792A8CF0631E2FD31A130DA7640620BF11236899AD3AAAF52B69E6940153846E5
Malicious:	false
Reputation:	low
URL:	https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/mscomhp/_scrf/js/themes=default/88-3d3ba4/89-66d51f?ver=2.0&_cf=02242021_3231
Preview:	define("oneDsConfig",["rawOneDsConfig"],function(n){return n});require(["window","jqReady!","OneRF_OneDsJsll"],function(n,t){n.awa.utils=function(){function u(n,t){var i,r,u;if(t)try{return(i=JSON.stringify(t),i==="{}"&&n==="timing")?f():i}catch(e){return r='{"error": "ERROR: could not stringify {0} {1}"}',u=typeof t=="string"?t:"",r.replace("{0}",n).replace("{1}",u)}}function f(){for(var f,i=["navigationStart","unloadEventStart","unloadEventEnd","redirectStart","redirectEnd","fetchStart","domainLookupStart","domainLookupEnd","connectStart","connectEnd","secureConnectionStart","requestStart","responseStart","responseEnd","domLoading","domInteractive","domContentLoadedEventStart","domContentLoadedEventEnd","domComplete","loadEventStart","loadEventEnd","first - paint","first - contentful - paint"],u="{",n=0;n<i.length;n++)f=r[i[n]],t(f)&&(u+='"'+i[n]+'":'+f,n<i.length-1&&(u+=","));return u+"}"}function t(n){return!(n===undefined\|\|n===null\|\|n==="")}function e(n){return"["+n+"]"}var r=n.pe

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (64174)
Category:	downloaded
Size (bytes):	176913
Entropy (8bit):	5.097660532694532
Encrypted:	false
SSDEEP:
MD5:	E7A1719798534AE5E6428FB44E0E0837
SHA1:	0EA3C57C5AE5AA8EEF475F752E96201606D3CDD0
SHA-256:	E858A947866CAD24A0CD37976D17E62D0C2456B5B7B5E0EB5E76DD16B8CA7182
SHA-512:	73A7DF913525909A7B3CDBD87BE2E3660B57DB177CD7604828669301EDD3C5CEDB6DF9CD4DA5D2BDB099D0B1D83B4BD67F2ACBC732295E36088C9ED1ED38981A
Malicious:	false
Reputation:	low
URL:	https://www.microsoft.com/mwf/css/MWF_20230313_66247431/west-european/default/button/glyph/heading/image/list/pagebehaviors/selectmenu/slider?apiVersion=1.0&include_base=true
Preview:	@charset "UTF-8";./! 1.58.6-beta \| Copyright 2017 Microsoft Corporation \| This software is based on or incorporates material from the files listed below (collectively, "Third Party Code"). Microsoft is not the original author of the Third Party Code. The original copyright notice and the license under which Microsoft received Third Party Code are set forth below together with the full text of such license. Such notices and license are provided solely for your information. Microsoft, not the third party, licenses this Third Party Code to you under the terms in which you received the Microsoft software or the services, unless Microsoft clearly states that such Microsoft terms do NOT apply for a particular Third Party Code. Unless applicable law gives you more rights, Microsoft reserves all other rights not expressly granted under such agreement(s), whether by implication, estoppel or otherwise././! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css /.html{font-fami

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1000 x 422, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	61513
Entropy (8bit):	7.9667750162424245
Encrypted:	false
SSDEEP:
MD5:	82D14FD8497BDCB53C2350376FEF36B3
SHA1:	C9EEB6669ADB752C119832B7982EF3020F08B6BA
SHA-256:	9ECBDFE48B08654245E9906E9EC60B659CD9337B794F5A9E9564BB2BC908C442
SHA-512:	BD29063FEDA82619C2EDACDAC0C1A59D8DE36EEC6D5837EA3242735EF751DB69F1B38F70E77B66F9B821F8491E0E09BA8C33BD30666660AF96D325C852358355
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............n......pHYs...t...t..f.x....tIME........_.-.. .IDATx...wt.........Y.dY...........:.......H(...j..w\....{/.\.{...........V~..9..;3;w..g...8........1..p.et.......c.0..c.........A.]DDDDDD.9P@.......i...EDDDDDD...t.......f@.]DDDDDD..P@.......i...EDDDDDD...t.......f@.]DDDDDD..p.....(...^R..CJN..d$b..f....t...k..xZuhG.4.QmB4PL^^!..6tn...8.........p..zc.v6..QR.@8...&9.%..u.MV..Wd..{...K...g..6.L.E..j..).G....4....g../..r.w..L.........O.W.x..G..s.Z """"""G.....<....3..a.....F.eyHNK..i7r./.J...-....x.^,..e.....\.o.Bj..t..Oc......%.ucYGw.....S.Qa{.......8E.]DDDDD......h>.....}s6.x.z<....3.q...w.q.:...B@..............W^{.......Lzt<.3.........1..0..1,yy....8e.`..r.DDDDDD...V@/].>.}1.r+...lF.s5W.5.T.`.(.].b.x.........3?........b3^....N..[.B..~C,!....c.$......9...@w..BUc.'..e..\u...g..s....Eq.3...+....P...O.evk..z^.Mui....../....[....#...UP......K$-3..o..m..\B.Jj..7Q.7.gc....l.Z.....N#eE%T...9../......\|.=RWFAI%.Q...l.L.f.6...../i..d........

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (906), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	121335
Entropy (8bit):	4.979344588202112
Encrypted:	false
SSDEEP:
MD5:	AAF00F03530EDB00A9D8428C4BAFC2B0
SHA1:	81F2FA555B8C87EB1B0F22F5048603BAD40F986E
SHA-256:	D78836657D3A29A59850A32E8E6E08C2CE894BEF3556DFE0E00380F3CCF08779
SHA-512:	7D58B3D3CC2F22513CC019608018C9DDE4B50F965B2C6D6A85D14D6B490D08F6F5CCE6A72C2818A16389196A5BDD34F85319D8216FC681BCFF9B8EC80956405E
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-simulations?view=o365-worldwide&source=recommendations
Preview:	<!DOCTYPE html>................................................................................................................<html class="hasSidebar hasPageActions hasBreadcrumb conceptual has-default-focus theme-light" lang="en-us" dir="ltr" data-css-variable-support="true" data-authenticated="false" data-auth-status-determined="false" data-target="docs" x-ms-format-detection="none">....<head>...<meta charset="utf-8" />...<meta name="viewport" content="width=device-width, initial-scale=1.0" />...<meta property="og:title" content="Simulate a phishing attack with Attack simulation training" />...<meta property="og:type" content="website" />...<meta property="og:url" content="https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-simulations?view=o365-worldwide" />.....<meta property="og:description" content="Admins can learn how to simulate phishing attacks and train their users on phishing prevention using Attack simulation training in

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 22904, version 0.0
Category:	downloaded
Size (bytes):	22904
Entropy (8bit):	7.9904849358693575
Encrypted:	true
SSDEEP:
MD5:	C654A623AD90BB3DCD769DBBAC34D863
SHA1:	8719DE38F17D8E4D73E2A5E4E867D63DD3965BAA
SHA-256:	DEEC787CCA1B9436E080478742A0299E0DB1A9712543A72D2CDC8373FC45A432
SHA-512:	B7440CEC44B71BCDBEFCD878A860EE3CC0163DC0905DC688EBCBCD7C6F5CFDFC187EA0C2B6247A362AD462450C34020933DF7825CF6CEAEB3138D65EB944ABAD
Malicious:	false
Reputation:	low
URL:	https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2
Preview:	wOF2......Yx.......8..Y..........................`..`..8...Y........a.6.$..X..n.. ..[. ..S...u..l.....!......I=...ubpS5 ...o.........c.7<.y...Q..i.n..T`R.......\|h'..f.=4..G..xI&.V1...6...jf....%.y.!.).../Cj....].W%5VIj...(.........'Q.}.+.Jg.L0..$q.......#..d&...tV.".d..,.(!...p.).. ..d[........hdg.....!=..H..y.\..p.Q.O.........`e#.X..`#F..T....p.@.)UO.;85..y..@..)...!..........GNT.W...VV..j...-=+G%.yuK...u.........%c.Z......8%. ...V..P.^t....g.x.Tkw.g.....H..._R._{...u.....\%.L+...S...+).......Y&,......3......... c...v.S.LI6...X..A.....S...f-.f....X.....F.Zfwe<#c#...S......bk.HA...K.{.YG...9..24;._+ad.md..c..%..uo...6.5....../..tv.(.l.6.>.V..Q.[..Mr.O...,.......B.......TI.7..X.V...O_._3~.5..0..".$.(.j.....b.....W.O.F....$.H.I$.L.)..J.i....N..d..c.......".l..!.\r.#.\|.)..B.)..b...$D..J(..2.(...........j...:....h..&.h...Zh..l....i...:.....z.>.....d.!..f..F.e.1..g..&.d.)..f..f.e.....9.g...Xd.%.Xf..VXe.5.X.z6...ld....f....le....vv....d..

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 800 x 376, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	82607
Entropy (8bit):	7.993217799044402
Encrypted:	true
SSDEEP:
MD5:	8197D79A4A4B29A95FA894276E15DA83
SHA1:	56FA2A3664A4F5DB261875C540AE9DB548AA2B7F
SHA-256:	774238627F4D15EF9B41789AE0BCF2F641BD9730DE17D809CF0C87BC599B568A
SHA-512:	CA1E7A2271A76C58E9093C3C202E5C215A57DF5C0CC58221ACFD691BDC40407D29C456BBDEC40E62CEA6F01877070D4CA2ADD0641C7948CC065D01E7083FFC0C
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ...x......2......pHYs...t...t..f.x....tIME............. .IDATx...w`......]..&7...d.E.#.....Y"..[k..C...Z.....V.F.." {.0..#!@B.HB6...........V?..L...s........B.!..B.....JI."..B.!..ai4...;.!..B.!.O.$ B.!..B..#...B.!....H."..B.!..2...!..B.!..$ B.!..B..sA........B.!..B...W......?.9sX.\|..."..B.!.8/.._...>......?NMM.....B.!...G.......^/...DGGc6......B.!..?B...6.k....'O.......C.%..B.!...:..D..p.....U.~....B.!..?R..V`` .<......<......B.!...G..0a./..2..>w.u.MMM.w\B.!..B..!...j9]..M[[.AAA_{r^^..../HLL...'...?`.B.!..B..e....G@<...>.(../.........9~.8........B.!.....k......'..[X.b.^..+....r..x.bZZZ~.@..B.!........../v...^x.c.}m..#F..x.......B.!..B.x..u.f.q..7.._.....-....b....B.!...t...j....Ibb.9+ioo........58!..B.!..9.`egg.{.n....Y..;........B.!...G....3....g...2555....`...\.W...j,c...p.N.._S.....y}.r.j;..kW.....f.R.z...}...g...r.\..B...p..$00...\|...7r.wRXX...B)Egg'+W.d..........b..5....r........[....d9*v..}w.'..T...9S......

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	2414
Entropy (8bit):	5.135473620883944
Encrypted:	false
SSDEEP:
MD5:	710B39DC28D5C10C43C27B59002173CC
SHA1:	9DA17C9574D2EB9C9615B08AE9E579D30E27F988
SHA-256:	D42239F5A2D65A0731FA20E73E2EEBA94C59918681C44E686CC392889B16AC39
SHA-512:	20439E7DF012DE0643C812A717BA30D724269C3E3C6F59EB8CC1D4D81A2B7E57B3364EA16358E9E05943B03923E1E187B7FCCFFE0AEF920F83914ABE84A5C542
Malicious:	false
Reputation:	low
Preview:	{"banners":[{"content":{"text":"You may experience reduced functionality with empty pages and broken links. Development is in progress to improve your experience."},"dismissable":false,"location":"sectional","scope":{"accessLevels":["isolated"],"endDate":"2030-01-01T00:00:00-00:00","paths":["/samples/browse/","/lifecycle/products/","/dotnet/api/","/javascript/api/","/java/api/","/powershell/module/","/python/api/","/rest/api/","/assessments/"],"startDate":"2020-10-01T05:00:00-04:00"},"uid":"development-in-progress-isolated"},{"content":{"link":{"href":"https://msbizappslaunchevent.eventcore.com/?ocid=cmm7pv4y7pc","title":"Register now"},"text":"Microsoft Business Applications Launch Event \| Get an in-depth look at the latest AI innovations across Power Platform at the digital event on October 25."},"dismissable":true,"location":"sectional","scope":{"accessLevels":["online"],"endDate":"2023-10-26T06:59:00.000Z","paths":["/power-platform/*"],"startDate":"2023-09-27T15:00:00.000Z"},"uid":

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:
MD5:	8666ACCA900248B6FF53EF1A2F7D34DB
SHA1:	9A06EB704EC97A663D9B7AB81586E9B65C7E8F87
SHA-256:	FE72C61E5E9D6F17591666FEEBFBDC9D782C1724887401A1EDD1237BEE7D5190
SHA-512:	5EA6AC377210A131293A52C48CF843FDEAB3E32FD1E29D6701D479CB78685E4C95962ABF2DFA5FB5EF5F4DBC79BF832C1947F9B551C4F53C081D4A556CBE2792
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAkNAwtLDxRgARIFDasRA68=?alt=proto
Preview:	CgkKBw2rEQOvGgA=

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (54649), with CRLF line terminators
Category:	downloaded
Size (bytes):	106026
Entropy (8bit):	5.171529071699513
Encrypted:	false
SSDEEP:
MD5:	A76A653DAAA136B17D3ABB880C159606
SHA1:	CEACBC85439BC26B17CB6B4422A8907CF446469C
SHA-256:	F50053CCD6D8CD18E2736166CE8376BBA8BC673C49AF7D96DFB8DFF7EC9BF715
SHA-512:	3FDAB4797F3CC73F2279887913970146894F441BE361512A2E5D14117B760AA193656B357CE8061E22967354544DC431599C1191860996EC3993FED5CA00B7E0
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/static/third-party/adobe-target/at-js/2.9.0/at.js
Preview:	// No custom JavaScript../*.. @license.. * at.js 2.9.0 \| (c) Adobe Systems Incorporated \| All rights reserved.. * zepto.js \| (c) 2010-2016 Thomas Fuchs \| zeptojs.com/license..*/..window.adobe=window.adobe\|\|{},window.adobe.target=function(){"use strict";var t=window,e=document,n=!e.documentMode\|\|e.documentMode>=11;var r,o,i,c=e.compatMode&&"CSS1Compat"===e.compatMode&&n&&(r=window.navigator.userAgent,o=r.indexOf("MSIE ")>0,i=r.indexOf("Trident/")>0,!(o\|\|i)),s=t.targetGlobalSettings;if(!c\|\|s&&!1===s.enabled)return t.adobe=t.adobe\|\|{},t.adobe.target={VERSION:"",event:{},getOffer:Ke,getOffers:yt,applyOffer:Ke,applyOffers:yt,sendNotifications:yt,trackEvent:Ke,triggerView:Ke,registerExtension:Ke,init:Ke},t.mboxCreate=Ke,t.mboxDefine=Ke,t.mboxUpdate=Ke,"console"in t&&"warn"in t.console&&(c\|\|t.console.warn("AT: Adobe Target content delivery is disabled. Update your DOCTYPE to support Standards mode."),t.console.warn("AT: Adobe Target content delivery is disabled in targetGlobalSettings.")),

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 17956, version 1.0
Category:	downloaded
Size (bytes):	17956
Entropy (8bit):	7.988625768218841
Encrypted:	false
SSDEEP:
MD5:	7E2A819601BDB18DF91D434CA4D95976
SHA1:	94C8D876F9E835B82211D1851314C43987290654
SHA-256:	7DA655BF7AC66562215C863212E7225E1D3485E47E4C2D3C09FAAC7F78999DB1
SHA-512:	1CA1D95CC91CB06A22B8D30A970C254E334DB7FF6BAD255333BAC2ADC83C98735EC9C43BCCF9C46514664D449A43D2586D38A45970338655244E754D2A87A83E
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/docons.28d69bd4.woff2
Preview:	wOF2......F$.......\..E..........................T.V..z...p....6.$..@..b.. ..y..j..s..8....)..e.Ey^.....I.f...$.c..c..\|.%.....#t.OP.....HYB.......7U..9QM.'.w....XjK..-.m.. ...<SS......p..e..r.K...]...F....1..BP.!I.4.....}U..,.<. ..C.(......z\|>.)c+_e8............ZYR...m.ikhC+K..y........e.Z.:..h../.).SJ.......Y......@...h.`...m1.W..u!.#^...q?8o.=f+.\TE..svL........!.1H0.d..\..c.l.W.v.U.~.'.......t.!...j3.o......K"K%..4..zz<.s..g......v.@-.......L.f..p....;.. ...e...a=b.....\|...sF.f.:c.....l...M...OXZ..t...J\|=...&6.z~...N..nUb..D.,..9..:.....j)..Bx._.U.....6.._.E.M....../.B........yHx...w.'8\.I..&...f..n.....T4.h........<..$..6..FV"...m.X...^...O...9........A.Z]...Hg...uD.\.....m@...0....:. ..........<......!D.O.ik.. .....o.....8,...s....-.a.8.j.dP.......n...........e$...~...!........2.I%..j.O.k8......z..e5..>./U...[.{..7w.Q0jx.~;....w}..........E.v\|8...G....O.?.D...{.....r`.lg..4,uR.y.q..q.....}f.......}_..}..Q. ..+...Wk.&s......)..n...>

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	646
Entropy (8bit):	6.966040312574585
Encrypted:	false
SSDEEP:
MD5:	8D23F95C13E6CAA3640544FE1C4A8084
SHA1:	054A38F0E55F13B29E2EEE85E7FD198710506FE7
SHA-256:	0A43BA8CFECE272E31C487C4ED38A496E8399BBD0BBFBFF42426353A6580B96F
SHA-512:	7002CF1BD2196E007B84FFD9D112D88034F10A1D119139516D973DB9C0D265293C3559F0C92A7EA57CAC7980114587BD6735A2FC7390BDA0C573B886D9034640
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............rP6.....pHYs...t...t..f.x....tIME......7.N.....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'...QIDAT8..KBQ..k.R......?.%.....!....hh.Elm..j..[.2.J".!.AvoK^J.c.._.i...f$..=..\|....9.I.O2.....M.."...-..t..s....(<."l...cBK4.wH.ilF.Pt.6=..I...b....x...I.{I....k.7~I{.N....3UE..P..U.,.~.A...p.....X6`.J.7....IR....1.Z2E.V....IR.H\..IV..~...E.h\.Rw.7......./..Wj]l>*tye..h.k.01........^....h.5E.&.C.Jk..{..y.......Q.........%.........IEND.B`.

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 18, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	531
Entropy (8bit):	6.69405438557467
Encrypted:	false
SSDEEP:
MD5:	A86B5FFC2E2AEA951039254883F93D7A
SHA1:	DAB46504E490FD6CF7BAA287A90911652EA235D4
SHA-256:	5C9667BDDF457D95C74193F89466D866A361BA3BAFB739D2357242E30854AB93
SHA-512:	5D04F829B89B0693260B8D7286A0086E0024FC7FAE8EFE887EE99BE0FF669BA004D72A95E427F686CC2DB19E774A3CC0D7CF33870FA217B3201D3C441849B51D
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............[.......pHYs...t...t..f.x....tIME.........M_....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'....IDAT8.....P...."... .H<...`....`1Y,V.`.Y...I......DH.C.#..H.....N~....I"..... .....+..fd.{y..`.RDB..B.....L,..6b.....9.Mg.........c.n3<.>A_aO.....CE.'..aB.Ag.S.H.K.U.m.F...s..m...8.h...k..K.C0._....w...v................IEND.B`.

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 800 x 548, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	65551
Entropy (8bit):	7.9643614898642685
Encrypted:	false
SSDEEP:
MD5:	6E0E9E5325D6515389FC5CF69CC48459
SHA1:	FF8B99B989BB49BC050DBC7D997D29A8A8D1C18D
SHA-256:	5D6BF0EAF138252148D56296B73C4398B0EBAE1053DD32C32FDEB022D7CD1A46
SHA-512:	35D3A6B8912B4CC9C1ADB446A20B83640313C61665BFD3227239F1A1EF7A723975A9983C566A8FBC4A22286C0F012DB2DB44824293B7BA7BE31490894C2DD667
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ...$......O.....pHYs...t...t..f.x....tIME.....-..s... .IDATx...w\|U.....{d..EvH..{.).RQPq.Z.m.....V..[m... . .@Xa.. .BB.!.....{...P.."V.y>.<..>...sN..w..P.B.!..B..@....A..B.!..?-EQ...E.!..B.!.wH..B.!..B.6.@..B.!......!..B.!.i#.D.!..B.q.H..B.!..B.6.@..B.!............\|@kk+s..%!!.T.%..B.!.8.......y.X.x1>....R.y..BCCOe}B.!..B.3.. .v.">>...PJJJhkk.."..B.!...~....^...)*b.%\\|........B.!..g...@.E..s.....f.q......OemB.!..B.3...../.`0......uj.B.!..B..~t...'.>. ....{.........B.!..g..5......".E.{...G.y....S.i!..B.!..D.TUU.s.@ ...h...\.77.[o....8^x..RSSOa.B.!..B._2EQN........_$//.;..7n...,......~...}J..B.!..B..N...........{.w............c`.B.!..B.o9...(.!!!...q.5.e..\~......r..SR..B.!....pR.DUU.^/iii...PQQ..........wo*p:...X!..B.!./.I..(.n..A...../.....t.......B..B.!...\|'..+))........;......<HTT.....*..B.!...;.....7.....8........".....[J..B.!...;N:...=..#G..3........Kh.Z.>...]....j.g..U,_.Ge.w.Q.QW...V... .S^....B>.t%..V ..........

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 118288, version 1.66
Category:	downloaded
Size (bytes):	118288
Entropy (8bit):	7.997965838722343
Encrypted:	true
SSDEEP:
MD5:	BCA97218DCA3CB15CE0284CBCB452890
SHA1:	635298CBBD72B74B1762ACC7DAD6C79DE4B3670D
SHA-256:	63C12051016796D92BCF4BC20B4881057475E6DFA4937C29C9E16054814AB47D
SHA-512:	6E850842D1E353A5457262C5C78D20704E8BD24B532368BA5E5DFC7A4B63059D536296B597FD3CCBD541AA8F89083A79D50AAA1B5E65B4D23FC37BFD806F0545
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/static/third-party/SegoeUIWeb/1.01.206/SegoeUI-Roman-VF_web.woff2
Preview:	wOF2..............,.......B..........................6..v?HVAR.W.`?STATb'...N..R..u/L.....P...0..@.6.$..\..p.. ..z. ..1[R....cx_.Q..d....]z.L.6..........n........5.......r..U........d..f...}...d.Z...ey.};A.\e$...a$J....\...U .i.Z..31o..7.-..5...(.b]....O6........5j......kS.....wi7zr.-u;..P.p.....\q..C.5.r2.qg0Qh=......Q.j.<..I........s.h.L....9... L=...j3. V...&;..+...z..."m.D.L.....B...1k..6$.)..y...(R.#.J......<%n^\|.pD..V.vA#.G....G.(6"2..Qp...x..B.y...x/..v>.......}.1C3].....a... .....ap..n...).n.s..\|..X._.j.V...o..x..w.MZ...q.b&..~f..#T.O..e .p..G..o.<..Jpd.i%.c..T(...fv...o....B..\|.....".4.}+......o....k...).@.3......r.7...B....w..../n.e.6d....6......2C...0X......^.M....#..0.tR.t.n.3...,.:.B_..y..Y.Wg.j..A.....$(...\>.E$%e.........q...hx..O..1V..C......(..4!.?.._[..}......0....%..T.C.#".#.H..B+.2....X....h.b...ba...[.u7...n.U.;.q#........8.b.k..bKS.+....L..J.7.r.....m+1WJ.ah...<.......ii...E....]$+A..[B......A...v..R.A.B.TD..D.V..b..`%.`... A.

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	634
Entropy (8bit):	6.994882541518585
Encrypted:	false
SSDEEP:
MD5:	6CA0DCCD2990D98B306C5A11CF6A25D7
SHA1:	1ED03E5046D501090FD0E3EEF55F4058C3866D7D
SHA-256:	27A03293FDEA0BE82986F1A0DE8AEE6E9F6BB989EC50FD45D00A018E4E846044
SHA-512:	2891880441FD536EA29916606AB75D59F7B3125805A7B6B1C3435E2BBF2C27386C3A0BA71DB7DFBF5F380CDE527500077EDB787BC9CE13F87CDD384309E6AB2F
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-edit-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR.............V.W....pHYs...t...t..f.x....tIME...............tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'...EIDAT8...KBa...r.j...\ncKc..4...K...JA..5....r..jU.....525R.K.%C. u.....3.x?....CD...i.E........9...\.^.`8-.w-..H.,-.aY....Q.H(...p:..5.c..d..F.P. ..S...]...P48wO.Z:.w.V...%E..E{z..... d.\|8d....D.Cc ...}~,....D.:.........%.>ed.P.,........7.-.~!.K....;..s!+......T3Y.x#v.!Q1.M...hm.^..)=*x].......X..q.L.c.......6......IEND.B`.

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	4270
Entropy (8bit):	5.001473490621857
Encrypted:	false
SSDEEP:
MD5:	87306133C167AE6AF4FCBC9FE0876B2B
SHA1:	4612A396F54161FBEFB3A375BD8B640A302D03E8
SHA-256:	C14468CDC2213365958A15B100E91D5B1722EFED31F0EB898D838EB7114316FE
SHA-512:	71817738BFA7489837C7377DAD717BA26574305B882C054FBE032608924AC479686FEA19AF443288146BC79CE7D82628FA9CC13FB62B8D340BFA729C587FF687
Malicious:	false
Reputation:	low
URL:	https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9
Preview:	..<!DOCTYPE html>..<html>..<head>.. <meta name="viewport" content="width=device-width">.. <title>Microsoft page</title>.. <style>.. body {.. padding: 100px 0;.. }.... .column2 {.. padding: 0px 0px 0px 50px.. }.. .. .center {.. display: flex;.. justify-content: center;.. padding: 40px;.. height: 40px.. }.. </style>..</head>..<body>.. <div class="row center">.. <img class="logo" role="presentation" pngsrc="~/Content/newSignInFiles/microsoft_logo.png" svgsrc="~/Content/newSignInFiles/microsoft_logo.png" data-bind="imgSrc" src="/Content/newSignInFiles/microsoft_logo.svg">.. </div>.. <div class="row center"> .. <div class="column1">.. <h3>This page is owned by Microsoft Corporation</h3>.. <p>It is used in simulations to drive end user security awareness.</p><br>.. <p>For a complete list of Microsoft owned URL'

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 458 x 716, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	38596
Entropy (8bit):	7.96771415303265
Encrypted:	false
SSDEEP:
MD5:	4BF31C2E6175428CCE345D59C4635E96
SHA1:	895C64C4BD57EC738F61363EDD25220E15C09166
SHA-256:	E88BC4C253B4B408884689E35B62CD85ADC8FE85606D52246F9E478BBA017AA5
SHA-512:	68128EA59B22192EB69C77C7094F70AA2502E4B3BFF2C764CF000FF417FA00316978937B990D94140BD0041E3EB34DB9621C7023A21C13624FC3598258AECA28
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............d-.\....pHYs...t...t..f.x....tIME.......d.2.....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'.. .IDATx...y\T......i...FZ...uC.p..r+..h.i.e.i.-....~.!.x..j.rK...T(K.TP.Mo..I1i......... .......s..<.3..9gF.`CDDD....fSV....d2..W....9.)(EDD.((EDD.((EDD.((EDD.((EDD.((EDD.((ED.N.R`.....-@A)""uR.....-.e...'........RDD.$/.....#,.!.6...=.xUP..RDD....B.....[.""Rw...}.`!..$$M&....\...M..Wx.....[.R.Qt.....`y..+..x=h%..{.O.4....:..5.3.F......ae....eSP..H.d4r<.......I.9V..5.^-....~.o..^EDD......H..."""..."""..."""..."""..."""..."""..."""..."""..."""..."""..."""..."""..."""..."""..."""..."""...""".....;L&L&./....F^>...m9...i....@..P..e......*..d....._NDDj.g..%..&..B(.....%.!........8...A...cr.C.O.Fe...l.....4d./......z....r""R.<......#.!....#.&.V.......,._N......z..h..^...

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 913 x 350, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	41383
Entropy (8bit):	7.949972344409074
Encrypted:	false
SSDEEP:
MD5:	6FEEEBB523E11023D320723CC6CC92A0
SHA1:	BCFEBF319554E5E916183EB3D311ECDC2657632B
SHA-256:	06BC8E82BAB2FB23445C31F37AC9B47D558347708612EC6D53D730DCFF8DC1DF
SHA-512:	97C533F7DA9E12B5047EC35724ACB90F0597D4127C0B6EE980F618C3CE6C0211F5401BEB34AF5DC18851D24B315CAD2C2DD064B346263AE30C179EF5D2BE26E7
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/attack-sim-training-simulations-select-payload.png?view=o365-worldwide
Preview:	.PNG........IHDR.......^............pHYs...t...t..f.x....tIME......7A..... .IDATx...{tT.a/./.+\n...q..u.eTzD..X...w$s....<ub...S@8... ;.....vbK....:...NaP..E.....T=...t..p.#c5..ni......3......!....X......{.~{..............`f..H"""""".h."..\G.........N".......4N".......4N".......4N".......4N".......4N".......4N".......4N".......4N".......4N".......4N".......4N"........3...."?O...\G..F..e.W...\G1.N}..%O...+).._.....6.&z^..\..=.M/.a..\....ha.=._MO x...'...!.M~..}.J.....;.DI.J.nKUT...t.......`.......?..G3.8bDDDD...I..)..n.7_...&S..`......!-.....#ID......dL.0.N".......u...<.....V6.....:....;.....b...8..9..I\......W"...>.9\|...[...k.O.k..6D..a..!.x.].....h.v>..DDDDV..D.{.1...^.... .3...Ocjj.W..F....#....>.f......e..`.ss.."""....$2..)>....dK..s[...!.~...?UQ$"""""..".....B.....N............{,..Y..{#.e.'.-...!px.:....0...e.D...........3....;8......Ax.lA.FT=]...Wc.w@...o)......j.wa..._]....#..Q?..x..g. \|...v.?....\ph.e..Y...G....]...t.W.F....~x52.b.

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	363
Entropy (8bit):	6.923895582333159
Encrypted:	false
SSDEEP:
MD5:	EBE92CC91441FB42D20921530E62E939
SHA1:	B6343BE07F53ADBA7EE5366775A62E03B1E248E1
SHA-256:	8238009C5938AF3F896084B07CDAD39429DAB5267AE8C17770FD70D7E0311EFC
SHA-512:	538132F7DF2525E6F297261333BB662AD9F14CDFEDC0D38A85A5FC4F48DC1F5FBFBFE421CC63CADE92A8EA5F351BD930087C53DA75471AACA82B4141B2C8C93D
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-exclude-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR.............V.W....pHYs...t...t..f.x....tIME.........a.....IDAT8.c............~.L........y.+.....W.....W...\....g..L.8.W..C.G..n~..#. ;E.....+f....].%...k..`...#..Z.....0..F0[.+..11..k0o.hb..p...."....q....o........c..q.j2........5W.O:..%............../q.#B...o.E[_0L.d.<...UPb.PT.o.fh...aW...."...$.C...^.<....S.`...H[.YH......IEND.B`.

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3651
Entropy (8bit):	4.094801914706141
Encrypted:	false
SSDEEP:
MD5:	EE5C8D9FB6248C938FD0DC19370E90BD
SHA1:	D01A22720918B781338B5BBF9202B241A5F99EE4
SHA-256:	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
SHA-512:	C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
Malicious:	false
Reputation:	low
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	460
Entropy (8bit):	6.322839568635642
Encrypted:	false
SSDEEP:
MD5:	B0A027A715B8ECCF3BC1CFBBCF9A2C51
SHA1:	D1C5A7ADB3F3EA935CC89718836623D79D9D0946
SHA-256:	FB99D55E92CA02741C2918F916F1DD8077A35BEEE44AE310A96EC84B49891C64
SHA-512:	7B1496D34FD61F594A8164FA8B3FEA919823B21CFF726377389FA258B0B901121BECDBF8BE842BE3EDB632E514C016B0F2CCBD21B97E2ECC38C5F13F924A7450
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-close-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR................a....pHYs...t...t..f.x....tIME.......x4.;....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'....IDAT8.c.........%.Q.Pk:.......6\z..t.!...._\|._......_.....a .....1.......=........7.bY+o2L.W..!......K3J,....`.7pg#...+(.D.E#...~.9....Qm<..3..?....y'...T.{....IEND.B`.

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with very long lines (30540)
Category:	downloaded
Size (bytes):	30552
Entropy (8bit):	5.006843023204456
Encrypted:	false
SSDEEP:
MD5:	924D63EB7E176ECA0C9AE50A31F7A73D
SHA1:	88F0D890CAA3482D78617FA7790D145518211E46
SHA-256:	CADD79932D673B36F2582BCAC50FF48B0D78B9B4839C4C2B358E0D06568581F3
SHA-512:	EDC6F39BC6D45C9CC54A1820A18527B88793C5078A06D3C85CD60B02BD5AF008E3EE499E80EEE707EE38751F00703DC23EDC2BF404FE713E4ABCCA623868F8C9
Malicious:	false
Reputation:	low
URL:	https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/mscomhp/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/76-fd2264/19-19fa02/cb-ddc7e5?ver=2.0&_cf=02242021_3231
Preview:	.html,body,#primaryArea,#primaryR1,#videoplayeriframe{height:100%;width:100%;overflow:hidden}.m-video-player.full-width{padding-left:0;padding-right:0}.m-video-player.expand-preview-image .x-sfa-video img{width:100%;display:inline-block}.x-sfa-video{display:flex;height:100%;overflow:hidden;width:100%}.x-sfa-video img{height:100%;margin:auto;display:block}.x-sfa-video .f-video-trigger section div button{background:rgba(0,0,0,0.6) !important}.x-sfa-video:focus{outline:3px solid #FFF}.c-video-player{cursor:pointer}a.x-sfa-video .c-video-player{position:relative;padding-bottom:56.25% !important;padding-top:30px !important;height:0;overflow:hidden;min-width:320px}a.x-sfa-video .f-core-player{position:absolute;top:0;left:0;width:100%;height:100%}@media screen and (-ms-high-contrast: active){.c-video-player .f-video-trigger section{background:rgba(255,255,255,0)}}@media screen and (-ms-high-contrast: black-on-white){.c-video-player .f-video-trigger section{background:rgba(255,255,255,0)}}.c

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (52717), with no line terminators
Category:	downloaded
Size (bytes):	52717
Entropy (8bit):	5.462668685745912
Encrypted:	false
SSDEEP:
MD5:	413FCC759CC19821B61B6941808B29B5
SHA1:	1AD23B8A202043539C20681B1B3E9F3BC5D55133
SHA-256:	DAF7759FEDD9AF6C4D7E374B0D056547AE7CB245EC24A1C4ACF02932F30DC536
SHA-512:	E9BF8A74FEF494990AAFD15A0F21E0398DC28B4939C8F9F8AA1F3FFBD18056C8D1AB282B081F5C56F0928C48E30E768F7E347929304B55547F9CA8C1AABD80B8
Malicious:	false
Reputation:	low
URL:	https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Preview:	var WcpConsent;!function(){var e={229:function(e){window,e.exports=function(e){var t={};function o(n){if(t[n])return t[n].exports;var r=t[n]={i:n,l:!1,exports:{}};return e[n].call(r.exports,r,r.exports,o),r.l=!0,r.exports}return o.m=e,o.c=t,o.d=function(e,t,n){o.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:n})},o.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},o.t=function(e,t){if(1&t&&(e=o(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(o.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var r in e)o.d(n,r,function(t){return e[t]}.bind(null,r));return n},o.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return o.d(t,"a",t),t},o.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},o.p="",o(o.s=3)}([function(e,t,o)

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	2649
Entropy (8bit):	4.863217736971005
Encrypted:	false
SSDEEP:
MD5:	01C7903B382B223F980ED09351223AA6
SHA1:	DDDC2481C54CDA92B266E847FD14B95F9B38A5C5
SHA-256:	CF5FEA8617F0E1247DD02C1608CA77DD8F50160E0F908E26391C9CB75EE377EE
SHA-512:	9B74CF02ABC21295FBE79681553677D8A883449E8F48D0F6C8EEEB8710B477EC675409C658676E1CD28C1A0D39504FE6AD51593D4EEF68B4D2664E8612C63D2C
Malicious:	false
Reputation:	low
Preview:	{"items":[{"children":[{"homepage":"/microsoft-365/lighthouse/m365-lighthouse-overview","href":"/microsoft-365/lighthouse/","toc_title":"Lighthouse"},{"homepage":"/microsoft-365/contentunderstanding/index","href":"/microsoft-365/contentunderstanding/","toc_title":"Microsoft Syntex"},{"homepage":"/microsoft-365/bookings/","href":"/microsoft-365/bookings/","toc_title":"Microsoft Bookings"},{"homepage":"/microsoft-365/business-premium/index","href":"/microsoft-365/business-premium/","toc_title":"Microsoft 365 Business Premium"},{"homepage":"/microsoft-365/compliance/","href":"/microsoft-365/compliance/","toc_title":"Microsoft Purview"},{"homepage":"/microsoft-365/Enterprise/index","href":"/microsoft-365/Enterprise/index","toc_title":"Microsoft 365 for enterprise"},{"homepage":"/microsoft-365/frontline/","href":"/microsoft-365/frontline/","toc_title":"Microsoft 365 for frontline workers"},{"homepage":"/microsoft-365/scheduler/index/","href":"/microsoft-365/scheduler/","toc_title":"Schedule

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32913)
Category:	downloaded
Size (bytes):	55930
Entropy (8bit):	5.215578230263913
Encrypted:	false
SSDEEP:
MD5:	3930E378432A264B5E00C3FB22B2026F
SHA1:	00EE821EE51EFB9012BB8AA3F3E427D2C07D7373
SHA-256:	0F631EED7FA0222FD2E7BB55C0D9F8DD393BB5ABCB6176B530EB35AE9908B5C6
SHA-512:	C1AC25DB0C06A49BA46E74D4BF3E3343BDF931D8B0272F2610E1089DADDCADAF3755901626174C4A77B2A23782CA92DF0590E60D0B041F19FECFD022A342CC84
Malicious:	false
Reputation:	low
URL:	https://www.microsoft.com/mwf/js/MWF_20230313_66247431/button/glyph/heading/image/list/pagebehaviors/selectmenu/slider?apiVersion=1.0
Preview:	define("observableComponent",["require","exports","htmlExtensions"],function(n,t,i){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var r=function(){function n(t,i){i===void 0&&(i=null);this.element=t;this.ignoreNextDOMChange=!1;this.observing=!1;n.shouldInitializeAsClass(t,i)&&this.setObserver()}return n.prototype.detach=function(){this.unObserve();this.teardown()},n.prototype.isObserving=function(){return this.observing},n.prototype.unObserve=function(){this.observing=!1;this.modernObserver&&this.modernObserver.disconnect();i.removeEvent(this.element,i.eventTypes.DOMNodeInserted,this.obsoleteNodeInsertedEventHander);i.removeEvent(this.element,i.eventTypes.DOMNodeRemoved,this.obsoleteNodeRemovedEventHandler)},n.prototype.setObserver=function(){this.observing=!0;typeof n.mutationObserver!="undefined"?this.observeModern():"MutationEvent"in window&&this.observeObsolete()},n.prototype.observeModern=function(){var t=this,i=function(n){t.onModernMutations(n)};this.modernObserv

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	406
Entropy (8bit):	6.0872274041963985
Encrypted:	false
SSDEEP:
MD5:	A00FCE34FFA5F8D2885DFD1CCD1BD430
SHA1:	84133E57B7EACE79BD7ED5D022C0819C480F24C1
SHA-256:	1DF9F56C04013BC52E2BCF3FAAB3AD7BE8FD5D07D1218CA034CDF38A42D0953D
SHA-512:	509BDA4F5ECDCC3781631EB819959A0BA3A081B79FBD1ECA3B1BF7FACF1EFF90478B3BCD258E4B7B826C7665F54468FE19635A4B94DBB0E62F80A711F6131FFA
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............V.W....pHYs...t...t..f.x....tIME........f......tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'...aIDAT8.c......*.&B.^.8....=....F...A,.....-~.p......0.g...........X5..?..\|...A...R......A..#..6.Pu]y^......IEND.B`.

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	162
Entropy (8bit):	5.819781360384304
Encrypted:	false
SSDEEP:
MD5:	049B13EE282ABE97FC29E3F6CCC3FAE5
SHA1:	8C60314D16894B9388FED773FB61DD7FD9A8B04B
SHA-256:	ADBE43DE887D4DEE7C17DAF1C3AA2B3BA27D4A395B5DF7783BA3C451DB5FA87F
SHA-512:	CA29C7011B1EF5E809F6AA377BD87C5E4D46F2CD6D237C18534D58FD5956B8003D33AEAA2F88269BCE2876BB31679FB135CF058953FF96ED6BA200EF27431ECB
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............V.W....pHYs..........+......tIME..............AIDAT8.c......*........$k....g.....a.U.";....v..0.......q...DG.....<#e.....IEND.B`.

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	2596
Entropy (8bit):	4.782986101736309
Encrypted:	false
SSDEEP:
MD5:	59007474C76FE25795E1D6C1651D1EF5
SHA1:	564544A21020A6A9BDBF400E13F1BD5E01D1012A
SHA-256:	AFF19909AD569634E2B7D847815251D1A718270768718C77E98BA14EB256F339
SHA-512:	97A1F73E77F4FECA21D9B4BB5BC90E62F075D8CCC4A1AC2FF6981CF1D8B1DFBFA737901EAC866A33CED6A791EA4B606D0C5168A6BA974437A55C0E996FABA985
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/content-nav/MSDocsHeader-M365-IT.json?
Preview:	{"callToAction":{"primary":{"href":"https://www.microsoft.com/microsoft-365/microsoft-365-business-standard-one-month-trial","kind":"link","title":"Free Account"}},"category":{"href":"/microsoft-365/","kind":"link","title":"Microsoft 365"},"items":[{"items":[{"href":"/microsoft-365/solutions/solution-architecture-center","kind":"link","title":"Get started"},{"href":"/microsoft-365/solutions/empower-people-to-work-remotely","kind":"link","title":"Set up your infrastructure for hybrid work"},{"href":"/microsoft-365/solutions/setup-secure-collaboration-with-teams","kind":"link","title":"Set up secure collaboration"},{"href":"/microsoft-365/solutions/deploy-threat-protection","kind":"link","title":"Deploy threat protection"},{"href":"/microsoft-365/solutions/data-privacy-protection","kind":"link","title":"Data privacy and data protection"},{"href":"/microsoft-365/campaigns/","kind":"link","title":"Microsoft 365 for smaller businesses and campaigns"}],"kind":"menu","title":"Solutions and ar

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:
MD5:	3931B3276077FF62D67ADE0B5084FAFB
SHA1:	A443DC674534A7F5DD2A88C6D8ABC0790782A15B
SHA-256:	7D78A1EA4198AC080D4F5E59EA381E75BD5CD0BD7ABCE8C4EC66F3CDAF52CF31
SHA-512:	03C82B6296534AEEB9DB14FBAA3D280FBC466CAE0581C174BEB2D2EB78B6CE0354BC368ACFB06EAED134DA8786CD392D4E67C7C5298ED8CF71BC1A760AD12801
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAmCBp9YAlArshIFDXWK8Rw=?alt=proto
Preview:	CgkKBw11ivEcGgA=

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 949 x 270, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	56278
Entropy (8bit):	7.97964343798597
Encrypted:	false
SSDEEP:
MD5:	FB482F17ADACDFAE1A52C0C1C6DB87F9
SHA1:	CA070B475ECC5606562BEBD138DB16C15EAD8F3E
SHA-256:	3ABBE526413C9B90F010F8FEEAE15F6261D7A976D80125342C77E1E37D0DF147
SHA-512:	605DD5C26CEEFCCBBB270F51C0A1EE41E21894087C0808010E328F088296386F7CAD69E51537950590B6BD65104F1665CAF7F5A9314072FFEB3B79D59ED59DAE
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............V.0.....pHYs..........+......tIME......&}vJi.. .IDATx..y\|T....w.L&{BHHX.... ..+V..V.[..Z+v.Zk....?..+..".V.EE..-$.H... .$........;..$....+.].=.9.{.....s.@E..A..A..A.z &.U.]+.. .. .. .,.E..6B..A..A..A.N.... .. .. .B.ED. .. .. ...c1....o.......^...l&--........v...III.j.v{z......P1.M...a2uo.ilh........ ..Z.n7...X,.RSS.$..&\......~n.A..A.....bhnnf..l....7.{.........K.p.Y\r.E...Qs........~.UW~..?.3.T...4O..?.+..../g..wPQQ.miy<.............^..5.v{....hll....;3....w..5kNk.7UU..O...5.j.{.Yl--]h. .. .. t?...K.,...n...\|...;g.f....a.W....f.a..hkk...v{..W..E.hjjb...\|...nO.Tp...iii..iiia........j.z.-....-...=.Y0....=...x....u>.N'..{.-.7s..a.,X..={..bA..A..A.~:%j[Z[X.a=.....JJJ....l..C.Qcc#+W.d..MQ....t.....;c.ic0.0.L.L&.F#..t{.c.a..x.n...qgv{....(..1.L]R6n..-[...G....5..j.r........j....O.>..^w......Y.z5.....+((d....F....)SNkx..db.i..........XP.... .. .B......`..=$$$........m[.p..1rss#.ijj....g.5.....[oe.q!a..*y..)-

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	581
Entropy (8bit):	4.830361698246409
Encrypted:	false
SSDEEP:
MD5:	B6899A60955E7D741B6AD11D0FEEF198
SHA1:	0E602413E43FCF9618CC550833B0DD7F913C4307
SHA-256:	791115FD6F6B4E6202C765548A574259E8CF8864341FEE4BADB82113CDE03D47
SHA-512:	89193DA1574E52C80D13D590049F3CF6E20382CDADEB2BFCC2FA950FB5FB5EEE4C04B539A09AB1FCAE1C472A639436A08EA4378592E4650798106037F79C0554
Malicious:	false
Reputation:	low
Preview:	{"familyName":"Office 365","products":[{"productName":"Office 365","packages":[{"platform":"apps-and-services","monikerName":"o365-21vianet","monikerDisplayName":"Office 365 operated by 21Vianet (China)","versionDisplayName":"Office 365 operated by 21Vianet (China)","order":100,"isPrerelease":false,"isDeprecated":false,"isDefault":false},{"platform":"apps-and-services","monikerName":"o365-worldwide","monikerDisplayName":"Microsoft 365","versionDisplayName":"Office 365","order":300,"isPrerelease":false,"isDeprecated":false,"isDefault":true}],"isEmpty":false}],"isEmpty":false}

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	451164
Entropy (8bit):	5.0878673223319035
Encrypted:	false
SSDEEP:
MD5:	12F2ED166C75673F1D5267B892AA3F83
SHA1:	018B3E5E01B9059BB0715D94FE3D4D370DC10B44
SHA-256:	6A495392198E10F3AFDA154005D1E681F1FE5B807F190FC99FBEDC1959A7D482
SHA-512:	9F2AAC34CDF4A2CAB930829BCB29BA3B8A3F6A801BA50A7D08D407EF7DB98C10D1C2C9B9733303D50699B8E5CD4BEF9DBCBDB4BE2B5656E2B059DC584506C715
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/styles/dce1d392.site-ltr.css
Preview:	.CodeMirror{color:#000;direction:ltr;height:300px;font-family:monospace}.CodeMirror-lines{padding:4px 0}.CodeMirror pre.CodeMirror-line,.CodeMirror pre.CodeMirror-line-like{padding:0 4px}.CodeMirror-scrollbar-filler,.CodeMirror-gutter-filler{background-color:#fff}.CodeMirror-gutters{white-space:nowrap;background-color:#f7f7f7;border-right:1px solid #ddd}.CodeMirror-linenumber{text-align:right;color:#999;white-space:nowrap;min-width:20px;padding:0 3px 0 5px}.CodeMirror-guttermarker{color:#000}.CodeMirror-guttermarker-subtle{color:#999}.CodeMirror-cursor{border-left:1px solid #000;border-right:none;width:0}.CodeMirror div.CodeMirror-secondarycursor{border-left:1px solid silver}.cm-fat-cursor .CodeMirror-cursor{background:#7e7;width:auto;border:0!important}.cm-fat-cursor div.CodeMirror-cursors{z-index:1}.cm-fat-cursor .CodeMirror-line::selection{background:0 0}.cm-fat-cursor .CodeMirror-line>span::selection{background:0 0}.cm-fat-cursor .CodeMirror-line>span>span::selection{background:0 0

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	779
Entropy (8bit):	7.2009233387429346
Encrypted:	false
SSDEEP:
MD5:	953B81929319FBD12B56BA0C6D151964
SHA1:	08B3BDB95D422A1E219A8ECC6E04F1A59D31267D
SHA-256:	5E3D6B63E48F28EEC1576A51C2C45A4E2958A3742D2311AD0834346859ABB9E0
SHA-512:	41CF454DA296EEBD44122172A4179EC545C192EA55CCE9DA04B9EA21D11B17E41DD772D862C349AB137DEFC660AD47776BDB24027DB679A680E9C0778A07259A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............rP6.....pHYs...t...t..f.x....tIME.....+-2{&:....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'....IDAT8..?h.a...w...V..B.."Q(.)..ju...S'7....V....+:8. ...."b..Q..X..X.....pMb.;.^...5).../....{.O..a......a.FC...}p.E..g.\..t..9....@.X8....S.>..o%..M..j...b.v:t?...,.N..:...].\.....G..0....%1S....X.....}.&$].zs.6.-..+o.]..R'....H..).X..........N..9.m.+Z.....l..$7..c;.WQ... ...L..5.e...%....@U.....o.`..`rd..R...f=.....m..d.7,c..ih...g..W.......Jdm...m...E~X....%.....3.$~.g..5Q}.ii....M.Vr...1...x........f..Y.rE.....'.t.~...f.?..S..W...Z.....'.l..*.......IEND.B`.

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Category:	dropped
Size (bytes):	17174
Entropy (8bit):	2.9129715116732746
Encrypted:	false
SSDEEP:
MD5:	12E3DAC858061D088023B2BD48E2FA96
SHA1:	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
SHA-256:	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
SHA-512:	C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
Malicious:	false
Reputation:	low
Preview:	..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (29246), with no line terminators
Category:	downloaded
Size (bytes):	29246
Entropy (8bit):	4.893329697323276
Encrypted:	false
SSDEEP:
MD5:	98F6348F105FF716AC4D02E86BD3AAFC
SHA1:	85D1EE012283F166F7FF57EF7848D1810236D2C8
SHA-256:	952972D9EA8B2CEC8F741A904D7A599D36D79468179FAA2873E2836AB67B5D18
SHA-512:	5630DB33FFC1CE28EA4408B2070252CC989A192C02AE5F46502C1ADBE593D19AA18E01D92B124490E25FBDEC3FEB57737FE5F2C63F180717B1E7008E796F912F
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/toc.json?view=o365-worldwide
Preview:	{"items":[{"children":[{"children":[{"href":"why-do-i-need-microsoft-defender-for-office-365","toc_title":"Why do I need Microsoft Defender for Office 365?"},{"href":"defender-for-office-365-whats-new","toc_title":"What\u0027s new in Defender for Office 365"},{"href":"zero-trust-with-microsoft-365-defender-office-365","toc_title":"Zero Trust for Defender for Office 365"}],"monikers":["o365-21vianet","o365-worldwide"],"toc_title":"Overview"},{"children":[{"href":"defender-for-office-365","toc_title":"Defender for Office 365"},{"href":"protection-stack-microsoft-defender-for-office365","toc_title":"How threat protection works in Defender for Office 365"},{"href":"secure-by-default","toc_title":"Secure by default"},{"href":"../defender/microsoft-365-defender","toc_title":"Microsoft 365 Defender portal overview"}],"monikers":["o365-21vianet","o365-worldwide"],"toc_title":"Get started"},{"children":[{"href":"try-microsoft-defender-for-office-365","toc_title":"Try Defender for Office 365"},{

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1019 x 564, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	41027
Entropy (8bit):	7.872688555219226
Encrypted:	false
SSDEEP:
MD5:	736E48A6A3083E3B33C7A028C3482C38
SHA1:	20C0E3EC0F6B9A3414E4171EC307929B8B0D36B7
SHA-256:	1170B9F7D520C02E2A4EADD7CE1DC90D91C9F5E214B7EE5122F87FAB4AE7ED1B
SHA-512:	008D4393048FBA1762BFDDE90DDB66A82D9BD7C04421B59D7C979A2F0432EF864D9088EF44503A46BF7A4F5DDB38BA5AC780BCBB8AF13E39174E37D6F243E12F
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/attack-sim-training-training-assignment.png?view=o365-worldwide
Preview:	.PNG........IHDR.......4............pHYs...t...t..f.x....tIME.........@W.. .IDATx...y@.g.?.g..p...(..g.D.B..]..j.v..x.K...G.U[...U<j..RO....P+j..A.........x..d&.AE4}...d.g....<.........^.!...........<y....z......P...........?.....5C.......fH................!......X3$~.....k.......`.,M.....2h..A....j..s....................>r.B..f.....4NH.....TU]..R...v.}.........F.s..!....%.......H.nnn={..k.aavvvfZ...%..RR.s....... .....o..ddd.<p...zU..M....nN.I....H..X.BH...t!.>4H......?.g...222.....Ca.....3;.}.`f.M.6....w...rSm.juqI..)SD....FG.....j.'.t._.V...........hT.........fld.2(..........?.%.A...{g......U.%%....xP..>gv.........:Pk..5}_.....nfe.B.^.MXX.O..i.6.j.K....w..x....a=......../.`.f...]2........../...B..-?{..I..._...F.Q..&.<u2)I.......W...5}....J.qs..?..!..u...RR#"F$&.7?<......fQU.B........w.<z..a._c.......G...n..>........u.}fdd\|6..B.W.W.......}...).sgBH.6m.:w...WH.=...j..>......BN&%.].f^L.!...+\|.P77..k.!...7^.UNNNb.~.J....

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	159
Entropy (8bit):	5.794929979606289
Encrypted:	false
SSDEEP:
MD5:	148A44B83595594E9C23CB7ECD0C9FF1
SHA1:	2621292D89FB36ABDDE0E042FC887A4260D6F9D2
SHA-256:	A96EF4DBCA9E313D4E2BC5A907540102A5F88055AEEA8BF8A6B1DC0FB249E948
SHA-512:	6FDAE301AD3FC45F9D5777D727141DBDDDBE1D1FFADAB1BB0572C67BDEC385B4D5B784829438F132BD8DE597A9851420EA16428D83E141A7197C3FA308D4C90F
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-compact-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR.............V.W....pHYs..........+......tIME.........&....>IDAT8.c......*...........]...Z.b..!..dz...6..0..:..5..h..E..LT'...)Z....IEND.B`.

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 464 x 729, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	40299
Entropy (8bit):	7.959769155636703
Encrypted:	false
SSDEEP:
MD5:	93DD683F15DF2C55EE31EE9E98CA5621
SHA1:	B69BB66BF42083DE8671348C89E412C8CAB06CB5
SHA-256:	8B32593AA06C76D3BDC2E78D31FEE29E5186396B7989188C2E165729ABD8963B
SHA-512:	618384CDFE4F0D26A72869EEC303310C79A04298E766BF35E27B8D472FFC718C6BC36F5087D5FE8C60A3937D560682A344A7EBB206C2F78CFBFE6D35EED334C4
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................pHYs...t...t..f.x....tIME.....'..]w.....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'.. .IDATx...ip[.7....;...IQ.II.f..b...x...i...d.)..._.Kv.5_.c.t.y..z..r.N.I...w.3q...8m-.c..FR.,k.Hq'@....}>......$.R......=..?.<..s..B......0.{..!t.#.0.=....S`.".P.`.".P.`.".P.`.".P.`.".P.`.".P.`."..\d._....w.gf....Bs....?~...d.{..7........!.. .~.....L.\.......?.^...0p.Bhn......\K.!.rCs..........`.".P.......;......w..b\..!.r$........?4..w3.C..V..!4.....{.X."..2.v.y.9..E..9.X..0s....Bs..~.g...~/.=...p..B....p.B.p0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@0p.B.@.e<v.:.t}^...-..pg\.<.AB.F0B.6v..7=C....?..A. $u...'.00=.1y.B...x..s..a.5.6..www....\|>..RYY.y....Z#.L...0f.b.".nQ...R..+...:!.a...5M..................GQ.BHYY...4SU.4].UUe....9.1l.....8p.......A.

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	631
Entropy (8bit):	6.893427975034486
Encrypted:	false
SSDEEP:
MD5:	FFEBD6A6B65604D7E50E0BA87FEB6DDE
SHA1:	21E6C81262C03893DE097A59903002C09255BCCC
SHA-256:	730B286B137F495E5488FDC44A90F05EC32415A8BF10EF8AD02517FBED8BF86E
SHA-512:	D7D198C5A7ABCFBB77CE7478F71FE20130E723E28DD71072A6373DDB2F7B2C495257439870482B002BBB79F833CBCC7C429EE78AFBB2CF2E71431F13F5DB8137
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-clear-filters-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR.............rP6.....pHYs...t...t..f.x....tIME.....6...=.....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'...BIDAT8...?H.A..."RC.C ..A...Rccm...4..J:;..R.6........`C.C.Q:....J.....}..C......{.H.....c6xf/T"66. {.e..Y.j.(.cgaj$..xG.Ag.$.\|/#.Q.X.Q+.eD2J..:st...^._lH..........8.2.$...z8.[I...} I2oZ...&..hBs....UF\|.U.kN+..R .x.....p... ....N...E......p...?yc>...U..X..v...,O..O..,...U;w..J.....m.+.</......H..s..Y..HKh......IEND.B`.

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1033 x 581, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	44453
Entropy (8bit):	7.856725462849975
Encrypted:	false
SSDEEP:
MD5:	BAD80D4A4EC47987BD75002E35F6198A
SHA1:	E9FB0C0F23502713C892A095C1F92BA57E32BBA7
SHA-256:	FA334675A528D03F26893676D94AC4871909452A057D99AEB58EC0995039E90A
SHA-512:	94A1C933ED54D8E4C754AF01C6CB266F9AFEF0DCDF457D64E4B6D318822D5EEB4AE7E1E6B49D002811F0CFD31650FBFFDD13CA1AE30A30F740C7008FDD65600F
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/attack-sim-training-simulations-review-simulation.png?view=o365-worldwide
Preview:	.PNG........IHDR.......E......M......pHYs...t...t..f.x....tIME........!5@.. .IDATx...{\Tu.?....QP.f8."..b(.R..^.....k....wwK..~..V~.....bm.Z+....\|...[..:.&Z)..CV.QPG....3..9g...P......\|..\.0...r$.N........./.....Z:.DDDDDDD....!.p:.lL@DDDDDDt%.$.a-.."""""""j..$ """""""..............DDDDDDD..A."""""""rc..........0H@DDDDDDDn.....................A.""""""".. .........1H@DDDDDDD..$ """""""7.............DDDDDDD.. .........`..........B.$x)o.F....#.c.S.`..a.C.o.O?..eee..kkk.R."..Pn[.f.......!.u&O..Kz.,.i.<i.l6..r...a.Za..1k....<.......B%"..Xw....[..j....X....&.v).....[n..k...c....k.....K..d2.\.d2a..g....:........B........2\|..'.....*V...hip....>..#.. .ry.(\.....l.P.......O..o\|..ZL..+..........n.E...,U...\}ug.6p >..C\.p....cq^.,.i.;.N..OL_.r%...0o.\../..C`.Z..-"""""""#!....5..>.oL..0jkku.9{..N.8.u.?............/..O\|..'..?.3..........#......c....o ))I,k.....~.;.[.)^~.x..7D>w..).......k:_...{..G\|\|\|@...;v s.m...a.']]2.V..:............i.-.zj6.Ly..6n..b.;.DDDDDDD..Iw

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	520
Entropy (8bit):	6.572127943393939
Encrypted:	false
SSDEEP:
MD5:	828687F368E23BCE42523ED00AF25B84
SHA1:	EB8C44D2837DC27953B0F8E17E9B0497C332042A
SHA-256:	3C2F7401A27B902DC1A9AE266D58BDF730DD23C654E91D17945CFD8BE33E19C8
SHA-512:	7F7E1803E4FBF41011320291FAD1C5065B955774141ED6BEE3B748F47DF68EF6F5D8B4A70A6FA4D93A835D3D1B0404EDB2971E1CBC80B2E5E30271FD03180D69
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-delete-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR.............V.W....pHYs...t...t..f.x....tIME.......n@.....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'....IDAT8.c......*..\._..c.^..a..p1.-^...2..lL.....?....3..Vg..aax...C..._~..j.#.k/..ap......D{GC...@...8.....$.....^........\|..:L7..p..............B...4...Q...A.K...C0>.M.J...bf...b...../n.X....D.....b..O)..a..H........IEND.B`.

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 19, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	996
Entropy (8bit):	7.422423201680021
Encrypted:	false
SSDEEP:
MD5:	BB88B0C2C17939E061616543C5BAAF50
SHA1:	B13A364D4B800CE0ACD2CC5D70575CED928B80A0
SHA-256:	789F2EF4FB3FAFC238F5E411EB9F23930C67E560A81051A49F210BC19FCB640A
SHA-512:	6E15875AA1E8778CD67B9E7E710B4873168E895C15542CF6E128003965DCE16D67EF50992B035200B1406AFE58C248863C796F43C3294E16B64590F7EADBE97E
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/scc-toggle-on.png?view=o365-worldwide
Preview:	.PNG........IHDR...$.................pHYs...t...t..f.x....tIME.....&.ET......tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'....IDATH..AH.Q.......8.b...b...v.`AHVR.Sv...A......:t.:.B...%Q.D..!..F.D.u]W..uvg.u..\...........{...RJQ._A:...x.D...@...hH....8P.....~dy6...._.rdr~.r..aI.0....o.qxw.!.X.X....q.].G.S,.np.rS...x...s.H..%H..fA.+...g..I....\|%J...^a!...K....K.u.;.H}M`.....S...&.Z..x...\[......N*.1<...x......]d....z"..24.=C...,.E.dE.$jt.N5p.-F]..%...b.wp........yu...=Q..``l.k.Bb....U..."1.fD.....F"..>.r..[.W ....v.m%..t.7.x(.e...&=..4..Mz.C.9.d..kr.G...^N).uI.>#.$a2.`...S..L..@A"......F.<.l..S.....).v......:..9cD$..H#,hMD.....0.%i{[.e]..o....5....d.J....e%.K.&,.\|No......X:..):...U.R..i...Q..kI..p{h..#)R..LY.....7^.....>....^......7..y=...v..;u.0J\|.y...S...e.w..b[....~.?...n........IEND.B`.

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	72
Entropy (8bit):	4.241202481433726
Encrypted:	false
SSDEEP:
MD5:	9E576E34B18E986347909C29AE6A82C6
SHA1:	532C767978DC2B55854B3CA2D2DF5B4DB221C934
SHA-256:	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
SHA-512:	5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
Malicious:	false
Reputation:	low
Preview:	{"Message":"The requested resource does not support http method 'GET'."}

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 36 x 18, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	977
Entropy (8bit):	7.403377446383833
Encrypted:	false
SSDEEP:
MD5:	5FBC51FA077A06D1D5648FAE71FD2569
SHA1:	7A7E7D90B2B614A672A72663623B5C7BE710C2F1
SHA-256:	89A63C0CCCF9D00EE4547E84CBF876FAE147948CA3CB04D60ECAFDE23A078CF6
SHA-512:	66030AA87A9FF7CDD280AB1699373CE8D399C7B4AB83D800C5F5E73D4B7B0AB6E5E8CB207E6F5DF048FB297364C6E8C5B18B1176037413A4BAFC358F33E882CF
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...$.........3#\|(....pHYs...t...t..f.x....tIME.......L%......tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'....IDATH..V.Ka.=...%\|....Z......ZY!...U\.'.._..?.......9#3..0he-t....y..2K{/t.....s..3.....$..A..T.\...h.).$aqq..P........mS.uj.FY....#.25M...m...).......D..v..t..T.>.o.<Z..:..D...}<>>....ggg...E..C8.~W.P.ZE$.......9VVVp}}.Z..~..I.....h4........,$.I....P( .....$..:UUe.R...3....(..[[[,.J#RO..4...@]..1.].!xtt.N.......`uu..f..R.L.B....N(....r.V.1....'''..2M.....l.$9...z..^....0..[.0Msj.....G..C.^...8Ru.H...y..<..dY.......U(..9B.....,.......a..B.....v.;;;.4u..p.C....B.0...LM..x....Z....{{{c'...&....!S....... 6...J..H.B...y..A\]]........O.*..L&...B..`0.`hR...........`ux....Z.....D..mu\^^...... ..a{{.=..e1..Q...z.(.5Mc,..eY#m...0..._.............A._.........IEND.B`.

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (49834)
Category:	downloaded
Size (bytes):	329134
Entropy (8bit):	5.296993272537105
Encrypted:	false
SSDEEP:
MD5:	5D20A99298565A981E1C53BEF814AF23
SHA1:	E8949F6F7CE2A93DE59DC7FA85D2C27145AAF72C
SHA-256:	005BFBE198FD16F5A9BF7FC860674B054F784318BEE067DB7D9762DE23CFD755
SHA-512:	CBF3665314DF798A394B6008185B3BCD4D64FD98FD7A1DBA26343E92F82DEC53CF8068C760C23F9D91B145DA24ECBA2B32A9B5B769709E3113D0D452365861D1
Malicious:	false
Reputation:	low
URL:	https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/mscomhp/_scrf/js/themes=default/49-a00ab0/92-02e55d/d5-bf34c0/a9-078595/44-f01b50/48-7cd437/e6-6b0cce/38-612ec2/ed-0fe1b2/8f-f92bc5/6f-2bab60/1c-f5690b/40-4a3a67/76-82dcbc/8f-3cb0d7/24-0b8102/66-24c457/89-14589c/ab-5499e7/fe-0d4f73/e1-5e7bbe/22-c58acf/21-4ee9db/f3-0fe860/9d-004e7f/28-b05709/2c-4dd93a/f6-de95f9/c6-38e19f/70-9cf744/2f-059bb7/4a-d36a4c/b9-ab82c2/7b-e9553a/1f-7a1d7d/97-4b42ca/47-c8e45f/ea-bc80c4/dc-f723c4/2b-1a1a95/e4-4ea025/90-8d6f4c/d9-095267/4b-8dbc84/ae-07eb21?ver=2.0&_cf=02242021_3231
Preview:	define("componentFactory",["require","exports","htmlExtensions","utility","stringExtensions"],function(n,t,i,r,u){"use strict";Object.defineProperty(t,"__esModule",{value:!0});var f=function(){function n(){}return n.create=function(t){for(var i,r=0,u=t;r<u.length;r++){if(i=u[r],!i.c&&!i.component)throw"factoryInput should has either component or c to tell the factory what component to create.Eg.ComponentFactory.create([{ c: Carousel] or ComponentFactory.create([component: Carousel]))";n.createComponent(i.component\|\|i.c,i)}},n.createComponent=function(t,r){if(t){var o=r&&r.eventToBind?r.eventToBind:"",f=r&&r.selector?r.selector:t.selector,s=r&&r.context?r.context:null,u=[],e=function(n,f,e){var a,c,l,o,h;for(a=r.elements?r.elements:f?i.selectElementsT(f,s):[document.body],c=0,l=a;c<l.length;c++)o=l[c],o.mwfInstances\|\|(o.mwfInstances={}),o.mwfInstances[n]?u.push(o.mwfInstances[n]):(h=new t(o,e),(!h.isObserving\|\|h.isObserving())&&(o.mwfInstances[n]=h,u.push(h)))};switch(o){case"DOMContent

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (589), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	67428
Entropy (8bit):	5.051986963324119
Encrypted:	false
SSDEEP:
MD5:	847C3F1B667C1F8B93C3D0BEE1A6D457
SHA1:	F0252474356FCBA860010948EA00D08A4CB74BCE
SHA-256:	69B06DDD3144A2F6E8AE9624324DD59F2D58E2D68FD347A448FA90F754F80341
SHA-512:	BF4BD7BE41E3602E41C257EAE1C57D1CE52E7A6BF3704FE6FA8B03D27B497E9292971539A34EC35BA9E400DB7D59DB15597DB00E9B1602EBA61D2C99C2D85FF2
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-get-started?view=o365-worldwide
Preview:	<!DOCTYPE html>................................................................................................................<html class="hasSidebar hasPageActions hasBreadcrumb conceptual has-default-focus theme-light" lang="en-us" dir="ltr" data-css-variable-support="true" data-authenticated="false" data-auth-status-determined="false" data-target="docs" x-ms-format-detection="none">....<head>...<meta charset="utf-8" />...<meta name="viewport" content="width=device-width, initial-scale=1.0" />...<meta property="og:title" content="Get started using Attack simulation training" />...<meta property="og:type" content="website" />...<meta property="og:url" content="https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-get-started?view=o365-worldwide" />.....<meta property="og:description" content="Admins can learn how to use Attack simulation training to run simulated phishing and password attacks in their Microsoft 365 E5 or Microsoft Def

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 20 x 19, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	648
Entropy (8bit):	7.015917198504246
Encrypted:	false
SSDEEP:
MD5:	7127ADEE789B351B10BBFAAD8652D90F
SHA1:	8F2A9890A09063C0A5B8A77E2723CBF5EAC22916
SHA-256:	11CE5B8CA7EE159A1605A092FF5665E6344788BBE216975DBA0B009A1C3659F4
SHA-512:	26F9D0875C93CFE87487F7FAEBDE8546167B580E8A93351DC7FE3C6250C795276578136EE91FF53A42BC23EC37B9E4889832437397E282E78D55CC9E46EEFED4
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-customize-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR...............-.....pHYs...t...t..f.x....tIME.....36<.d....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'...SIDAT8....KBQ...>L_.....N.I.....@..-..6..5....Ex...-......f.D.`b.m.L..=.3}..p.......b...)...@.$O$.YU...5Y...h...I....id.)Y...T...U+..j.U..j.3..>.?f......Nq.p`.H..0jP<.qg.XS....N..?..x...M.NW.X.\:\|osyv.'.#q.C.c.[=..[RW....B... !B$......H...NxB.s...9~.GA.....a=.I..}.j{.^)...F.<..........s/\.8......~..../...4".(*..`h.o".;.N..3>.......&....IEND.B`.

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	503
Entropy (8bit):	7.396927011523337
Encrypted:	false
SSDEEP:
MD5:	1826DD2015747BD35FC2629B2DE654F6
SHA1:	15EC609ADF9069AF635C31A62549B187D76F4B0F
SHA-256:	7D9FABD640941214E3F29C8BAD2E9441B4AC8EF6C900ABCC7406984F64DF4C55
SHA-512:	9DD03891636F711EA1C8FE17C4D679909ACBE1BF66495749BAFEADE7A80F8D4E44938665ED5545D6D60FEC2DCB8EA596BF17E0B4F6073D833621800F0E3D7EE0
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/en-us/microsoft-365/media/m365-cc-sc-view-activity-timeline-icon.png?view=o365-worldwide
Preview:	.PNG........IHDR.............rP6.....pHYs..........+......tIME......76.XZ....IDAT8...K....?_..(9.dh;.1..]lA;x..`...6"bcl.`.....S. . ...Ac....1....c..l.&.Ce\|.kix.....>.""B.`....(O>..g5......EDF^............./.......B.n..t......Lhj.A_..}.e.M..B..0.s.?.J.f/.6....n...(....<.[.\|xTo..$.D..f6.Jz..j..Lp...........<.r......N.(..fVqX.u....Tl..k{x..\....%.8;5\ .........~.1..e3..._.kS.sEn.M..O6~........:-..r...o......<._...eYL.ED._."..~......>....gQ....N...f..C..f.y7.4.......IEND.B`.

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	667
Entropy (8bit):	7.026620125017749
Encrypted:	false
SSDEEP:
MD5:	4C54B88970FB0A227348494BFB7542FB
SHA1:	972FCB13A60D4E2449CD0EC60F9D078C02DD78EB
SHA-256:	213E58F4358FD381E93181E4947E65D7C349FEB27A82B37E0BE499281CB45616
SHA-512:	DD7F906FD0A4FEFCF6A99FDF851B98D7D8E0F6D45B43926BC47BEFAF48F010CFFC15C3A1E5C9E3AE612FA8C9CEC1CDF88D3E8DDB5247452E80F3E902911C23AA
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............V.W....pHYs...t...t..f.x....tIME......2..xI....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'...fIDAT8....K.`.....X...,.A$/I...yM......{...;...o`..y..mN.......=~..={.BD.#D=....!..q......<...i.XD<~.EQ6....9Y.E.j.......=.ZdY.q.E/.f..5.u..`k...5....O.Iw4.../.....L.u.ry..#....5\|.G$....0.....0.C.....T..@......K!.4.8...N.83.h.&.. .J.m0..[3..0..q..N.]6c..... }..M6..x..0...tW.y,..b....}..h4.....8......x%..72...R..r);....E6.. ...o..j.#DD.........E.........IEND.B`.

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65409)
Category:	downloaded
Size (bytes):	185041
Entropy (8bit):	5.415965724989535
Encrypted:	false
SSDEEP:
MD5:	9F667FCBE79A2F0A5881315D22CE5B34
SHA1:	745BE50B4AFFBF86A900DBC6FEA9DCADA089C63B
SHA-256:	ED20090AB9EAC537CD83A784F70DD61F1EA14DA013E0E9C38174BFC691353304
SHA-512:	E2FCC27F22C2EA0CA9C00F2A638C53EC322D4D1ADE38570FCEFDD86452090DD5052B9E4EACA409B4542AD5F3C40332314D361FCF7B3460405CD6DFE51748D4DE
Malicious:	false
Reputation:	low
URL:	https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Preview:	/!. 1DS JSLL SKU, 3.2.14. * Copyright (c) Microsoft and contributors. All rights reserved.. * (Microsoft Internal Only). */.!function(e,t){var n="undefined";if("object"==typeof exports&&typeof module!=n)t(exports);else if("function"==typeof define&&define.amd)define(["exports"],t);else{var r,n=typeof globalThis!=n?globalThis:e\|\|self,i={},e="__ms$mod__",a={},o=a.esm_ms_jsll_3_2_14={},s="3.2.14",c="oneDS3",u=(u=n)[c]=u[c]\|\|{},l=(l=n)[c="oneDS"]=l[c]\|\|{},n=u[e]=u[e]\|\|{},f=n.v=n.v\|\|[],c=l[e]=l[e]\|\|{},d=c.v=c.v\|\|[];for(r in(c.o=c.o\|\|[]).push(a),t(i),i)u[r]=i[r],f[r]=s,l[r]=i[r],d[r]=s,(o.n=o.n\|\|[]).push(r)}}(this,function(u){"use strict";!function(e,t,n){var r=Object.defineProperty;if(r)try{return r(e,t,n)}catch(i){}typeof n.value!==undefined&&(e[t]=n.value)}(u,"__esModule",{value:!0});var l="function",f="object",fe="undefined",j="prototype",d="hasOwnProperty",g=Object,m=g[j],y=g.assign,C=g.create,e=g.defineProperty,E=m[d],b=null;function K(e){e=!1===(e=void 0===e\|\|e)?null:b;return e\|\|((

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 18 x 17, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	716
Entropy (8bit):	7.134534919973757
Encrypted:	false
SSDEEP:
MD5:	2CB1D52A9D537E36B20A5986DC518801
SHA1:	20E6CA3336D57A9E0283D36C729A948371F630C1
SHA-256:	2AB65EBB8BDAB4929026246621E8A6822A539DCCE1FDC397BDDF6A8867F8900B
SHA-512:	8CEA76C9D732939A9D4C81D6B432772F3D7AD9157C7D15E0237AB61B6C454E5A915130E62F966FE34B4B38C032AF348D7790FCD3388A70D8FF98986380E457B8
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............Z......pHYs...t...t..f.x....tIME........?.d....tEXtAuthor....H....tEXtDescription...!#....tEXtCopyright....:....tEXtCreation time.5.......tEXtSoftware.]p.:....tEXtDisclaimer.........tEXtWarning........tEXtSource.........tEXtComment........tEXtTitle....'....IDAT8..../.q..k.-.tB.8,....6.D.XL.cM\LMj`.4."a.&l%!....ZB..W..p.......>.'_.$Q...OP5.. ..KG.Ka...?.t..@....O.2.......G.I2.`.b.9..]^00..(E..e.y..2A.4.c.._.:.-7WctK2.W...&...f..O..xQ....'..O2t.......}!....:3r.^.L..gP.c......r.aY...b....Fx\e....G+.. ...Lq:./..&........ZC.....v.....jC...m..=? \|..@SAG...........\|..pW..({.f`V.8..o.Y.9..@.G;.i2.u80.S.......v.....3...J..J ..je.)v.5Pi..w.f..8..j....IEND.B`.

Chrome Cache Entry: 210

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (46419), with CRLF line terminators
Category:	downloaded
Size (bytes):	2196522
Entropy (8bit):	5.502308179665151
Encrypted:	false
SSDEEP:
MD5:	CA45006CE0D5B0D0F80E4994D2876B25
SHA1:	203258C02DB54E27BA544CC71F8FE20F1FB8D342
SHA-256:	56610E9EFBB40F580E14CC6484CE2D60989765DC2B56F5186DB23888F3097FA5
SHA-512:	836939828CEADCD70EBBD825482DD365AC7C3E4D8F8E40D555D4BFF9F7205C42BBEF8AE872B3440F59E42725936EF677E359ADADC54B004988B33CB975EA7EAC
Malicious:	false
Reputation:	low
URL:	https://learn.microsoft.com/_themes/docs.theme/master/en-us/_themes/scripts/1c4484ec.index-docs.js
Preview:	"use strict";(()=>{var n5e=Object.create;var qv=Object.defineProperty;var l6=Object.getOwnPropertyDescriptor;var s5e=Object.getOwnPropertyNames;var i5e=Object.getPrototypeOf,a5e=Object.prototype.hasOwnProperty;var l5e=(e,t,o)=>t in e?qv(e,t,{enumerable:!0,configurable:!0,writable:!0,value:o}):e[t]=o;var De=(e,t)=>()=>(t\|\|e((t={exports:{}}).exports,t),t.exports),c5e=(e,t)=>{for(var o in t)qv(e,o,{get:t[o],enumerable:!0})},u5e=(e,t,o,r)=>{if(t&&typeof t=="object"\|\|typeof t=="function")for(let n of s5e(t))!a5e.call(e,n)&&n!==o&&qv(e,n,{get:()=>t[n],enumerable:!(r=l6(t,n))\|\|r.enumerable});return e};var Bp=(e,t,o)=>(o=e!=null?n5e(i5e(e)):{},u5e(t\|\|!e\|\|!e.__esModule?qv(o,"default",{value:e,enumerable:!0}):o,e));var j=(e,t,o,r)=>{for(var n=r>1?void 0:r?l6(t,o):t,s=e.length-1,i;s>=0;s--)(i=e[s])&&(n=(r?i(t,o,n):i(n))\|\|n);return r&&n&&qv(t,o,n),n};var ac=(e,t,o)=>(l5e(e,typeof t!="symbol"?t+"":t,o),o);var DU=De((LU,MU)=>{(function(e,t){typeof LU=="object"&&typeof MU<"u"?MU.exports=t():typeof de

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in. These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	File monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 131

Chrome Cache Entry: 133

Chrome Cache Entry: 134

Chrome Cache Entry: 135

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Windows Analysis Report
https://www.attemplate.com/fra/9bc3d1cd-55ca-4e13-b5a2-a9e9deaeba3f/c665f5eb-effc-4ed5-a735-4682640449cc/f50222c3-9