Edit tour
Windows
Analysis Report
https://mainpage.me/kanegraphical
Overview
General Information
| Sample URL: | https://mainpage.me/kanegraphical |
| Analysis ID: | 1337732 |
 | |
Detection
| Score: | 48 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
HTML page contains suspicious base64 encoded javascript
Phishing site or detected (based on various text indicators)
Stores files to the Windows start menu directory
HTML page contains hidden URLs or javascript code
HTML page contains obfuscate script src
HTML body contains low number of good links
Creates files inside the system directory
Uses insecure TLS / SSL version for HTTPS connection
Submit button contains javascript call
Classification
- System is w10x64_ra
chrome.exe (PID: 1740 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// mainpage.m e/kanegrap hical MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA) - chrome.exe (PID: 3832 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2240 --fi eld-trial- handle=192 4,i,764813 7891351208 460,116124 2842603014 6988,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
- cleanup
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
- • Phishing
- • Compliance
- • Networking
- • System Summary
- • Boot Survival
Click to jump to signature section
Show All Signature Results
Phishing |   |
|---|
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | OCR Text: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTP Parser: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | File created: | ||
| Source: | Classification label: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | File created: | ||
| Source: | Window detected: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Source: | File created: | ||
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Valid Accounts | 1 Scripting | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 11 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | 2 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
| Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | 1 Non-Application Layer Protocol | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
| Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | 1 Scripting | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | 2 Application Layer Protocol | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| jsdelivr.map.fastly.net | 151.101.1.229 | true | false | unknown | |
| a.nel.cloudflare.com | 35.190.80.1 | true | false | high | |
| accounts.google.com | 142.250.69.205 | true | false | high | |
| challenges.cloudflare.com | 104.17.2.184 | true | false | high | |
| linkme.vn | 172.67.212.38 | true | false | unknown | |
| www.google.com | 142.251.33.100 | true | false | high | |
| clients.l.google.com | 142.251.33.78 | true | false | high | |
| p37xg5nukd2qsjy.ycxnindcxq.ru | 172.67.199.29 | true | false | unknown | |
| mainpage.me | 104.236.198.49 | true | false | unknown | |
| clients1.google.com | unknown | unknown | false | high | |
| clients2.google.com | unknown | unknown | false | high | |
| cdn.jsdelivr.net | unknown | unknown | false | high |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | unknown | ||
| false | unknown | ||
| false | unknown | ||
| false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 142.251.33.100 | www.google.com | United States | 15169 | GOOGLEUS | false | |
| 151.101.1.229 | jsdelivr.map.fastly.net | United States | 54113 | FASTLYUS | false | |
| 1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | false | |
| 172.217.14.202 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.251.211.238 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.251.33.78 | clients.l.google.com | United States | 15169 | GOOGLEUS | false | |
| 172.67.199.29 | p37xg5nukd2qsjy.ycxnindcxq.ru | United States | 13335 | CLOUDFLARENETUS | false | |
| 172.67.212.38 | linkme.vn | United States | 13335 | CLOUDFLARENETUS | false | |
| 104.17.3.184 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 104.236.198.49 | mainpage.me | United States | 14061 | DIGITALOCEAN-ASNUS | false | |
| 142.251.215.227 | unknown | United States | 15169 | GOOGLEUS | false | |
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 142.250.69.195 | unknown | United States | 15169 | GOOGLEUS | false | |
| 142.250.69.205 | accounts.google.com | United States | 15169 | GOOGLEUS | false | |
| 35.190.80.1 | a.nel.cloudflare.com | United States | 15169 | GOOGLEUS | false | |
| 104.17.2.184 | challenges.cloudflare.com | United States | 13335 | CLOUDFLARENETUS | false |
| IP |
|---|
| 192.168.2.18 |
| Joe Sandbox Version: | 38.0.0 Ammolite |
| Analysis ID: | 1337732 |
| Start date and time: | 2023-11-06 16:15:19 +01:00 |
| Joe Sandbox Product: | CloudBasic |
| Overall analysis duration: | |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
| Sample URL: | https://mainpage.me/kanegraphical |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 5 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | stream |
| Analysis stop reason: | Timeout |
| Detection: | MAL |
| Classification: | mal48.phis.win@18/70@26/145 |
- Exclude process from analysis
(whitelisted): SIHClient.exe - Excluded IPs from analysis (wh
itelisted): 8.252.36.126, 8.25 2.68.126, 8.240.115.126, 142.2 50.69.195, 34.104.35.123 - Excluded domains from analysis
(whitelisted): cdp-tlu-shim.t rafficmanager.net, edgedl.me.g vt1.com, msedge.b.tlu.dl.deliv ery.mp.microsoft.com, dl.deliv ery.mp.microsoft.com.c.footpri nt.net, clientservices.googlea pis.com, dns.msftncsi.com - Not all processes where analyz
ed, report is missing behavior information - VT rate limit hit for: https:
//mainpage.me/kanegraphical
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2675 |
| Entropy (8bit): | 3.972231498933939 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C989609784DD1A3A4351A4ABB9A96C65 |
| SHA1: | 8193D5010D1D73C626855B4159460378A660638B |
| SHA-256: | 90567EA55FD7711849FCD173EB78DCCAED354869739E4804567F85E136B48805 |
| SHA-512: | FBBB2AE30B2750D7880D2F14352191D21768F9835D097BC41C60C95F1B75618072A4C644373A272098651A34E993BC9E1597E16333C679BD7053495A36D2FBF4 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 3.98700813086654 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | CE8AEAE13A69159689A8C3414D247E99 |
| SHA1: | C8572E08F3E6B39169D7B5DF536C1D9A47D8E47F |
| SHA-256: | AECA5B0231FB1D48D880C08F462BB5E8B986150999E72CD983DC4042F770E659 |
| SHA-512: | C50408EC0162F9C39218599CE1C3DB049116D77D281D0026EFA2ABFBDAC664AE2E9120DC50F9D1EAA9F47146FFCFEC60F51961EDF2E1D7836741D9B7B2EE89AE |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2691 |
| Entropy (8bit): | 3.9955567245356183 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4B2D5C1925E8040CC3BD46F7762C7703 |
| SHA1: | 8532EA4BFA809E014AE7E672EF80A25D1E2D24C7 |
| SHA-256: | BB3525164BF92C943F7DF00BC3548E067DABD8BC9DF3767A7C171BCA89247458 |
| SHA-512: | F563663D72BADA5F773F1CC3E04430273BACE4A985F614C6E56A8BE9138C0F56E25797C9ACAAA54C56914402834BAE2F5561E9C4C0A4007ECD4C5C9DAD607C53 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2679 |
| Entropy (8bit): | 3.9832260489914186 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | B3D9A0CB1312F996D52E4687504264DE |
| SHA1: | B1A71180A7B73DD2B292AC59402D23D7EB07BBF7 |
| SHA-256: | 30B6FFD793BFF10C824801B746FE0862744BEC331C98758B706FBD66F89E24C4 |
| SHA-512: | BEA7BC5B57D506C98E474F82BFCA75B08DCC15D696694D2CDAB605DF966BC0BBA4F8F39192D0463E9A36B8FA0B79724B93FCFDE76DD6F7607C335D13A8E0B037 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2679 |
| Entropy (8bit): | 3.97028555936956 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 27C31A5081EB02C3946495BF0872C3D2 |
| SHA1: | 1499E589991AA79C54021DEE2AB007C7B6D5C98E |
| SHA-256: | 545FAD11DDB91E1677C3A397D430BE3D273D6F7EDEBD5B155992F6F53D99D7F4 |
| SHA-512: | ECA28530EA0B02A80F27F07322D4788571F9DB4A7C7415F2EDB1116199C08C9A0D1B00E8D50D8BDA69B60C9C6D9F86543457FBC861EBCBFC3EFA2A3E0601E0E2 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2681 |
| Entropy (8bit): | 3.985635612406796 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 4ECABB71A9A0C34E977AB4EB7D2660D0 |
| SHA1: | 6CB8A0F0105090B1617D9CFF2A211E9A1D273C37 |
| SHA-256: | CF5112E047E45ADADBC2019C0BBA1276C9EC29C4C9747967EA57CF614E0583B6 |
| SHA-512: | D0A80294A5FAB548E1EC8F36D4A1C30A56E9D11E3DDFA4DA23D2E41045D93B3E4A8ACD637E71C318AEF54615DEB2F2658F89EC4863C5173B83CA4CA40B9CCBFB |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1236 |
| Entropy (8bit): | 5.217533690963681 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 30A9AA3E2018DF9E4D5A7DEA65C283F6 |
| SHA1: | 6ABB0707A87DD0140AE3488C3F2A378726E2CA53 |
| SHA-256: | 230D91B44FFD4DE6A3CFE521B2560E5ED59763DF51A5DE76FC01513787FB1682 |
| SHA-512: | 8F81262C4A373AAC14E4BB31BCD26FC4E706D7A2D8B2F71B7822444307D2D3FFA44F6602B6902A2D471BC2ECB96F48A43A4901B3C63E940F68C949A3B9F18E7F |
| Malicious: | false |
| Reputation: | low |
| URL: | https://p37xg5nukd2qsjy.ycxnindcxq.ru/favicon.ico |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 26854 |
| Entropy (8bit): | 4.556885716326323 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C5E166B74AA89AEB97C3316EDF5E2034 |
| SHA1: | AAE88670DC753E9CDCDB7BB9C1B02614E87811F9 |
| SHA-256: | B4344056299744B289E6D3610B745CF772D10ABD202B5FFC39BC795BA01E0B4A |
| SHA-512: | 26EDA38BBEDA0A3EF0911497D06F0523E4843B97B2AE270002EB4FBF5E511F9CFBA0A81D408C73DE10FDBFB6719AC7176A23AEA38644C3AFBC4DE46685252352 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/js/custom.js?v=3100 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 61 |
| Entropy (8bit): | 4.035372245524405 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 01234B2CB42CB021DC75AA9AE63AE8F2 |
| SHA1: | D2923449596D17D0DBB735520ED158DBFA8FD1C7 |
| SHA-256: | B9C50A03C3B280A0494124EBB94D2BA51FBDAB60C6767AC92357E582612B8196 |
| SHA-512: | 99C369A94EDBDB23CCC0BED15A05E5DFC5EE6ADC0026ABFC4B96264D1E76DC6011EDA44775CABA6A4A25EC3B94A6F9D17CB76278E3EB6E72E964AB43972F7B4C |
| Malicious: | false |
| Reputation: | low |
| URL: | https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/821e4d6abf7c2840/1699283838413/SEsJZyXM3vehl5v |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 18423 |
| Entropy (8bit): | 5.214335071510136 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C622E0F8BB623F429BC733FA45961D4D |
| SHA1: | 67AACAAAD6D9BDAF45B4A9B265627EFEE5BD5338 |
| SHA-256: | 44C68951462F2A18E868C8AA27055CA446DC341B1EF2FE7172F72735DDF744E2 |
| SHA-512: | FAADCFC6C6561EC8F135F2288E328246CB2037911A947697CC80542D6D843E97C8B83873A2D80E17D5831A7AC6D9A3E1223437FAEA20F4D4BAC17155FBAFEFAE |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/css/custom.css?v=3100 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 3594 |
| Entropy (8bit): | 4.778172565926644 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0C787E8ECC2B95CCB9EB70D4B62CD2A4 |
| SHA1: | CB7AF06ACBA1808C2C79B03D943CF191F94C474C |
| SHA-256: | D2B0FE02F511AD6C8F2BA22723445D3504B64A6131DE71DD12C58CD848A6307B |
| SHA-512: | 72A2814F52645D5C5F3BA1991BA330AFA20D3ED25C9B5BFBAA0205F9CA0D0C7BA9914DA634EE2C72E021475F57BA2B7AE99F1D36748D4491AEBE288A48C71E0E |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/css/link-custom.css?v=3100 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 34254 |
| Entropy (8bit): | 5.36866791146213 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | C0390DF00FECB63B161780E815A6610C |
| SHA1: | E3A9B96C3D11004287C2BD6D1AF16AFF1C34F74E |
| SHA-256: | 47651E05CBF8B23AEE60B901BB914F56609EB1848970C1CC7A2B2FE9FD034D3B |
| SHA-512: | 15B1E00416BB8441C8E7B46AA1FEB7819AE0C2D687F965DF6B20E13840985BE4F8DE21C658BB77F15EF53722E083E5832F3E016137CB003D05A356764E7CE56F |
| Malicious: | false |
| Reputation: | low |
| URL: | https://challenges.cloudflare.com/turnstile/v0/b/61b90d1d/api.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 61 |
| Entropy (8bit): | 3.990210155325004 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 9246CCA8FC3C00F50035F28E9F6B7F7D |
| SHA1: | 3AA538440F70873B574F40CD793060F53EC17A5D |
| SHA-256: | C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84 |
| SHA-512: | A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B |
| Malicious: | false |
| Reputation: | low |
| URL: | https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 28 |
| Entropy (8bit): | 4.039148671903071 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 347BD4FF6C2933B9D6DD0A68430A2D9D |
| SHA1: | EC85831C072E713E5F8A16B4E782A52950FCBCD0 |
| SHA-256: | 02ABA1FE56D128AB70BE8DEF230D99A51C29D60B1CC07336ED454B8293847463 |
| SHA-512: | 970A3A6A8F9DD33D3F93FD5BEE00D652A98AED1A5E44C44733094D6D9539FFBD010725F2F48FBA6E1F55B228133FA2C59C6BD340CBCAD61A4B55EC036E117F04 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSFwnGSQjHXFgiqRIFDSKE8YASBQ3Fk8Qk?alt=proto |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 71751 |
| Entropy (8bit): | 5.119246267674109 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | ACC544860202CA85BD85DC0429880450 |
| SHA1: | AB2E786B8F411E124E9FBCBC02F323269BEFF034 |
| SHA-256: | 721FD25FAD2CEEA766B483F7692FC840097DE75BB54185273920ADF62DA63E15 |
| SHA-512: | C1622F9F6E9A38F6E7DD2B5FF0FB6A188F432D8F2D9670B98F7C842190FB3B7FAA29B54F66E87FF15C7B741D7C65F52DEDA428D8BFC76D9027C4CEDAF1B16655 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/css/animate.min.css?v=3100 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 155845 |
| Entropy (8bit): | 5.0596333050371385 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | ABE91756D18B7CD60871A2F47C1E8192 |
| SHA1: | 7C1C9E0573E5CEA8BAD3733BE2FC63AA8C68EA8D |
| SHA-256: | 7633B7C0C97D19E682FEEE8AFA2738523FCB2A14544A550572CAEECD2EEFE66B |
| SHA-512: | BAC54101DEBAFCDA5535F0607B5F60C2CDA3E896629E771AD76AC07B697E77E4242D4F5F886D363B55FC43A85EA48A6BFC460A66F2B1FC8F56B27BA326E3A604 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 63426 |
| Entropy (8bit): | 5.120589252383324 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 0190F03CA128CF4FF37ECA7237F6CA8D |
| SHA1: | 756A64EC71255FF659E4183572E58970AAC3EB79 |
| SHA-256: | AEF771D2E517167FE65B281EBBD263D11F079C3A07E91D022A7D1E79D558D7C6 |
| SHA-512: | 25A3A100E9C4E1AB956E2E1B9A1988561771A26E83840E095C2DE34EC32CF6902F22FE08C93761D45ABC56317521B742EEFD7A9A357999526C5ABD4A9D2C5338 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/js/libraries/bootstrap.min.js?v=3100 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 89476 |
| Entropy (8bit): | 5.2896589255084425 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | DC5E7F18C8D36AC1D3D4753A87C98D0A |
| SHA1: | C8E1C8B386DC5B7A9184C763C88D19A346EB3342 |
| SHA-256: | F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D |
| SHA-512: | 6CB4F4426F559C06190DF97229C05A436820D21498350AC9F118A5625758435171418A022ED523BAE46E668F9F8EA871FEAB6AFF58AD2740B67A30F196D65516 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/js/libraries/jquery.min.js?v=3100 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 11134 |
| Entropy (8bit): | 4.526368622210992 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | D37F391694E44294FADB1A2B84339101 |
| SHA1: | 1929C517A861A90BE2038D49B1974CDDD3D71A09 |
| SHA-256: | E29F3A032C9072F14F62D5CE1B1EA4D58BC707D426E30024EFD738C44A891C6D |
| SHA-512: | A47FA0E3FEE83EEC527CF205A2B0B168762DE8A812E354F63887E8E158F2C7C29210500E01F68014867D9390BB7326413F8887D1C65E0AAD268350089EF73B98 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/favicon.ico |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 220642 |
| Entropy (8bit): | 5.118105201453808 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | E470390FFFB5145A0FE8023FDD641B99 |
| SHA1: | FB9D3C19494B34FD5001159927AAAC9E31D1BC9A |
| SHA-256: | 702B5B8B9B52325606EF74D541BB408632DCD9EFC08FE1AE7A3E65DDFFB2091B |
| SHA-512: | C5D8F1105E7A3E371D938C3D6C01F81F30EBD477FA21661FB2F76FF82C04C1EED216190A7106481B7184D5C6958A9F46B6E71ADE681C9D1DFD174943654FDC4F |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/css/bootstrap.min.css?v=3100 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 1196706 |
| Entropy (8bit): | 4.2942692242496445 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 5E29440867FDB02A48DFFDED02338C31 |
| SHA1: | C8BFBBFCA7EB327E2E98CAF637D6DE05E5EE737A |
| SHA-256: | 812AB0E46F86B2CE98AB2425AB2224B90D0845952A1AC0D5ABD734B6217E98BF |
| SHA-512: | 4E7DA6D13229815C93CF3BE6C4B36EA9B4891F724FF239BE0B2DE1BC7AD6EE77530DC275C399818A4B2A0C16FC1A913692C92D16F0C1FF2919D260E9B198F6D3 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/js/libraries/fontawesome-all.min.js?v=3100 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 18994 |
| Entropy (8bit): | 5.209985583187137 |
| Encrypted: | false |
| SSDEEP: | |
| MD5: | 3621381129597BF34D48A9E2623E05C9 |
| SHA1: | EDB00146D1636C247C7AFAA61F11AAD0C0FC5120 |
| SHA-256: | 3675F226F985B64EEA6AE8544D5496A32D19993AAE1AC4A3FA101263EF3206F7 |
| SHA-512: | A6BC3381A6B80D4F0420B147898BBDC05DBF908A870FF51B2850B17E0FED55AA17C6AF33D65D93A2C8501DF220D2E6072C7CF99F9583E331287011026B5E6E4C |
| Malicious: | false |
| Reputation: | low |
| URL: | https://mainpage.me/themes/altum/assets/js/libraries/popper.min.js?v=3100 |
| Preview: |
⊘No static file info
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node