Edit tour

Windows Analysis Report
https://service-noreply.info/af8c20c323ee910c8373febc2db11ef0b678906c

Overview

General Information

Sample URL:	https://service-noreply.info/af8c20c323ee910c8373febc2db11ef0b678906c
Analysis ID:	1369428

Detection

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Multi AV Scanner detection for domain / URL

Phishing site detected (based on favicon image match)

Phishing site detected (based on image similarity)

Creates files inside the system directory

Found iframes

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 5928 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://service-noreply.info/af8c20c323ee910c8373febc2db11ef0b678906c MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5188 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=2040,i,18160856484441850710,17625781594586195433,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

• AV Detection
• Phishing
• Compliance
• Networking
• System Summary
• Boot Survival

Click to jump to signature section

Show All Signature Results

AV Detection

Multi AV Scanner detection for domain / URL

Source: securedomain.cloudsurveillance.net

Virustotal: Detection: 8%

Phishing

Phishing site detected (based on favicon image match)

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

Matcher: Template: microsoft matched with high similarity

Phishing site detected (based on image similarity)

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

Matcher: Found strong image similarity, brand: MICROSOFT

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

HTTP Parser: Iframe src: https://player.vimeo.com/video/316118722

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

HTTP Parser: Number of links: 0

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

HTTP Parser: Title: Sign in to your account does not match URL

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

HTTP Parser: <input type="password" .../> found

Source: https://player.vimeo.com/video/316118722

HTTP Parser: No favicon

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

HTTP Parser: No <meta name="author".. found

Source: https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920

HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49758 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49759 version: TLS 1.2

Source: unknown

HTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49758 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25

Source: unknown

DNS traffic detected: queries for: service-noreply.info

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49759 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_5928_270684381

Source: classification engine

Classification label: mal60.phis.win@16/62@28/201

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://service-noreply.info/af8c20c323ee910c8373febc2db11ef0b678906c
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=2040,i,18160856484441850710,17625781594586195433,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=2040,i,18160856484441850710,17625781594586195433,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact	Resource Development	Reconnaissance
1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	11 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	2 Encrypted Channel	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Abuse Accessibility Features	Acquire Infrastructure	Gather Victim Identity Information
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	1 Non-Application Layer Protocol	SIM Card Swap	Obtain Device Cloud Backups	Network Denial of Service	Domains	Credentials
Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	2 Application Layer Protocol			Data Encrypted for Impact	DNS Server	Email Addresses

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://service-noreply.info/af8c20c323ee910c8373febc2db11ef0b678906c	0%	Avira URL Cloud	safe
https://service-noreply.info/af8c20c323ee910c8373febc2db11ef0b678906c	1%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
vimeo.map.fastly.net	0%	Virustotal		Browse
service-noreply.info	1%	Virustotal		Browse
securedomain.cloudsurveillance.net	9%	Virustotal		Browse
cs1100.wpc.omegacdn.net	0%	Virustotal		Browse
vimeo-video.map.fastly.net	0%	Virustotal		Browse
aadcdn.msftauth.net	0%	Virustotal		Browse

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
vimeo.map.fastly.net	151.101.64.217	true	false	0%, Virustotal, Browse	unknown
cs1100.wpc.omegacdn.net	152.199.4.44	true	false	0%, Virustotal, Browse	unknown
accounts.google.com	142.251.116.84	true	false		high
fresnel.vimeocdn.com	34.120.202.204	true	false		high
www.google.com	142.250.115.147	true	false		high
service-noreply.info	34.230.243.219	true	false	1%, Virustotal, Browse	unknown
clients.l.google.com	142.250.114.102	true	false		high
securedomain.cloudsurveillance.net	3.233.85.48	true	true	9%, Virustotal, Browse	unknown
vimeo.com	162.159.138.60	true	false		high
vimeo-video.map.fastly.net	146.75.106.109	true	false	0%, Virustotal, Browse	unknown
clients1.google.com	unknown	unknown	false		high
clients2.google.com	unknown	unknown	false		high
f.vimeocdn.com	unknown	unknown	false		high
aadcdn.msftauth.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
player.vimeo.com	unknown	unknown	false		high
i.vimeocdn.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920	true		unknown
https://player.vimeo.com/video/316118722	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
1.1.1.1	unknown	Australia		13335	CLOUDFLARENETUS	false
142.250.114.102	clients.l.google.com	United States		15169	GOOGLEUS	false
151.101.64.217	vimeo.map.fastly.net	United States		54113	FASTLYUS	false
34.120.202.204	fresnel.vimeocdn.com	United States		15169	GOOGLEUS	false
142.251.116.113	unknown	United States		15169	GOOGLEUS	false
152.199.4.44	cs1100.wpc.omegacdn.net	United States		15133	EDGECASTUS	false
142.250.114.94	unknown	United States		15169	GOOGLEUS	false
142.250.138.94	unknown	United States		15169	GOOGLEUS	false
142.250.115.95	unknown	United States		15169	GOOGLEUS	false
142.250.113.94	unknown	United States		15169	GOOGLEUS	false
142.251.116.84	accounts.google.com	United States		15169	GOOGLEUS	false
162.159.138.60	vimeo.com	United States		13335	CLOUDFLARENETUS	false
142.250.138.95	unknown	United States		15169	GOOGLEUS	false
142.250.115.147	www.google.com	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
34.230.243.219	service-noreply.info	United States		14618	AMAZON-AESUS	false
3.233.85.48	securedomain.cloudsurveillance.net	United States		14618	AMAZON-AESUS	true
146.75.106.109	vimeo-video.map.fastly.net	Sweden		30051	SCCGOVUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	38.0.0 Ammolite
Analysis ID:	1369428
Start date and time:	2024-01-03 18:38:56 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://service-noreply.info/af8c20c323ee910c8373febc2db11ef0b678906c
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal60.phis.win@16/62@28/201

Warnings

Exclude process from analysis (whitelisted): SIHClient.exe
Excluded IPs from analysis (whitelisted): 142.250.114.94, 34.104.35.123, 142.250.115.95, 162.159.138.60, 162.159.128.61, 142.250.138.95, 142.251.116.95, 142.250.114.95, 142.250.113.95
Excluded domains from analysis (whitelisted): fonts.googleapis.com, edgedl.me.gvt1.com, player.vimeo.com.cdn.cloudflare.net, content-autofill.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com
Not all processes where analyzed, report is missing behavior information

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 3 16:39:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.984869494940838
Encrypted:	false
SSDEEP:
MD5:	F368C449EE9A64A5EAF965C39BAD40B3
SHA1:	3059CF940CA1D0B7AC8A5EA7771EDD2BE2AE5A17
SHA-256:	A733C9DD564E16878FE3358A3326D7409636DF9466A6E81FAB8C7D0621F381F2
SHA-512:	2AA1FB28582A6E25C5DD4A7BF527D229CDBC4874E9CE678757D961761D2CFD411B49DC3657B68FC99144C78A4DD4EFDA766495D64FA3DDDE58EFAB2997274A27
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....m;,.k>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I#X.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V#X.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V#X.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V#X............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V#X............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-k.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 3 16:39:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.005878953635375
Encrypted:	false
SSDEEP:
MD5:	E6706DB320505C32A3D53BEF34F8F5D9
SHA1:	88C8D597AC4B8F46C1781452A7DDD75EA4C4FFF9
SHA-256:	E45D2943E233FC697DB553909C210559439C4F3C0E524DDE9D8B6ABA6C3AD580
SHA-512:	28CEF42BB2E31D38F807E18CD4B711FAD80702EFF8AEDA5DF73980B9671705C37E4304436293BC6965EC4F7AEB17944F5A2837CB033098BFF7FAE9490C4D5F96
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......!.k>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I#X.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V#X.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V#X.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V#X............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V#X............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-k.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.010898388905718
Encrypted:	false
SSDEEP:
MD5:	E31E1045CE2B4E84392794A41396BE89
SHA1:	38C84D48B47A849628291374C862CE5451566053
SHA-256:	5425FCF3C31D69461A491FF67417265011C4503185C8926066AD34CFFD53D8EB
SHA-512:	7461028898C42D41A56D1A7C0088D049B684C08F716AD2D0569A13D288945C0615F8B37236239EFE35C53E3501C65BF6C2FAD8EBC3BB3F1BCBAF82DAE79BB5A9
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I#X.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V#X.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V#X.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V#X............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-k.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 3 16:39:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.0011530232627415
Encrypted:	false
SSDEEP:
MD5:	7E356F6E6962F2D9321A8B0B584AC5D6
SHA1:	EAC14194CDF05A2C3897FCACCBDD85E677144DC6
SHA-256:	2E88490F8E4D637948007E8911BFFB92489EF05D6468E5B7D622ABBCA9A4352A
SHA-512:	8CC6D581AF596925BBF41D23AC455ABDCAEBAEB791985D6EA58053A0B69BF738BC35227F089F47202B99A2235A810612E04E97C2E4F7812E7BD532F13E2422C6
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,........k>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I#X.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V#X.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V#X.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V#X............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V#X............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-k.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 3 16:39:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.990348925937042
Encrypted:	false
SSDEEP:
MD5:	8F1EB8E514166F135197CDD755F62FA9
SHA1:	7808B79970E482DD01149B2377EDEAED7BCE9BDF
SHA-256:	A9B297E7B981644CC9F47BD72782BE6872DF56E07AB62074242837EF6D8B345E
SHA-512:	58C2A6C52E47F4281D144F5F13A1F053C16F3FB30DA8FE8F6C94EB5C8D8017CF3365AFB6A6EC718E637807666EBFF2933950753E8C1DCE82035A1CBF53C917A6
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....B.&.k>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I#X.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V#X.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V#X.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V#X............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V#X............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-k.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 3 16:39:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.998997729468259
Encrypted:	false
SSDEEP:
MD5:	41C20C89D8F45AFF4A1096FB27E764CC
SHA1:	EDFF5C684FE34CFF6E3EE441A3C5846DC205321F
SHA-256:	0BA3B19D8B9A1D75110B2286EA1FEAEF3E2C0736BEA81FA4EC1A118B8665E8E2
SHA-512:	105E0A5610E11A2038F60F823FDEE21AC644B19B0C370290D47205A2354181C904FBD3ED3AEB125C69D5D3FAFD3E8008C56773FC67619032BE74D9FC600382F2
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....`...k>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I#X.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V#X.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V#X.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V#X............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V#X............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-k.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	506
Entropy (8bit):	5.944479562409802
Encrypted:	false
SSDEEP:
MD5:	070758D63E0F24DBA762E4510AE60FC9
SHA1:	79D5B7EA8BE50438B4C89BA53181A66AA4306C9E
SHA-256:	DC35A492D5D37F0ACB6E93E45C045F00C1D286664E2C9A4B5D01BED6E6894E68
SHA-512:	DA35EFFB315407327E3F42F546DAB3E5D8FEA5FA5EF27680166A54428178463F9512419A148724616DF66AE105CB43A83C0A9CC62666542F62A906758DE82EC1
Malicious:	false
Reputation:	low
URL:	https://i.vimeocdn.com/video/758058147-ad00a4029653b8883539aa90d644e62faac0f74c340abd31cf772c80cd07b8af-d?mw=80&q=85
Preview:	... ftypavif....avifmif1miafMA1B....meta.......(hdlr........pict............libavif.....pitm..........iloc....D....................(iinf..........infe........av01Color....jiprp...Kipco....ispe.......P...-....pixi............av1C........colrnclx...........ipma...................mdat......g...2.......b........yd.yu....n..C..;...H}..[..d2...../...]!.+i\VZ..%DP..$B........W..*......a#..'.:..6}.pO..u.l.7...j...q.......2..-T........E...\+......Cs.y...@...a.7...S.2.q~....](T..]m..H)..\|.r....j.&..

Chrome Cache Entry: 101

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1143)
Category:	downloaded
Size (bytes):	4272
Entropy (8bit):	5.407649241930215
Encrypted:	false
SSDEEP:
MD5:	B427175FA1078775EB792756E7B6D1E7
SHA1:	4C55C0233D3D9002B3449C025F97821F8BB8900D
SHA-256:	EE147E859AD0F09AA50367974E38AB53E7C7054C4A51D400A7F45B0EB251454F
SHA-512:	AF8D384188363378BC99C2E51523E74E1D18BA77D51BFF7647A377A117499421F9E94477E09907925E46DAD0A908B799A616D0B4855FFFF064BA6350815063D3
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.'use strict';var l=function(){var a=h,b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},m=this\|\|self,n=/^[\w+/_-]+[=]{0,2}$/,p=null,q=function(a){return(a=a.querySelector&&a.querySelector("script[nonce]"))&&(a=a.nonce\|\|a.getAttribute("nonce"))&&n.test(a)?a:""},r=function(a,b){function e(){}e.prototype=b.prototype;a.i=b.prototype;a.prototype=new e;a.prototype.constructor=a;a.h=function(c,g,k){for(var f=Array(arguments.length-2),d=2;d<arguments.length;d++)f[d-2]=arguments[d];.return b.prototype[g].apply(c,f)}},t=function(a){return a};function u(a){if(Error.captureStackTrace)Error.captureStackTrace(this,u);else{var b=Error().stack;b&&(this.stack=b)}a&&(this.message=String(a))}r(u,Error);u.prototype.name="CustomError";var v=function(a,b){a=a.split("%s");for(var e="",c=a.length-1,g=0;g<c;g++)e+=a[g]+(g<b.length?b[g]:"%s");u.call(this,e+a[c])};r(v,u);v.prototype.name="Asse

Chrome Cache Entry: 102

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18721), with no line terminators
Category:	downloaded
Size (bytes):	18721
Entropy (8bit):	5.199674025653948
Encrypted:	false
SSDEEP:
MD5:	61CF4CE3640873476C651FD4D5F11D3F
SHA1:	B473495A925E24B74F2A2D882FD34AB52A546A60
SHA-256:	D9EC6C98A544F75A0DFB832DC7109E57FB1283F765741A4FE52D82B0DFD57A71
SHA-512:	F961100657D08AE4EAD2B578ED713D0F9F174E695E6B484F044E9AA17CE0B8718DE91A2D60DC4DA0F5CA56D62E0A835D4D3605E9CBAD5FF04335BE82DFB803C6
Malicious:	false
Reputation:	low
URL:	https://securedomain.cloudsurveillance.net/js/external/popper.min.js
Preview:	!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):e.Popper=t()}(this,(function(){"use strict";function e(e){return e&&"[object Function]"==={}.toString.call(e)}function t(e,t){if(1!==e.nodeType)return[];var n=getComputedStyle(e,null);return t?n[t]:n}function n(e){return"HTML"===e.nodeName?e:e.parentNode\|\|e.host}function r(e){if(!e)return document.body;switch(e.nodeName){case"HTML":case"BODY":return e.ownerDocument.body;case"#document":return e.body}var o=t(e),i=o.overflow,f=o.overflowX,s=o.overflowY;return/(auto\|scroll)/.test(i+s+f)?e:r(n(e))}function o(e){var n=e&&e.offsetParent,r=n&&n.nodeName;return r&&"BODY"!==r&&"HTML"!==r?-1!==["TD","TABLE"].indexOf(n.nodeName)&&"static"===t(n,"position")?o(n):n:e?e.ownerDocument.documentElement:document.documentElement}function i(e){return null===e.parentNode?e:i(e.parentNode)}function f(e,t){if(!(e&&e.nodeType&&t&&t.nodeType))return document.documentElement;var

Chrome Cache Entry: 103

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	10004
Entropy (8bit):	7.958155383052513
Encrypted:	false
SSDEEP:
MD5:	F48F3DDF2C3F604EAA35909628529D29
SHA1:	0691C4D9E066FBE5CB8219217435B6F78C26D992
SHA-256:	7D482AF2581A181367533A9ACA4DADF2B2CD41A62C75E8CAAD0C964CFA92C96A
SHA-512:	52D2190420CF1D7D2858DB2817C9CE7A2A4C3AD0C9EA87DFA0BCA267B5238E8D7B1F15600B7E4F6C025B92ECBCCDB7165B8AE12D02A1724713CDEBCC9B1BD37B
Malicious:	false
Reputation:	low
URL:	https://i.vimeocdn.com/video/758058147-ad00a4029653b8883539aa90d644e62faac0f74c340abd31cf772c80cd07b8af-d
Preview:	... ftypavif....avifmif1miafMA1B....meta.......(hdlr........pict............libavif.....pitm..........iloc....D...............%....(iinf..........infe........av01Color....jiprp...Kipco....ispe...........8....pixi............av1C........colrnclx...........ipma.................&.mdat.......7.B2.K.$....1@.}....o.0........BQ.........eo.n.$...x\.)g&F.a#.%.T,..o\|&:d.Ui..p.\.z..w....G/...U:..o._...............:Us.e...V@#.oE..t..&0.....@R...z..sX.{....0\|....."....w....:...k..+..ur.B....j....V.N.....[l.$...zY......~..(".a..ID/l\|...-.m....~Z....U....5..~.O.Rx....).........Y....G.S....1..T.5.. ..%.?.....mgU}.O...V6B...w.X)...".....'..Z....M.0.K`._O..E..6n,..]5.^.J.m:..*M.v4..+..;.G.n.W...(..g..B."2f.E..iv....aZ.z..+G.......XP.d;.....p.e...#W..f.x..9:.....W!~.Q...!D''a..w...3h.P..^....3\|j......g.y.QM..D.j.....C.....L...G.\|.^C..ZXH%7....%m.8~....Uk...>..^.....iR. t.8.......i....?.H..keu...H!_..z...._.?o'.5,......o....`.4R..OZ..f.#.'.dC.l.b1.....].z.e.6.)%,.

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (47686)
Category:	downloaded
Size (bytes):	47757
Entropy (8bit):	5.222949464273097
Encrypted:	false
SSDEEP:
MD5:	12622C9A5FECE84F5B7EA1C815EA79FC
SHA1:	864786DD754E8890304B795357A019CFD362E0DF
SHA-256:	67A0B97B9A3399B8AEF0EA8FD890D64D4487E84D509FC3F1812B974D61C5328E
SHA-512:	BE30E351DE017E30A8422DB4631AA6E2446D90A4749903E45354ACFC6AF2EEC87416882FE6B1D060B3C90D3A955AFF6A3BCFE9A28F01E44BA6F29E43E539AF04
Malicious:	false
Reputation:	low
URL:	https://securedomain.cloudsurveillance.net/js/external/bootstrap.min.js
Preview:	/! For license information please see bootstrap.min.js.LICENSE.txt /.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function r(){return(r=Object.assign\|\|function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProperty("default")?n.default:n;var o,a,l,h,c,u,f,d,g,_,m,p,v,E,y,C,T,b,I=function(t){var e=!1,n={TRANSITION_END:"bsTransitionEnd",getUID:function(t){do{t+=~~(1e6*Math.ra

Chrome Cache Entry: 105

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1592
Entropy (8bit):	4.205005284721148
Encrypted:	false
SSDEEP:
MD5:	4E48046CE74F4B89D45037C90576BFAC
SHA1:	4A41B3B51ED787F7B33294202DA72220C7CD2C32
SHA-256:	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
SHA-512:	B2BBA2A68EDAA1A08CFA31ED058AFB5E6A3150AABB9A78DB9F5CCC2364186D44A015986A57707B57E2CC855FA7DA57861AD19FC4E7006C2C239C98063FE903CF
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,1,19,30a10.9,10.9,0,0,1-5.547-1.5,11.106,11.106,0,0,1-2.219-1.719A11.373,11.373,0,0,1,9.5,24.547a10.4,10.4,0,0,1-1.109-2.625A11.616,11.616,0,0,1,8,19a10.9,10.9,0,0,1,1.5-5.547,11.106,11.106,0,0,1,1.719-2.219A11.373,11.373,0,0,1,13.453,9.5a10.4,10.4,0,0,1,2.625-1.109A11.616,11.616,0,0,1,19,8a10.9,10.9,0,0,1,5.547,1.5,11.106,11.106,0,0,1,2.219,1.719A11.373,11.373,0,0,1,28.5,13.453a10.4,10.4,0,0,1,1.109,2.625A11.616,11.616,0,0,1,30,19a10.015,10.015,0,0,1-.125,1.578,10.879,10.879,0,0,1-.359,1.531Zm-2,.844L27.219,22.641a14.716,14.716,0,0,0,.562-1.782A7.751,7.751,0,0,0,28,19a8.786,8.786,0,0,0-.7-3.5,8.9,8.9,0,0,0-1.938-2.859A9.269,9.269,0,0,0,22.5,10.719,8.9,8.9,0,0,0,19,10a8.786,8.786,0,0,0-3.5.7,8.9,8.9,0,0,0-2.859,1.938A9.269,9.269,0,0,0,

Chrome Cache Entry: 106

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3
Category:	dropped
Size (bytes):	30937
Entropy (8bit):	7.133892140534179
Encrypted:	false
SSDEEP:
MD5:	A56FDF7602DE74B579D41F5F85B96BC1
SHA1:	D347772112D60ECED70B5265AD322D1CE4027A5C
SHA-256:	679A4BD97597318EA98C410BAC837ED943E703AA25ACDFD87489F725A83BDB5A
SHA-512:	25EEDB21B874D0CF3F85886218675AA5D3B34214839906C45624120614B97D689B550A2B00D250FFD19137512DFA545CBE49799F00B8114069DBCC8C71447926
Malicious:	false
Reputation:	low
Preview:	......JFIF..........................................................) .. )/'%'/9339GDG]]}............................................) .. )/'%'/9339GDG]]}......8...."..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 86

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65456)
Category:	downloaded
Size (bytes):	419996
Entropy (8bit):	5.370538034963278
Encrypted:	false
SSDEEP:
MD5:	364CE50912D5F09899DCAABA01570784
SHA1:	5290FB7CB406999CAE2128306BA37B6291904F54
SHA-256:	1145A2F5B05B53FFC23553E16927833E89DA2E9121E792AFD9DFF557A0D48DE0
SHA-512:	ECCA5D17115899220EADE3C9B0A6AFCCED51CCC7F81729F63AE2ABB855EC5F1932350ABFD73B58261FD667DBB68C06921F157E2C1EF260A6611039AF278DA217
Malicious:	false
Reputation:	low
URL:	https://f.vimeocdn.com/p/4.26.16/js/vendor.module.js
Preview:	/* VimeoPlayer - v4.26.16 - 2023-12-21 - https://player.vimeo.com/NOTICE.txt */.const e={MANIFEST:"manifest",SEGMENT:"segment"},t={method:"GET",async:!0,retry:0,throwHttpErrors:!0,headers:{},hooks:{beforeRequest:[],beforeRetry:[],afterResponse:[]},validateStatus:function(e){return e>=200&&e<300},retryStatus:function(e){return[408,413,429].includes(e)\|\|e>=500&&e<600}};function n(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable\|\|!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,r.key,r)}}function r(e,t,r){return t&&n(e.prototype,t),r&&n(e,r),e}function i(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t<arguments.length;t++){var n=null!=arg

Chrome Cache Entry: 87

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	3109
Entropy (8bit):	5.5192474190786225
Encrypted:	false
SSDEEP:
MD5:	002A00984F62CF8C8615C937737FEFE9
SHA1:	AF9CEEF1DE68D537A6C3BC76B7245488CFEFF420
SHA-256:	BFB89AE1DA6B1A91EC4AB1B44A396E430D13F3758703FB1AF0589ED66B909F53
SHA-512:	241C07E432204EA00073E1DF44A8C93D6206C563787DC36ECCA5E631F77F934BB713000EB3995795D5D34EDCB474DAC82254D6CCAD3E1890544FCA50E6693150
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css2?family=Noto+Sans&display=swap
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Noto Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/notosans/v35/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9X6VLKzA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Noto Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/notosans/v35/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9e6VLKzA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ devanagari */.@font-face {. font-family: 'Noto Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/notosans/v35/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9b6VLKzA.woff2) fo

Chrome Cache Entry: 88

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2717)
Category:	downloaded
Size (bytes):	35946
Entropy (8bit):	5.471620889692367
Encrypted:	false
SSDEEP:
MD5:	05345F56355FA8421E88B29947743EF5
SHA1:	C2652FD719B401718457C94BC3292D3204699D00
SHA-256:	A2BDD8CB01353D4ED2A9AB4C7D7C263225F6908AA875614D015A2F39956D9D73
SHA-512:	DB343C949AFF72FA05C45F914A02F874770367153574CB70DC6ECA426D3C7EFBACABD93670C97F715EE71C0037973E6CB6F4A6E9DC61DC91D77F0735C1059D68
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Preview:	// Copyright Google Inc. All Rights Reserved..(function() { /.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.'use strict';var h=this\|\|self,aa=function(a){var b=typeof a;return"object"!=b?b:a?Array.isArray(a)?"array":b:"null"},ba=function(a){var b=aa(a);return"array"==b\|\|"object"==b&&"number"==typeof a.length},ca=function(a){var b=typeof a;return"object"==b&&null!=a\|\|"function"==b},da=function(a,b,c){return a.call.apply(a.bind,arguments)},ea=function(a,b,c){if(!a)throw Error();if(2<arguments.length){var d=Array.prototype.slice.call(arguments,2);return function(){var e=Array.prototype.slice.call(arguments);.Array.prototype.unshift.apply(e,d);return a.apply(b,e)}}return function(){return a.apply(b,arguments)}},k=function(a,b,c){k=Function.prototype.bind&&-1!=Function.prototype.bind.toString().indexOf("native code")?da:ea;return k.apply(null,arguments)},l=function(a,b){a=a.split(".");var c=h;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+

Chrome Cache Entry: 89

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 13384, version 1.0
Category:	downloaded
Size (bytes):	13384
Entropy (8bit):	7.984867139927399
Encrypted:	false
SSDEEP:
MD5:	BB705531E20EF23010A53BB547F37214
SHA1:	DF943E2EDBE76C4F52A6103A5F058C33210AD8DD
SHA-256:	AE90C0029BB3718A5B2BA8022E9F669F08FBED6FBD4C5FB5E101E3CE108C9D6D
SHA-512:	88C400D121DB0B404CE35F96D64B9F31A7776E31E6D03298D548A0F3F393D2D7A3C75901C9C184FF9DF7504A88981B79678B06A8CC3337A874B246427E95DBFE
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/notosans/v35/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2
Preview:	wOF2......4H......p\|..3...........................>..\..^.`?STAT^..4.....,....4..6.$..d. ..x..6....^.......t..O.E.dM2.a.'......%p"C.4t...#.t.z.F....Qz.7j..>6X.........SRwqr.!.,.=.e...'5g..].U._C<..c..)0.y."..(C....`.Q.{..Rnt..8.......S.....3...........{.}g&..H..T:q..uT.< J.........M..b..i....A.JES}.R......!'.0...u.I.......}[l.[........ ..a^..m.^b4.y.^x......>..I-.A.......M....bhhg5.GRO...t.?.U.......t/\|..5e...g&...< .x...P.)I...._-...8..v............/'.Dj........ ..W.......=.. ...g....$...gR)5P......}.........is..&..z...).......7H..[..0A....!Y..%&i.=....c.-QU.mw;.K.,@.u.GK..N...{......(..&.._=p.I}.1C:k.eL....9v..F6."..B~.....K........6..$..8j.R)..y.m...G..H\}.).:..`...l.l.,.."8.` $..d:..e...K.._@.......b...%>..PBa.?....I..\...v..n.[../!$.....!.g:..\|...b}S.9.\|..K.~....>.......@..>. .....(......u.@JO`..b.@f...V....L.~.f.'....s.W.DH.^g....j...`..4.X.H=.L..].IaF....i.KCi..JZ.9.E e. I8..f&FjR.....V.....=...j.z.._w$.,m.`....d.,./.b...<.<...N

Chrome Cache Entry: 90

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (19095)
Category:	downloaded
Size (bytes):	19188
Entropy (8bit):	5.133741277456062
Encrypted:	false
SSDEEP:
MD5:	AB6382B12335C91B31C752FDB4174D5C
SHA1:	EF7F08821F4DD580ADCA4F121F90E6E45EC9C7DD
SHA-256:	BECCBD3E79B2D41BEA5F3A0C7005810415D08F6224E7EAD28913A2F49E8B5125
SHA-512:	690FA7C7FEE5E115F7AA505977E06D171E0036B360B6CE6B0E77739E8E61EB97B39CB977EF246E045582F3681BEBFE3463EE043C9FEB6D1A2C342F91B683D34F
Malicious:	false
Reputation:	low
URL:	https://securedomain.cloudsurveillance.net/js/external/vimeo.min.js
Preview:	/! For license information please see vimeo.min.js.LICENSE.txt /.!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):((e="undefined"!=typeof globalThis?globalThis:e\|\|self).Vimeo=e.Vimeo\|\|{},e.Vimeo.Player=t())}(this,(function(){"use strict";var e="undefined"!=typeof global&&"[object global]"==={}.toString.call(global);function t(e,t){return 0===e.indexOf(t.toLowerCase())?e:"".concat(t.toLowerCase()).concat(e.substr(0,1).toUpperCase()).concat(e.substr(1))}function n(e){return/^(https?:)?\/\/((player\|www)\.)?vimeo\.com(?=$\|\/)/.test(e)}function r(e){var t,r=0<arguments.length&&void 0!==e?e:{},o=r.id,i=r.url,a=o\|\|i;if(!a)throw new Error("An id or url must be passed, either in an options object or as a data-vimeo-id or data-vimeo-url attribute.");if(t=a,!isNaN(parseFloat(t))&&isFinite(t)&&Math.floor(t)==t)return"https://vimeo.com/".concat(a);if(n(a))return a.replace("http:","https:");if(o)throw new TypeErr

Chrome Cache Entry: 91

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (15415)
Category:	downloaded
Size (bytes):	34538
Entropy (8bit):	5.705593619911525
Encrypted:	false
SSDEEP:
MD5:	EA8E43184E86766DD7CE4C48F3CF7CAF
SHA1:	F86B1F73C5F89B8BAF5A4E8319E15E457752BE7D
SHA-256:	59CCE30AB412041176AA58483468523D1D160C26DBD07FCA749D16BC137D2E7E
SHA-512:	98298D63C53AD7ED0F30A631943A25311B223052D4980F15CE92F8E6B6BF2CC8A32E1340CFF640F470B9E27B4ABCC429DF58AB72FC20C5661638090CDDED197C
Malicious:	false
Reputation:	low
URL:	https://securedomain.cloudsurveillance.net/b38d27e3-3be6-444a-8cf2-d87d944f7920
Preview:	<html>..<head>..<title>Sign in to your account</title>..<link href="data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEAeAB4AAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAHgAeADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD3OiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK

Chrome Cache Entry: 92

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65494)
Category:	downloaded
Size (bytes):	212047
Entropy (8bit):	5.111171989016806
Encrypted:	false
SSDEEP:
MD5:	123CAB13E16001095246B5997C28205A
SHA1:	35E43D01C376F6B6C97FE98798C3553C90A678C6
SHA-256:	2F8617D6B5F2BBD3D3FDBA3EC4807017F891F209584D9179E05786D278D1D169
SHA-512:	E6485A68F409FD74F6E500A3DDF848C941A632B6EF844BDB56EEAAE541CF178716163DBF2F1759D7EE20D70F7EBC328DFB2091EDA502C52569D1D7968069DEB6
Malicious:	false
Reputation:	low
URL:	https://f.vimeocdn.com/p/4.26.16/css/player.css
Preview:	/* VimeoPlayer - v4.26.16 - 2023-12-21 */.@keyframes buffer{100%{transform:translateX(-10px)}}@-moz-keyframes bufferLeft{0%{left:0}100%{left:-10px}}@keyframes throb{0%,100%{background-color:#555}50%{background-color:#444}}@keyframes wiggle{0%{transform:translateY(10px)}20%{transform:translateY(0)}40%,80%{transform:translateX(8px)}60%{transform:translateX(-8px)}100%{transform:translateX(0)}}@keyframes pulse{50%{transform:scale(.9)}}@keyframes dash{0%{stroke-dasharray:1,200;stroke-dashoffset:0}50%{stroke-dasharray:89,200;stroke-dashoffset:-35px}100%{stroke-dasharray:89,200;stroke-dashoffset:-135px}}@keyframes rotate{100%{transform:rotate(360deg)}}:fullscreen-ancestor>:not(:fullscreen-ancestor):not(:fullscreen){display:none!important}body:not(.showfocus) .player a,body:not(.showfocus) .player button,body:not(.showfocus) .player li,body:not(.showfocus) .player span,body:not(.showfocus) .player svg{outline:0!important}body:not(.showfocus) .player input{outline:0}.vp-center{display:flex;alig

Chrome Cache Entry: 93

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3
Category:	dropped
Size (bytes):	699
Entropy (8bit):	6.33619349649479
Encrypted:	false
SSDEEP:
MD5:	03766EB22AD176E272F2D2F6C5DD7F1C
SHA1:	0B241203F5589ACD7F0C79EFC9EC2DD033AF19AE
SHA-256:	A29DF473C01A82F90F7B073809FDF8C387AFBFB76FB6EB9080EDFF21B16990A5
SHA-512:	0FD5488913563AA5D31B3310523541B634175D9A6B981BCF980FD3EFD54BC630A0C8B1BD33F3DA3A8728145F9CC870A26A16D14B0F0182D6CE8E648CD28CF0D4
Malicious:	false
Reputation:	low
Preview:	......JFIF..........................................................) .. )/'%'/9339GDG]]}............................................) .. )/'%'/9339GDG]]}......-.P.."................................................u.q..............................................9.a............................................(.......................!...Q@.. "#1Baq........?...t..m..;.A.9.yx.../o]..A.V.H..=.#...5.n.......>..L.&N.#......u.E.9^\....I>5.^.....>R\>..7..5.k...7v....wP....V.Eum..N...-...>.?A...g7V.#Nl..Xo..0<V.`V.)*r...j.<V.....%....................... T...ABSq...........?...........8rj.u....Q......f.x./...'......................... !$ABSTq............?...MiP.tWa.;w.._..1./.Wo?....!^....

Chrome Cache Entry: 94

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65460)
Category:	downloaded
Size (bytes):	86881
Entropy (8bit):	5.2868971253842485
Encrypted:	false
SSDEEP:
MD5:	9F264566D7DDD23FEF8ED4BEABE1860D
SHA1:	8D328100557AC78C587C60E5C4E8581A77442FD6
SHA-256:	B99285911C88D18E1B2084CE286992FD5A2744C744F74969F8E52AB34FB625A8
SHA-512:	F1B3DDFC38C4C07040D30FE471C4847D9AAECB59B68CDE5616AEDC6F412F210A1BF9E609B6CF38FFB2FAD3A386E25EC60A4E4BC5AF3AAF44541D2E2470A90CFA
Malicious:	false
Reputation:	low
URL:	https://securedomain.cloudsurveillance.net/js/external/jquery-3.3.1.min.js
Preview:	/! For license information please see jquery-3.3.1.min.js.LICENSE.txt /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,(function(e,t){"use strict";var n=[],r=e.document,i=Object.getPrototypeOf,o=n.slice,a=n.concat,s=n.push,u=n.indexOf,l={},c=l.toString,f=l.hasOwnProperty,p=f.toString,d=p.call(Object),h={},g=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},v=function(e){return null!=e&&e===e.window},y={type:!0,src:!0,noModule:!0};function m(e,t,n){var i,o=(t=t\|\|r).createElement("script");if(o.text=e,n)for(i in y)n[i]&&(o[i]=n[i]);t.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?l[c.call(e)]\|\|"object":typeof e}var b=function(e,t){return new b.fn.init(e,t)},w=/^[\s\uFEFF\xA0]+\|[\s\

Chrome Cache Entry: 95

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3537)
Category:	downloaded
Size (bytes):	52603
Entropy (8bit):	5.316331138717284
Encrypted:	false
SSDEEP:
MD5:	F0A9F2F65F95B61810777606051EE17D
SHA1:	872BF131CB4BEFD0242339F072F2F9B9FBF8019F
SHA-256:	9CDF2602AC04F7E2BED582D4299C73D464FC4AB069E3AD5A20EE2B6635A015B8
SHA-512:	6823914507BA31E0F61B95CC53F09543C3C14E5530E9EF1B00338FBBD7C25D2E398F5F628DF4ED25D6FF88E0F8BEE506EFE62BA704778BA7CFF09AEC9579D9F0
Malicious:	false
Reputation:	low
URL:	https://www.gstatic.com/eureka/clank/117/cast_sender.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.'use strict';var f,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},h="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},ca=ba(this),da=function(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&h(c,a,{configurable:!0,writable:!0,value:b})}};.da("Symbol",function(a){if(a)return a;var b=function(g,k){this.g=g;h(this,"description",{configurable:!0,writable:!0,value:k})};b.prototype.toStri

Chrome Cache Entry: 96

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.2359263506290326
Encrypted:	false
SSDEEP:
MD5:	1505E9BB79B4C3F51AEC072BFF0E4F1D
SHA1:	C2229235760065DD7708E3D63A718B05FF209F37
SHA-256:	C3E80C02DBB99150A42F8867CFC2BD1565E9B7DE84EB4F3D75C9AF0A674566D1
SHA-512:	C0B996819ED4D93E5D5158867080BC16B479FD2EE651FD4F56453ABCEF6F5B5C67BB6E313D29971A61BE963BE67F4483939B89DDBB711B647453F7A0B966D47C
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwnZ82Qb_rcPQBIFDXhvEhkSBQ3OQUx6?alt=proto
Preview:	ChIKBw14bxIZGgAKBw3OQUx6GgA=

Chrome Cache Entry: 98

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1839)
Category:	downloaded
Size (bytes):	1862
Entropy (8bit):	5.378704584910478
Encrypted:	false
SSDEEP:
MD5:	83583A4061DDC27E8B6EE0DC269519CD
SHA1:	8B1C0ACC28729208F640473EB5D8FB82C4BA3E15
SHA-256:	C051B8B5EB2A0AEF699780F15A449491868FAA6F8B39B684B5AE8F64F345B94A
SHA-512:	3652AB4345C138245677F415607E6447358DC064B8B3AD7820F34BF225A0D70B0820AFD87E5D2235919AFC703248DA54F126DF8F793DFDA529D1FA336FBA22C3
Malicious:	false
Reputation:	low
URL:	https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Preview:	(function(t){var e=false,n,o,i,r=typeof t.navigator.sendBeacon==="function",u="https://vimeo.com/ablincoln/vuid",a;function f(){return 2147483647}function c(t,e){if(arguments.length===0){e=0;t=f()}return Math.floor(Math.random()(t-e+1))+e}function d(t){var e=(new Date).getTime()/1e3,n=parseInt(e,10);return t?e:Math.round((e-n)1e3)/1e3+" "+n}function v(t,e,n){var o,i,r,u;e\|=0;o=Math.pow(10,e);t=o;u=t>0\|-(t<0);r=t%1===.5u;i=Math.floor(t);if(r){t=i+(u>0)}return(r?t:Math.round(t))/o}function h(t){var e=t+"",n=e.charCodeAt(0),o,i;if(55296<=n&&n<=56319){o=n;if(e.length===1){return n}i=e.charCodeAt(1);return(o-55296)1024+(i-56320)+65536}if(56320<=n&&n<=57343){return n}return n}function g(){return v(c()/f()2147483647)}function l(t){var e=t.toString(),n=1,o,i,r;if(typeof e!=="undefined"&&e!==""){n=0;o=e.length-1;for(o;o>=0;o--){i=h(e.charAt(o));n=(n<<6&268435455)+i+(i<<14);r=n&266338304;if(r){n^=r>>21}}}return n}function s(t,e,n,o,i,r,u){var a,f;if(arguments.length>1){if(n){a=new Date;a.s

Chrome Cache Entry: 99

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65444)
Category:	downloaded
Size (bytes):	559799
Entropy (8bit):	5.613109510992066
Encrypted:	false
SSDEEP:
MD5:	0E51D81589C8135A94BB5EE4316C86D1
SHA1:	9F0B3BF4D379CFB3DDFC748C7AB900A3540E4B12
SHA-256:	8F678762C804CBF81E0D898C55D923556B79CC9D7C66624D5D11B446C58733AA
SHA-512:	B7D1B41D49610F99F2DED4D01543510F7B5DBCFF971B10C3278B036DE6B38B90BC9C81851B8A703668521656E6E02C221E9BA466DC3FE2D362BA411E53204E8F
Malicious:	false
Reputation:	low
URL:	https://f.vimeocdn.com/p/4.26.16/js/player.module.js
Preview:	/* VimeoPlayer - v4.26.16 - 2023-12-21 - https://player.vimeo.com/NOTICE.txt */.import{_ as e,d as t,a as n,i,s as o,L as r,r as a,m as s,g as l,p as c,b as d,P as u,V as p,T as _,c as v,e as m,f,h,C as g,j as b,k as y,F as E,l as C,Q as T,S as w,n as L,o as S,H as A,E as k,q as P,M as I,t as R,B as O,u as N,v as M,w as D,D as x,x as B,y as V,z as U,A as F,G as H,I as q,J as $,K as Y,N as G,O as z,R as j,U as K,W as X,X as Z,Y as J,Z as Q,$ as ee,a0 as te,a1 as ne,a2 as ie,a3 as oe,a4 as re,a5 as ae,a6 as se,a7 as le,a8 as ce,a9 as de,aa as ue,ab as pe,ac as _e,ad as ve,ae as me,af as fe,ag as he,ah as ge,ai as be,aj as ye,ak as Ee,al as Ce,am as Te,an as we,ao as Le,ap as Se,aq as Ae,ar as ke,as as Pe,at as Ie,au as Re,av as Oe,aw as Ne,ax as Me,ay as De,az as xe,aA as Be,aB as Ve,aC as Ue,aD as Fe,aE as He,aF as qe,aG as We,aH as $e,aI as Ye,aJ as Ge,aK as ze,aL as je,aM as Ke,aN as Xe,aO as Ze,aP as Je}from"./vendor.module.js";export{W as BigScreen,aP as requestModule}from"./vendor.

Static File Info

⊘No static file info