Edit tour

Windows Analysis Report
https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee

Overview

General Information

Sample URL:	https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee
Analysis ID:	1371303

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Creates files inside the system directory

Stores files to the Windows start menu directory

Suspicious form URL found

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 3520 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5184 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=2044,i,8219837834875397368,10683203647056807504,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 336 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4032 --field-trial-handle=2044,i,8219837834875397368,10683203647056807504,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

• Phishing
• Compliance
• Software Vulnerabilities
• Networking
• System Summary
• Boot Survival

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: Form action: mail-test.php
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: Form action: mail-test.php
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: Form action: mail-test.php
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: Form action: mail-test.php
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: Form action: mail-test.php
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: Form action: mail-test.php

Source: about:blank	HTTP Parser: No favicon
Source: about:blank	HTTP Parser: No favicon
Source: about:blank	HTTP Parser: No favicon
Source: about:blank	HTTP Parser: No favicon
Source: about:blank	HTTP Parser: No favicon

Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="author".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="author".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="author".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="author".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="author".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="author".. found

Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="copyright".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="copyright".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="copyright".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="copyright".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="copyright".. found
Source: https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49835 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49831 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49849 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 15MB later: 37MB

Source: unknown

HTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49835 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25

Source: unknown

DNS traffic detected: queries for: campaign-statistics.com

Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443

Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49831 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49849 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_3520_1636520050

Source: classification engine

Classification label: clean2.win@17/126@40/154

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=2044,i,8219837834875397368,10683203647056807504,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4032 --field-trial-handle=2044,i,8219837834875397368,10683203647056807504,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=2044,i,8219837834875397368,10683203647056807504,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4032 --field-trial-handle=2044,i,8219837834875397368,10683203647056807504,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact	Resource Development	Reconnaissance
Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	11 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	2 Encrypted Channel	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Abuse Accessibility Features	Acquire Infrastructure	Gather Victim Identity Information
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	1 Non-Application Layer Protocol	SIM Card Swap	Obtain Device Cloud Backups	Network Denial of Service	Domains	Credentials
Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	2 Application Layer Protocol			Data Encrypted for Impact	DNS Server	Email Addresses
Local Accounts	Cron	Login Hook	Login Hook	1 Extra Window Memory Injection	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Traffic Duplication	Protocol Impersonation			Data Destruction	Virtual Private Server	Employee Names

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee	0%	Avira URL Cloud	safe
https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee	1%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
jsdelivr.map.fastly.net	0%	Virustotal		Browse
campaign-statistics.com	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label	Link
about:blank	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
jsdelivr.map.fastly.net	151.101.1.229	true	false	0%, Virustotal, Browse	unknown
vsa83.tawk.to	104.22.24.131	true	false		high
vsa120.tawk.to	104.22.24.131	true	false		high
accounts.google.com	74.125.129.84	true	false		high
vsa111.tawk.to	172.67.38.66	true	false		high
vsa103.tawk.to	172.67.38.66	true	false		high
embed.tawk.to	172.67.38.66	true	false		high
va.tawk.to	104.22.25.131	true	false		high
venustrademarks.com	162.0.232.190	true	false		unknown
cdnjs.cloudflare.com	104.17.25.14	true	false		high
campaign-statistics.com	172.66.40.88	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.250.191.196	true	false		high
clients.l.google.com	172.217.2.46	true	false		high
vsa37.tawk.to	104.22.25.131	true	false		high
clients1.google.com	unknown	unknown	false		high
cdn.jsdelivr.net	unknown	unknown	false		high
clients2.google.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
about:blank	false	Avira URL Cloud: safe	low
https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.190.131	unknown	United States	15169	GOOGLEUS	false
151.101.1.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
104.17.24.14	unknown	United States	13335	CLOUDFLARENETUS	false
142.250.190.35	unknown	United States	15169	GOOGLEUS	false
162.0.232.190	venustrademarks.com	Canada	22612	NAMECHEAP-NETUS	false
142.250.190.10	unknown	United States	15169	GOOGLEUS	false
216.239.34.36	unknown	United States	15169	GOOGLEUS	false
104.22.25.131	va.tawk.to	United States	13335	CLOUDFLARENETUS	false
142.251.32.14	unknown	United States	15169	GOOGLEUS	false
74.125.129.84	accounts.google.com	United States	15169	GOOGLEUS	false
172.66.40.88	campaign-statistics.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.251.32.10	unknown	United States	15169	GOOGLEUS	false
142.250.190.3	unknown	United States	15169	GOOGLEUS	false
172.217.2.46	clients.l.google.com	United States	15169	GOOGLEUS	false
172.67.38.66	vsa111.tawk.to	United States	13335	CLOUDFLARENETUS	false
142.250.191.232	unknown	United States	15169	GOOGLEUS	false
104.22.24.131	vsa83.tawk.to	United States	13335	CLOUDFLARENETUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
142.250.191.196	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.8
192.168.2.16

General Information

Joe Sandbox version:	38.0.0 Ammolite
Analysis ID:	1371303
Start date and time:	2024-01-08 16:13:40 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean2.win@17/126@40/154

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, conhost.exe
Excluded IPs from analysis (whitelisted): 142.250.190.3, 34.104.35.123, 142.250.191.232, 142.250.190.10, 142.250.190.35, 216.239.34.36, 216.239.32.36, 142.251.32.10, 172.217.4.42, 142.250.191.106, 142.250.191.234, 142.250.191.138, 142.250.191.202, 172.217.5.10, 142.250.191.170
Excluded domains from analysis (whitelisted): fonts.googleapis.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, www.googletagmanager.com, fonts.gstatic.com, clientservices.googleapis.com, region1.google-analytics.com
Not all processes where analyzed, report is missing behavior information

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 8 14:14:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.986926723820941
Encrypted:	false
SSDEEP:
MD5:	939AA5C86D5F28199DD200136DB6826B
SHA1:	38F8E21020B22972D9D204B93763895D2141F27B
SHA-256:	0D009BC8A4444032D097A87CDE0F45028613C38F60888F03C46E5CFA68AF9096
SHA-512:	7F1656E5657137079D9652518EE247274372BE7F5AAEC5A6585085A118E23432F95B1562BEDD7AAF69464A8761C5F24AF3BA9D29B7BCCF5A3D27C91EAD4DD072
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....~.VEB..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I(X.y....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V(X.y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V(X.y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V(X.y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V(X.y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............H6u.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 8 14:14:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.001491657495391
Encrypted:	false
SSDEEP:
MD5:	4220136F085D81A5E2FB6600F76D4BD7
SHA1:	894ACC93DE4E9DE59528D313687C43F35415EF78
SHA-256:	826857B77EDC27D8F0A4C949FD479ECD567DEA327BF24DD50993764DF17012ED
SHA-512:	643C2BD0AA3AC56320E2DE749A57EE25A47C8A66CEE46C91AEE1E1E98CCCCBFEE2A30715398404595987BC9B1BF9F7E53C624875666AA731BE8486E48EAFBFC9
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....j.VEB..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I(X.y....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V(X.y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V(X.y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V(X.y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V(X.y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............H6u.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.01084096371725
Encrypted:	false
SSDEEP:
MD5:	8F6011E10DC36DECE549A5EA48350ACA
SHA1:	BD5945920349718D88676C830E486FD78365EB87
SHA-256:	A945625F6AA343C728D35E8C8A69837EFCB589E95779D928D0DC1F0552F72AD4
SHA-512:	239ECAD0E3194D73A171DD3B56F2DB03A64EB808938D55AA60A4E6FFEA948BDEB3D0E75EF65722D3E66B90ECE09603AA53365E4D09DAF7212A26A014845AF6E6
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I(X.y....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V(X.y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V(X.y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V(X.y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............H6u.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 8 14:14:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.000461753022821
Encrypted:	false
SSDEEP:
MD5:	EAC97A27DCBC84B7123D9C414875F823
SHA1:	A59D9D0A75A6DF185ED93063C2BE78F063C7DBF4
SHA-256:	15EBCFECFC24AE609CC7EABA74998967373A614F1C8F2CED69249132C6B59DAD
SHA-512:	4F02A4052E35D80414BA33BD1F0B7B2D52634F52AF40043F5D8AC2D9FEFB0034A38FEF0A401BC09824E5BD39AADB44EEF677287EEE5993AC52BB221F2EB299D1
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....>.VEB..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I(X.y....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V(X.y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V(X.y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V(X.y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V(X.y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............H6u.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 8 14:14:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9903906184353612
Encrypted:	false
SSDEEP:
MD5:	CE0AF462D97610B5B8A23413DDDB2F66
SHA1:	3949AB3A80492C0ADA94AAB221DF2D0C63278B91
SHA-256:	88DD5C4BC0699F4B0CBC67E1B00E2058AEE496B63397E95CB486749EEC053C1E
SHA-512:	25B5417F6227FEBEB889456F7ED68861DF76664147DB185AF0DFA67D4DE77CCCBFC3FBA45392C9E38EA47CD14C39013E958FE5E66A7ECEF6F55A9011523CCE31
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......$VEB..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I(X.y....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V(X.y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V(X.y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V(X.y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V(X.y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............H6u.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jan 8 14:14:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9985163243466215
Encrypted:	false
SSDEEP:
MD5:	38CC2A96A17C74068E3B400103A48AA0
SHA1:	CBBAEFF71FC6843ECB640EAB16D7A94E35B0B91A
SHA-256:	015E508D9F73951D8C833B978B644F5CE4C14E15534576879F63F6B0226C939E
SHA-512:	029D7BC87B1DC763722A01F2D396F4FC48940973E081C09BD14F35042E4382E60BD73FEC62C5893A5A3BCE50B23867484B354D39AFE07A26AED096339A06091E
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,..../\.VEB..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I(X.y....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V(X.y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V(X.y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V(X.y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V(X.y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............H6u.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9929), with no line terminators
Category:	downloaded
Size (bytes):	9929
Entropy (8bit):	5.1575049111024445
Encrypted:	false
SSDEEP:
MD5:	70AEC2DD89CAC4933594C25B71D61F46
SHA1:	3DFE6F517BD57ABBEA46DD4DA776E80270D9DB5F
SHA-256:	CD50385CEF163EB376D93E7B1E07FE467DE23B60C98373F7D69448214D3E9CDD
SHA-512:	67194B205A73A18A41199155DEAF5073D565023889923D176DFD857E6DE6FB495928818A8A600B7B9C9AFD17138FBF9CB183ACE2DE9E19FF02FC50831A66066D
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-2c776523"],{"5a60":function(t,e,o){"use strict";var n=o("bd42").a,r=o("2877"),a=Object(r.a)(n,void 0,void 0,!1,null,null,null);e.a=a.exports},bd42:function(t,e,o){"use strict";(function(t){var n=o("2b0e"),r=o("f0b0");function a(t,e){return function(t){if(Array.isArray(t))return t}(t)\|\|function(t,e){var o=null==t?null:"undefined"!=typeof Symbol&&t[Symbol.iterator]\|\|t["@@iterator"];if(null!=o){var n,r,a,i,s=[],l=!0,c=!1;try{if(a=(o=o.call(t)).next,0===e){if(Object(o)!==o)return;l=!1}else for(;!(l=(n=a.call(o)).done)&&(s.push(n.value),s.length!==e);l=!0);}catch(t){c=!0,r=t}finally{try{if(!l&&null!=o.return&&(i=o.return(),Object(i)!==i))return}finally{if(c)throw r}}return s}}(t,e)\|\|function(t,e){if(t){if("string"==typeof t)return i(t,e);var o=Object.prototype.toString.call(t).slice(8,-1);return"Object"===o&&t.constructor&&(o=t.constructor.name),"Map"===o\|\|"Set"===o?Array.from(t):"Arguments"===o\|\|/^(?:Ui\|I)nt(?:8\|16\|32)(?:Clamped)?Array$

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Category:	downloaded
Size (bytes):	315946
Entropy (8bit):	5.122592015677263
Encrypted:	false
SSDEEP:
MD5:	ECA1B297DF5CCEE1FBF6B6C11ECB9647
SHA1:	3BDC62117B12D69A51D14FB6C73B095EB9171AD3
SHA-256:	BC834B34D980D405A500C1592C9D06B84E1E900DCDD8F3BE375563904BE14582
SHA-512:	52C74114DCBA2D83C14E2F3602731A2754981006D1AAFA1102619B9F234BFCF7DE297D32BD58B98C4EC2099D4A3DF58AAE4E34B0BE6EAF1BA5CACD00630EA9D6
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/css/layout.css
Preview:	/! Bootstrap v5.1.3 (https://getbootstrap.com/) */..:root{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef;--bs-gray-300:#dee2e6;--bs-gray-400:#ced4da;--bs-gray-500:#adb5bd;--bs-gray-600:#6c757d;--bs-gray-700:#495057;--bs-gray-800:#343a40;--bs-gray-900:#212529;--bs-primary:#0d6efd;--bs-secondary:#6c757d;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-primary-rgb:13,110,253;--bs-secondary-rgb:108,117,125;--bs-success-rgb:25,135,84;--bs-info-rgb:13,202,240;--bs-warning-rgb:255,193,7;--bs-danger-rgb:220,53,69;--bs-light-rgb:248,249,250;--bs-dark-rgb:33,37,41;--bs-white-rgb:255,255,255;--bs-black-rgb:0,0,0;--bs-body-color-rgb:33,37,41;--bs-body-bg-rgb:255,255,255;--bs-font-sans-

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65464)
Category:	downloaded
Size (bytes):	217124
Entropy (8bit):	5.312637286426185
Encrypted:	false
SSDEEP:
MD5:	86B32A04921A039ACE69980BACD1B639
SHA1:	CA9A6E342590D510A0CF480C4131EB420BA5B410
SHA-256:	FCD1FA4D2007137DA13DD581C678ACFDA42358CBDBDA0F0204874FBE2E2C4663
SHA-512:	CA2D3AAF396FDD4F9F1AD4893A6A972A8CFF31735E6745B28739656B97650EFA3044AA7A020A3800824F0197895853898935C21A0EB231C1D14A49426E73438B
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js
Preview:	/! For license information please see twk-chunk-vendors.js.LICENSE /.(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-vendors"],{"00ee":function(t,e,n){"use strict";var i={};i[n("b622")("toStringTag")]="z",t.exports="[object z]"===String(i)},"01b4":function(t,e,n){"use strict";var i=function(){this.head=null,this.tail=null};i.prototype={add:function(t){var e={item:t,next:null},n=this.tail;n?n.next=e:this.head=e,this.tail=e},get:function(){var t=this.head;if(t)return null===(this.head=t.next)&&(this.tail=null),t.item}},t.exports=i},"0366":function(t,e,n){"use strict";var i=n("4625"),r=n("59ed"),o=n("40d5"),a=i(i.bind);t.exports=function(t,e){return r(t),void 0===e?t:o?a(t,e):function(){return t.apply(e,arguments)}}},"04f8":function(t,e,n){"use strict";var i=n("2d00"),r=n("d039"),o=n("da84").String;t.exports=!!Object.getOwnPropertySymbols&&!r((function(){var t=Symbol("symbol detection");return!o(t)\|\|!(Object(t)instanceof Symbol)\|\|!Symbol.sham&&i&&i<41}))},"06cf":function(t,e,n){"u

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65464)
Category:	downloaded
Size (bytes):	112772
Entropy (8bit):	5.265845835239227
Encrypted:	false
SSDEEP:
MD5:	1EAF1603955FF543FB810FE5EDC51E58
SHA1:	CEF705B901C21A5EE656819BB04A8CB6E2A398E9
SHA-256:	0DB3A997BF0303354210ECB224DC7B4BB1F81D34AA95FD06CDF13498C265339D
SHA-512:	57530B9D4CB97949A796CCC0E74C0584A50759EBD2CBD854FFA135A8F5A6AEE6047D931A3D00DC49EBD56ADBE2F286600E092A575CE4FD892DB3C0101385F248
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-24d8db78.js
Preview:	/! For license information please see twk-chunk-24d8db78.js.LICENSE /.(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-24d8db78"],{"0c08":function(t,e,a){"use strict";(function(t){var i=a("2f62"),s=a("f0b0"),r=a("4cd0"),n=a("3519"),o=a("9f3e"),c=a("31dd"),l=a("dbd1"),u=a("3f09"),d=a("e375");function h(t){return(h="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function m(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(t);e&&(i=i.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,i)}return a}function f(t){for(var e=1;e<arguments.length;e++){var a=null!=arguments[e]?arguments[e]:{};e%2?m(Object(a),!0).forEach((function(e){p(t,e,a[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(a)):m(Objec

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	151
Entropy (8bit):	4.830399334426474
Encrypted:	false
SSDEEP:
MD5:	E736E189EDB5D0D9D5B8E7F23DD9114A
SHA1:	BCABEE193F13756FA9154FC492FE420C47140343
SHA-256:	13CF82E6F9D48221CD55F8B3C3D206F7BDB83F291034B478E484CCFEF7D500DD
SHA-512:	EA972884C185633EA238BDACEA6AC9DA0E0E92F88588CD85C214514C3597BC7D811C4DC4CD35B671DD2DB97179BEDCEB38BD5D200ABB9653FBCAEAC2CA6EC7B5
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-app.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["app"],[function(n,o,p){n.exports=p("56d7")}],[[0,"runtime","vendor","chunk-vendors","chunk-common"]]]);

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1440x600, components 3
Category:	downloaded
Size (bytes):	72872
Entropy (8bit):	7.446080313097333
Encrypted:	false
SSDEEP:
MD5:	12B3A71E4D55E65522DA9234F6A189DA
SHA1:	D6A5ACC90E49DDA2DF91FCFE915A0507717BE75C
SHA-256:	2BEE477194FF76157B7F9CA9E16CEAA15377BD867C232784270E764B1B59E506
SHA-512:	432047AFF562688AFF3725D86A46649CF40124E7B7DE5FE7258983C5ABDECD2864D353F9DAB76B616B5F6C4826E549F1B5E7730AAFF0C41F0ACA0FA7B50C93B7
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/images/testimonial-bg.jpg
Preview:	......JFIF.....H.H.....C....................................................................C.......................................................................X.................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..#+...p.....(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:
MD5:	EC331136E75314D2030EE013B6069921
SHA1:	6B7428B8B15616A67F767D42964AF94FCBE2A803
SHA-256:	A7358DF6B7B60280F2A0D7CD5B70A9F1DFA4FCE5C31FB1A24FB2F109AF7EE977
SHA-512:	30C9B411C937F7D3DE9E59D8BE1CDE4F262B05C6AC2EC2D2C1956E705FE255D84DE17913826A0378B7FD4E51E075EE72A6BF16B870BF78B83D4F1D4507A44278
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAmv9KadGMy2zRIFDQbtu_8=?alt=proto
Preview:	CgkKBw0G7bv/GgA=

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	7461
Entropy (8bit):	3.7887687014497673
Encrypted:	false
SSDEEP:
MD5:	105C01CF3DCEE5D89ACAA180CFB4391E
SHA1:	EECCE84B692D712CACB3D9B910F6978083D0ACAD
SHA-256:	ED9B869E9DEEC0A4E8E557189C0F8308019121ECE852A1F5054A894E6F2093F4
SHA-512:	7957300FEEB1313741621E50722832664CB4D70CB1A60CFCC442908E52FE8F3F499C8B6AC857A1E597BC0A3E02273086BF7C32942ADCAD48EA02EBF04CD5AA8C
Malicious:	false
Reputation:	low
Preview:	<svg width="127" height="29" viewBox="0 0 127 29" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M3.31 18.903L18.06 3.087L14.749 0L0 15.816L3.31 18.903ZM5.792 29L20.54 13.184L17.23 10.097L2.482 25.913L5.792 29ZM37.053 10.784C36.6683 10.3029 36.1742 9.92069 35.612 9.669C35.018 9.393 34.446 9.255 33.894 9.255C33.61 9.255 33.322 9.28 33.03 9.33C32.737 9.38 32.474 9.477 32.24 9.619C32.006 9.761 31.81 9.945 31.65 10.17C31.492 10.396 31.413 10.684 31.413 11.035C31.413 11.335 31.475 11.587 31.601 11.787C31.726 11.987 31.91 12.163 32.152 12.314C32.394 12.464 32.682 12.602 33.017 12.727C33.351 12.853 33.727 12.982 34.145 13.116C34.747 13.316 35.374 13.538 36.025 13.78C36.6618 14.0141 37.2613 14.3391 37.805 14.745C38.34 15.146 38.783 15.644 39.134 16.237C39.484 16.83 39.66 17.57 39.66 18.456C39.66 19.475 39.472 20.356 39.096 21.1C38.7381 21.8221 38.2195 22.4526 37.58 22.943C36.9273 23.4364 36.1874 23.8022 35.399 24.021C34.5755 24.2553 33.7232 24.3731 32.867 24.371C31.597 24.371 30.368

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
Category:	downloaded
Size (bytes):	6687
Entropy (8bit):	7.697682604744796
Encrypted:	false
SSDEEP:
MD5:	55342729BD838D323E62CD653754B56E
SHA1:	BF0D5EDF44A931711804B5208A08CB17B7CB4B4A
SHA-256:	080B933225D445901CA6B5BD03F7B660339AABC98DA5547F21186D95E6022B9A
SHA-512:	E57274AFE1565D2DAC2B7B8C9E770D8C0980A4C73AD6C500E807D5AD5412B7E69B47B2633C265BB6318BC52B8A0CC4CE27AE15ED4EA25846DEA7FF6EB9DE579A
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/assets/audio/chat_sound.mp3
Preview:	......S...!....A..d.(@..[...M3...=3.......C?.......39.N.Y..2...,.=1....... ..L.....N..,..L..L-6...a}.X....Zw..}... ._..."...!.....A..y:.."#"I..@..?o..{&C/... x8]....=.k..&OD..BG.,..D!n+i.'.%...KQ.I.!......Qa..eSk..!..e...x...Z..._...5Nk#.c.&.....6..J.(.....RI...."..........O...r.....s..G....b.....Y. .F.Jcn...K.h..i8.......R.1..E...`..e/)@hu..R...6.(...#p..#.G........<3\|.z.W\...(v..#....M..._J.... .....5...V.?7@.xO?Q.g.e.:f~p`....~R.../..."....{.....).......3.~yhDs.+.X>?kP....G.._&2..-...:.-.....X.k..8R....{.."?.....9......8.Q7.-~..=.O..`....h...0%..%X....t..."^Y..Y.......?.....(`.F..... .,...b.k......q.[......K.9.T..-.G.lk......+q.\MNl.X.\:3B<&.`......E..-.0..L..6.u..3-.Y\......~......5:*.......bxB..............+..h...wA.f^.Z.... C.`...&9.t..........C.p..D............"x.pt. .. ..t..NS.........S....@!W.`.$.._..q.`a...0.zt...AC....`m....e.. .x\|......!..u...!a..C..&..~........J..".h...I.A..._...X@$.[.).U.D..77....%..M...+.E.......&%....[.

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	78051
Entropy (8bit):	5.014544693118479
Encrypted:	false
SSDEEP:
MD5:	D778223A957B2D3CDC540FF6547C0BFD
SHA1:	6FEA621F551D26661F3A87C5D56D66B15AFD0ACA
SHA-256:	799596C2833003B4BD92B1454BA52DE29FB4FD07EDB07648D64E567B0D293F85
SHA-512:	82DAF6E33415B9E139092D49CF21E1C4DE036E503B5702675F7B9136F3EAC8D11BA03283BE0E728AC032D0ADD460390941DE0539BBC5EFAA4AEBEBBAAA5580B9
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Preview:	:root{--tawk-header-background-color:#03a84e;--tawk-header-text-color:#fff}html{font-family:Lato,sans-serif;font-size:1rem;font-weight:400;line-height:1.618;letter-spacing:normal;background:0 0;color:#242424;scroll-behavior:smooth}body{margin:0}a:active,a:hover{outline:none}a:focus{outline:1px solid #1f6885}.tawk-link,a{color:#03a84e;text-decoration:none;cursor:pointer}.tawk-link:hover,a:hover{color:#03a84e;text-decoration:underline}abbr[title]{border-bottom:none;text-decoration:underline}b,strong{font-weight:bolder}:not(pre)>code,:not(pre)>kbd,:not(pre)>samp{font-family:Lato,sans-serif;font-size:.812rem;color:#bf1212;white-space:nowrap}em{color:#bf1212}ins{background:#ffd;color:#545454}mark{background:rgba(109,55,218,.1);color:#03a84e}q{font-style:italic}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sup{top:-.5em}sub{bottom:.25em}audio,canvas,iframe,img,svg,video{vertical-align:middle}audio,canvas,img,video{max-width:100%;height:auto

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11148), with no line terminators
Category:	downloaded
Size (bytes):	11148
Entropy (8bit):	5.309669906697539
Encrypted:	false
SSDEEP:
MD5:	5E67F0F8C4D17726B853E1E19578021E
SHA1:	4B0E2FA40DE4E38D90A8CF30CFD0F35B2C1C1CB7
SHA-256:	1C88641B9F42816D463A74A4AF860951637774FC17AE6280B3189C212AA949C4
SHA-512:	A63A3118DF919AD562FAE02156BB2E5477C68BC7DBC19246DF428004924D50F9C04E6F417106C47FE3035A5F4498974A19CFDBDD9EA5303ACE8A8BB4F7D2737A
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-f1565420.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-f1565420"],{"0bdc":function(t,e,i){"use strict";i.r(e);var o=i("9287").a,s=i("2877"),n=Object(s.a)(o,(function(){var t=this,e=t._self._c;return e("i-frame",{key:t.key,attrs:{cssLink:t.cssLink,styleObject:t.styleObject,width:t.width,height:t.height}},[e("div",{ref:"tawk-bubble-container",staticClass:"tawk-bubble-container",attrs:{id:"tawk-bubble-container",role:"button",tabindex:"0"},on:{click:t.toggleWidget,keyup:function(e){return!e.type.indexOf("key")&&t._k(e.keyCode,"enter",13,e.key,"Enter")?null:t.toggleWidget.apply(null,arguments)}}},["text"===t.bubble.type?e("div",[e("canvas",{ref:"tawk-canvas-bubble",attrs:{id:"tawk-canvas-bubble",width:"146px",height:"85px"}}),e("div",{staticClass:"tawk-bubble-text-container tawk-flex tawk-flex-center tawk-flex-middle",style:{top:t.isBottom\|\|t.isCenter?"5px":"auto",bottom:t.isBottom\|\|t.isCenter?"auto":"5px",left:"auto",right:"9px"},attrs:{id:"tawk-bubble-text-container"}},[e("p",{staticClass

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 32 x 32
Category:	dropped
Size (bytes):	4178
Entropy (8bit):	7.490050296203736
Encrypted:	false
SSDEEP:
MD5:	C5CD7F5300576AB4C88202B42F6DED62
SHA1:	7A1AA43614396382BB15E5FDE574D9CDCD21698F
SHA-256:	E7B44C86B050FCA766A96DDAC2D0932AF0126DA6F2305280342D909168DCCE6B
SHA-512:	F0D7ADA22A3EB3B2758198A71472FB240C74CE4CA09028076E23690C70B2339C6B2A40F9158DD71C52D953EF27BBCC0105B061BDC74FBB0AD0B304C7C6A04A38
Malicious:	false
Reputation:	low
Preview:	GIF89a . .........................~~~................................>>>VVV```\|\|\|......JJJlll...............,,,^^^...LLL.................................................................................!..Created with ajaxload.info.!.......!..NETSCAPE2.0.....,.... . ....@.pH$.8.Gq.$N..A.3(..L....V....K\|P(...:.(..r.B.._@X!/...BxBnb}E.g....o.r..E.g..^..oWD.c.....JC.g......oqm.o..........E.....{p~....r...D....}.M....d......K......r.........o....\|........].q...` 9C.f).$'.=..}.C.^.u..-.H..!.............O.K"1......5.&{j.T. .BBo..e...6..<...@.B?..1..)..G.b.K... .!.......,.... . ....@.pH$&4.Bq.$..D..b(.......V....[4.._..:.t:"r.qh@..a..)..g.Bk_.o..E.g~.....#r.JD.g.xl.oWF.C....~mg......o.D.....B.....w...K.!.......C........wE... ..d....X.............r................s'...xM.&T$$..\|M...C.... .A...Bl..d....K.d.V..?oFl-X. .L[.J*....6..!."...5\@....p..oI..m...N!Q.Xm..@..%2u:uH2.\.R.#.a..!.......,.... . ....@.pH$...Bq.$&.D...(..L....V....[$.....:4P(.r.s..._...I..g.BxB.o..E g.w^

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (52543)
Category:	downloaded
Size (bytes):	76632
Entropy (8bit):	5.278986445712303
Encrypted:	false
SSDEEP:
MD5:	9683C317B858D4EC9FD712CB142698CF
SHA1:	77673382CB7FC3446FD59FFD8463265BD1C53EF4
SHA-256:	892932278D65BB0621657E099C3528A7DDB08B1D32F12046016E6D0A79C27D9E
SHA-512:	CA78A3E2EB8C9B60EDCDF98488561AD4A4A8F2390B679253241723FF5BDF789B879ED1122CC00B226526B480DA7F932A1FD3F5879311F4E45E32A7537484E46B
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/sweetalert2@11
Preview:	/!. sweetalert2 v11.10.2.* Released under the MIT License..*/.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t\|\|self).Sweetalert2=e()}(this,(function(){"use strict";function t(t){var e=function(t,e){if("object"!=typeof t\|\|!t)return t;var n=t[Symbol.toPrimitive];if(void 0!==n){var o=n.call(t,e\|\|"default");if("object"!=typeof o)return o;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:String(e)}function e(t){return e="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},e(t)}function n(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function o(e,n){for(var o=0;o<n.length;o++){var

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 157064, version 329.-17761
Category:	downloaded
Size (bytes):	157064
Entropy (8bit):	7.998626445161236
Encrypted:	true
SSDEEP:
MD5:	20BBCCF14518922FA95A440F4C217D9E
SHA1:	3B6DF1951440663F01DAD7A45C034CE6EF506895
SHA-256:	558C1708821688922A35F8105BC9B840A73AE02165D0016746C71741AB48128D
SHA-512:	80019D309470975A4D0CE6357A60B3CC703F77D411CBA7E127D8D32EECA65A34F206F71D0A16F3C463122091480D6703FD07659E4CC333B30803267362C9732D
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/fonts/fa-light-300.woff2
Preview:	wOF2......e...........e,.I......................?FFTM....`........p....6.$..^..d.. ......J[k.t.hw{T...P........[l..w....U......P;..}Y........d!.y..wI.$)......f(....M...B..}`.......B..h.S...J.9..y3..KYZ.....R@0=...5.z.g..7.x.5W.7S..9D....Zk.{c_J).(.{w..i.8YC...$........]....7.i7.us.H.%...n.....I...A..@J....=e.$...]%......@.F..i....t9..m=..u...-..L.}...}.....@..\|~..Q......h~qI.;.[V.Q....3......6...#.r....).F..n.p..<..~..}?`U...)@..j.,..\|*Bg..1....[....l.`A.5...Q..5J%T@.."ab``.Q.....[...F.X./..n..._..>lA..7.Y.W.1q.JAwY.6....6.lbc..mw.Z...[..]wu..Y.H....[.?..'.k&.b.!.P}(.2=.VT......{x.m=.-[.....1ql>....p.......e.f..K[.XZ..Za....j...Uw.Y]....p...].P-.>U}J]..`..#..8...~o...j...@....I..$.... \H......X.j{.......)....3.U..~.b$b..~E<TFM...9?J>.dp....I..%......j.4B.4h.f.Y.....]..%>@.3.o`-W.y.`%.f.....).......q....?5.=..)..-.J...P...n...:.....BM4...7......&_...IuT...^.6.~.A.=.".......UzVe..Ad)a.";.N..@'.8....(....z0...t.s....R.!.....M(x.....}.2CV..

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 651 x 135, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	27490
Entropy (8bit):	7.982278404810728
Encrypted:	false
SSDEEP:
MD5:	0AEAE46479A632638186F9C41721170E
SHA1:	4D1AF02337703EE00E6F8D68C6D3276EAC2F3DDA
SHA-256:	38D6F16DD704CAE41CB33AF46A57C27A7D30875F7EB81C90EB1620C52EAB2BC8
SHA-512:	44426DF04C5DB83580BF1E173E8445BD262C11E932E40989D8A0E2DDAAE57E7CEB4A3FE54AC834CD02A4A5445E7B61C88538AE88BFD0382877DA22FDC5CD71E7
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............~..E....gAMA....\|.Q.... cHRM...........R...@..}y.....<.....s<.w.../iCCPICC Profile..H..wTT....wz..0..z..0... ..Q.f......Ml..@D...E......H..b!(.`.H.Pb0...dF.J\|yy.......g.s..{....$O../... .'..z8.W.G....x....0Y.A..@$/7.z........H..e..O...O.T...._..lN:K.."N.....3"..$..F../JP.rb.[.}..Q..d.[..S..l1..x{..#b.G...\N..o.X3I....[ql2.....$..8.x.......t..r.p../8...p...C...f.q....K.njm.{r2.8...?......).L^6..g.,.qm."[.Z[Z....~Q....7%.."....3......R..`.j...[.~.:.. w....!.$E}k...yh.y...Rm..333..........:..}.=#.v.....e...tq.X)I)B>==......<..8..X....9<QD.h..8Q.yl....sy....0.OZ.k.(...5..H....>.....yP..........:.8......p.........Lg....k.k...$.......t.!0.V..8.7....`.........2A....@.....JP..A#h.'@.8.....:....`....`......a!2D..!UH.2.. .d..A>P ..ECq...B.......Z....:.]..B..=h...~....L...2...........5p.......N..........:\|......@...QC.....!.H,.G6 .H9R.. ]H/r..A..w(......Q.(OT...JCm@..QGQ...-.(j...MF+...6h/.t.:.]..G7....w...7......Xa<1...:L1....s.

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1170x300, components 3
Category:	dropped
Size (bytes):	17188
Entropy (8bit):	6.195047974784294
Encrypted:	false
SSDEEP:
MD5:	AC7C808C800361D9CB0660DB99042F3E
SHA1:	9F03C911A0BBA6F3611264CB2FB8D84A1BD75BD7
SHA-256:	39FA43C791D54128E7734DFA18DF2ED764BA94D28C5B3A45F06356068232CA95
SHA-512:	EB8B78813ECEB8FC10173A3FCB6DC24887619D15C8EBED22F7EF1A8C95B302E6C1896D18C623983DB22D2464E5B7A71322F72DB9169B231B5116EF7BB832787C
Malicious:	false
Reputation:	low
Preview:	......JFIF.....H.H.....C....................................................................C.......................................................................,.................................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....S......>1x..J..<y..4.o.MN...>+x'S.L...s.M.x..^..E.A.xC@.......y.]YkZ.e.@........=.c.V....jt...A.2.^.....QMi..l.5..g..M.7.R...)..1../F..m=m...k..5..c.Z..j.n.]..w.j72;......Os3...4...fbIbO...J)l.I/.......ov.m..T .....(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(......(.....

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 63x63, components 3
Category:	downloaded
Size (bytes):	2244
Entropy (8bit):	7.678749705202325
Encrypted:	false
SSDEEP:
MD5:	B27003B6327A4D7AEBC229AAEA3ED315
SHA1:	D982977272780CE4EA63D1F602A6DB098591D7EE
SHA-256:	17034F31E24265BAA3C66C2D167FEDF94F12133EA641CE49C1089A06B921F639
SHA-512:	2C23A4563196DDF384C69ECD0404E85B27159F4BE1D863E5019B222293FEAF6CAEB59F9111A088270F88F4C433EB7921C3FDA675914411962B060239A457B94F
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/img/mix/testimonial-1.jpg
Preview:	......JFIF.............C........................................................ "..".......C.......................................................................?.?..................................................................................X..]\.Y..i.=.u/2.`....{.....g.P/.<f.Z.T......CQ.X!x"gZ.7N.U.1ln#n.V..d\..V.5...s....\.e.).^%.s........2.@.q... .Z....h@J..v.r.x.P..$#.b..5.of,-..`..;....6.,6......k.._...(................................!.%&3A...........h.?.#<BZ..`J...n(4.@.`.~./.v...P."I..q.y.9`:.....H,..h6.s.(.3.n...Db9U.f79.6.(eN.s.....4Gn)..}....U.8M...,..j=4..V2W1T.M,W..)...r.?OgU..3.:"m.$..)...q....;*z..@J..P8.7f...k.....m..H.:...a^..L.j.?h#:U.3...K..lt.......:9.]........P.... .r+.cP._..l...E1b...6...t7p.#..I .Zx.$....m.TR....y.J.C.ec...:..V....-....z...1...z>Be...C.c.....W.]t....W...=x....m.4.A_,K..uu......K...R......G...F....k......N..3..+F....xv..M.....<8.I..~.Y..UF...U...lP..I.5...'.T..OoYU,K...,.m...Y.....z..K...'U..r..xz.....f.W.

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 74800, version 329.-17761
Category:	downloaded
Size (bytes):	74800
Entropy (8bit):	7.997116132093542
Encrypted:	true
SSDEEP:
MD5:	68C177C286C34E1B7B975807DD5D9ED0
SHA1:	2FE2EBA4AC1828A76457A1B7B7AF642A9B880708
SHA-256:	03B742A6EFDB17797C84C2B5DB25F5CDA6A3361FA5E62B98662E321B26F77331
SHA-512:	FB1268C80A0B43F3BB624019A9B3EFF9E8DDF903235388528F5485B2963AF161F3F9E25E46F8D965E7A61E86554965C21205AF57B486230302F6EE2E6347A9E1
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/fonts/fa-brands-400.woff2
Preview:	wOF2......$0.......L..#..I......................?FFTM....`..z.....@..c.6.$.....\.. ......[.qGk0LO@x7.D.`...D...D.v.R...v..p.@)........A.....p.16...L.j(.Q'')Ls.....LD ".D`"Pn.2m8/.J..AD ....L6...X.+...K;..q_......G..X.p#...o.\|..dTXW\|X..a....s...h...Y.4..e...Q.v....d)..Q..zT..z))...Kq.2........q...x......c..&...km,Ef.!..4..}.y.3/....;&...\F....._.d.....).D...o.....s.<....i=RQHR..H..h.T.h.....B......0...1g....}f......f.B.J.>.<.<.`..q..A.2..i./........<'.o...G.S ..........-5[c..Br<h..H.@...k. 4..dtU.QM...=.i.. .@X....~.-..l`X...m...}[........O.b.?.......O.i..).8u.q@=#Q.....`_{-.j....u9.d....t....M.....]^..9.T\|..2@.w....:.$...@........'V.....Q./$.'.z......K.#n...A.....L$...4i......j....)..._-.&......KD..A!ap^.#..a.....\.W.Z.....sC../..ZI.....t.HW.Z ...j..0....0..E.....?..A.Z@.....&v&P..h\|....H.4#w...d.0.vv..e%QyE....$+aC...X.d....s....x...m;.`. ......l...... ..2.............j./M..jfW....:0....`=Q..`9(?;#...2.~...4...w.:08t&%..)..Y.B...v3g..i

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65458)
Category:	downloaded
Size (bytes):	223951
Entropy (8bit):	5.254566952797676
Encrypted:	false
SSDEEP:
MD5:	7CB04588DA7FAC9195CF9FCF0A9CD695
SHA1:	9D6025077DC8CD726E996C4ADF5A57D023C1D44C
SHA-256:	252458CA95D1B4EBB463113DDAF8BE2331453431243C0EF8196EEF04DA4DCF1D
SHA-512:	2E583E3B10A263E52C9EC032620ED3836F28155A326AF825E2157B60A600821FE9D47D23D99419119940A49E4DCAEF31F079EFD2C81A760D8A8733F2342E54E4
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js
Preview:	/! For license information please see twk-chunk-common.js.LICENSE /.(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-common"],{"028e":function(t,e,n){"use strict";(function(t){n.d(e,"a",(function(){return w}));var i=n("5868"),o=n("7f46"),r=n("e8f9"),a=n("f0b0"),s=n("27a6");function c(t){return(c="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function u(){u=function(){return e};var t,e={},n=Object.prototype,i=n.hasOwnProperty,o=Object.defineProperty\|\|function(t,e,n){t[e]=n.value},r="function"==typeof Symbol?Symbol:{},a=r.iterator\|\|"@@iterator",s=r.asyncIterator\|\|"@@asyncIterator",l=r.toStringTag\|\|"@@toStringTag";function d(t,e,n){return Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}),t[e]}try{d({},"")}catch(t){d=function(t,e,n){return t[e]=n}}function f(t,e,n,i){var r=e&&e.prototype instanceof

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Category:	downloaded
Size (bytes):	8000
Entropy (8bit):	7.97130996744173
Encrypted:	false
SSDEEP:
MD5:	72993DDDF88A63E8F226656F7DE88E57
SHA1:	179F97EC0275F09603A8DB94D4380EB584D81CD5
SHA-256:	F4E80D9DFD374D02989B87A27B5ED4CB78FBB177C27F1478E9A8B0AFB7513149
SHA-512:	7C20165F9D22A86341E841FD58526209017DCDE2AFE2D0D2A89FE853D95DC69F658D25CF798C71F452DAB09843FC808C1AE87A60B1284134163ABF5A1D93E50A
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Preview:	wOF2.......@......?@.................................`..T..t...6..6.$..h. ..T.....1E.r.8...KD......2.>L.......0..c.h...y_)s...N..(._C,/.v...7B...Z..gT@....u*.\t.9....{.&.;<...j.2.H-...A.S......E..)..f.Y8vuw^.^_.n{.Z..U.h..Kcm.........E..........'.J.-.-.......=.."...E...../R.8P....>?.]...R..Ag:.Pt..j..s..pG. .!f?.Q.T.".O.....D.r......3>gJN!V.\.!....+.......X.B.v....c9.&iW-[.,.. ...Q.k%I.s.%...d...8q..._~.C.n".v0..6B.eT..?..7.....l....3..7...M...5......k......^.....F.v~\|.....3N=.....[.!......}....F(...fA..c)0X$,FYL..=).(h<4...M5..<3.c....K/.{.p....3+'W...Z.[..;.w.....X....nx..v.(c;._.W......\|.b.....{...9..A6...V\|.N...Z?+\|H/.#.W%.._.8,...>._..w...RP..-.?.k7X..".._S.3,J.........&.8Gs.?yH.Yx......I_....._o.0K......(e.Q.W....=...J.7.\k.n.pd.....s..%...sD......_..&-...(.7..6.U..&<~8...9......uV..\|h.#m\.d./!....s.......b.j. ."...wX...B.`..Bj=......VnM....p..k.%..U.F..-VN).Y........_..W.p...B..\|.j..f..7....).~....n......c.3....t.......s..>...

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 840x473, components 3
Category:	dropped
Size (bytes):	341863
Entropy (8bit):	7.951905378598013
Encrypted:	false
SSDEEP:
MD5:	7483C699BA9D6A559E6CE052FF9EE2E2
SHA1:	BE3903BFDE0E4A76C1A61F68AE0DD866B069469B
SHA-256:	8988073F37982950C8E74AF9C54F9BF123EEFD0B7F24B9601E33B16DE3241874
SHA-512:	BD98DA7FF3AF4A00BA4FA461EE58DFC0715627EC6B8E55BD4DD4059F2A064C40087BD1ECEB63E0B28E34339D25953358E7CD1693116C1A22FE93715B2A6A9B06
Malicious:	false
Reputation:	low
Preview:	......JFIF.....H.H.....,Photoshop 3.0.8BIM.........H.......H........t.http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 7.2-c000 79.1b65a79, 2022/06/13-17:46:14 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:exif="http://ns.adobe.com/exif/1.0/". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:xmpGImg="http://ns.adobe.com/xap/1.0/g/img/". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/". xmlns:stMfs="http://ns.adobe.com/xap/1.0/sType/ManifestItem#". xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#". xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#">. <tiff:XResolution>300/1</tiff:XResolution>. <tiff:Y

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 840x473, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	20744
Entropy (8bit):	7.990766142377202
Encrypted:	true
SSDEEP:
MD5:	18C8FD6FC06FAEFE53808EF8B72A2FF6
SHA1:	89F4649F8FE237BDBB068ADBA2B6006B68B816D5
SHA-256:	2119569A23E2361CE0315F06B8A39328846BDD033BB96CDBAAF498BF93D42066
SHA-512:	3BA416D7567792F287AB87B72D5EBA4893FF5BC77207D0157CF57F5710890502B8401A069BBD83F4A66BB896B99B7CA89A40451E29547F761EF1BFC591BEB157
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/images/tm-article-3.jpg
Preview:	RIFF.Q..WEBPVP8 .P.......H...>.F.K.......a0..en.....6.D.2....c._=.....@.m.OE?.......P.A...o.?.vSm...r3.Z]S...'..........).m..J.....}.:...^'.=...p.....X...O.3,.v1.}.-5.(...c.&......."y.....59..R...(.......b...l...Ck.]...h;.T.VB...#..@.`....<...mf.1.....R.MT:.`X..a[]6......Do......m....e.E...s?.Ka(......oL}[..m.I.\.&........."kU...U..%.5.L..`.G4..<5...Z..d!...}..hYZ...'j.....;7.e.v".K..mm....iP.n.d.)4.V.O..c~....'..-..f..M.f.7V..0u...G..r...m.Q...@..Z.T.jV...<W..J+...m....wHf...;.L'b...z..B.f.6.e:...+.X..y.."SR./9.....~.~\|...".{.....}../..e...M...U..K6...S..B'&.>J.c...S.O...n[ L.G...]\^..<..y#W.>t......L.........E.....J ...C...... .!.zP.....5X.Z...{..Jd'...s(...9>..!).......wo..\U...R@!j.j....0....I)..^...-.M;....(..q..3..T....-..+6..rO..Q\|.........o..)...._.h.X2..>......(cs..G.>.M...4.5. r......F.y........e.,oZ..]...,............B#."C.E...Y.-.G.(..z.3..P_....)=x.Y]...%H....3@\rk{.._.W[....d,..O..g.e.&v.\....i.....,.e.ZF(....fC#...

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	5457
Entropy (8bit):	4.50060088727676
Encrypted:	false
SSDEEP:
MD5:	698F16EA8000954F23DF2CF2572B6349
SHA1:	FB821A41430C6CB0E9CA6C4DCFF32F1B98DCCFD8
SHA-256:	F95CC2911BFF5A94BF4EED95499541B28EB9AF83D2DA096AA700461FB434BFB5
SHA-512:	3D5360FB318FB4688D7B506EC58701819D92D73DA1B952619ABB9F735550DC08BC51763464337854F842A5C977C2E0AEC6308C1D77172C187E43DD3117CF248D
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/9-r-br.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 190.1 101.4"><defs><path id="a" d="M190.1 0H0v81.1h106v20.3h38.3V81.1h45.8z"/></defs><clipPath id="b"><use xlink:href="#a" overflow="visible"/></clipPath><g clip-path="url(#b)"><g opacity=".3" fill="#000100"><path d="M12.4 6.1l162.3 20.4c6.4 1.6 11 8.2 10.3 14.8l-3.3 21.3c-.7 6.5-6.7 12.4-13.3 13.1L147 77.9l-29.8 20-12.8-15.7-91.7 9.2C6.1 92 .8 87.2.8 80.6V15.2C.8 8.6 6 4.5 12.4 6.1z" opacity=".091"/><path d="M12.6 5.9L175 26.2c6.4 1.6 11 8.2 10.3 14.8L182 62.3c-.8 6.5-6.8 12.5-13.3 13.1l-21.4 2.2-29.8 20-12.8-15.7L13 91.1c-6.6.7-12-4.2-12-10.8V15C1 8.4 6.2 4.3 12.6 5.9z" opacity=".182"/><path d="M12.9 5.6L175.2 26c6.4 1.6 11 8.2 10.3 14.8l-3.3 21.3c-.8 6.5-6.8 12.5-13.3 13.1l-21.4 2.2-29.8 20-12.8-15.7-91.7 9.2c-6.6.6-12-4.2-12-10.8V14.7C1.2 8.1 6.5 4 12.9 5.6z" opacity=".273"/><path d="M13.1 5.4l162.3 20.4c6.4 1.6 11 8.2 10.3 14.8l-3.3 21.3c-.8 6.5-6.8 12.5-13.3 13.1l-21.4 2.2-29.8 20-12.7

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (48664)
Category:	downloaded
Size (bytes):	48944
Entropy (8bit):	5.272507874206726
Encrypted:	false
SSDEEP:
MD5:	14D449EB8876FA55E1EF3C2CC52B0C17
SHA1:	A9545831803B1359CFEED47E3B4D6BAE68E40E99
SHA-256:	E7ED36CEEE5450B4243BBC35188AFABDFB4280C7C57597001DE0ED167299B01B
SHA-512:	00D9069B9BD29AD0DAA0503F341D67549CCE28E888E1AFFD1A2A45B64A4C1BC460D81CFC4751857F991F2F4FB3D2572FD97FCA651BA0C2B0255530209B182F22
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/bootstrap.min.js
Preview:	/!. Bootstrap v4.0.0 (https://getbootstrap.com). * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable\|\|!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function r(){return(r=Object.assign\|\|function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProp

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	311
Entropy (8bit):	4.9684805226393225
Encrypted:	false
SSDEEP:
MD5:	6FC0194698A6A3C7A492FA33018C544E
SHA1:	AB2C4166357CE762CEE5B84008E19D4960CD95D0
SHA-256:	9CAF2F07EBAB1B895D61B5363E99211D81E75B0D9E75A8820A5505A953B3F47B
SHA-512:	29467FA2858472BFA0125FBFB97805483B0D12107F6F92D827469C689400FB5274EBFED33BF4CE9BB7472BED791220B95EE6C1CB893C26E093537C9E4E461851
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/images/qoute.svg
Preview:	<svg width="42" height="30" viewBox="0 0 42 30" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M3.50016 29.5833H12.2502L18.0835 17.9167V0.416656H0.583496V17.9167H9.3335L3.50016 29.5833ZM26.8335 29.5833H35.5835L41.4168 17.9167V0.416656H23.9168V17.9167H32.6668L26.8335 29.5833Z" fill="#C7BFFF"/>.</svg>.

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 51x51, components 3
Category:	dropped
Size (bytes):	1620
Entropy (8bit):	7.524793195957223
Encrypted:	false
SSDEEP:
MD5:	1B00A292ECE1A70F3CB284EBC837F1C7
SHA1:	CE076753B08D33EE23ECAA29F6DD6598877A686F
SHA-256:	A29570639FDE16CCDF32C0D7B33B4EA5ED000422B85476B4E0173AE8D23FCA01
SHA-512:	E5B63F2FE35122521343CB965E1EDBB5915F30AA823A18B7A4E8F9C94A7671BF725E003558B1DD8BFB0112A08C648A38E31ABD477E6D6DC91A98E3341A48F588
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......3.3................................................................................c..!....e9....Y.q.9Y.g.9..].j.y..yj}%....'.~1KV'.z.2..o..9..n.&..t.&...t.-.a..l..If....b.h..r.J&.j.(...p.q..,...1........................!....."A1Q..#$2Rbqs............?.>!.Th.".'.\|2Gy.:.J..;@.. .u..6N.<...;3..O>..P..vr..:....2Z).In+.?....E.@..c...C\..Y6..f2.P..Q):.z.....-.C."<w.h......W.0.....B...{.......i#.@.#..L..Y.2.0..kR.O$..tNV......#._.)@(..9...F..1"...8...PH....`..iL..w.......g<.[]8....:....S$....J..G...2...K.$..A.....p..P1.P..b6$!..J.pl...<.H.R...v,.V.....\$......~.....lU.!.....nh % .._.[..V.a^.d....9G...kP..P..R.w.v.G.(+z....=.]LW..gt[.<o I...b.......u.....p.w1........ 7......#.S..t......B..5....1..cA.f<.y...PJJ...O...]Q6.\.%C.(...(....y.....2.;...^7.d..(:..YT.......R.:.d..B....(:T......;..2._s

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (699), with no line terminators
Category:	downloaded
Size (bytes):	699
Entropy (8bit):	5.197373887532874
Encrypted:	false
SSDEEP:
MD5:	838903127A65EC440893B4945C40CA4A
SHA1:	827F3E5341F56FA4473D53B788AF41EC6BF21B8B
SHA-256:	89F08C4A66C9A737C6155B8313E87B36687FE65BFC9A1BA1783AEACE487BCDE3
SHA-512:	3A7E2229E8048EF3B598C98462C2AC78EAE8C81C9E0082B3BDA687F06E0D649A13DD46F13854EF3D872553DCD33156CFD24F1E8428A2145F1FA7B7BD7CD7577C
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b383d.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-2d0b383d"],{2966:function(t,n,s){"use strict";var e={name:"survey-options",components:{TawkButton:s("f0b0").TawkButton},props:{options:{type:Array,required:!0}},methods:{handleOnClick:function(t){this.$emit("selectSurvey",t)}}},i=s("2877"),o=Object(i.a)(e,(function(){var t=this,n=t._self._c;return n("div",{staticClass:"tawk-survey"},t._l(t.options,(function(s,e){return n("div",{key:e,staticClass:"tawk-survey-option"},[n("tawk-button",{staticClass:"tawk-text-left",attrs:{size:"small",isOutline:!0},domProps:{innerHTML:t._s(s.text)},on:{click:function(n){return t.handleOnClick(s.text)}}})],1)})),0)}),[],!1,null,null,null);n.a=o.exports}}]);

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18247), with no line terminators
Category:	downloaded
Size (bytes):	18247
Entropy (8bit):	5.455628218484011
Encrypted:	false
SSDEEP:
MD5:	398211E86BA1F74C4421BDE7A06FC780
SHA1:	AD7F16A01269C2981F9F6CE09918345C1B1D59B7
SHA-256:	EA2C7FE5B9F379BD51BC7A9D6016DDC2F445164A3DD5738A319FBCC23402FA1D
SHA-512:	CCECE3B1F84DDA4D3D84D4E46BDA9AE746AB676C62BD3D785569CB64C773750EB04FD3443F931809DE773F902CB80C71432F6FDF694DB65B316E0CA01E683E07
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-9294da6c.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-9294da6c"],{"1e0f":function(t,i,e){"use strict";(function(t){var o=e("2f62"),n=e("f0b0"),a=e("5a60"),s=e("ff3f"),r=e("87dd");function c(t){return(c="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function h(t,i){var e=Object.keys(t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(t);i&&(o=o.filter((function(i){return Object.getOwnPropertyDescriptor(t,i).enumerable}))),e.push.apply(e,o)}return e}function l(t){for(var i=1;i<arguments.length;i++){var e=null!=arguments[i]?arguments[i]:{};i%2?h(Object(e),!0).forEach((function(i){m(t,i,e[i])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(e)):h(Object(e)).forEach((function(i){Object.defineProperty(t,i,Object.getOwnPropertyDescriptor(e,i))}))}return t}function m(t,i,e)

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 835 x 132, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	100544
Entropy (8bit):	7.9928871966139186
Encrypted:	true
SSDEEP:
MD5:	A0F5C5845D3537587719A77609BD2B1D
SHA1:	633C4D5EF35BE3A755BCEF6211DBEDF5C1406688
SHA-256:	BDE9C3F1E07FF9F9F088663D4E712670DB5BB79F17CCE05CADA7B6721EF51B73
SHA-512:	7D14577ACBFF4FA18D872CADCFDC6872E2CCAAB47EBA9ECB5F2A0824FF23BACF3C977DDE3E3E1F0C599B5BBD941A989B5F03D0FBB2829703670F178917A9F9FF
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...C.........R..~.. .IDATx..{.e.U..[..9....~...VKj.Z.%[...lI6.lcc...c'6.......$8CB..a...$..@b......0.`....m!.d.dY..-u..y.g.Z.G.ZU..>.[.-.M.>..w.U.V.^k.jU.&f..t1]L...t1]L...t1]L....R.B3p1]L...t1]L...t1..J..._.c..c....;.....L..5..\|n...)5f.(..u.:..7.O>.....D..:;......muy@..y{.eSl+.?..^-.\..$.e!.T.).H.TIs...J.G^]>.....}...........Y..+7..=..K.1....CGq.......%.n.p.....3..E.Q.....0..q.@.S.q.{n.vd..<..._.5.'.....t1....3...u...u..O=.....b......O3..O..=v.......If.4...../_..<.L5;.....K?sz.ud..y.TUm.....,..1..Z..=...m.......kZ...Fmw....VG.fF.y..Q....h..sf.....&f.5.e.l.<.'...m.<.a=O]}.4N.].J..YP..V..0..h.Z....5...h.w..m}[...<...._...O..6..3.Ct.G.....6X..Q.pg...x.....\|...-N...M.S:]pf....y_^=.B.d..?.V..`.F.~.Y......._u.g..}...\|;W.[.....3.g.`..F..........f.a..Q=..n.a.T..k.U.!.]AS..X'.k......M.Z3....13..3..R..y..X..\|...@S..<.2F.<......u...<....h......4\|0.7h..y...E>..la`1..........j../5Ms73?w..s..p.u.m...../{..u._.....l..-....h.=.0F...y.I.w..

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	2844
Entropy (8bit):	4.893363167580695
Encrypted:	false
SSDEEP:
MD5:	CCBAB002D5E1F922F1D2C9560EBE1112
SHA1:	0695B87E6AF50FB90DB962CC94489C725E74FF35
SHA-256:	398002705FAA8100B7A1D0372EB9A3F91806FE7522FA8AFC2ACEB92698C78314
SHA-512:	C57BAD60127F9CA5A49C4A84906FB4D8ACC7BA9EFE9126413FA450665BD0BBB7B5C8AF605E0B080F3AD6AB2ABE8E213B79A66292300148C3823E523FC18E2CE6
Malicious:	false
Reputation:	low
Preview:	{"ok":true,"data":{"settingsVersion":"2-12-0","propertyName":"Paradigm Trademark","branding":{"whitelabeled":false,"text":":tawky: Add free live chat to your site","url":"https://www.tawk.to/?utm_source=tawk-messenger&utm_medium=link&utm_campaign=referral&utm_term=63e8d5e3c2f1ac1e2032d1fd"},"widget":{"type":"inline","version":6,"language":"en","minimized":{"desktop":{"type":"round"},"mobile":{"type":"round"}},"maximized":{"desktop":{"height":520,"width":350}},"bubble":{"type":"image","config":{"image":{"type":"gallery","content":"9"},"height":64,"width":120,"zIndex":1,"rotate":0,"offsetX":0,"offsetY":80}},"theme":{"header":{"text":"#ffffff","background":"#0066ff"},"agent":{"messageText":"#ffffff","messageBackground":"#0066ff"},"visitor":{"messageText":"#ffffff","messageBackground":"#02d1ff"}},"notification":{"all":{"estimatedWaitTime":false,"sound":true,"agentTyping":true,"visitorTyping":true,"tab":true},"desktop":{"preview":true},"mobile":{"preview":true}},"behavior":{"click":"max"}

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, description=Working together on project. Two young business colleagues working on computer, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CC (Macintosh) (Adobe Photoshop CC, datetime=2018:03:20 16:46:56], baseline, precision 8, 3862x2578, components 3
Category:	dropped
Size (bytes):	5677278
Entropy (8bit):	7.968677157315424
Encrypted:	false
SSDEEP:
MD5:	C9EC4835085EE6591C4AABE67056237B
SHA1:	0A827161E3A816990ADAEE2335C729B7920B1C02
SHA-256:	980C6AA9A9FDDBD2AA3FA1E57229DB7E46D7E5C5A9FC0E492EF0CA251DD5B570
SHA-512:	A77AC20A76A058B1AFA53A1C791E5CFEB2B0E212BFD6BF99EAA3C47B2D7D37AC8FFF00BECB57A84CA658877C0E35DE964B2DE236E662ACF18AEF0576562B149E
Malicious:	false
Reputation:	low
Preview:	......JFIF.....,.,......Exif..II*...........O...~.......................n...........v...(...........1...3.......2...........i...........x.....-..'....-..'..Working together on project. Two young business colleagues working on computer..Adobe Photoshop CC (Macintosh) (Adobe Photoshop CC..2018:03:20 16:46:56...........0230........d...........0100........................................2018:03:18 20:24:51.......................................(...............................:.......H.......H.............Adobe_CM......Adobe.d.................................................................................................................................................k...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv.......

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2306), with no line terminators
Category:	downloaded
Size (bytes):	2306
Entropy (8bit):	5.200373795820515
Encrypted:	false
SSDEEP:
MD5:	8A62145A771F178A2F2776BD2B72D0D5
SHA1:	B858D068C13E081E4AABEDF5E27775B5FF0E526C
SHA-256:	221F1816EBB7A87EF915CD7A2E091CB0A14082B7AC494039D4E28D29CE384E83
SHA-512:	CB07682F6249E86CC6E1D7D075766C56A4E2C94DDC68BD4C88248819CDBD85E96517F097B32F4A34122E0AE14E26C6F40453EF5F29CDFC5FBF0CEB0BB603BBCD
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Preview:	!function(e){function t(t){for(var n,a,i=t[0],l=t[1],c=t[2],p=0,s=[];p<i.length;p++)a=i[p],Object.prototype.hasOwnProperty.call(o,a)&&o[a]&&s.push(o[a][0]),o[a]=0;for(n in l)Object.prototype.hasOwnProperty.call(l,n)&&(e[n]=l[n]);for(f&&f(t);s.length;)s.shift()();return u.push.apply(u,c\|\|[]),r()}function r(){for(var e,t=0;t<u.length;t++){for(var r=u[t],n=!0,i=1;i<r.length;i++){var l=r[i];0!==o[l]&&(n=!1)}n&&(u.splice(t--,1),e=a(a.s=r[0]))}return e}var n={},o={runtime:0},u=[];function a(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,a),r.l=!0,r.exports}a.e=function(e){var t=[],r=o[e];if(0!==r)if(r)t.push(r[2]);else{var n=new Promise((function(t,n){r=o[e]=[t,n]}));t.push(r[2]=n);var u,i=document.createElement("script");i.charset="utf-8",i.timeout=120,a.nc&&i.setAttribute("nonce",a.nc),i.src=function(e){return a.p+"js/twk-"+({}[e]\|\|e)+".js"}(e);var l=new Error;u=function(t){i.onerror=i.onload=null,clearTimeout(c);var r=o[e];if(0!==r){

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 840x473, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	21228
Entropy (8bit):	7.990748005788249
Encrypted:	true
SSDEEP:
MD5:	391F3006F5CB40706D14E1829599BCF5
SHA1:	6A6B92B1352191498EBB6B74CAAE8B76D00B983C
SHA-256:	2AADEA225104964700F86181E9C345A68117AC8AEAAC51279E2E4A8E89AF73D1
SHA-512:	9D9ED24ADFDE63137E636195DBA921EAC57AD84D842C4F0021E2135C9561921F4E253108A6C8FC452BF726F9D6FD8A75DBEC1C8F97C8292D8D3C0848F07DF096
Malicious:	false
Reputation:	low
Preview:	RIFF.R..WEBPVP8 .R...=...H...>m2.H.".&".[8...g8.-q....c......y.r....p.J.s.+.....YWE....j....z.............F._......?..........?.MX.7....7.....c.k\|.k.<7m7&!0.mU.R.v%mU...LJ.Q.T).%..=X.q./...bTs....F7{!C.%.?.P.q"M..I.R..........8Z.N.F....T"...J.(3:..x.4.Sl.l...../....;..{....(q#.[a...-T...T..8enY.B.A.."6.=. ]....H..8..X.>..O.[....).97.i3-....h..../g.Q.....K#.L..K....hC..2.NeC.G.@.....o....M.}{r.... rILeJ..n..V..4.v......#.V.?.Wl.\1.)..\|..0!>....l{..`..: vg...CZ...I...~.....cRwE.a.......+.D:.....X(\|!.g.n.l.z._8.s=...RNN..#.n.$....;......A.Z.ZU....C..>......B..z...."...{.t/J..p[<..7Z......X...J.>.?..I..B\....MQM.w.C...^........R..#..r9....Y....V.............v...D(..WH.~6h...@...w...g.........../.SX..d=.AG..T6(".w.E.?.[=.~..H......S~....m.s."s..Z._ ..^..T....9.\|(.fx,..T.y.U.. .}v&..P.zuZ.>.R.^.n.;.......#........./.0&..L...d..`...JR.e.....d..ta.....}....[3...@.,....n..R...g.....N.AdS..~\|o....{z.PY.GLQ5($.l...../.$..4...-..Y.Agl(.d....

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (19015)
Category:	downloaded
Size (bytes):	19188
Entropy (8bit):	5.212814407014048
Encrypted:	false
SSDEEP:
MD5:	70D3FDA195602FE8B75E0097EED74DDE
SHA1:	C3B977AA4B8DFB69D651E07015031D385DED964B
SHA-256:	A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66
SHA-512:	51AFFB5A8CFD2F93B473007F6987B19A0A1A0FB970DDD59EF45BD77A355D82ABBBD60468837A09823496411E797F05B1F962AE93C725ED4C00D514BA40269D14
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/popper.js@1.12.9/dist/umd/popper.min.js
Preview:	/. Copyright (C) Federico Zivolo 2017. Distributed under the MIT License (license terms are at http://opensource.org/licenses/MIT).. /(function(e,t){'object'==typeof exports&&'undefined'!=typeof module?module.exports=t():'function'==typeof define&&define.amd?define(t):e.Popper=t()})(this,function(){'use strict';function e(e){return e&&'[object Function]'==={}.toString.call(e)}function t(e,t){if(1!==e.nodeType)return[];var o=getComputedStyle(e,null);return t?o[t]:o}function o(e){return'HTML'===e.nodeName?e:e.parentNode\|\|e.host}function n(e){if(!e)return document.body;switch(e.nodeName){case'HTML':case'BODY':return e.ownerDocument.body;case'#document':return e.body;}var i=t(e),r=i.overflow,p=i.overflowX,s=i.overflowY;return /(auto\|scroll)/.test(r+s+p)?e:n(o(e))}function r(e){var o=e&&e.offsetParent,i=o&&o.nodeName;return i&&'BODY'!==i&&'HTML'!==i?-1!==['TD','TABLE'].indexOf(o.nodeName)&&'static'===t(o,'position')?r(o):o:e?e.ownerDocument.documentElement:document.documentElement}functio

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 145076, version 329.-17761
Category:	downloaded
Size (bytes):	145076
Entropy (8bit):	7.998235278817981
Encrypted:	true
SSDEEP:
MD5:	8CFE82E8C97DF9AB3F52AC86AF21230D
SHA1:	E9A504AF091DDDAFF4A8B3F33623C179D3CCFA00
SHA-256:	BE7A090DE1FE98F279B7E89C8731422C9B45BDDBA7A232E3753375A3D14C0876
SHA-512:	AA328EA9F45817F1F98905613C8DEF2FCC0EC70AA19029853C990574DDD4F397DD7320BF53D46414D43C859449B306CB48682D840F885136A2365A65940CCBFA
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/fonts/fa-regular-400.woff2
Preview:	wOF2......6...........6Y.I......................?FFTM....`........P..c.6.$..^..d.. ..@...J[.w..p...j'...mgR.d...SLr.......S.r;...............f..I.h.)...... ...CF...Qj..i;....a#.c..7.#..c..)..2...d.8\J.@ H.......i...l...d{5'...$.2.=...ox.p..c...dD...u ....;\.>N.......8.].[..R......~......b.~.ms.........\TFV2...i.g.:+..]..q-y]k.t.....Vk...S.~nX.... ...o.GL......3..:..^.......hJ.K......F.[..X4.l.t..Q.._.Z..9.g..&T.B......#c$...u...%y.d...@... "JH..l.IX!.(.\.'..np....W....t.X.V.U.]..._.`n.`..5..`T,.....Q"...DeX....Fa.Q................1..^V...../b.n.-.......3?......&TQ-1+..lkPR.?....Qv..)...jQx._....t.]wp.\|..2....8....~.u...Wq..~].7.}.g"....Co.L..P.._c...P.07....6!'..........k.5.....5.`...q...p.4.p...jO..L%[./aR.\|... w....$..p.Y.q..........Bl.B..lac....f.C..9)..S..\|.9......*.Nh.........JM..8.l......7f.3wl...ck....d.3.@.XX......?.[...I~.?........u.C........;.7.8.&.3.j.h.o..n.2.....\|D.......4i.mw.....i....8.........L.9ZJ.I=...I".{...........\|...

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=[0], xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2015:10:28 01:35:04], baseline, precision 8, 2560x1600, components 3
Category:	dropped
Size (bytes):	170210
Entropy (8bit):	6.288285408722438
Encrypted:	false
SSDEEP:
MD5:	8774421FFA21A0DA37ED8D6E29B49BC7
SHA1:	FD69622DBAC0C1D3D29EADEF5F09E1536DFCE83A
SHA-256:	F089EACD2307F109A8486EDA442BD737414EAB1E894BACB49C05B25827FBE3AE
SHA-512:	7FAF653F0329B31DC55FCAC7CDB468BFF84C12D3A003617FE562389AF82EA2B4353E7231BBB45FC166C85C93870ECA24260308CAEFC45DF2B8E6B1A2ED034541
Malicious:	false
Reputation:	low
Preview:	......JFIF.....H.H......Photoshop 3.0.8BIM.%......................8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....P.r.o.o.f. .S.e.t.u.p......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@R..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool.....cropRectBottomlong........cropRectLeftlong........cropRectRightlong........cropRectToplong.....8BIM.........H.......H......8BIM.&................?...8BIM............8BIM............8BIM..................8BIM'.........

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2123
Entropy (8bit):	5.417767830818491
Encrypted:	false
SSDEEP:
MD5:	A9A721C291CAD84C6B72D2EC80481CF4
SHA1:	74C11E86A0A49AE0D14205E68CE067DE19BF2C18
SHA-256:	BEEA92ED323564D985CE03CAB425D7F9D8410FF4B6E9D155E190B376E0CA3AF1
SHA-512:	2E3DE79B886F3878868B1BB37204BDDA2220A5AC2874D8A938D7E7A7B37F9EC8D636A02B2D202F9821720F47DAE3DE1E500AA15E03924032E67BDAA0C7028414
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/63e8d5e3c2f1ac1e2032d1fd/1gp2o70kg
Preview:	(function(global){..global.$_Tawk_AccountKey='63e8d5e3c2f1ac1e2032d1fd';..global.$_Tawk_WidgetId='1gp2o70kg';..global.$_Tawk_Unstable=false;..global.$_Tawk = global.$_Tawk \|\| {};..(function (w){..function l() {...if (window.$_Tawk.init !== undefined) {....return;...}....window.$_Tawk.init = true;....var files = [....'https://embed.tawk.to/_s/v4/app/65839862293/js/twk-main.js',....'https://embed.tawk.to/_s/v4/app/65839862293/js/twk-vendor.js',....'https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js',....'https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js',....'https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js',....'https://embed.tawk.to/_s/v4/app/65839862293/js/twk-app.js'...];....if (typeof Promise === 'undefined') {....files.unshift('https://embed.tawk.to/_s/v4/app/65839862293/js/twk-promise-polyfill.js');...}....if (typeof Symbol === 'undefined' \|\| typeof Symbol.iterator === 'undefined') {....files.unshift('https://embed.tawk.to/_s/v4/app/6

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65472)
Category:	downloaded
Size (bytes):	82665
Entropy (8bit):	5.159287003035781
Encrypted:	false
SSDEEP:
MD5:	CE3014B09C6DFBD6F92BC585FD840580
SHA1:	D17ABB8D652929260DF6A153814560DD5AF54424
SHA-256:	916C13B184FBC42C59463A47BF90611461BEC9E17A10A37DEF3C751ADE00DCED
SHA-512:	4114EE66ECCF538ED484A947CA3399D92D60F4CC29F1B8D3B4FFCAC473F215BE3E97D1BF78086EDFA141A2071AE340F671005CF7FBBB51D5EC6996571DE00E6A
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-vendor.js
Preview:	/! For license information please see twk-vendor.js.LICENSE /.(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["vendor"],{"2b0e":function(t,e,n){"use strict";(function(t){n.d(e,"a",(function(){return Xn}));var r=Object.freeze({}),o=Array.isArray;function i(t){return null==t}function a(t){return null!=t}function s(t){return!0===t}function c(t){return"string"==typeof t\|\|"number"==typeof t\|\|"symbol"==typeof t\|\|"boolean"==typeof t}function u(t){return"function"==typeof t}function l(t){return null!==t&&"object"==typeof t}var f=Object.prototype.toString;function p(t){return"[object Object]"===f.call(t)}function d(t){var e=parseFloat(String(t));return e>=0&&Math.floor(e)===e&&isFinite(t)}function v(t){return a(t)&&"function"==typeof t.then&&"function"==typeof t.catch}function h(t){return null==t?"":Array.isArray(t)\|\|p(t)&&t.toString===f?JSON.stringify(t,null,2):String(t)}function m(t){var e=parseFloat(t);return isNaN(e)?t:e}function _(t,e){for(var n=Object.create(null),r=t.split(","),o=0;o<r.

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	5044
Entropy (8bit):	4.234347528158032
Encrypted:	false
SSDEEP:
MD5:	49D6729671D3B3A69F3C917983849199
SHA1:	930D127666703328A5481238AC9331D72AA6E453
SHA-256:	5BD8E50E959CA5E56FBCCC744EDDE9F754196FE97A92AECD52FD4AFA7A57680E
SHA-512:	E8379ECF8DF941197D8C6AFA0466196C8B8891883FA5039C230EC2FDF522ED6647B88ABCC51AFF492242321C552C03C9FBBBA4E9F4861FD01F3A99E3E19BEC0C
Malicious:	false
Reputation:	low
Preview:	<svg width="158" height="42" viewBox="0 0 158 42" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M19.8344 34.3232C20.0947 34.5838 20.4477 34.7304 20.816 34.731C21.567 34.731 22.203 34.093 22.203 33.34V8.36998C22.203 8.00168 22.0568 7.64843 21.7966 7.38781C21.5363 7.12719 21.1833 6.98051 20.815 6.97998C20.035 6.97998 19.428 7.61698 19.428 8.36998V33.341C19.428 33.7093 19.5742 34.0625 19.8344 34.3232Z" fill="#312E81"/>.<path d="M8.383 22.247H15.033L15.034 22.246C15.4027 22.246 15.7562 22.0995 16.0169 21.8389C16.2776 21.5782 16.424 21.2246 16.424 20.856C16.424 20.4873 16.2776 20.1338 16.0169 19.8731C15.7562 19.6124 15.4027 19.466 15.034 19.466H8.384C7.603 19.466 6.996 20.074 6.996 20.857C6.996 21.2251 7.14204 21.5782 7.40206 21.8388C7.66209 22.0994 8.01487 22.2462 8.383 22.247Z" fill="#312E81"/>.<path d="M26.598 22.247H33.276C34.028 22.247 34.635 21.638 34.635 20.856C34.635 20.4879 34.489 20.1348 34.2289 19.8742C33.9689 19.6136 33.6161 19.4668 33.248 19.466H26.598C25.817 19.466

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (40699), with no line terminators
Category:	downloaded
Size (bytes):	40699
Entropy (8bit):	5.038809918829337
Encrypted:	false
SSDEEP:
MD5:	C7393B57847A249CF71E453CFF9C5693
SHA1:	2B151E46FF61023CAC973343C951B4210CD4D374
SHA-256:	7BD9666B0959D868276DA481746B74E6A76FBC19F7957E528B8FB022367980BC
SHA-512:	60EEB5E070E8121752036496FF8A0F248D9EF70301E49AA954D440E36B313DA26A39027A77D8F8BA91AE295E5FA239F288F8DFB8482A0C6528C2CC924C2668B1
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Preview:	:root{--tawk-header-background-color:#03a84e;--tawk-header-text-color:#fff}html{font-family:Lato,sans-serif;font-size:1rem;font-weight:400;line-height:1.618;letter-spacing:normal;background:0 0;color:#242424;scroll-behavior:smooth}body{margin:0}a:active,a:hover{outline:none}a:focus{outline:1px solid #1f6885}.tawk-link,a{color:#03a84e;text-decoration:none;cursor:pointer}.tawk-link:hover,a:hover{color:#03a84e;text-decoration:underline}abbr[title]{border-bottom:none;text-decoration:underline}b,strong{font-weight:bolder}:not(pre)>code,:not(pre)>kbd,:not(pre)>samp{font-family:Lato,sans-serif;font-size:.812rem;color:#bf1212;white-space:nowrap}em{color:#bf1212}ins{background:#ffd;color:#545454}mark{background:rgba(109,55,218,.1);color:#03a84e}q{font-style:italic}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sup{top:-.5em}sub{bottom:.25em}audio,canvas,iframe,img,svg,video{vertical-align:middle}audio,canvas,img,video{max-width:100%;height:auto

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (33616)
Category:	downloaded
Size (bytes):	33655
Entropy (8bit):	5.353770472984896
Encrypted:	false
SSDEEP:
MD5:	6CAF40D4DD7B5A4934BB861C6E99D11F
SHA1:	B0947D5507226DE3B4B04E0E7C608FE923FB9C6B
SHA-256:	AD11A265ACF7060A7D86DABC6AE0F3B32F135F096A6E35BE748A001393D71541
SHA-512:	4E30730D02039DCEA95B278CD5B84C9C3C6D587D10A4E5CC715A288255EB6A58BF4E3ED6E7AF7FC1DE04F040E39350B038038F489A27D557DC12DD41238C48AC
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js
Preview:	!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e\|\|self).axios=t()}(this,(function(){"use strict";function e(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function t(t){for(var n=1;n<arguments.length;n++){var r=null!=arguments[n]?arguments[n]:{};n%2?e(Object(r),!0).forEach((function(e){a(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(r)):e(Object(r)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(r,e))}))}return t}function n(e){return n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	303
Entropy (8bit):	4.782926029959515
Encrypted:	false
SSDEEP:
MD5:	CB176FE9D2D530E0E7952253AC6E34B2
SHA1:	F815ED89AF231E00CEDD366DC3EDEA7418651654
SHA-256:	6B1F3F1EF1EF0F2E457EC8F6E3292BE5292136F4AA8ACFAEB230C04EB0F7AB61
SHA-512:	795A853FEA2AC67E78879D0D7DA69588DD69C0D4FD3F7434E2A004B2D0812CD5671FF8714EBB0299DEBCBCCF9486469A03B1B02FAAE813AD91F50E571E4288B2
Malicious:	false
Reputation:	low
Preview:	<svg width="18" height="17" viewBox="0 0 18 17" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M8.86778 13.3916L13.9497 16.5L12.6011 10.6416L17.091 6.69996L11.1785 6.19163L8.86778 0.666626L6.55705 6.19163L0.644531 6.69996L5.13443 10.6416L3.78581 16.5L8.86778 13.3916Z" fill="#F49F07"/>.</svg>.

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	4418
Entropy (8bit):	4.2614959333020295
Encrypted:	false
SSDEEP:
MD5:	BB2849D7960D1523D8FA150B5988DA20
SHA1:	446C0E39189144FE39CE300CE6067973D0D5413C
SHA-256:	6410F388E52BE2450900CF4E55C82EDFD8AF5967B7DFE5EA4EF1A6C3E5365C99
SHA-512:	E0E636A03D9C40B49C7D721FA82D7B340D9ED50DF4BB98F782FC80CF8F59709AB316C8CEB63A8CB5DFC535412AE99454C21E674E0BBC200529FB2CF37B0BAA31
Malicious:	false
Reputation:	low
Preview:	<svg width="138" height="48" viewBox="0 0 138 48" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M37.529 12.273C37.529 8.25617 34.3002 5.00027 30.3165 5C26.3327 5.00027 23.103 8.25617 23.103 12.273C23.0995 14.1603 23.8291 15.9752 25.138 17.335L23.288 20.144L17.34 10.955C17.2362 10.7948 17.0927 10.6641 16.9234 10.5757C16.7542 10.4873 16.565 10.4442 16.3742 10.4505C16.1833 10.4569 15.9974 10.5125 15.8344 10.6119C15.6714 10.7113 15.5369 10.8512 15.444 11.018L5.09098 29.58H1.11098C0.497976 29.58 0.000976562 30.08 0.000976562 30.698C0.000976562 31.316 0.497977 31.816 1.10998 31.816H37.906C37.9173 31.8162 37.9286 31.8162 37.94 31.816H42.552C43.165 31.816 43.662 31.316 43.662 30.698C43.662 30.08 43.165 29.58 42.552 29.58H38.572L32.758 19.118C34.1596 18.6046 35.3693 17.6724 36.2228 16.4478C37.0764 15.2232 37.5324 13.7657 37.529 12.273ZM29.395 29.58L24.607 22.183L28.572 16.162L36.029 29.58H29.395ZM16.48 13.72L26.747 29.58H7.63498L16.48 13.72ZM34

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (535), with no line terminators
Category:	downloaded
Size (bytes):	535
Entropy (8bit):	5.04039722532291
Encrypted:	false
SSDEEP:
MD5:	C506281367048D4A134C9AFFBC68C8C6
SHA1:	FFA331EB81694501D6FF64AE2D1F7E667529C3BA
SHA-256:	7E0A886153A50F34ADEB6D141B542D08A6338C5E3BADA9FC3CCF88D0580356DF
SHA-512:	6B60B2EE859337BEC90EBD0BA899F4CE05CC16EB70C76EB98A274F64870E45B87203E2C45D019B178A297B100C094E88178E2983DD29DE5FD1EA649226706C07
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b9454.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-2d0b9454"],{"31dd":function(a,t,s){"use strict";var e={name:"base-header"},d=s("2877"),n=Object(d.a)(e,(function(a,t){return a("div",t._g(t._b({class:["tawk-card tawk-card-primary tawk-card-small tawk-header-container tawk-flex-none tawk-header tawk-custom-color",t.data.class,t.data.staticClass],style:[t.data.staticStyle,t.data.style]},"div",t.data.attrs,!1),t.listeners),[a("div",{staticClass:"tawk-text-center"},[t._t("default")],2)])}),[],!0,null,null,null);t.a=n.exports}}]);

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5955)
Category:	downloaded
Size (bytes):	283443
Entropy (8bit):	5.565658708958308
Encrypted:	false
SSDEEP:
MD5:	FE2E89AB99483B3A2712FB9EBE5F4483
SHA1:	3A73BD4E565E9EA12E3C56D45D6C888153278936
SHA-256:	A38772F2489B486FA9D5DB8D65055AAD93A788DD4858DBA21E14A5EC2AA8F3D5
SHA-512:	8E35E19F82903FC0B0100BEC6E83C741DB6BAC3C7524830987C7070E3A10543DC9F6F051D175FA04594A14251B3BBE0EDF88DB01FD837CA2EBBF5CBA6A457F2B
Malicious:	false
Reputation:	low
URL:	https://www.googletagmanager.com/gtag/js?id=G-ZK1KZ6WCH0
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":"google.co.uk"},{"function":"__c","vtp_value":0},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":"google.co.uk"},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":14,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_autoEmailEnabled":true,"vtp_autoPhoneEnabled":false,"vtp_autoAddressEnabled":false,"vtp_isAutoCollectPiiEnabledFlag":false,"tag_id":10},{"function":"__ccd_ga_first","priority":13,"vtp_instanceDestinationId":"G-ZK1KZ6WCH0","tag_id":25},{"function":"__set_product_settings","priority":12,"vtp_instanceDestinationId":"G-ZK1KZ6WCH0","vtp_foreignTldMacroResult":["macro",5],"vtp_isChinaVipRegionMacroResult":["macro",6],"

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65446), with CRLF line terminators
Category:	downloaded
Size (bytes):	279925
Entropy (8bit):	5.114035478862181
Encrypted:	false
SSDEEP:
MD5:	67714D065D4F810088720434608B2CBB
SHA1:	4965AB7BF7D2FA34235F4BFE75F5901C625543C1
SHA-256:	226196E21F10D72F72B915B8BA507AD204994B981080978E76AFE8A8F5349D3D
SHA-512:	335FB0427E3B3E6D2A11780244C934C099D6E96A50927CE59967FF672E1E96EE5B22B9B037DDE4449D55346828A2E3F4235A869500EE602C1B2B06FA6FE73106
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/js/jquery.js
Preview:	/! jQuery v3.6.0 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /..!function (e, t) { "use strict"; "object" == typeof module && "object" == typeof module.exports ? module.exports = e.document ? t(e, !0) : function (e) { if (!e.document) throw new Error("jQuery requires a window with a document"); return t(e) } : t(e) }("undefined" != typeof window ? window : this, function (C, e) { "use strict"; var t = [], r = Object.getPrototypeOf, s = t.slice, g = t.flat ? function (e) { return t.flat.call(e) } : function (e) { return t.concat.apply([], e) }, u = t.push, i = t.indexOf, n = {}, o = n.toString, v = n.hasOwnProperty, a = v.toString, l = a.call(Object), y = {}, m = function (e) { return "function" == typeof e && "number" != typeof e.nodeType && "function" != typeof e.item }, x = function (e) { return null != e && e === e.window }, E = C.document, c = { type: !0, src: !0, nonce: !0, noModule: !0 }; function b(e, t, n) { var r, i, o = (n = n \|\| E).createElement("sc

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	4472
Entropy (8bit):	5.401969437123171
Encrypted:	false
SSDEEP:
MD5:	E1F689361EC401416E8D48039F2A66CB
SHA1:	0C615BC670503C4179D0B0E9A0F8DEED143A5B96
SHA-256:	AEF306D8DC297F057D650B2E03A3C79B8F8AA29AEAA9F7F19B4F4A5C5D3E88F1
SHA-512:	5B7A38105FCE6A5C8513ADCD450231461C2704070529C9CD7D373A4EED5B425D98951C7264F09A68DDD9C6B8887BC157BD85AEB7B9DF03968CB9086CB0AC1870
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Preview:	/* devanagari /.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJbecmNE.woff2) format('woff2');. unicode-range: U+0900-097F, U+1CD0-1CF9, U+200C-200D, U+20A8, U+20B9, U+25CC, U+A830-A839, U+A8E0-A8FF;.}./ latin-ext /.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2) format('woff2');. unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin */.@font-face {. font-family: 'Poppins';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Category:	downloaded
Size (bytes):	7748
Entropy (8bit):	7.975193180895361
Encrypted:	false
SSDEEP:
MD5:	A09F2FCCFEE35B7247B08A1A266F0328
SHA1:	0DA2D17E738F46D2A09E6FB7969DA451719A9820
SHA-256:	CD36DE204ACA2D5FA263A731F7C20009B5E3D754BA1F1E03C33E93A48F3E7446
SHA-512:	5E3F9A298003B84250EC6801E08AD2A4FF8845D4C3E13EA61BEC37DA24D26EDE13B436257882124CC0C27E9A323BA92E7D23C6AD3F48A7B75535F5ED98813A0E
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Preview:	wOF2.......D......?p.................................`..T..0....6..6.$..h. ..H....82EF.....E...........W...b.....b..l...Qc/.....G4.]Rc..C...9J....>W..A.#..~.$.-.....}.......$-.........B1..;<....=.FO... R..%......9.E.s..M6.k.-_.^.?...._...lI..59Y.f\|..&..J..<8....e.zip".......q...u.?Y.....I.:MA.d.Y....0>..E.....a...H...:.....A.j.h.P.......A.+.l/j........d....r)Y>..V..@E\Q.k.E..(....6..yf.)s..O..z..........`Q.La'N.t V$.. t".ZDb......U.A.........p~.TW.K....y..^.(.;....K.TO.l... {s..M$ ....!....a..^.y...._...H..e.lKD.#..9.$...!&.19.9I..R-..b...TD&...j...xol.[...~.!.q.%..M..>...k.K.{5......+..U....34........[R.GZF.s}&...#g.P..Y..zF..-&..Y.i.3...I_3..Q.....`i....F{.z..>0....N...16.i.@.........5D3..>.._o.0M+5qI.ds..o...1v.!zx..T..b.w.:.....z$...s..x...v...e.&.[.qb.P..Gt....D.3.. ..W.^f.C(...t..`.\|..0.Z.C\|..)...0....Y.Q...m.k...-VmS..6p..%7.o(0p..4..S7..i\.....v.k.+S)J....+..../....xv.9.W..nR.CG..f..\|....Y...'W.....\|b<.wN@....-[....l.P4#..=...[

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 651 x 135, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	17216
Entropy (8bit):	7.955217226922806
Encrypted:	false
SSDEEP:
MD5:	D35A6CB3C90EB50F37E49CD90F8753A1
SHA1:	11EC90244853FC9F150B1D8B6F22322A755ED5D7
SHA-256:	1293D6E0A2F66E45973D4B10A2069D3C445BBCA4C7EB1A05F8BBDF324F7677EC
SHA-512:	EC3C93221BBFC7DA1D21F08C1FF1F2ADD606CFAA5BF857F8CF41553ABA52583ACAD6F58130B7BA714CC929331E079E3CF8929DA06DC116CB9179F7D3AF61CB7D
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.............~..E....gAMA....\|.Q.... cHRM...........R...@..}y.....<.....s<.w.../iCCPICC Profile..H..wTT....wz..0..z..0... ..Q.f......Ml..@D...E......H..b!(.`.H.Pb0...dF.J\|yy.......g.s..{....$O../... .'..z8.W.G....x....0Y.A..@$/7.z........H..e..O...O.T...._..lN:K.."N.....3"..$..F../JP.rb.[.}..Q..d.[..S..l1..x{..#b.G...\N..o.X3I....[ql2.....$..8.x.......t..r.p../8...p...C...f.q....K.njm.{r2.8...?......).L^6..g.,.qm."[.Z[Z....~Q....7%.."....3......R..`.j...[.~.:.. w....!.$E}k...yh.y...Rm..333..........:..}.=#.v.....e...tq.X)I)B>==......<..8..X....9<QD.h..8Q.yl....sy....0.OZ.k.(...5..H....>.....yP..........:.8......p.........Lg....k.k...$.......t.!0.V..8.7....`.........2A....@.....JP..A#h.'@.8.....:....`....`......a!2D..!UH.2.. .d..A>P ..ECq...B.......Z....:.]..B..=h...~....L...2...........5p.......N..........:\|......@...QC.....!.H,.G6 .H9R.. ]H/r..A..w(......Q.(OT...JCm@..QGQ...-.(j...MF+...6h/.t.:.]..G7....w...7......Xa<1...:L1....s.

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	12440
Entropy (8bit):	4.95557682616989
Encrypted:	false
SSDEEP:
MD5:	B3E0A9146563E57A08A0A591918F0808
SHA1:	DEA5F485E477B11140D7C1ED26691D11AB44A757
SHA-256:	A71A4705F94F5388C98975975341B12D7DBB5260CDB11E458E8F8D6320258A5C
SHA-512:	7DCBC134F8EBEE00460B78F884C3BBEC15895BF837AAA0283424BDB693A9A3EDA89BA562E60EE977A46BA61ABB79396EA443328784246757BDB7C774085AF6DC
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/js/custom.js
Preview:	$(document).ready(function () {.......$(".send-mail form").submit(function (event) {....event.preventDefault();....var formData = {.... name: $("#name").val(),.... email: $("#email").val(),.... phone: $("#phone").val(),.... content: $("#register_content").val(),......};.......$.ajax({.....type: "POST",.....url: "mail-test.php",.....data: formData,.....dataType: "json",.....encode: true,.....success: function (response) {......console.log(response),......$('.send-mail form').trigger("reset"),......$(".modal").modal("hide");.......// window.location = 'thankyou'.....},............error: function (response) {......console.log(response);.....}....});...});.. switchDiv();.. $("li:first-child").addClass("first");.. $("li:last-child").addClass("last");.... $('[href="#"],[href=""]').attr("href", "javascript:;");.... var len = $('.menu > li'), str;.. $(".menu-Bar").click(function () {.. $(this).toggleClass("open");.. $(".menuWrap").toggleClass("open");..

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	121
Entropy (8bit):	4.69769680485545
Encrypted:	false
SSDEEP:
MD5:	DA5BB1DC647470204DF0E49F5AFAC2DE
SHA1:	F5CBF596CA5E4FE208E4C55AF6E45B71F9FEBBE8
SHA-256:	705186BECC9E0A306A6B4867AE2768AA9DD3B8C12393D9F9C52029E9A6FCF31C
SHA-512:	D9C0EDA8C93DF421F8147960FF4B00F8EACD8791B8386B020F04D0478C6B7A4328767A82B52B8CFBB7C3A44CB55CEC488C2D1008670BEE709D67D8BDBD887C39
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-main.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["main"],[],[["56d7","runtime","vendor","chunk-vendors","chunk-common"]]]);

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13521), with no line terminators
Category:	downloaded
Size (bytes):	13521
Entropy (8bit):	5.0112157191763815
Encrypted:	false
SSDEEP:
MD5:	950518E32FD92957181F766F08D3CF98
SHA1:	9FE20C86B818D3576E9D70E6ED091964CB8B7427
SHA-256:	2F56F47D64037D5AA3A96B50C840580E5549FEE6F9FAFFF8AF3D1821D189FA5C
SHA-512:	D4D2EA3B555F9E582B12652DDD2BFB32F555ACCDF9750EA576F13A7A020DF9E31A50D732FE95FDC72CFA8B254CA3149FF33FB7D2E1DB15CE68F1755D0673BE53
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/css/bubble-widget.css
Preview:	.tawk-tooltip:hover .tawk-tooltip-hover{opacity:1;transition:opacity .5s linear .5s}.tawk-tooltip .tawk-tooltip-hover{position:fixed;margin-top:8px;padding:4px 8px;border-radius:5px;background:#545454;color:#fff;text-align:center;font-size:.75rem;right:0;left:auto;opacity:0;transition:opacity 0s linear;z-index:2}.tawk-tooltip .tawk-tooltip-hover .tawk-tooltip-arrow{top:-16px;display:block;left:50%;border:8px solid transparent;border-bottom-color:#545454;position:absolute}.tawk-tooltip .tawk-tooltip-hover.bottom .tawk-tooltip-arrow{border-color:#545454 transparent transparent;bottom:-16px;top:auto}@font-face{font-family:tawk-font-icon;src:url(/fonts/tawk-font-icon-2.woff2?55755728) format("woff2"),url(/fonts/tawk-font-icon-2.woff?55755728) format("woff"),url(/fonts/tawk-font-icon-2.ttf?55755728) format("truetype"),url(/fonts/tawk-font-icon-2.svg?55755728#tawk-font-icon) format("svg");font-weight:400;font-style:normal;font-display:swap}.tawk-icon{font-family:tawk-font-icon;font-size:1.12

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 158 x 135, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	9459
Entropy (8bit):	7.9692303193360745
Encrypted:	false
SSDEEP:
MD5:	B0C63338BB5B5F67CEC91246E8FF1AB6
SHA1:	125A99FFEF0DD668B1F3070CA12F5F298DDFA6D0
SHA-256:	6EC5B8F80B273989B305C9C6BB4C010446B0A3BDD90CCDF6539C0E4F27595A22
SHA-512:	77752E5E4328AF9CB410AF59A081BB98CD5BBE411ACD07ACF49311F81C3A76D7E59F78BDFC1787802116F3347BC4F80D6D353883B794A2B8EDEC63D9EBFCB449
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............\.(....sRGB.........gAMA......a.....pHYs...#...#.x.?v...!tEXtCreation Time.2023:12:27 16:34:27..G...$[IDATx^..\|.E..ow...JBH#...4.4.M....AJ. M...."~ "....H..R....A..Z.....}..\..n......~3...............S3..kM~f.&.0...1...&.L..+n...f...X1..:.......p...&2%...n.....X0\..H.@`%..r#.S`8.?.?a.Z..pr3..'..p..8D.F....y!N...D..b\+.a.2..QJ.B_%....../.E..h...:..Z....j.b.y&.s...uA.c+&..:.d..0../r;.i..o!....g.4..H.b...`k..,de`d.`d.y.a[.A.....V.....f.n!.....<2...Ld..E.@O..B\P&..42.@...r.....(.!........_?..WI.J....)y...'.....].....l...............=..L....^9.lSQ9...l..Fb1..6...nA..o.....b2Y.)_.\|d4[..'.@..\|.......C^Y...l~(..#A.sbo.H..l.'..(...-....Q.93O_..y<EZk.B.i.F...M.CjzY..?.x..c.<R6hml+.t......s..r...2.i.%..tJO..L....{.....+=y.P~.5!..d.+.%....A..e....J0[..Z..j......=.ck..X:.R../...........>I.=..Y )-...N...Mn..+E}w~...^.VT.P..H.V.6\....-i..b....6Q<.i...b....>@M.o.....ihN.D...P.7}...o.....m\-.O[....X..>.a.......A..L=U,f...&.. n..S9/

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (906), with no line terminators
Category:	downloaded
Size (bytes):	906
Entropy (8bit):	5.071554212345257
Encrypted:	false
SSDEEP:
MD5:	1C5ECF371149FECA23BD895BA9DFEC4D
SHA1:	6F6213AE4C63D959441572D232F0425467ED05DE
SHA-256:	FB193C2BCF1A14030CEA8D72BAA20AB7B1CF88F9E90ADB31895279BEEDF6BF84
SHA-512:	8BF67FA2B7D9B66F3A24D359FC4BF2E63069E091C4D0A34302B12577DAEF9CF9D66C4B581A5A1289BB4B93DC49F0FD0DF183C66A1C29B22DD49770DDBA3702AF
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-4fe9d5dd.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-4fe9d5dd"],{"9f3e":function(a,t,s){"use strict";var e={name:"base-frame"},n=s("2877"),l=Object(n.a)(e,(function(a,t){return a("div",{ref:"tawk-main-panel",staticClass:"tawk-main-panel tawk-custom-flex-1",class:[t.data.class,t.data.staticClass]},[a("div",t._g({directives:[{name:"tawk-scroll",rawName:"v-tawk-scroll"}],ref:"tawk-chat-panel",staticClass:"tawk-chat-panel tawk-custom-flex-1 ps--active-y"},t.listeners),[a("div",{ref:"tawk-inner-panel",staticClass:"tawk-chat-panel-inner tawk-flex tawk-flex-column"},[t._t("default")],2)]),t._t("unseen-message-count")],2)}),[],!0,null,null,null);t.a=l.exports},dbd1:function(a,t,s){"use strict";var e={name:"base-body"},n=s("2877"),l=Object(n.a)(e,(function(){return(0,this._self._c)("div",{staticClass:"tawk-body",attrs:{id:"tawk-body"}},[this._t("default")],2)}),[],!1,null,null,null);t.a=l.exports}}]);

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	8651
Entropy (8bit):	3.7423581674436144
Encrypted:	false
SSDEEP:
MD5:	B8B327C2E8CC7D6F1E1F26400BDEA801
SHA1:	861596C1FEBA00FFC4B9D809BE6A87F44CBD8F26
SHA-256:	918624916B502499E47B45168AF330CE1FC20431903AB7E6DBD8F8C4F6C8E38A
SHA-512:	45C8EFF3208A779F54579747BAB58A7ED33703AB66F1EC0E9D0C8029F2B40BA84C0CDB2926BE6525DC17065F87CA46E58E12E78323C40B0B150A12D59C626B05
Malicious:	false
Reputation:	low
Preview:	<svg width="147" height="27" viewBox="0 0 147 27" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M29.2769 22.6769C29.2769 25.1199 28.4269 26.1189 26.1119 26.1189H5.56988C3.25388 26.1189 2.40488 25.1199 2.40488 22.6769V17.9199C2.40488 15.6259 1.29988 14.3299 0.237884 13.7359C0.164822 13.6916 0.104413 13.6293 0.0624869 13.5548C0.0205612 13.4804 -0.00146484 13.3964 -0.00146484 13.3109C-0.00146484 13.2255 0.0205612 13.1415 0.0624869 13.0671C0.104413 12.9926 0.164822 12.9302 0.237884 12.8859C1.34288 12.1849 2.40488 10.7189 2.40488 8.76494V4.08994C2.40488 1.45594 3.12688 0.689941 5.44188 0.689941H26.2399C28.5559 0.689941 29.2779 1.45594 29.2779 4.08994V8.76294C29.2779 10.7169 30.3399 12.1829 31.4439 12.8829C31.7639 13.0959 31.7639 13.5429 31.4439 13.7329C30.3819 14.3489 29.2779 15.6449 29.2779 17.9179V22.6759L29.2769 22.6769ZM9.81888 19.5549C11.4969 21.0199 13.3029 21.7639 15.7889 21.7639C19.6969 21.7639 22.2459 19.8099 22.2459 16.6439C22.245

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 117536, version 329.-17761
Category:	downloaded
Size (bytes):	117536
Entropy (8bit):	7.998105894935079
Encrypted:	true
SSDEEP:
MD5:	E57324A466C24A207FD9AD0F5F5E3C9C
SHA1:	2F9B04644E684A6BB1033E297CC474C57AA267F2
SHA-256:	5538A328926C9517FFB8670FCCCE94F6137D58C21FF4B10ECD772ABFA16A012B
SHA-512:	934DE5545803E284BF01E39377C51AB35C3D12A491718887C7C654D3B02066A09B9667B6AC01AD494C46721B8ADD2D177BF578E261C7ABF44340D653E941A180
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/fonts/fa-solid-900.woff2
Preview:	wOF2....... .............I......................?FFTM....`........X..d.6.$..^..d.. ......J[I....n. .n2.\|.....=]..>A.....vP..D7.H.7...m......../K.2...p.....T...bU.m.Z....}Lbj.....d,M..........IL...>....:..S...(/1F......Am`W.T.T.TC....Ty.&..N.....O.lA.P...y2:....F...q(...qWu.:.B...FHB...7..T$..:......LO.M..Y..u.....a..>U..d3....}Y....W........\...y..u..a...as..~..6.i.......s.....BJ........Xg)x.$..1...RJ.../.`#./}G. ..+@H...&Vo&G.g......;.\~.p)B.5.D#..Q5.....r+...N........i.r.6j.B.t.V.h....n.1?k...(......7..X.....PYb......]6.u..U.Vw........4S.f6.EJR`....@...c!..u....\t.0q..._...{n.^.?.R.YP`.8-.3.U.....\.....=m.T......f...K.5o.D..........0.......T..v.+....Z%.]. }.G...R......x...>........MW.....&....Xu..IE.)...-....hq..x...\|..i1...r....H.``...W?.I.^...."....W..c.F.L..b./&!.....'.eYY..(yDY.fN.....d..$..K..k...P .mY.7RW&.}.CxU.6....F.Th^]...fjU.!......... ..hI.dyO..I.{.}..i..9\.:5.k1k!.*%..S..L.......X.\|0.~d=..........v..1....

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Rawpixel Ltd.], progressive, precision 8, 840x473, components 3
Category:	downloaded
Size (bytes):	58184
Entropy (8bit):	7.966243012390078
Encrypted:	false
SSDEEP:
MD5:	AF4A80351213DFAEC2EEC9A87C565EEB
SHA1:	E03F6E7516C999C0BD835A6C6174AB812AAA947F
SHA-256:	A06AF471EA1E7FE5486F1CAFA035E02BC5BE9D447D67495D2FFDD686715239A6
SHA-512:	7709AA41BE4F3223C6318E6CB977D0C2C93A4106CAA34D864EA95BE69C3E9EF85AE48911AF87CDAD1826CB1C7BD95840112B574A805691EA28FBE1E8100BE715
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/images/tm-article-2.jpg
Preview:	.....2Exif..II*.......................Rawpixel Ltd........Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmpMM:OriginalDocumentID="E7A6BD5E18737083729F18DF184BC0BE" xmpMM:DocumentID="xmp.did:8B6FC7882B7211EBAC3A8603181436E3" xmpMM:InstanceID="xmp.iid:8B6FC7872B7211EBAC3A8603181436E3" xmp:CreatorTool="Adobe Photoshop Lightroom 6.0 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:39280bfb-a1cd-41c6-b198-17d19ed1b0e7" stRef:documentID="adobe:docid:photoshop:1bbedd2a-3810-3f4c-84e7-738e999685b7"/> <dc:rights> <rdf:Alt> <rdf:li xml:lang

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1141
Entropy (8bit):	4.816243021387608
Encrypted:	false
SSDEEP:
MD5:	82182A17AB5A2FEF63292FC991630229
SHA1:	3406A0250AD86434F542A137E99240381F13DF9E
SHA-256:	CDE83A4B7F5596C43EB4946727FB2508166388814DC9CD76283EF33B7E037C87
SHA-512:	0DECA94D936B504431288158AA457D3C666EF94C6C5F4B46C7B649594E13B02A505D44C7DB3D8DBF601E287D32C30C69C90419B85FB614BD3E86A66BF246268C
Malicious:	false
Reputation:	low
Preview:	<svg width="105" height="48" viewBox="0 0 105 48" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M0 10L18 4V13.5L24 11.5V43L6 37V31.5L0 29.5V10ZM18 35.5L8 32.167V35.56L22 40.225V14.275L18 15.608V35.5Z" fill="#312E81"/>.<path d="M42.9 31V20.451H39.39V17.058H50.876V20.45H47.346V31H42.9Z" fill="#312E81"/>.<path d="M59.481 31.254C55.405 31.254 53.105 29.226 53.105 25.248V17.058H57.511V25.073C57.511 26.886 57.901 27.783 59.481 27.783C61.041 27.783 61.431 26.886 61.431 25.053V17.058H65.877V25.209C65.877 29.401 63.381 31.254 59.481 31.254Z" fill="#312E81"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M68.965 31V17.058H74.523C78.54 17.058 80.256 18.852 80.256 21.835V21.913C80.256 24.819 78.326 26.457 74.718 26.457H73.372V31H68.965ZM74.288 23.493H73.372V20.353H74.308C75.458 20.353 76.063 20.783 76.063 21.855V21.933C76.063 22.966 75.458 23.493 74.288 23.493Z" fill="#312E81"/>.<path d="M82.563 17.058V31H92.06V27.588H86.99V17.058H82.563Z" fill

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	27740
Entropy (8bit):	4.0440446776498975
Encrypted:	false
SSDEEP:
MD5:	1A650B00B6699D13C7C1A18A713F8773
SHA1:	BA7418560D72D7F29C9C59AA9A1DE47B8BD5FBF1
SHA-256:	FB26F1D74C19F642BAC14EBB28FD62872118ABD3EBD65B7FEB68199018AF6009
SHA-512:	323545FB4900E848E09F31E1E025970C4928DEE6330DC5D63BB360B3FDB302192B6395DE1AD4121DAD019675AB4219CC34F4FF2068234065410CAF69FEF03A7F
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/?sender_ctype=email&sender_campaign=eZDJ2R&sender_customer=gZxvvvZ
Preview:	<head>.. Google tag (gtag.js) -->..<script async src="https://www.googletagmanager.com/gtag/js?id=G-ZK1KZ6WCH0"></script>..<script>.. window.dataLayer = window.dataLayer \|\| [];.. function gtag(){dataLayer.push(arguments);}.. gtag('js', new Date());.... gtag('config', 'G-ZK1KZ6WCH0');..</script>......<!DOCTYPE html>.<html lang="en">....<meta http-equiv="content-type" content="text/html;charset=UTF-8" />..<head>. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge" />. <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0" />. <base>. <meta name="description" content="">. <title>Register Your Brand Today \| Venus Trademark</title>. Fonts -->. <link rel="preconnect" href="https://fonts.googleapis.com/">. <link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin>. <link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap".

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32014)
Category:	downloaded
Size (bytes):	302554
Entropy (8bit):	5.261763046012447
Encrypted:	false
SSDEEP:
MD5:	7BB7AAC0CAC89A90304AF1C72EB4F50D
SHA1:	729F6F8CA5787D89743B0ED7EB27FD76406BF985
SHA-256:	F5C06455E539DCD889F7F05D709B5ADC76C444099FE57F431365AF2FC57E803B
SHA-512:	ED26BF873A3C5B2E48D8B3C955240A46D8F7D7F3C635AB138179B999DBADC77802285879CB1A833F703059762C346066090A9A740BFE881F56D6D95F2DCA7F30
Malicious:	false
Reputation:	low
URL:	https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Preview:	/! emojione 02-12-2016 /.!function(a){a.emojioneList={":kiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!0},":couplekiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!1},":kiss_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f48b-200d-1f468","1f468-2764-1f48b-1f468"],fname:"1f468-2764-1f48b-1f468",uc:"1f468-200d-2764-fe0f-200d-1f48b-200d-1f468",isCanonical:!0},":couplekiss_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f48b-200d-1f468","1f468-2764-1f48b-1f468"],fname:"1f468-2764-1f48b-1f468",uc:"1f468-200d-2764-fe0f-200d-1f48b-200d-1f468",isCanonical:!1},":family_mmbb:":{unicode:["1f468-200d-1f468-200d-1f466-200d-1f466","1f468-1f468-1f466-1f466"],fname:"1f468-1f468-1f466-1f466",uc:"1f468-200d-1f468-200d-1f466-200d-1f466",isCanonica

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Category:	downloaded
Size (bytes):	7816
Entropy (8bit):	7.974758688549932
Encrypted:	false
SSDEEP:
MD5:	25B0E113CA7CCE3770D542736DB26368
SHA1:	CB726212D5D525021752A1D8470A0FB593E0C49E
SHA-256:	9338E65FC077355C7A87AE0D64CC101E23B9BF8AD78AE65F0F319C857311B526
SHA-512:	A0D331E62AB4727F49CA286A1EE7FB81CDDC5BB9EDF71EF84F4BD4FA1552069AF1A82752011BA88FAE80862D034135926B7E99D70E59D626D66D4EDE90E94C30
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Preview:	wOF2..............>P...4.............................`..T.......6..6.$..h. ..D.....03......~.(J........".!]X.......fD .s..I......(&.:..K..3=/.?0.?B........}.}.L....9.!1..6.u....(...m..\.6R.H....(..J.....YXus..2..susq.E^.v.....z..{........BN^...}[a.8&.By.9......O......3..zW.\|R.I.8 .Z.V. ..v...X_F....,[ye....wU.m..U.....}....'.^.jQK..@....n....)...;.. T..@]...hz.>.6.Y.tgeF.p...k?.g.jIb..."'.p.j.W}..X..........0'@.!<..$.<\TG...........^......W..<..LhX...r..Q.8........W.8[...W.z.W...,`...}...CY..z..m.B...z._..}..0$..F. ....<........!...X.....`.._UY{..k....[.+....h..G...x4.h...#...n=.!....G.G..<....~.nS...M.d.RT...g..$:/..j..y.@.FIg.".#..]'...4...n..y.Q.s'..I@P.w..xI.......#.J.n.n.i...'....@..H...H..1.;7...ddSF.d..]....Z......W.../S....^V..k..%.......CF....B4.kN....Mp.......+..i...M.>.`m...=..$c..$.h.t..\|..d+...6j..W...~a.M.'4..f.`...( .0Vq,.&f.?k.%i.\|tr..`k...F..{l.T.T=.......aK..F....nAu..."....Cpc..B.`..s...,S.......P._[K?..+...\|2...z....

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	8155
Entropy (8bit):	4.045217666145289
Encrypted:	false
SSDEEP:
MD5:	5ACAF21D57CF88FBEB8AF555E5E20D72
SHA1:	A01D8033E627A60287F492DCB8B49CE5A1173892
SHA-256:	41E8FBC8AD2FC9C70B5125818FE8CCAAE12DFC1D18772377124C8E3099EF1590
SHA-512:	170EFBCD0CD62E6865FF607C228C568CA3126CE2629487783F982579C436E1FCF7FB613D4D6405A075793D972E512075AE934435BB970BB29DA07B6A1ECBF368
Malicious:	false
Reputation:	low
Preview:	<svg width="136" height="40" viewBox="0 0 136 40" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M38.4576 9.02409L38.4594 9.02804C38.4609 9.0312 38.4624 9.03436 38.4637 9.03752C38.4651 9.04103 38.4663 9.04454 38.467 9.04805C38.4812 9.10157 38.4886 9.15668 38.489 9.21205V17.7981C38.4892 17.9079 38.4605 18.0158 38.4059 18.111C38.3514 18.2063 38.2728 18.2856 38.178 18.3411L31.04 22.4911V30.7141C31.0401 30.8239 31.0113 30.9319 30.9565 31.0272C30.9018 31.1225 30.823 31.2018 30.728 31.2571L15.829 39.9171C15.7947 39.9356 15.7585 39.9504 15.721 39.9611C15.7163 39.9631 15.7118 39.9653 15.7072 39.9675C15.6981 39.9719 15.689 39.9764 15.679 39.9791C15.5749 40.0071 15.4651 40.0071 15.361 39.9791C15.3541 39.9771 15.3473 39.9746 15.3408 39.9717L15.333 39.9681L15.313 39.9581L15.3021 39.9543C15.2708 39.9437 15.2396 39.9331 15.21 39.9161L0.311002 31.2571C0.216219 31.2016 0.137623 31.1223 0.0830536 31.027C0.0284841 30.9318 -0.000151817 30.8239 6.05316e-07

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	52
Entropy (8bit):	4.407761238355061
Encrypted:	false
SSDEEP:
MD5:	387451A3F76EDBA267F0BF2878A7FD4C
SHA1:	2DE077CF320024406DE7ED4B39DC4995A3866933
SHA-256:	29BAC8867F26FAD7543A1D0EF821FA573642AD280546A60C9022A19780835FA4
SHA-512:	777DBAA32AD9A765C36493A52FD0BF551AFD354AB27360C11182746658CC269958155CF8477A253991FF7E2FA9C0C7B990FF2B2D767728BE220C35562D230603
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISJQmcdubzIUeqgBIFDZRU-s8SBQ2DqFs9EgUNBV7IGxIFDfNTkMY=?alt=proto
Preview:	CiQKBw2UVPrPGgAKBw2DqFs9GgAKBw0FXsgbGgAKBw3zU5DGGgA=

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	17013
Entropy (8bit):	4.644807590099037
Encrypted:	false
SSDEEP:
MD5:	7F37A030886EC7FCE1D065EC482789EE
SHA1:	661AD608AC1513E2CCDEC4CD55EB552A8604C8F6
SHA-256:	75B20E74E3EFFA00E4B62B9DA6DF7D7542D91CB4B50078B8365112D556A73A7E
SHA-512:	05364637A1C18C310335C97801D42C3CB8B756D3A26691BA69604F09F9462DCF9377DEC211D8B73880E125725BAD958A774108057488600AA99938717FD7FC65
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/languages/en.js
Preview:	(function(global){var Language = {};....Language.pluralFormFunction = function (n) {...if (n === 1) {....return 'one';...}....return 'other';..};....Language.form = {};..Language.form.SaveButton = { message : 'Save' };.Language.form.SubmitButton = { message : 'Submit' };.Language.form.StartChatButton = { message : 'Start Chat' };.Language.form.CancelButton = { message : 'Cancel' };.Language.form.CloseButton = { message : 'Close' };.Language.form.SendButton = { message : 'Send' };.Language.form.EmailPlaceholder = { message : 'Email Address' };.Language.form.QuestionPlaceholder = { message : 'your query..' };.Language.form.DepartmentsPlaceholder = { message : 'select department..' };.Language.form.MessagePlaceholder = { message : 'your message..' };.Language.form.NameErrorMessage = { message : 'Name must be provided.' };.Language.form.EmailErrorMessage = {

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18972), with no line terminators
Category:	downloaded
Size (bytes):	18972
Entropy (8bit):	5.248501682870019
Encrypted:	false
SSDEEP:
MD5:	D1392466F248728BC183C96015DB868C
SHA1:	C35F65299CE55DE082D6849E055E28CD1EC464C5
SHA-256:	171130288B9912BE9B602FE27AFEED79E4ECDF6EA7997CE8C97B0D5F5ABA2359
SHA-512:	30B5D8228CAEB0B8E37B3972381821268200D226C33919723350B76C7B238951A5CD1A96BE06D859883E38A3511DA95608A555EAC5022640060F23018B3F721D
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-48f3b594.js
Preview:	(window.tawkJsonp=window.tawkJsonp\|\|[]).push([["chunk-48f3b594"],{"3bc8":function(t,e,i){"use strict";(function(t){var a=i("5a60"),s=i("2f62"),n=i("f0b0"),r=i("2966"),o=i("87dd");function l(t){return(l="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function c(t,e){var i=Object.keys(t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(t);e&&(a=a.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),i.push.apply(i,a)}return i}function h(t){for(var e=1;e<arguments.length;e++){var i=null!=arguments[e]?arguments[e]:{};e%2?c(Object(i),!0).forEach((function(e){g(t,e,i[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(i)):c(Object(i)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(i,e))}))}return t}function g(t,e,i)

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Category:	downloaded
Size (bytes):	7884
Entropy (8bit):	7.971946419873228
Encrypted:	false
SSDEEP:
MD5:	9212F6F9860F9FC6C69B02FEDF6DB8C3
SHA1:	AC6D71B4D5FDD2B3DABC9A06FF6C001E4251DA0B
SHA-256:	7D93459D86585BFCDBB7E0376056226ADB25821EE54B96236FE2123E9560929F
SHA-512:	67317495F4B53E20A9F31C034E456E6C37F387DFFB2C092CAA5159BC441CFCADD02749FFE5BBED1D580D5300A59E48A767EF2C6D9978B474F84C1A2CD095C126
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Preview:	wOF2..............?....x.............................`..T..L.6..6..6.$..h. ..\....~2.".8. .w.Q.Y,.?$pC.....)bT(i..@X.m...+...D.Q.O.\-?g.U..Z..._...l..!.lKD.Q..>.9v..V..<...Td$.E..,...o..c.t....!...#..8.A..3..cx~n=Di#....U......K.5jXH.].....j.(.6..]{..IDhZ.......R.....[..X".B~.(Su2..../.I.E...T.l%....'.N.aN.2\,70.....V.RQ..k~..".1. Lg.zd....}.yyys&D.K.g....)....2&%$.nm.\.._.e.tU..I.w;W.\|..6..XUv...!......>@.V..'..`.H`...5.7.X.?..@#..:..<.R.\|.;K..}.6..IA.C.....z.n.G............[.....z........`.X....D..{<..j...).......FQ..T..m.&s_k[%ZILV.8.l.o.z$.)/]......}..Kg.}..O...o\|..>.,U..?..{b<........._.._.06.........R01.@..[......a8..7.V%..B.0F...4 ....q..u#.lg....x....a.=w...8..A6.>f.+.8..Xm@`.m....G.....i..^R}9.aB...?._#.[f.d,V....bG.]...iED.@[.:.....P...........~.{,.x...~.!...C....b.....ze..).:+N....2sd..s..MEp.?^[.k........p..nz...[-.XI.%.."..`..<.2b\.w.VS.a.+......~..J..uGq..)..1...4o3v.Sb......5.w7...-....Wd>..B....R^.4'..B.2G>.en.q..._.@s......

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24751), with no line terminators
Category:	downloaded
Size (bytes):	24751
Entropy (8bit):	4.978954320141269
Encrypted:	false
SSDEEP:
MD5:	D4F9AD34FAE3BA64CBC48057DC47E968
SHA1:	F8D0D55DC6E9B5D53F74B0B8BFC5E2EDBDB0618D
SHA-256:	2B5B9F68ACE12B789B1371204754547021DCBF3E9DF630E7E22B49EE56E05B8C
SHA-512:	5EED969C033F0F978DFBEF5F6032D656A0AB65B14FA143D66469E63A54187410321C4B1AEE286573ABA2FDC75207BEC9DB48DE878A724CAB7BA98713684300B0
Malicious:	false
Reputation:	low
URL:	https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Preview:	:root{--tawk-header-background-color:#03a84e;--tawk-header-text-color:#fff}html{font-family:Lato,sans-serif;font-size:1rem;font-weight:400;line-height:1.618;letter-spacing:normal;background:0 0;color:#242424;scroll-behavior:smooth}body{margin:0}a:active,a:hover{outline:none}a:focus{outline:1px solid #1f6885}.tawk-link,a{color:#03a84e;text-decoration:none;cursor:pointer}.tawk-link:hover,a:hover{color:#03a84e;text-decoration:underline}abbr[title]{border-bottom:none;text-decoration:underline}b,strong{font-weight:bolder}:not(pre)>code,:not(pre)>kbd,:not(pre)>samp{font-family:Lato,sans-serif;font-size:.812rem;color:#bf1212;white-space:nowrap}em{color:#bf1212}ins{background:#ffd;color:#545454}mark{background:rgba(109,55,218,.1);color:#03a84e}q{font-style:italic}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sup{top:-.5em}sub{bottom:.25em}audio,canvas,iframe,img,svg,video{vertical-align:middle}audio,canvas,img,video{max-width:100%;height:auto

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 63x63, components 3
Category:	downloaded
Size (bytes):	3856
Entropy (8bit):	7.820798658535693
Encrypted:	false
SSDEEP:
MD5:	E4CE4C5DEFC1E2DDFF0F4CE8E0AA8E81
SHA1:	1FBD02FF752AC12D116CA37B12D142387007910F
SHA-256:	111CB21D97F66BFA11A035BB98708BAED7A79F4619F106410FA8B0B166F7A413
SHA-512:	BC110CAA3476510A47C0665D1A3A9C6D6780CC1A8E9DCA3A4C48E2C034C43F2F6014C8357CFD93CA4B774C04E6FDD6A750FF671A128C4FB025906E1EC6829A7A
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/img/mix/testimonial-3.jpg
Preview:	......JFIF.............C....................................................................C.......................................................................?.?....................................................................................ls...^T.R9.._.'.2..m)...a....?........1.....Vm.o.>N...SHY.Y...1.1...f.3...w.'.....f.tg.U.k~.....4.......bE.+=Vl...).^.k2..0SUil..8].R(..b..T]...Y.....aQL.mUaCV...L..}O.,t2r.Wn..}+E.o...&.................................!#2...........^N..kH..s...<&.(.....?...+j...yd.L......\.zU.I%..%.4VP......0.S*.6n....zs.].J .S......2e..\f...L.g)...V..t.t....1%...b..>..B...m..?8....h.".._...!.....-..........4d.....K3..-v...v8.@...{.sG1..r.3.7.=....\RMzs..G;< hq.".<..i...!??B$..q...o..m.2u..7_L......Z!....O.}~,.3.V ....>.3.fa.$.Op..}2.bJ....a.6..%M.H..`.']..F..cD..U.T{ . Kn.^...\.dI....C..7....7.#..........&..1...-Z4.~....]<..iZ..].Q\.V..>.`@)..t].....z..:5..Y2g..."....@[.W.<D....tES1j.qk2.....0.`G.....<...I+.8...

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	troff or preprocessor input, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	61654
Entropy (8bit):	5.040272959679253
Encrypted:	false
SSDEEP:
MD5:	3831B4A2DE7ACC035300FFC807F74EF2
SHA1:	073FDD5EA00A6DE5DB72A8BC20C394467D83A206
SHA-256:	EAA692263BF7ACB7F9309ED0BF4A74AF406A517A0DF3F4BC7A3D239E7FD20790
SHA-512:	CAB2D8E9F555D80593F948179E4C9B6850C30EC648766CE2D4C522C1EBCDA2585F5389905F05497B3EBFC9685FD2EE72E7B339BB221257F06BF31474D397F6B6
Malicious:	false
Reputation:	low
URL:	https://venustrademarks.com/assets/css/style.css
Preview:	/* Articles CSS/.....article-img {.. width: 500px;.. margin-bottom: 8%;.. border-radius: 10px;..}.....a1 {.. background-image: url('../images/tm-article-1.jpg');..}.....a2 {.. background-image: url('../images/tm-article-2.jpg');..}.....a3 {.. background-image: url('../images/tm-article-3.jpg');..}.....a4 {.. background-image: url('../images/tm-article-4.jpg');..}.....article-banner {.. background-size: cover;.. height: 500px;.. text-align: center;.. color: #fff;.. position: relative;.. background-position: center center;.. text-align: center;.. color: #fff;.. padding-top: 200px;.. font-size: 48px;.. font-weight: bold;..}.....article-banner>h1 {.. color: #fff;.. z-index: 2;.. position: inherit;.. width: 50%;.. margin: 0 auto;....}.....banner-overlay {.. position: absolute;.. top: 0;.. left: 0;.. width: 100%;.. height: 100%;.. background-color: rgba(0, 0, 0, 0.5);..}....../ Mixins /../ Contact Form 7*/...wpcf7-not-valid {.. border: 1px solid #dc3232 !imp

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	84
Entropy (8bit):	4.3574013155538935
Encrypted:	false
SSDEEP:
MD5:	7464AA9E0B5A66DC886A358AAD59678F
SHA1:	2154BA86166207B449C10ECC6C20D57461CDD49B
SHA-256:	8EA23781867D642ED7D4974A3690A73769FD8E81A16FB63BC64F7F9F0F25D94D
SHA-512:	27FAE22B334AEA32B4D667F9296E0582483174910E9B9B401531D549BCBA2EBB7C318F4B50EB31AEA60D320D3FE68A0514CA7318F5D8511A4B59765CEC968281
Malicious:	false
Reputation:	low
Preview:	{"ok":false,"error":{"code":"MethodNotAllowedError","message":"GET is not allowed"}}

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Process: OS API Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Creation, File: File Metadata, Module: Module Load, Process: OS API Execution, Process: Process Creation, Script: Script Execution, WMI: WMI Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 135

Chrome Cache Entry: 136

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Windows Analysis Report
https://campaign-statistics.com/link_click/N2gBjiLlSg_Lhudr/f79737d8392155131e308edfbee1dbee