Edit tour

Windows Analysis Report
https://u16077415.ct.sendgrid.net/ls/click?upn=u001.WIMIHl3ITxUsrn2QziffoVQAGkPtLwU8RAqygpTMgrrRGvOYesJ9odlOf7721n2iIrTNuxWGRUBKdhe-2FMx4-2BDj-2BBA6X44UuBdITBKtGjktizz1gfjUrKUNh-2FwZOA1gX68a-2FIrXlU4iZjZyZ6m9U24-2FmDmvkU96y1grCwNAblRTouhrBDRRKmkSTBNZ3Iel0h54JezJalLl6FDxXU4mBMzEh7S-2BLHNf3yanQcs3IpiG

Overview

General Information

Sample URL:https://u16077415.ct.sendgrid.net/ls/click?upn=u001.WIMIHl3ITxUsrn2QziffoVQAGkPtLwU8RAqygpTMgrrRGvOYesJ9odlOf7721n2iIrTNuxWGRUBKdhe-2FMx4-2BDj-2BBA6X44UuBdITBKtGjktizz1gfjUrKUNh-2FwZOA1gX68a-2FIrXlU4i
Analysis ID:1412623

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Stores files to the Windows start menu directory

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 5924 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://u16077415.ct.sendgrid.net/ls/click?upn=u001.WIMIHl3ITxUsrn2QziffoVQAGkPtLwU8RAqygpTMgrrRGvOYesJ9odlOf7721n2iIrTNuxWGRUBKdhe-2FMx4-2BDj-2BBA6X44UuBdITBKtGjktizz1gfjUrKUNh-2FwZOA1gX68a-2FIrXlU4iZjZyZ6m9U24-2FmDmvkU96y1grCwNAblRTouhrBDRRKmkSTBNZ3Iel0h54JezJalLl6FDxXU4mBMzEh7S-2BLHNf3yanQcs3IpiGYu1aIlY6c6-2FGZLMdnfVo5vCY-2ByJT9jSl3og-2BQ-2FpzLXWYPVmv-2FaTIBpqHPeSyyB0IPJVz0RIXii-2B-2Fjp5j-2BUCEvoenHa_QmLBHBBLHzQmyhr1PZfb4lsyCADn8CYMgBnux-2FlK2kMKVWwIBoQcb3WH7gnaN7crpQUyrzCvtrYuaDCVI8VNQlheEGJpfRUtSvERx4ET1NCvaPPJCnZUikyFXh1QXUQV4uFYYo3XuXxC9KTqoGE0E-2BOkKJT6lGL3xQwy91mpSKG0X7ZzPPfCBogh2K1bWU4sfJr8oHWvPBwY4ffqMEFxPA-3D-3D MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 4652 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1940,i,11071430071186794691,14907073953723381011,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup
No yara matches
No Sigma rule has matched
No Snort rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.17:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.17:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.152.20:443 -> 192.168.2.17:49800 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49801 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49802 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49803 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 1MB later: 28MB
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
Source: unknownDNS traffic detected: queries for: u16077415.ct.sendgrid.net
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49676 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.17:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.17:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.152.20:443 -> 192.168.2.17:49800 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.17:49801 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49802 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49803 version: TLS 1.2
Source: classification engineClassification label: clean0.win@14/45@28/114
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://u16077415.ct.sendgrid.net/ls/click?upn=u001.WIMIHl3ITxUsrn2QziffoVQAGkPtLwU8RAqygpTMgrrRGvOYesJ9odlOf7721n2iIrTNuxWGRUBKdhe-2FMx4-2BDj-2BBA6X44UuBdITBKtGjktizz1gfjUrKUNh-2FwZOA1gX68a-2FIrXlU4iZjZyZ6m9U24-2FmDmvkU96y1grCwNAblRTouhrBDRRKmkSTBNZ3Iel0h54JezJalLl6FDxXU4mBMzEh7S-2BLHNf3yanQcs3IpiGYu1aIlY6c6-2FGZLMdnfVo5vCY-2ByJT9jSl3og-2BQ-2FpzLXWYPVmv-2FaTIBpqHPeSyyB0IPJVz0RIXii-2B-2Fjp5j-2BUCEvoenHa_QmLBHBBLHzQmyhr1PZfb4lsyCADn8CYMgBnux-2FlK2kMKVWwIBoQcb3WH7gnaN7crpQUyrzCvtrYuaDCVI8VNQlheEGJpfRUtSvERx4ET1NCvaPPJCnZUikyFXh1QXUQV4uFYYo3XuXxC9KTqoGE0E-2BOkKJT6lGL3xQwy91mpSKG0X7ZzPPfCBogh2K1bWU4sfJr8oHWvPBwY4ffqMEFxPA-3D-3D
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1940,i,11071430071186794691,14907073953723381011,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1940,i,11071430071186794691,14907073953723381011,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder
1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection
1
Extra Window Memory Injection
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://u16077415.ct.sendgrid.net/ls/click?upn=u001.WIMIHl3ITxUsrn2QziffoVQAGkPtLwU8RAqygpTMgrrRGvOYesJ9odlOf7721n2iIrTNuxWGRUBKdhe-2FMx4-2BDj-2BBA6X44UuBdITBKtGjktizz1gfjUrKUNh-2FwZOA1gX68a-2FIrXlU4iZjZyZ6m9U24-2FmDmvkU96y1grCwNAblRTouhrBDRRKmkSTBNZ3Iel0h54JezJalLl6FDxXU4mBMzEh7S-2BLHNf3yanQcs3IpiGYu1aIlY6c6-2FGZLMdnfVo5vCY-2ByJT9jSl3og-2BQ-2FpzLXWYPVmv-2FaTIBpqHPeSyyB0IPJVz0RIXii-2B-2Fjp5j-2BUCEvoenHa_QmLBHBBLHzQmyhr1PZfb4lsyCADn8CYMgBnux-2FlK2kMKVWwIBoQcb3WH7gnaN7crpQUyrzCvtrYuaDCVI8VNQlheEGJpfRUtSvERx4ET1NCvaPPJCnZUikyFXh1QXUQV4uFYYo3XuXxC9KTqoGE0E-2BOkKJT6lGL3xQwy91mpSKG0X7ZzPPfCBogh2K1bWU4sfJr8oHWvPBwY4ffqMEFxPA-3D-3D0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
u16077415.ct.sendgrid.net
167.89.123.122
truefalse
    high
    urlday.cc
    172.67.153.197
    truefalse
      unknown
      a.nel.cloudflare.com
      35.190.80.1
      truefalse
        high
        relay.walletconnect.org
        47.128.173.105
        truefalse
          unknown
          lb31.uswest.vin65.com
          52.41.126.131
          truefalse
            high
            zhu-ni-hao-yun.sh
            104.21.23.195
            truefalse
              unknown
              relay.walletconnect.com
              44.212.234.94
              truefalse
                unknown
                www.google.com
                142.250.65.228
                truefalse
                  high
                  api.web3modal.com
                  104.18.29.72
                  truefalse
                    unknown
                    settled-blockfi.com
                    176.10.111.199
                    truefalse
                      unknown
                      www.coleneclemens.com
                      unknown
                      unknownfalse
                        unknown
                        NameMaliciousAntivirus DetectionReputation
                        https://settled-blockfi.com/claim/false
                          unknown
                          • No. of IPs < 25%
                          • 25% < No. of IPs < 50%
                          • 50% < No. of IPs < 75%
                          • 75% < No. of IPs
                          IPDomainCountryFlagASNASN NameMalicious
                          104.21.23.195
                          zhu-ni-hao-yun.shUnited States
                          13335CLOUDFLARENETUSfalse
                          167.89.123.122
                          u16077415.ct.sendgrid.netUnited States
                          11377SENDGRIDUSfalse
                          52.41.126.131
                          lb31.uswest.vin65.comUnited States
                          16509AMAZON-02USfalse
                          1.1.1.1
                          unknownAustralia
                          13335CLOUDFLARENETUSfalse
                          172.253.63.84
                          unknownUnited States
                          15169GOOGLEUSfalse
                          47.128.173.105
                          relay.walletconnect.orgCanada
                          34533ESAMARA-ASRUfalse
                          44.212.234.94
                          relay.walletconnect.comUnited States
                          14618AMAZON-AESUSfalse
                          142.250.65.228
                          www.google.comUnited States
                          15169GOOGLEUSfalse
                          142.250.81.234
                          unknownUnited States
                          15169GOOGLEUSfalse
                          239.255.255.250
                          unknownReserved
                          unknownunknownfalse
                          172.67.153.197
                          urlday.ccUnited States
                          13335CLOUDFLARENETUSfalse
                          142.251.40.163
                          unknownUnited States
                          15169GOOGLEUSfalse
                          176.10.111.199
                          settled-blockfi.comSwitzerland
                          51395AS-SOFTPLUSCHfalse
                          35.190.80.1
                          a.nel.cloudflare.comUnited States
                          15169GOOGLEUSfalse
                          142.250.72.110
                          unknownUnited States
                          15169GOOGLEUSfalse
                          142.251.40.170
                          unknownUnited States
                          15169GOOGLEUSfalse
                          142.250.176.195
                          unknownUnited States
                          15169GOOGLEUSfalse
                          104.18.29.72
                          api.web3modal.comUnited States
                          13335CLOUDFLARENETUSfalse
                          142.251.35.163
                          unknownUnited States
                          15169GOOGLEUSfalse
                          IP
                          192.168.2.17
                          192.168.2.20
                          Joe Sandbox version:40.0.0 Tourmaline
                          Analysis ID:1412623
                          Start date and time:2024-03-20 18:24:09 +01:00
                          Joe Sandbox product:CloudBasic
                          Overall analysis duration:
                          Hypervisor based Inspection enabled:false
                          Report type:full
                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                          Sample URL:https://u16077415.ct.sendgrid.net/ls/click?upn=u001.WIMIHl3ITxUsrn2QziffoVQAGkPtLwU8RAqygpTMgrrRGvOYesJ9odlOf7721n2iIrTNuxWGRUBKdhe-2FMx4-2BDj-2BBA6X44UuBdITBKtGjktizz1gfjUrKUNh-2FwZOA1gX68a-2FIrXlU4iZjZyZ6m9U24-2FmDmvkU96y1grCwNAblRTouhrBDRRKmkSTBNZ3Iel0h54JezJalLl6FDxXU4mBMzEh7S-2BLHNf3yanQcs3IpiGYu1aIlY6c6-2FGZLMdnfVo5vCY-2ByJT9jSl3og-2BQ-2FpzLXWYPVmv-2FaTIBpqHPeSyyB0IPJVz0RIXii-2B-2Fjp5j-2BUCEvoenHa_QmLBHBBLHzQmyhr1PZfb4lsyCADn8CYMgBnux-2FlK2kMKVWwIBoQcb3WH7gnaN7crpQUyrzCvtrYuaDCVI8VNQlheEGJpfRUtSvERx4ET1NCvaPPJCnZUikyFXh1QXUQV4uFYYo3XuXxC9KTqoGE0E-2BOkKJT6lGL3xQwy91mpSKG0X7ZzPPfCBogh2K1bWU4sfJr8oHWvPBwY4ffqMEFxPA-3D-3D
                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                          Number of analysed new started processes analysed:17
                          Number of new started drivers analysed:0
                          Number of existing processes analysed:0
                          Number of existing drivers analysed:0
                          Number of injected processes analysed:0
                          Technologies:
                          • EGA enabled
                          Analysis Mode:stream
                          Analysis stop reason:Timeout
                          Detection:CLEAN
                          Classification:clean0.win@14/45@28/114
                          • Exclude process from analysis (whitelisted): SIHClient.exe
                          • Excluded IPs from analysis (whitelisted): 142.250.176.195, 142.250.72.110, 172.253.63.84, 34.104.35.123
                          • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
                          • Not all processes where analyzed, report is missing behavior information
                          • VT rate limit hit for: https://u16077415.ct.sendgrid.net/ls/click?upn=u001.WIMIHl3ITxUsrn2QziffoVQAGkPtLwU8RAqygpTMgrrRGvOYesJ9odlOf7721n2iIrTNuxWGRUBKdhe-2FMx4-2BDj-2BBA6X44UuBdITBKtGjktizz1gfjUrKUNh-2FwZOA1gX68a-2FIrXlU4iZjZyZ6m9U24-2FmDmvkU96y1grCwNAblRTouhrBDRRKmkSTBNZ3Iel0h54JezJalLl6FDxXU4mBMzEh7S-2BLHNf3yanQcs3IpiGYu1aIlY6c6-2FGZLMdnfVo5vCY-2ByJT9jSl3og-2BQ-2FpzLXWYPVmv-2FaTIBpqHPeSyyB0IPJVz0RIXii-2B-2Fjp5j-2BUCEvoenHa_QmLBHBBLHzQmyhr1PZfb4lsyCADn8CYMgBnux-2FlK2kMKVWwIBoQcb3WH7gnaN7crpQUyrzCvtrYuaDCVI8VNQlheEGJpfRUtSvERx4ET1NCvaPPJCnZUikyFXh1QXUQV4uFYYo3XuXxC9KTqoGE0E-2BOkKJT6lGL3xQwy91mpSKG0X7ZzPPfCBogh2K1bWU4sfJr8oHWvPBwY4ffqMEFxPA-3D-3D
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Mar 20 16:24:38 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2677
                          Entropy (8bit):3.985171903732702
                          Encrypted:false
                          SSDEEP:
                          MD5:A62FB182451EE55ACD4E7A712E38DE5B
                          SHA1:58A3C9E206D6552A4AF6BDD4879484319E0F8F2F
                          SHA-256:562B8C20216D2251BBE6B7861DB36DF3D099888080126500A2F75FBF9EDCFD2F
                          SHA-512:3C649979226CB2D5696D590F08FE3456DE5B02B4E18ADF0A0F094A27E04D76A0441CB8AD0B4D0D3B54036D9F1A3D5E1D817BECAF9F92E7D9E355B4164DC577BE
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,.....\.|.z......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ItX......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtX......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VtX......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VtX.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VtX.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.a......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Mar 20 16:24:38 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2679
                          Entropy (8bit):4.001754866868274
                          Encrypted:false
                          SSDEEP:
                          MD5:5BB4C6504ACD19C768A588E9C29654D1
                          SHA1:3C015ADB20D917425E07D7541B01D2E4E8ACFD6D
                          SHA-256:05019178D9678C15409AAD4E457CE4B98572A7A4A296907E6B9A6BD241CE32A6
                          SHA-512:CD2B097E4D52353BE98673BD056FB0F2C691A116017C41EA8EDBB63D490977918EFC21DA8950A97DC0943B53B38D23DC101CA296CF23C129D25A02974BDBE239
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,.......|.z......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ItX......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtX......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VtX......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VtX.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VtX.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.a......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2693
                          Entropy (8bit):4.010024747836043
                          Encrypted:false
                          SSDEEP:
                          MD5:C071B6030563838A1362CD33C6520F37
                          SHA1:86B1F3B44E7144476F7933C99FEDF0ED4E17D82C
                          SHA-256:D0673EB1F70585D575FD7E4052C23AEA8BA2EF1A03A7E850714D1364F433993E
                          SHA-512:3763A985956DEC9430309B14D4007FFEC287D457833BE653F8731B1535016AB38EE381666C9F65BBABD0FA4305F38583D0CEB04565006AF81A801DD5184E7E86
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ItX......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtX......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VtX......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VtX.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.a......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Mar 20 16:24:38 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2681
                          Entropy (8bit):4.001555964838741
                          Encrypted:false
                          SSDEEP:
                          MD5:7CAC8FE7D345B3D9B39A7ECB4AB1AE10
                          SHA1:991B298BF8B363030C7BAD46CBF3219B640A878F
                          SHA-256:96CF74DAD0A808D99C777B3F3CD35B807F288CE569164D6DAE19BC4CB3127834
                          SHA-512:EC7D09182B14AF5D8ABC20095341697300CBE9D0354A59A4AF11F15F3A84D641EB1D569C59495BB8A60772676FB7A7B3CF5FEFAD277696420A11ED7E09D06A25
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,......|.z......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ItX......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtX......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VtX......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VtX.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VtX.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.a......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Mar 20 16:24:38 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2681
                          Entropy (8bit):3.99008333598146
                          Encrypted:false
                          SSDEEP:
                          MD5:622C42617CF2C03AD731040226676E6C
                          SHA1:4744A41D017EF936E12BD6C39B4D9B24756A69D0
                          SHA-256:037D35082FE2D18871AA1B9C16D68FDCEEA5D95E54F1DE3AC5A21BBD797995E6
                          SHA-512:3577F3AE4C853EA13B77131958B7011536FC021E04F28773AC81AF2F77A0450D641A23280F5C7F5EB68B4FE2FB6AB5EA2EE60DEBCC5B1575B32D9381D295108A
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,....X..|.z......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ItX......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtX......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VtX......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VtX.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VtX.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.a......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Mar 20 16:24:38 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2683
                          Entropy (8bit):4.004861956647859
                          Encrypted:false
                          SSDEEP:
                          MD5:60B121DEAB2B9C08CB6EB92F6C1887D0
                          SHA1:D358A505E04F0A2DCD38B59E39C3F7653B387A13
                          SHA-256:849703AE3B2F35D78D363BFA52F74D4BCC3A6C34161EC2937A1418B54A392409
                          SHA-512:BE9457B0909E52181898D83CEAACF01E3D2246A16BCE96F498DA9B4145E09D640DDBB3C0CFD2A649EE32072B24FA3115B2B24F9D08377135DA0F5AFC549FE0DA
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,....].|.z......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ItX......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtX......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VtX......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VtX.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VtX.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.a......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image
                          Category:downloaded
                          Size (bytes):8788
                          Entropy (8bit):7.959606698104742
                          Encrypted:false
                          SSDEEP:
                          MD5:94A72F59DF8D95BA114901F53B55B402
                          SHA1:EC0E2A0F86EDD6FAB39E5A3D00A75329702C2D53
                          SHA-256:488D577BBFDA6C3D4A90A696F97375A906284626405C2488D8D839C0BF90407D
                          SHA-512:BBD65F381021A7D97A13FC1F0C294B16961F1168F0F8B979130C20FEEEDD755F270354BEC668143C560E1595225B32BCD065E19ACE85DC8F2EC1CBC671C6B81D
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
                          Preview:RIFFL"..WEBPVP8X..............ALPH............@9..l.N.q5...rGj1cc...i.".._.4...M.;6.+..k.M...ip2....D._.$.a.@IjH.u..a......@U.(@... ..d@..@o....2@..(......o.A.W.(J..F..) e3...R...C...2h].1R@.....th-~..Ya.b....M.._.R...}V.u..A.@.f.K.v.....&.h..B.'.g.+$....fk.^R@*.....c.+z..Z..{ ...D-J...;.4.:..Rm'..ZO.......+.$..W.q....[.w) ...`.{oxA..f....}..$.<.+P.C...-.T..........$.....+`_g.....@......@S Ai.h8o.R.m.3..^.@. w.[a...]f..%....GC....B.].r..7...F.4.Ru|e.l...*...5.TQ.k..#.D.x.....H.......+..@..!.+.....4..T.N0V.@.v....Y...P ..h......IX......!.^....@..z.....)..6-..3..}.m.....`3..B..H..@c..oG.&^E.h.....T.b.@.W.$.Tk.o.=..X........{&.p.=.@5H".&.....b..P..-:.u@'..T$.D..8sI'.......|l.5....wj.:.o..@/.}9..R.(.....h.6~,c.....P.3.8..fi.fl....y..&.gK..ps+.gyIeI ..~1..N.-..........S....P[lo.D@........[.........`D_..**...........'.....h.D....... wnz.@..Q'..W....!..@.y.-u......p@FIC4~....B..b.>....@....'.2.<.P....TH.....bx0.*..hV.x.3.+.1.....h.Qm.Gw....Qg5......D.`/*..
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:TrueType Font data, 16 tables, 1st "GDEF", 34 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterBold3.019;RSMS;Inte
                          Category:downloaded
                          Size (bytes):316100
                          Entropy (8bit):6.326795268031473
                          Encrypted:false
                          SSDEEP:
                          MD5:275BFEA5DC74C33F51916FEE80FEAE67
                          SHA1:48747B7A60086F97AF0D373FEBCBD1F1BEE87F17
                          SHA-256:790C108BEFE859DAC2DDBD20AF3FBB6917C601B3D544C8A05761519F3B5508FE
                          SHA-512:0B82F93805DFF2769BAD25A503C6264094DF6F403A636B039A8917AA2A1580B0C70C70FF4EB5135DDA83AFF0C3092E2A707216920685162EF52B395F82A86C11
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/inter_normal_700.ttf
                          Preview:............GDEF1.1...J.....GPOS..-z..O.....GSUB...q..}...UxOS/2#.nB..y`...`STAT...G......Dcmap/....y...e.gasp......J.....glyf.u*+......(:head-.aF..Q8...6hhea......y<...$hmtx7."...Qp..'.loca......)h..'.maxp......)H... name...A...T....post..5r...D..d.preph......L.......#...i..............A.!...!...!...!...!..#.F...F...F...F...F.......@.........................C............a!.!.!.#.!.!...0.......0......H.......,.......C.....i.......#..a!.!.!.#.!.!."&54632....!"&54632.......0.......0......H...V||VWyy..V||VWyy.....,......ySUvvUSyySUvvUSy...C.....^.&.......l.v.....C.......&.......f.......C.......&.......d.n.....C.....~.&.......j.......C.............&..a!.!.!.#.!.!."&546632......'2654&#........0.......0......H...'..S.UU.SS.U8NN88ON.....,.......|S.QQ.SS.Q.L76L.L66M...C.....?.&.........V.p...C.......&.......v.^.....C.......&.......m.......C.......&.......n.v.....C.......&.......v.^.....C.....~.&.......s.......C.......&...............C.......&...............C.......&.......{.......C.......&..
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):2982
                          Entropy (8bit):7.888964750552628
                          Encrypted:false
                          SSDEEP:
                          MD5:D0BFD7EEFC33F692B10B2D342A0F715F
                          SHA1:79165067305A206B1713BE7DC0D6DCF915153DEA
                          SHA-256:DBC925830CBE966BAD72C492EE6B7A591EF8E54C00E9FBC95FA729B27415F2F8
                          SHA-512:608937306F030833BFD3E3AEC4B6F26D9298DC04DBD0E79189853FF2F982E2C8B5B05CD4B4F717E834F46C73984250754DBB0C5CAAB2A492AF3ED805FF6581B3
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400
                          Preview:RIFF....WEBPVP8 .....R...*....>I$.F".!!#..P..gn.wN....i...]{...7.K~....'...zk...~..............}.?L...m..........?....z...c.;..............i..?........[.....{.....?.tm.~I...c.W.....w..n.0.5.E.O.O..d..A-\.....?j......?j......?j......?j......?j......?j......?j......?j......?j......?j.........y.......7..(M....[..Y.Vw",.nd&....!.`r.4.[<.-....+.].Vy..`...fTl..&[.{`...=I..^.'........o.0.Y........./.-&....G..]...S.Q.........3sP.V..,>W...g.Y.$...........P...G.LO3#)..A......&.T..d..?.KJ.3L.F...p..Q..&...$).3w.%v...2|.......4...xz.8....]....d..m...d.FJf.+..Y.V~..g.Y.V~..g.Y.V~..g.Y.V~..g.Y.V~..g.Y.V~..g.Y.V~..g.Y.V~..g.Y.V~..g.Y.V~..g.Y. .....r....x}.A..<....Z.........+*y...J......=.k4.>wp..7zO.........%Q+@..$.&.zd...k,.....0H....L.C$`^.....u.4...E4.....JI..f.t....2..~8[..3b9..$jz.....-.g....b..%.Xz....:H6d.J../(..KM......P.!.....\.........7O`....6...N.3..*..O-)......E. .e.....s|....<..xQ_f.[..X.$....7a..t..>..lt.v.^.cI."L....M0.d
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:TrueType Font data, 16 tables, 1st "GDEF", 24 names, Microsoft, language 0x409, Copyright 2017 The Literata Project Authors (https://github.com/googlefonts/literata)Literata Me
                          Category:downloaded
                          Size (bytes):240424
                          Entropy (8bit):6.072542518495139
                          Encrypted:false
                          SSDEEP:
                          MD5:67CB9A58687A7CA0E145CB74B99A190E
                          SHA1:B6EB640C196E25F4E86EEEDED661E3C8579BEDDD
                          SHA-256:335CD9685A27256D23A658811C9CDB9533121DA97524FDDA7A7BABB75ACD6E67
                          SHA-512:ACD11354622255AF36D1DE1C227B6B7594C7AD559A4702A65D88FA9C8E44BB63276A53FE849997C4102DCB3783FF0EB0CD6FCA91E90A4F67C27AF0E276309862
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/literata_normal_500.ttf
                          Preview:............GDEFyGy.........GPOS.K....x..y$GSUB...........@OS/27S.L...0...`STATU.?........Lcmap=.|@.......gasp............glyf............head.Kf........6hhea...........$hmtx.e.....8....loca..*u........maxp........... name...... ....post.........@.preph..............2............S!.!..!.2...p<.....D.....D................s57667.3......!5766''!.......3.#......{....'..6...'..%...5..h.7.....H......87....qm....6.!.:...:...u.....*.7..s57665.4&''5!2..............#'26654&&#".....26654&&##...:5....3..[s7%A*Y_D._.9K('K7-..#./B#.@46..7..........7%I7'A....VL?Z/@ >.,9.......I.=*(1.......0.......&..E"&&54>.32..73....#"......32667.....f.S.VwI4S..6'>.8K2BY."<T1,G<.1.8EP.Z.pQ.a4..>..>M$A.]DkK'.0#,.4(.....:.........%..s57665.4&''5!2......#72>.54&&##...:5....3.*CrY>"6g.`.EbA.8nPS.&7..........7.4OjCY.`1B#JqLZy=.......:...U...+..s57665.4&''5!....##.326677....##.32>.73.:5....3..$?.. 0"aM!...45..!!M|#. ..A.7..........7..&0....!%...%#.....4'....:...G...(..s57665.4&''5!....##.326677....##......:5....3..">.
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):2626
                          Entropy (8bit):7.896679056321107
                          Encrypted:false
                          SSDEEP:
                          MD5:2FD7BDB651262F0E8439B194BEBF3F3B
                          SHA1:6C2DE356038454FAD0BEDA4DC5C751AB9BC355F9
                          SHA-256:006917C52F9E351C112FE69FE57E7D58B37FD81168C356FCE1130C846B66F0CA
                          SHA-512:4171B6DA5D740E1FF544B4028262911E5A2CD55319879ABCFC27CB74364B0D841EAB2E5496CBC59FB9AFA75A7727FC0C72FEF182404BB8F19EB630D1C2310AAA
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/30c46e53-e989-45fb-4549-be3bd4eb3b00
                          Preview:RIFF:...WEBPVP8 ....pM...*....>I$.F".!.#:X P..gn.wN...;...'.G.g.&.y.....3....[.).C....h.0....?........u.w........q...?.....?....k}....._..i...K...;%.,......<.....( .`]T.)...vl...f..vl...f..vl...f..vl...f..vl........(...O.....p..#.d.X...f..v\.;{8s.,.J...K...?.:./2<t.Zy.2.T.)...m'.....C...>.N.R.O....UEv..WK.+c~.R.O.T.,........C...`..6@.P.....^...6...Ut.q.-n....J.......W&.I8...f..E..........P.60T..+.4....OL..;kk.[f...e.}....M.....T....So.VB...........g.M..d..7..J......[.@....<\......)..K....x..#Wy.'m.........t.....dc..n.H.~...ox]T.).{..;6...`..;6...`..;6...`..;6...`..;6...`..;6...`..;6...`..;6...`.......#.....0........7.`.....@..z..BZ&..v/>,..1.^~..y.q...A.a...#C.......?.....-K'e{#...b....{B..w..8.....b..#..\........sJ..k..."L#.&..=..qob....k...t.c.m....,.I.*R......T...<?<.:....uK.rB...Z#.]S.>.............$....{....(B.B.!5;.K.JK..N..Or..mK..*....;.(IG.r.....$w....u\...'..w.T.I.qH..P..y..{...I7.B.3H....hd..J..g.Dm........h..Q
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image
                          Category:downloaded
                          Size (bytes):48440
                          Entropy (8bit):7.989754000529123
                          Encrypted:false
                          SSDEEP:
                          MD5:7C0EB691304BEF6D50CB13DBB6CB0113
                          SHA1:6FCAD50C8A8B93714893F9DEA5371A9396F2F995
                          SHA-256:DFA603A08211A1DE27DCB9DA317AAC81EEE5123E713E33937BF71822F2D31E18
                          SHA-512:87E5A99D64AC5F03EAB796258DE7EAAB4EF3A43B8FD598D502EC39F490AD409E50E92904FDC08A41CA6C6DB9F6428A94E57ECF79168C1C43DCC7EE9EF057D586
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/7289c336-3981-4081-c5f4-efc26ac64a00
                          Preview:RIFF0...WEBPVP8L$.../..c.M@.$[HT3.x7......!D.......J...9.[KHkJ)c}.*,0...P...........j.. .....'.S.-.@....Fl.E...NpcI.....tLY......`...;..n......s....#hw\P%5.........+.r.>....U..x.5..........4.+....6...m.G..z.........v......t5.-..+..*....h.&.f.AD2..B+.I#....(..`Z..8~.......8..b.R.\Et...1..c......t5.....`...g1.'.}...P-.&.......*5G.../H.c..S.........bt.....W.A.q...R.z....{.....Yc..E...[.A..G...|.B...*K9..GU..=4=/..T.|..{/,/......h..=.K.....^.b.1z...Hb.|..... dE....`@O..E<...?.j.U...>R..".....(RET,..*..5..sl%PH.5.7.!..!<..F...R...jk.7.U*.R...KU..+......A.Ed=..~/x..].Vm+-/6s#..D..p..K(..V.....r-.....x._....p..........[......K......TX.=......A....'.0...`t'.u.=dK....O.0F4....2F.f.O."Bp.0`...4.<2. K,.`..-`....D8....!XBD....h.......#....x..!.....O...9...E....,!q.....xAn....#n.i..f..z.. 2....9..XB.%...q b.....I+\.l....S.@....e...K|........M.'_..%bY.G.X..,...t<.-.......ziR..(..I..00."e.$.c>.......t..K,D....Q$..C.[...".[^..`..Y...1"$BpIh....\...
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with no line terminators
                          Category:dropped
                          Size (bytes):9
                          Entropy (8bit):2.94770277922009
                          Encrypted:false
                          SSDEEP:
                          MD5:722969577A96CA3953E84E3D949DEE81
                          SHA1:3DAB5F6012E3E149B5A939B9CEBBA4A0B84DC8F5
                          SHA-256:78342A0905A72CE44DA083DCB5D23B8EA0C16992BA2A82EECE97E033D76BA3D3
                          SHA-512:54B2B4596CD1769E46A12A0CA6EDE70468985CF8771C2B11E75B3F52567A64418BC24C067D96D52037E0E135E7A7FF828AD0241D55B827506E1C67DE1CAEE8BC
                          Malicious:false
                          Reputation:unknown
                          Preview:Forbidden
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image
                          Category:downloaded
                          Size (bytes):2090
                          Entropy (8bit):7.829116068458293
                          Encrypted:false
                          SSDEEP:
                          MD5:2052EA08B332C87388DC42097624CB20
                          SHA1:8B82E1E2DD5A482AE90433C763B268B99F6CF093
                          SHA-256:11A824E4C63932EC7C2684C8C9554C84461EFB5D731D15387D77BB5C3E78F9D5
                          SHA-512:ACB64A1A9A15113C89FD2EB8CDC5576C91E91FAD1E85F67882D00EA67333BD5CABBFAA4F5BE1A10726AAC21335A2B92E9EFD2DB808758A666ED988D5DA2AA7D8
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWalletImage/a7f416de-aa03-4c5e-3280-ab49269aef00
                          Preview:RIFF"...WEBPVP8X..............ALPH..........6.Z....rK.0'Z..,{.S8q...*.S.(..f.9....a..4...R.Z....../LM....?"&.....(..8R.....2.G..GUE....[.=.r..f....=.a.(..../.~.04M..i..r,Q)..K1tm.n.tEt"..7u....U.<.#.f.~.P...>.....4..m..+N...f(....N.-9.ah._.x.nR...C......5-..c........!t*2Q..\..p.Mt...C6'.Z..GXO..K3......I.MY...r.R.q....,...)C...e...W...M.E.I...F..r8..\..[ o.....*.iR.%C.gK%.........s.M.....8...&x7....e..*C.d.`..(C..q...0.?.7D.......1..-.......no.*...(.Q....O.{2K....{........_./.........Em.....8#....=......W1"\%v....Jg.u*.K:q.fd._.|G.1...v:H.v......J.un.Q.(..(.y.Q..J.......Z8......~....@.#..jj....>....Fj..RC..5..A.QC.q.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s.s......r.5h/..Q..Z......j?............-..~....>K.'.......5%....u....p.Q..7.|E.o>..(K.A{i.%F..).\..`.....T.-.N.[Tp..3q%...;..Oi..X..s...{......-.n..(.;B(....n.........d.O..=......=....%*........Aa...&..R.ox...F....9.....u.`.P..9u.d.....o...C.e.-{~...l.. .*....r....>..!....z.i..<0?
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (65536), with no line terminators
                          Category:downloaded
                          Size (bytes):132148
                          Entropy (8bit):5.31315678392636
                          Encrypted:false
                          SSDEEP:
                          MD5:8FECB71FBF96EAF7B931C5132920C9D0
                          SHA1:300FE19462C5676BDE40DBAED67130E4C825AF12
                          SHA-256:644E129B35734115F3F45C566CD9D38F5A6DE019DE11B7368B613F43BEDBAD9C
                          SHA-512:ECCBEB1548FC66B9DFD3A7B971691D171328FE4BEDF7649FF6D424E7BDE36514DF0D3DAEDA6648B50406BD689B3B696DCF37159322F01030EB931A611F5EFDA6
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/app/interface.js
                          Preview:(()=>{var e,t,o,n,a={550:(e,t,o)=>{"use strict";o.d(t,{A:()=>f});var n=o(601),a=o.n(n),r=o(314),i=o.n(r),s=o(417),l=o.n(s),c=new URL(o(604),o.b),d=new URL(o(186),o.b),u=new URL(o(61),o.b),w=i()(a()),p=l()(c),h=l()(d),m=l()(u);w.push([e.id,`@keyframes fadeInDown{from{transform:translate3d(0, -100%, 0);opacity:0}to{transform:translate3d(0, 0, 0);opacity:1}}@keyframes fadeOutUp{from{opacity:1}to{transform:translate3d(0, -100%, 0);opacity:0}}.swal2-popup.swal2-toast{box-sizing:border-box;grid-column:1/4 !important;grid-row:1/4 !important;grid-template-columns:min-content auto min-content;padding:.75rem .25rem;overflow-y:hidden;background:#fff;box-shadow:0 .25rem .75rem rgba(0,0,0,.1);pointer-events:all}.swal2-popup.swal2-toast>*{grid-column:2}.swal2-popup.swal2-toast .swal2-title{margin:.5em 1em;padding:0;font-size:.875rem;text-align:initial}.swal2-popup.swal2-toast .swal2-loading{justify-content:center}.swal2-popup.swal2-toast .swal2-input{height:2em;margin:.5em;font-size:.875rem}.swal2-p
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):2538
                          Entropy (8bit):7.901064165317011
                          Encrypted:false
                          SSDEEP:
                          MD5:4BF7E34EEB3426B006621DBDCFE43DAE
                          SHA1:3AA4973E2E312D256B25F5E19E943F9B75C60B9F
                          SHA-256:6B12952D291573CADE9AA40BD0D9A5A92541246D1D97C4796153507B42F4F8C9
                          SHA-512:536DB76B0156B0D5013F15008605D7DC7FB6502A72B33F40AB7BC697E9BF45FDFF98504F93C7E80262C13AB4A30F1DAED490D660AB2DDB16F8AD189F1DF0C7CF
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500
                          Preview:RIFF....WEBPVP8 ....PO...*....>I .E...o...BY[.\.B....k............M.o..?........3...A..._.....?......7......Z/.......'..O.....?......LE:.....p.......4.M..?.![..b..6.....kp,...6.....kp,...6......)....qV..[.........Q..........>.9..t......*D...C.....A.BT.4...J0.>|F..\..ko..\b ...=...SS....alIL........W..b@..|....E..l....kp('......i.E.}..D..:.....Q....pV4%H...b4.......a.M......+.c1n..U....*.{......t..w..|.u:.....!Sg8+...$...L.j..g..Cn.C.F}%c).i.E...\....<74&...F?...)..*~|J...<.....?>%O.F.,M.(i..*..R(...,...H..#....;...a'.r.x..ti.E..o q.....zX....6.}.V4....[.f.x....Zc..6....n.mn..[.>M..hl.j.^M$.....".>.O.(..4.".>.O.(..4.".>.O.(.p......;.P?..j$<...*.......Az4.)Tp..'K...l?.......!....0.,j..>.,g.....96R.^...4..k.O....i.x...jS.=.Q..q47.H9.T(.s.8.....,.#:."c.?F..+m..[.H..G7..X._.^.!.b.m...:.^t....>W.}..K.~.i...`.........Q>..Lp2^...R..CAO.......P&j... ....<Ph..0X.(>.V..O./j.`r...*..y.?...._.V[.(...h........]....j.R?..f......l1......N.48vx..OI...K..
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (65536), with no line terminators
                          Category:downloaded
                          Size (bytes):915882
                          Entropy (8bit):5.627705987563176
                          Encrypted:false
                          SSDEEP:
                          MD5:345CF0FBC20396AC853BC856548C0F63
                          SHA1:18C35FAEEC572EB4B959C98B172A1401ADE09F67
                          SHA-256:E616FE04C1590F638D761EEFCB5B1406ACA3B97560D7D072F7015CB3E260CCCE
                          SHA-512:AF0B860E13C3BD444A29C7488E97BC44E1648089F7CAAFA14DFF474FAD2E6E4333BAD8853B5ECE79CDCACD97F17E55EE258B1739CE2F13C6063E79ADBD7D3561
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/app/main.js
                          Preview:(()=>{var __webpack_modules__={28299:(e,t,r)=>{"use strict";r.d(t,{lK:()=>ue});let n=!1,s=!1;const i={debug:1,default:2,info:2,warning:3,error:4,off:5};let o=i.default,a=null;const c=function(){try{const e=[];if(["NFD","NFC","NFKD","NFKC"].forEach((t=>{try{if("test"!=="test".normalize(t))throw new Error("bad normalize")}catch(r){e.push(t)}})),e.length)throw new Error("missing "+e.join(", "));if(String.fromCharCode(233).normalize("NFD")!==String.fromCharCode(101,769))throw new Error("broken implementation")}catch(e){return e.message}return null}();var u,l;!function(e){e.DEBUG="DEBUG",e.INFO="INFO",e.WARNING="WARNING",e.ERROR="ERROR",e.OFF="OFF"}(u||(u={})),function(e){e.UNKNOWN_ERROR="UNKNOWN_ERROR",e.NOT_IMPLEMENTED="NOT_IMPLEMENTED",e.UNSUPPORTED_OPERATION="UNSUPPORTED_OPERATION",e.NETWORK_ERROR="NETWORK_ERROR",e.SERVER_ERROR="SERVER_ERROR",e.TIMEOUT="TIMEOUT",e.BUFFER_OVERRUN="BUFFER_OVERRUN",e.NUMERIC_FAULT="NUMERIC_FAULT",e.MISSING_NEW="MISSING_NEW",e.INVALID_ARGUMENT="INVALID_ARGU
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):1962
                          Entropy (8bit):7.877830420854902
                          Encrypted:false
                          SSDEEP:
                          MD5:FC47577F72C6AC1B3644FD3C93C35434
                          SHA1:7FA10148EB871D0CA72A79A89AE480A44AF8014B
                          SHA-256:A96683AF833D7E9409BEA1D240842F89A6117C323FF048B484A23FEA13CCB61E
                          SHA-512:07759BD845B5B7B820312F55DE4B09F4ECF25D1613811DC85388C6C18DFF36B6DA58B66565772CDE0121D6B859C0078FE6CD445A9B1D0F5B0DFEBED61B1798C9
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/692ed6ba-e569-459a-556a-776476829e00
                          Preview:RIFF....WEBPVP8 .....N...*....>I$.E..!.]..(....p...q..|.......7.3;.D.`...|..:.g./.T.CL.e....i...AS..3..*s..|'4.B..Nt4.^....=.........AS..3...x3.IB..p...9..=......J...*.bw.AS..3.......<...i.Yg./.T.C=.0doa...v.YS].z..*p.c->I..G?..x...2..Ns.n....}.Rur..s&.v..maF"-b..+.U.K....z.i..XP4......NN..Ga.(F.m1.+.U..=c.{...*..C=.{....A...*sb....x.;.w". .....t..../.T.......5..Y.3E.%....P.............RXm.Nf}.g./.$I.0....Z.=......Wx...zN.......T.'..H.Bf.u9..>..;v.7....9..../.(c.>...).9..>.|mI....Gp...ixC...7U.L.e....AW.`............|2..Q(H..O.O.. f.F....i...AB..l..._&.3ON.|..:.g./....F..g./.T.CL.e....i...AS..3..*s..|2..Nt4.........A&.....Q..d.O....v%.f..PD....4B.a.w.y.w.. .C...P......YCjq...8..{<p6.c... .u.#. ..HW...FxL...*f..9.s.2.O.c_FXCd.....z..N..=c..<.4.ie.E..4........LZ..+=F......E.."...:!4..4h...qq.w(q@..2"...BR eg....;...2...........e.H...P..3z...!....`..?2.'....P......._>.........../.HS.....u...+..6...j_.6...^..y.....Y=. .6..7.m2U..'.f!....o.
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):4216
                          Entropy (8bit):7.939294015202745
                          Encrypted:false
                          SSDEEP:
                          MD5:D5DB513E51A1EDA85E0E624B1A8061E0
                          SHA1:0F949A2454B2BF9A44F36C8DCE934DE76BF24E20
                          SHA-256:48B3F99F45C1036F3B19652590BF542F1DBAADA7B53FB37B282318CF3DE502DD
                          SHA-512:3EBE8D6D50B9B09C52181C07F979B03E1ACDB3AC64DEDC2BC33789D753F7957685D276C1C2D3637D3B0D63D25F4EF98CCF11162F2EA972ADBDC4D02FCA2F85F1
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/06b26297-fe0c-4733-5d6b-ffa5498aac00
                          Preview:RIFFp...WEBPVP8 d...0j...*....>I$.E..!.;..(....p...../o.~....~F.r.....?7..........o29....k..".......7.O@.`.....l...........^.?..m.....g........7o`../b./.c...._.............../.]......A....X7.....w..#.G./....~.mR?|=}.X7.ag5.j)Tf.U....Fm..Q.j)Tf.U....Fm..Q.j)Tf.U....Fm..Po.>..G!x...$..w.......;.b.9.qn.....EW.q.Fm..K.......~ZG...PH.......B.:...{?.F..D.=h....._..X.1R..._.f;.{0.'..U..34..|{M...{;...)aj.....H..QJ.6.......OX..m..g....}.....o.I4.Tf.U..3{w..:n'..8}..W3.i.&.*..QJ...S......."...~'.....e.~.o_3.......5c...u.Q.A.}...w...R....Gcd.y.S?..PI..$..l..V=..B/".....C....DI.vE1t'..&.......=.....>.NQi..#)M..`...H9{..z..(T.....J.6..7....y.!..#~.6.s.m..P....8..9.....`.O..j..D...Y...|..0..^.v.4.1....Z..`.O.<K6....O..Qj.XX....n........n^,s.m..Q.f.....@y.).Z./........w....3l.-4..G..O.;..U....Fm..Q.j)Tf.U....Fm..Q.j)Tf.U....Fm..Q.....j.{.W.9.f......q......fk\^.........M.w....\...c.{.dz..I..n.../.sM\.....(.....xeD..U...ro.0Y^..c...e>...l..i....5j
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image
                          Category:downloaded
                          Size (bytes):4116
                          Entropy (8bit):7.890518821530681
                          Encrypted:false
                          SSDEEP:
                          MD5:498B34DC8CCE9F5B71416E370CB10F36
                          SHA1:7D76E362D270DA76682B8386E3F355C3368B7228
                          SHA-256:9F47F7384604A2FD0DB39AE865F2296764249A6B6BF85390A9E655C79EE271B5
                          SHA-512:3FC5537DEC90222B0DF38329402CAD2C0B9D0322419A037848C8ED58C1065D217F09C892EBBD02FBA18D31921AA9856D192017BA75828BC1A155ECE6112E47A6
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/3bff954d-5cb0-47a0-9a23-d20192e74600
                          Preview:RIFF....WEBPVP8L..../..c...*.lW.s....H......M...8....ON......-......8.$G.S.9/...v........i..%@....[.h.B..@.-Z.i...1a.....".(.j.Z..Z--......e..@."..@.....0..$. !..&1...4.)H8N..a..3..NV."..&....RW.........%.Z.....P.BCW2...JF..$._.......P.....hxu.....7...._Yj%.<.<7...3d.d.d.p..m.$....ADL..6..J..b...@..)....l.U;....8...k9..yr~ ...w.......#..m.I......Ufv.))....m..{.W.Cb.E...^....@C.1L^.........."./.m$G...L.[.]...2...#.v.fi.....gX._.$..(.S....m.0...R.P?...............1..i...xa..@.y3..M.....R..b....X.~F...Xh.C...K.....[\.9o,v.:$.g5.]...&;$H.8.P&p1.2...DlH4Ojz...@Sc.D.B..X.._[....D.[+.3...x....$.R....WZ<...2h.I.}....?#VH...s4?...L.M....PE.sib..:...SHN..@.|.b....t.c.(.+..7....Z.@..3j}#..4.PF.....,M.C.*....@S.2...H....X.1?@@..Z.....a...|.H0.@I.e.+..$J|PF..\4_.&.h~n.(.A...p<@.H.@C.1dPym..q....I..P.V........B.|........ZH.3.......+$...Yi>......&$!.#. ....$..._.%...!..a.-Zh.iw...s.f..2yd.e..k...L...L.V.U..R.7,.43...Y.%e..0...>.......-W..w..........#j....
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (3272)
                          Category:downloaded
                          Size (bytes):3421
                          Entropy (8bit):4.795958005128168
                          Encrypted:false
                          SSDEEP:
                          MD5:4C33279421BD00C3D52801216C42DF0A
                          SHA1:974226329360D156729A401ADF4C7086739209C6
                          SHA-256:2BCA0DAE15027898DD6A7536D5B041014F928FBC60D9CE04DD2FA4C5D37D36AD
                          SHA-512:AC49F7FE08E853D77B84F8F67CA4AF4C840EB960EB3E1208D7C30308D891F06E18CEDB54E8ABB5B75E294D35139E9A69A93F9E208E7DB2F8D69A171895EF5BBB
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/hovercards.min.css
                          Preview:.gravatar-hovercard{display:inline-block;z-index:10000000}.gravatar-hovercard h4,.gravatar-hovercard p{margin:0}.gravatar-hovercard a,.gravatar-hovercard i,.gravatar-hovercard p{color:#000;font-family:SF Pro Text,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif;font-size:14px;line-height:1.5}.gravatar-hovercard .gravatar-hovercard__inner{background-color:#fff;border:1px solid #d8dbdd;border-radius:4px;box-shadow:0 2px 6px rgba(0,0,0,.08);box-sizing:border-box;display:flex;flex-direction:column;height:213px;justify-content:space-between;padding:24px 24px 16px;width:400px}.gravatar-hovercard .gravatar-hovercard__header{align-items:center;display:flex;gap:10px}.gravatar-hovercard .gravatar-hovercard__avatar-link,.gravatar-hovercard .gravatar-hovercard__social-link{display:inline-flex}.gravatar-hovercard .gravatar-hovercard__avatar{background-color:#eee;border-radius:50%}.gravatar-hovercard .gravatar-hovercard__name-location-link{text-
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):2762
                          Entropy (8bit):7.905538339488797
                          Encrypted:false
                          SSDEEP:
                          MD5:F5C89FF82DEE2A99C7FD3D8C2572CADB
                          SHA1:F508F5771E1D44C1B018F9B76C0059BFAF661CFB
                          SHA-256:CB9FB4000086474F84DCAE9A54DD2862D09878BC505F1D4B5525755A5723ECA9
                          SHA-512:31523082B65F5B547AB82B5DD5D73D2F071E290FEAE31EC75EA17C6B782C11CA1D7BB8DEB52F95E835238633815A5A0873BAEB230A81370093CF389D97EDE1D5
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWalletImage/73f6f52f-7862-49e7-bb85-ba93ab72cc00
                          Preview:RIFF....WEBPVP8 .....N...*....>I$.F".!.#.x(P..gn.@.....u..Z........D...G.s...z......._.........g.O...<..B......./..../.....@=.<.?...|..............z..b....C.C.6....]..e...y~....q.,......l.(.Z...e..S..,.}jb.....LV........P>.1[....+`Y@...l.(.Z...e..S.. 5;......0.-zVExW..b.....:g.....nh.t3.!... ..S..-..+`Y..b..m.......Zq..@....A.].%...x.Q.....d..P>....K1:?i.#..|.....l.(.Z..6..t..........$.r.....t..1..|./.6Z.#.-;..v{y..U@.z.P.L..V..T\1^....b.....K.....U..2R..5l."b....g....p,./;.<..n....S....d..X.Q..a.......V...^..G..vH.dc{8KS^(>=j\;.g...W.)-.|.......)...J..,.CU`,.}jd.8..'a+A.....P>.1[....+`Y@...l.(.Z...e..S..,.}jb.....LV........P......w.7S.x.<.S.........wN..........8.....k#P...D...].O...:..kEuL9...~..7......Jr...7.I...mH.}..L.h.#........-...d.C..9..........l.F..zqv.}.K.>.%..C...7...w.xm,..CX..&.l..w9.~...Kh*.`.1&.8.g{....IZ. ...N.........o..#Z8F.....;.r..C./.......z.*V..X.....dc.9.....p....fJo-.$.k.....1.....u4Q}....erCB.=......z..e.n.o7Z.s!.H%.k.\.<yL
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image
                          Category:downloaded
                          Size (bytes):4412
                          Entropy (8bit):7.936505818182613
                          Encrypted:false
                          SSDEEP:
                          MD5:E26BDEC2A842132EC688ED6584853D4B
                          SHA1:94C5A4859F4D3D5DF794A4BF90A4AC876026E15D
                          SHA-256:AE785241CE0047AEB8DE19A5FA871C94C002D41E60338FE7E37F7B0BFEB929DA
                          SHA-512:C6728D79045E58FCF68B00B94F24CCC66FBE576D3C6BA61E1CDCD4D9FD95364FEFD535DFA8D5080F34FE90871DD8F45B70C9C96028344D0C4B1CDD08DD4AC7D4
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00
                          Preview:RIFF4...WEBPVP8X..............ALPH|........!7.;..]m..m.Y....m..Am.qR....8....L."b.@.>E[.....'..H......6;.yQ_p.~..9.BF.._.[9......{.+..|ma;..pm:3.I8uN.7g .>iF2....9Z.......;..}..:%B.(.}.!Q.....U.H...s.x...2.Uc..H.{Ji.C..xf....H._....|..&$...)P..$$...j.#H.G.*I.H..A...C.....$..*LB...X...uU.\.......% ...P".I........Zv.'".'..3.....y.....I..m.....2.Yp...sx .`-..p....\p..R3d..V..R.........@F...jNX...{.........z.Q....xa3H7x.J@..t.\^.............t...epC.Snx..>...............................-~./..i*7d...&n0......!..r;.~..oJ.\.k....6.D.B.@=3'.....p.=........8../.....|..R>X..[.A3K^...%...!`...9.......6....9.m...0.l6......0...v.'P_..=P.....O...P.. .%.).e....r.l.oT'w..'P.$P~).....Q.>.5 (...%P.p...Am}..%.A.@...$..R:[.....Bcr.h.C&.ev.-..C_.R.m....2..4_.DY.*...=oR.........-.......)...uC..td>9X.'..`N*...l...R.n.5.v.^..F......^..#.8.fL5?p.~....v:..;.1..r..Yc[...M.VP8 .....^...*....>I$.F".?...x;...gn.c....@Q.....~..u{wo......W...;..
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (65536), with no line terminators
                          Category:downloaded
                          Size (bytes):77638
                          Entropy (8bit):4.6231202083454495
                          Encrypted:false
                          SSDEEP:
                          MD5:DBC4DD5F29089C1D8B7F0A2F56D3E89F
                          SHA1:3CCC34DA4E45AF6DFA8FF7B09C152352097621A9
                          SHA-256:3A6844AD99126E8A873F5FDFF634A83C2344A21AF868CE318753E6D486D39C46
                          SHA-512:74FD91059C18EC27A3B26256A482EB2244D47CD0D2AD44CAC29921D2E2FE63FB8A268B461CF4E83D26171452C670B64AAB99EC6F630BD464E6F7AB43C98EF4B8
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/app/contracts.js
                          Preview:"use strict";(self.webpackChunkpink=self.webpackChunkpink||[]).push([[672],{51866:e=>{e.exports=JSON.parse('[{"inputs":[{"internalType":"contract IPoolAddressesProvider","name":"provider","type":"address"},{"internalType":"address[]","name":"assets","type":"address[]"},{"internalType":"address[]","name":"sources","type":"address[]"},{"internalType":"address","name":"fallbackOracle","type":"address"},{"internalType":"address","name":"baseCurrency","type":"address"},{"internalType":"uint256","name":"baseCurrencyUnit","type":"uint256"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"asset","type":"address"},{"indexed":true,"internalType":"address","name":"source","type":"address"}],"name":"AssetSourceUpdated","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"baseCurrency","type":"address"},{"indexed":false,"internalType":"uint256","name":"baseCurrencyUnit","type"
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:HTML document, ASCII text, with very long lines (394)
                          Category:dropped
                          Size (bytes):4521
                          Entropy (8bit):5.018883671180964
                          Encrypted:false
                          SSDEEP:
                          MD5:71216110E518E5C812A026CE7205993E
                          SHA1:A464EB6E9E495EBDD017FAED02D22B631041197B
                          SHA-256:37C75F5B9AA8CB15150251678B638AFC0F230D7D467598793E07E09540DB2CEF
                          SHA-512:1B390D12DDFCA2CA8DB456E50D351855742C1706D70086F17F73BBA0E133FE9867FDE3E1EDA059D423443BB887A5CB10E6B94ADF0BB1CBA99B9698E9573EACEB
                          Malicious:false
                          Reputation:unknown
                          Preview:<!DOCTYPE html>. [if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->. [if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->. [if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->. [if gt IE 8]> > <html class="no-js" lang="en-US"> <![endif]-->.<head>.<title>Attention Required! | Cloudflare</title>.<meta charset="UTF-8" />.<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />.<meta http-equiv="X-UA-Compatible" content="IE=Edge" />.<meta name="robots" content="noindex, nofollow" />.<meta name="viewport" content="width=device-width,initial-scale=1" />.<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />. [if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->.<style>body{margin:0;padding:0}</style>... [if gte IE 10]> >.<script>. if (!navigator.cookieEnabled) {. window.addEventListener('DOMContentLoaded', f
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):4356
                          Entropy (8bit):7.951921111584234
                          Encrypted:false
                          SSDEEP:
                          MD5:2F2CE7CF8A0BA0C81ED375F6B440AF14
                          SHA1:F16F0BBBEA3022455BC815586B3B8A8B39BE7A74
                          SHA-256:EBDADCEBE2037CC79664C70717A4E2CBEE3BFE4ABE2E07BB4D9D4FE634D1497F
                          SHA-512:5AA21C0EA7771E2502CE2EE20A72ABDDD8076BEA4556D243C60919A19100D0E02762CC6034D953E872B9252D861EEBE4BAF45307C0E68483D351649D9D8F0941
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWalletImage/a5ebc364-8f91-4200-fcc6-be81310a0000
                          Preview:RIFF....WEBPVP8 ....P`...*....>I$.F"."!#RH.P..en._.....[..s......Xc ..~Tm$s.._...?hz.u........_./c.....G...O@.v.............'..OP....?W?..t..........._.?T?.|..W...........i.........o.................?....t. .........(..~-..u..n......~.....>....G...[.F......mm......).q..'\`.^.....X..`,=.S./%m..%$..H..*.Y.....i..^..E.....~=x.c..Z......[kmm.+R2.}.T.>....Ll.[..8....[.^.. ....=]....+.`..%. .2......P.fHq.;..)}.kd...D..u.}...YV..T...h...../s]]..TKm..79...lg>..A..O.[....$c.`.).5.H.....~r...b.q.>.........r...`..F.E._..O.D..a.v#h.R.B.....U....`".f6....w....ub._gA.[..vy..M...S..Y.R.-..5..^..N!.L...Fl4..N..Sc~ ...x8.di.^L.9...1+YN-..S....d|...E0......[.....C.~.k.yB...T.@...Q..7.l.....L..<0y.J...A...Ov..9;...l..._@8.w Y.r.qF...2V.b.7.R.....^...8.J..."^...W\..u....<oc.......\..C..8..p.......P.Mo.."q....@.;a.....6h.ZcQK...4......2?J.FZ...e.......a...x..H.M.D..gP....@D0......B..'&...w-O......@.^.g...Tw..>!A|q-p.f..v./W...d....n. {.;..?NS..1c.M.\3..O..T..._....H.
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (65536), with no line terminators
                          Category:downloaded
                          Size (bytes):1337356
                          Entropy (8bit):5.573683941744563
                          Encrypted:false
                          SSDEEP:
                          MD5:E187E7B52DA0EA473ACE36BA7E21D02D
                          SHA1:5F1719B79913B0A447F984C593B746FEA31F01EC
                          SHA-256:D3FFD4CA9250D0C15A753EAE89368660DBDC32B9703F4B642DA133EEF429C1A4
                          SHA-512:FE8FC2B40C5FBF01D02415646A37BB72A2B8047A5435A6E939D53DE009576D98631DE22A3B353327F4C601A4593C231D152FF5CD011F6B691DFCF67B193CED48
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/app/605.js
                          Preview:(self.webpackChunkpink=self.webpackChunkpink||[]).push([[605],{70526:(e,t,r)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.CoinbaseWalletSDK=void 0;const i=r(2280),n=r(11864),s=r(985),o=r(32765),a=r(41599),c=r(55985),l=r(25799),u=r(51965),h=r(11412),d=r(78483),p=r(71797);class f{constructor(e){var t,r,i;this._appName="",this._appLogoUrl=null,this._relay=null,this._relayEventManager=null;const a=e.linkAPIUrl||n.LINK_API_URL;void 0===e.overrideIsMetaMask?this._overrideIsMetaMask=!1:this._overrideIsMetaMask=e.overrideIsMetaMask,this._overrideIsCoinbaseWallet=null===(t=e.overrideIsCoinbaseWallet)||void 0===t||t,this._overrideIsCoinbaseBrowser=null!==(r=e.overrideIsCoinbaseBrowser)&&void 0!==r&&r,this._diagnosticLogger=e.diagnosticLogger,this._reloadOnDisconnect=null===(i=e.reloadOnDisconnect)||void 0===i||i;const g=new URL(a),m=`${g.protocol}//${g.host}`;if(this._storage=new o.ScopedLocalStorage(`-walletlink:${m}`),this._storage.setItem("version",f.VERSION),this.walletE
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (27438)
                          Category:downloaded
                          Size (bytes):142804
                          Entropy (8bit):4.99133639978715
                          Encrypted:false
                          SSDEEP:
                          MD5:0FF2CF9D094372000B52F606EDBBF446
                          SHA1:3B7ED4F96567F29F8DBF4C0F1BED75D27158F03E
                          SHA-256:686CC12C932B63C610612704B1E7F4E92FC9F521EFEB767D1C5FC49A504A5556
                          SHA-512:F5108A2F4DB15ED6120BE27C2FA9C6BE9E80C1B2D102016BF696D262E265195992861CF0B02B358C7A9245E29FFD59F58625CCCC51F4A6DEAFCE993A8FA0D534
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/_.css
                          Preview:/**. * Jetpack related posts. */../**. * The Gutenberg block. */...jp-related-posts-i2 {..margin-top: 1.5rem;.}...jp-related-posts-i2__list {..--hgap: 1rem;...display: flex;..flex-wrap: wrap;..column-gap: var(--hgap);..row-gap: 2rem;...margin: 0;..padding: 0;...list-style-type: none;.}...jp-related-posts-i2__post {..display: flex;..flex-direction: column;../* Default: 2 items by row */..flex-basis: calc( ( 100% - var(--hgap) ) / 2 );.}../* Quantity qeuries: see https://alistapart.com/article/quantity-queries-for-css/ */..jp-related-posts-i2__post:nth-last-child(n+3):first-child,..jp-related-posts-i2__post:nth-last-child(n+3):first-child ~ * {../* From 3 total items on, 3 items by row */..flex-basis: calc( ( 100% - var(--hgap) * 2 ) / 3 );.}...jp-related-posts-i2__post:nth-last-child(4):first-child,..jp-related-posts-i2__post:nth-last-child(4):first-child ~ * {../* Exception for 4 total items: 2 items by row */..flex-basis: calc( ( 100% - var(--hgap) ) / 2 );.}...jp-related-posts-i2__po
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:JSON data
                          Category:downloaded
                          Size (bytes):2349
                          Entropy (8bit):5.090581745879819
                          Encrypted:false
                          SSDEEP:
                          MD5:76981B0B477736B3A7B59295D21DBD62
                          SHA1:62C4785FD9CDE7A9B0C9C81DA47C72C34037E878
                          SHA-256:4C25DDFD7AFD4B10298168046BCFBE3A6B73CEA418853C328369B6A9FAA73BD1
                          SHA-512:42E6A9752C30D7827F8AF829FEC2DF749D57DDDC01D1AB88F3644367B981A3AAAC3C84EB3F642B685C0B11290CBEA8C4F2DE5A3E3E22269391BC06C0757CFF0D
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWallets?page=1&entries=4&include=c57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2Cfd20dc426fb37566d803205b19bbc1d4096b248ac04548e3cfb6b3a38bd033aa%2C19177a98252e07ddfc9af2083ba8e07ef627cb6103467ffebb3f8f4205fd7927
                          Preview:{"count":4,"data":[{"id":"c57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96","name":"MetaMask","homepage":"https://metamask.io/","image_id":"5195e9db-94d8-4579-6f11-ef553be95100","order":10,"mobile_link":"metamask://","desktop_link":null,"webapp_link":null,"app_store":"https://apps.apple.com/us/app/metamask/id1438144202","play_store":"https://play.google.com/store/apps/details?id=io.metamask","rdns":"io.metamask","chrome_store":"https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn","injected":[{"namespace":"eip155","injected_id":"isMetaMask"}]},{"id":"4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0","name":"Trust Wallet","homepage":"https://trustwallet.com/","image_id":"7677b54f-3486-46e2-4e37-bf8747814f00","order":20,"mobile_link":"trust://","desktop_link":null,"webapp_link":null,"app_store":"https://apps.apple.com/app/apple-store/id1288339409","play_store":"https://play.google.com/store/apps/details?id=com.wallet.crypto.t
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text
                          Category:downloaded
                          Size (bytes):9656
                          Entropy (8bit):5.44767052270262
                          Encrypted:false
                          SSDEEP:
                          MD5:64C9F9C1682E744D50EB6AC5BED7F61F
                          SHA1:EB583D6F0FBC7E3405A947B9C3A557AC7DC19109
                          SHA-256:77190354256D2BB6E2F740715BBC72C1AF70EC722773AB27BD7DDD63DAC90529
                          SHA-512:08DAC7CFB0661EB4B9F9B09BAAE317CCE6A9F54C63274E81A5EDE8D51151E8711B961761F505CD25E940AC9BB065804EC73B0FF896DA50AD8421C934062467C7
                          Malicious:false
                          Reputation:unknown
                          URL:https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
                          Preview:/* cyrillic-ext */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2JL7SUc.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2ZL7SUc.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 400;. font-display: swa
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:TrueType Font data, 16 tables, 1st "GDEF", 33 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterRegular3.019;RSMS;I
                          Category:downloaded
                          Size (bytes):309828
                          Entropy (8bit):6.254140692711178
                          Encrypted:false
                          SSDEEP:
                          MD5:079AF0E2936CCB99B391DDC0BBB73DCB
                          SHA1:7237D9CF55F177702066A28A4DDE1E4C7E8AB576
                          SHA-256:41AB0F707A2BFAB8133CCDFCDAB52282F5F79E5751F43A264805451C7BB95FB8
                          SHA-512:0DC66E3EA9FE00EBDBA8636F563842E4170F21FE3DADD57BA59CAB416CA3326DC887332644B0EC47CF0911D7396557BEB420908D3E90A5EA7830EFC4F0A482FA
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/inter_normal_400.ttf
                          Preview:............GDEF1.1...?.....GPOSF.d...C... .GSUB...q..d...UxOS/2".nb..n\...`STAT.q.E.......Hcmap/....n...e.gasp......?.....glyf..#........8head-.aF..F4...6hhea......n8...$hmtx..L...Fl..'.loca.]@"...d..'.maxp.......D... name......P....post..5r...<..d.preph......H..........................S.!...!...!...!...!...........................@.........................H...(........a!.!.!.#.!.!.L..........................d....H...(.@.......#..a!.!.!.#.!.!."&54632....!"&54632.....L....................?aa?E[[..?aa?E[[.......d...a?E[[E?aa?E[[E?a...H...(.H.&.......l.@.....H...(...&.......f.d.....H...(...&.......d.......H...(.h.&.......j.8.....H...(.........&..a!.!.!.#.!.!."&546632......'2654&#".....L.....................x.N.PP.NN.P>RR>>RR.......d..H.xP.NN.PP.N.U==UU==U...H...(...&...............H...@...&.......v.......H...(...&.......m.@.....H...(...&.......n.@.....H...@...&.......v.......H...(.h.&.......s.8.....H...(...&...............H...(...&...............H...(...&.......{.@.....H...(.t.&.......
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 32 x 32, 8-bit colormap, non-interlaced
                          Category:downloaded
                          Size (bytes):560
                          Entropy (8bit):6.544309111551238
                          Encrypted:false
                          SSDEEP:
                          MD5:72E4C54AE905964B00A5508F225A9AF2
                          SHA1:5FD941F0A60D26CDCACA2D208639D8D0947490AA
                          SHA-256:01FF6E73C311C21D9683D8372A19C26C1DE0E654C0EE9FF86694DBC6256143CC
                          SHA-512:C7949B21A5C20780AC5F9200A2CA458EBFE3C26D20B8D72FCB5CE80BF83599EC941D963A0A47E9D0FEA58E1F5012C03E8DE048B1EE4CBD2952AFFD99DE1AA938
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/output.png
                          Preview:.PNG........IHDR... ... .....D.......PLTEGpL.L..M..J..K..K..K..K..J..K..K..J..D..K..K..M..J..L..K..K..K..M..K..K..J..K..K..K..K..K..K..L..L..K..F..K..K..K..J..I..J..L..L..N..K..K..N..P..M..J..I..K..L..I..J..K..L..K..Gn....9tRNS.MF>....0..4.K..E/..D<.zg.j..i.9h....{|.LCy.....?H.}.8.=.R.......IDAT8.}.Y..0.@..PDQ...\p.W..1Q.....{C...q....'....."..y.N1.%=.7.f....!s.P95...}......+.S..w.nJ..b.S..,.I..O.z...........e.J...U.6f..1..]*.......;~2.p.Qa....."....k....]...\n....iN...U...fCC...#r.3.y.A.Saz..*..O.E........G~..^.b........c...V....IEND.B`.
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):7464
                          Entropy (8bit):7.969339389757611
                          Encrypted:false
                          SSDEEP:
                          MD5:0D05F17BFB2061B8DADA721FA087484C
                          SHA1:B85418851E7860C8DB18159614F94700D4FB4D3C
                          SHA-256:BC0C74AE01EB29917FF48738263E3C9C0F6E5EDFBCF3E31281EFBCE8F074311C
                          SHA-512:A72184B29032C5C8CA70163CF112628EEDB6A81DC9FEF11FA5C695EC73EB747796476F095ADF6E9EBCD2C396B2D4FBD1E64B69751BA61FF55BE0CA9E4427A3F0
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/93564157-2e8e-4ce7-81df-b264dbee9b00
                          Preview:RIFF ...WEBPVP8 ........*....>I".D..!...d(.....%..'.v.R.}.1._.....u?.....?f>.x'...w....L...._....7...o.g.?R....{......+.../............/....?l...;.......W..Qo.....}I=..j.\....|+~.~......N..........f.....O...~.|x...........M...#./._....D........[......v...Y.].Z....[..T.C...d..&.Y0:..L....x....`u.....d..h.:..9......-..._.an[.r.Clx.g.$.8...Nl.]<^.6.-..l-{H.{..].....|......\h....O....f....%...fi..h........p../x......K.jWh(.9..@n.J..."....@G>..mn.o2...fJ..0h....t..t....k....\Pjo.......>...0.m.Ql.(...s|($0.....I7a.3.0.G#..e.e..._+/...8....}.........Z..J....O..F...-}`t......w..Bw.j........c).&.&.\...J..&.I4._...2........cu.....'...*....Q..*...)......Z&.V.............a.0.H)aG.OD.IJ...4.D6Z....]...=OB.|>UKNu&.5U...}...0h..$..Q9D...[.)..C5...<....g.$.....N1?.Yd..3...O.V.|.c)..b<....x......N.U....P.P....a..J.._.z.v.M/\G.a.4%.)("......?=.5.b..'.....L.]....$.ez....H....Wf..8..e..:.=..z. .'w0dDD..P+..M....|........5........n...b.n...R.a.9....4.R.Q?....a..4R.
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:HTML document, Unicode text, UTF-8 text, with very long lines (401)
                          Category:downloaded
                          Size (bytes):74029
                          Entropy (8bit):4.819677038013195
                          Encrypted:false
                          SSDEEP:
                          MD5:132E174AE773D0618AB434F9F839ABA0
                          SHA1:D2BA435E6E8F859FA9DBAE5F05CA085DCA8DC9FE
                          SHA-256:7672CA9BA97F4B529FB9164204FE3B57DA9D137C4B70288A8A4592A54758C749
                          SHA-512:F3C13AD7E82D9F0AA5BE2E57C46231766B231D5070382A53CAB0AECE9654FB051BAD1FD261D8C5B9A217E1F98EC8687FED169162CA4458BB4ABC99860E735AD5
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/
                          Preview:<!DOCTYPE html>.<html lang="en-US">..<head>. <meta charset="UTF-8" />. <meta name="viewport" content="width=device-width, initial-scale=1" />. <meta name="robots" content="noindex, nofollow" />. <title>Full Withdrawals Are Now Available for Creditors</title>.. <link rel="alternate" type="application/rss+xml" title="BlockFi . Feed" href="https://blockfi.com/feed/" />. <link rel="alternate" type="application/rss+xml" title="BlockFi . Comments Feed". href="https://blockfi.com/comments/feed/" />. <link rel="alternate" type="application/rss+xml". title="BlockFi . Resolution of Litigation Between BlockFi and FTX Comments Feed". href="https://blockfi.com/resolution-of-litigation-between-blockfi-and-ftx/feed/" />.. <link rel="stylesheet" id="all-css-bfebb5c506f3cf90e3b654351e7248dd" href="_.css" type="text/css" media="all" />. <style id="wp-block-group-inline-css">. .wp-block-group {. box-sizing: border-box;. }. </style>. <style id="wp-block-navigation-link-in
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image
                          Category:downloaded
                          Size (bytes):8280
                          Entropy (8bit):7.9701920372318344
                          Encrypted:false
                          SSDEEP:
                          MD5:5A62B5A1959B26F7780576A0B983C95C
                          SHA1:E2244EFF885C1F9D67713C91541CB3ED95613B97
                          SHA-256:0920740B66A4DD3325BD917A18C5B0B18810D9650013B9103FD740F888AE7BA3
                          SHA-512:13276539FC5C333ED80812DD83D0E200332CA3E7CBB7902B49950DE29785770102FA5E56F1BC0C554C807ED057D78178EE9F3DBC7B766DCE05942E738146B655
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100
                          Preview:RIFFP ..WEBPVP8X..............ALPHp...........I..E&.<.R..).).....).+.8&........5.... In........ ./0..-z,...."..S..............o.{.l1.@I.H.u|....B.hOP.L......d;0&..$.a.Z.H....4H.@.....(P.d.Z.h.....V.#.X..D[;.....N.=..y.$.e..aB...Yy.y.N........1..15.s...:].Y.GZ.4..}..\...SI...f7.;...@....".........k..*K.H..M...@.JB....&5.}....Y.....f.Y.wG.........g..J...i.K......A@N8X............I.(w&....@.....:K.....U..5.^..Pf...a....:;...4..c.....Hy ...G..._.J....}z.d.,.j....J....]..9 %G.?.I...jAWc6-;..._...\ 2.b}x%..@.^E.......mq....$...S7.......@>U....@...E...v........j.w.s..z.H..c;.3@1S!B.=o.0...... .....m.Q...Z.G.....!Z8. .......Z....6.@)..........J.cd..LC.K..E?.._.@.(.."o.Vd*...p..Y..e.0.p..+..A.&D./.......&..............!.^pPLB.m.;.P..5.....{...:4......2.ZR~.*H.9.....a.....u.G......l:P.7.....P.Yr0..w...n.&..>...2..U[+......J..-~.t6pMfL.....j......Kc|.=u.7.+...`.....f~..}..q#F...v....+.....{f.....f].t..@............^p....y.+.H...A.&....#.....b.;.)..
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):4624
                          Entropy (8bit):7.940402980477411
                          Encrypted:false
                          SSDEEP:
                          MD5:1BA0E02799C16AEB565F47831D13AFBA
                          SHA1:8F902E52B5C0964EC450928EFB2C3855C6190D04
                          SHA-256:EAC7EE8C6A37D9123559885B66593F39A9C9DFE38997BF9F50DA791EBE907BB1
                          SHA-512:86151FB8DDE8A57997127684160670A682A42E3191EA4C70505FB979CF972EB7D6F2DCDEF9360E79C05B02C1969269E93A5844DF6A80A54E87F80D8930DC3414
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400
                          Preview:RIFF....WEBPVP8 .....o...*....>I$.E..!..TL(....p...z...>.........k.uo.....<...gr;k.y...~.......b.=.?.....O...z..........G.........?.@?.t....'...v.....{...?`.....C. ....|%........(....EY..3.>.....`..~i....~.......H%..t..C.X...<.r..!..y..c.C.......L..;..y..#.w+...0G..V=.:`.!.{.t..C.X...M_.v..=%.i.....Q.#.w+.........$...>...(...G...{1>D:`.!.....?.....!2.=]..=U..r..!.......JA..b..N.....F/..R..=.).. W...{..Q....<.o.G..Ic../..Zj.........Z2...........*...wi....8.=......,....lF...R....X.....U.@m.Z~._....I6Ah~.O~.V.3.].\.....u:..#....P5.IP...;..S...8[=9o.S*m..!..f..mnc.!..gk.9....bn.}.-........'..,h.W..i.....v..R.d..(=.o..N.yYK,...$...Z#..........U...*.F......SI.};..o..<kGTH.a}...t..#.a.M.......*(3.+..N..c.j@p.G..N..%.c...~.!1.h|.:.... j...w.>v,..I.{f!<...L...y..H.9..W...+$s.f..uc..B`.;#}.!..?...9......X...<.r..!..y..c.C.......L..;..y..#.w+...0G..V=.:`.!.{.t..C.X...;@....G.E!.....d..B.........N.i....i..{.#.x.-...cvp..`GJ.r.~A...~N.s............
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with very long lines (65536), with no line terminators
                          Category:downloaded
                          Size (bytes):312220
                          Entropy (8bit):5.545173612180526
                          Encrypted:false
                          SSDEEP:
                          MD5:C2FA56D538BA3E95C2A00DB966B59F0E
                          SHA1:444C9B3B0D0C7539AEC951A003F7A6A30E6747E2
                          SHA-256:718060D68EFB35459635C8E42F24A49DC747B40F1699E54491356D3ACF69B60F
                          SHA-512:C7D2670EF65AACF0004E4849C7936B6D78D7D53131244BC4533401274E09581E0400BD9C1A15FC269AF7FD6F55BB298E39BA0FCC1AECAD395B2C8BE91F201213
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/app/entry.js
                          Preview:function e(e){return a[e>56?e>1326?e-42:e<56?e- -25:e-57:e- -52]}var a=function(){return[18,"length",0,"m3rIGu",3,6,63,"fromCodePoint",66,void 0,46,"QsFR_iZ",!1,null,17,1,20,"apply",24,26,29,64,36,2,45,"to",44,"HjefeT",56,59,"call",65,"KYVbGma",10,"NZ",52,54,"ta","e",69,70,"ld","ls",84,85,86,53,57,103,61,71,80,82,88,91,51,55,96,108,"n",77,"id",87,49,"aM",104,107,97,74,89,116,139,140,158,155,156,136,75,100,157,16,38,"t7ex9FW",148,15,"wKFB9T","g","j",40,"hSLL3x",195,200,210,217,209,34,227,228,229,172,218,221,224,216,261,263,266,267,273,293,50,344,244,407,"o",408,409,"cy",412,365,372,373,330,410,411,"um",467,423,424,425,83,477,326,435,"io",437,475,470,471,468,472,329,451,458,"c",482,469,473,387,269,545,544,532,534,192,32,533,28,"ng",185,!0,170,518,252,13,369,389,"F",159,"d",122,"h","b",76,180,"w",150,35,"C",169,517,234,"ae","E",102,78,113,"W","L",111,"i","k","s","l","m","T","p",128,22,138,"v",488,419,"z","A",11,"M","OUQ1hj2","N","Q","y",441,531,"ab","O","P",168,129,149,68,8,14,"a","ax","a
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):4528
                          Entropy (8bit):7.945809175120278
                          Encrypted:false
                          SSDEEP:
                          MD5:EF096787734C20292B4716153B5FF1F2
                          SHA1:F2BAF10DB0E6638EC674E5F58965EFFFE5028978
                          SHA-256:518E46638E983E3545E1433BA06C2F7B4E874EED7802C809CACA237245D1864C
                          SHA-512:C3EFDA8570AF483768F292E395AFE56FCE4046CF0260989D369544DFDAA6CB039F8E5E837AD7BA2651144B6E12C166708426647F144760ECD8AA396ECADC85B7
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/public/getAssetImage/41d04d42-da3b-4453-8506-668cc0727900
                          Preview:RIFF....WEBPVP8 ....pe...*....>I$.E..!... (....~>L...[.s...o.....&.(........7..<......./....._........[.C.._..Zo.....z....C...q...........}..+...o..IG....K._.~L.........C..~.R{.....o..?....*.^g.6.1.Q.g......-*..<z...^7W..:..Fm.RcM........LiTf...C.......9..l...^6..."X...k....D..L.e.o....:..Fbf4..G...X.G.'......T;..7x^.BX.......6v..^......F.....q....UEu....gT.Vq..\!......-f.J..}.../W...:..&l..'1...|...$gg..9.^.5.0......^=.??..O.9s...,...k>...CY!.I(A......$..........*....i.F2{Xv$0...?.(.._<=Oq.C.j..5.....k|....J....@.X...).i.?du...N(.....i..O..Gvo...m.....@....c1.3......{.B/..1R.:e..Nb?..6.%%,..=......6r.......Zn#.ZU..@...ei6...K...o1.eT...%?.x.Jjc........e....5....9e.....P.9VuI.*....B..r\.3.........f2...!.^6.r:E.2..d]G.....C.e..<G...E.\..Fm.....*...ul.GF.:...LiTg.6.1.Q.gT......?.m. .......6&).<....P..n1a.hN..,4)..Uk....a.t.p.0d......1H..6.pr.D"....o.k...L. ..n!..w.....&.,..E..Qh.4pH.ai...z...cc..@..U..........q..g...x...U..|...o.j...
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
                          Category:downloaded
                          Size (bytes):9584
                          Entropy (8bit):7.97596961160488
                          Encrypted:false
                          SSDEEP:
                          MD5:6DB8E4D58AFD65290C5FD06F8F94CB34
                          SHA1:D9538B9E2D47BF57F4EB80CD340DE4C30189CE08
                          SHA-256:6C2385975E0243DAAE048F9BDE8204B8BD5B9C659FB4C8DBF86098304D6E52AA
                          SHA-512:B92B861B3D8F95E78C75E7AA1A5CFF2D2BA76607DE2644F304063B477AE03A34C0F7ACCE478512F0F38A5496BF65FA8E7D217A5CF6BBE90C5F53E3E43319EC00
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWalletImage/bff9cf1f-df19-42ce-f62a-87f04df13c00
                          Preview:RIFFh%..WEBPVP8 \%......*....>I$.E..!.i\.(.....D.-....~uH.../.;q?.u.....{.}Gx.......a.'L................S..?.........1.y......'..0..?.~.{......#.......O.........................}.k...w./.....>...}......[.....0.g..........~E..y<.}Y.3..5........Fm.=...u$...........#.........j..`P....J..8......W.%<?0Y.BG5..)...R&.2}].V0.......Tk3...2G....\.hw..`-..f..5.7U.;.8~L+?9..Z.?..o.kW......AV..m U.E.'..Y/Z.Z|.T6...3.....o.....GzuR.KU'.v...L.pk.)...&Wy.!..>.t..s.c.1A...o0.Lb.zU..*.....k.....9g.2..o/=..g..j.i..!\...g.`E...F7../...Z...0..~.=.c...........E-.....]..:...0.....;.`c.)...h'$,Uf..rP..Y,...'d[..p...<.\H...........'.2.0.L.?.,Gg<..(..;....m..=X.D...ec....g......G....p.@......R....bx...Z.....y...?9M..l...[.G........Q....qo..g.nh[......e..........Y.n.....(...d.A.S.J{G..w..J...t.9.....?[...^4.Ki8W...6.........aj.H.-...f.Lm...c.a.....n..I.......Bh...pOfx/..4=.ZF..i:...v..iKwW).n...B.!...W.v.^O`+!..3.D.N....d.a-...vJ.../R..a{...........U...K.....Y.!B.4".
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:TrueType Font data, 16 tables, 1st "GDEF", 21 names, Microsoft, language 0x409, Copyright 2017 The Literata Project Authors (https://github.com/googlefonts/literata)LiterataReg
                          Category:downloaded
                          Size (bytes):240180
                          Entropy (8bit):6.014210146267206
                          Encrypted:false
                          SSDEEP:
                          MD5:3CFA1360349D0C7F3BAA3B57987AF8B5
                          SHA1:68F97C694FB03F019D018C709576F64F239D08F5
                          SHA-256:C7AB674AE9E25B79EEA2BC8A9CF61241A9A2736662054FF1BCF0CC2439CEABB6
                          SHA-512:15DE01FFCF8CAEA96EBB63DC14BA923A599E2DB8000D3BC69D42FDFADA2CA16C6AA8AED82C074602CEB78E51BB82597379B9CE14CF065C8950CA66818034E691
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/literata_normal_400.ttf
                          Preview:............GDEFyGy.... ....GPOSO........y.GSUB...........@OS/26.L......`STATU=?........Lcmap=.|@........gasp............glyf.&.........6head.Kf....P...6hhea.......\...$hmtx._.h........loca<=.....d....maxp.......D... name.......p....post......<..@.preph......h.......2............S!.!..!.2...p<.....D.....D................s57667.3......!5766''!.......3.#./....i....)..9...,..+...9..p./.....P......1/.....{........K...>...h.....*.7..s57665.4&''532..............#'26654&&#".....26654&&##...>:....8.Yr8%A+[^E.^.>S+*Q=2..&.4I'!F::../........../$I9%B/...WL?Y/6"B0.<.......O!@-*4........2.......&..E"&&54>.32..73....#"......32667.....e.S.TuG5T..0'5.9O5E_1"?X5,H=...8DL.[.oP.`4 .@..@P%D.bCmP+.2'!"6'.....>.........%..s57665.4&''5!2......#72>.54&&##...>:....8..GsX=.5g.].JkG"=wW[.*/........../.6PgAW.`26%LvO].@.......>...G...+..s57665.4&''5!....##.326677....##.32>.73.>:....8..$3.."2$aW$!..--..$$W.$0!..6./........../..(2....."'...'$.....4).....>...;...(..s57665.4&''5!....##.326677....##......>:....8..$
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:ASCII text, with no line terminators
                          Category:downloaded
                          Size (bytes):40
                          Entropy (8bit):4.5586949695628425
                          Encrypted:false
                          SSDEEP:
                          MD5:9A4612FF79F60A08698850F79DC54D0E
                          SHA1:553C63F94398E3219EDDC3481ACA4504E07BCFB9
                          SHA-256:C844050EE7973ABA20A796B2A94EE71026F50A5A1F725EBF44F0135267540456
                          SHA-512:E642864A8E770293FD6778A38B507B01E72C46A8BC30134BEAA35DC476704A71A845C7B30520F519D67A0D10C3D9687E3730EF27A9728265E810A7F5C5AED56F
                          Malicious:false
                          Reputation:unknown
                          URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSHgmYqUFLXt3-JBIFDbtlXxsSBQ0Pv45JEgUNDoq6GA==?alt=proto
                          Preview:ChsKBw27ZV8bGgAKBw0Pv45JGgAKBw0OiroYGgA=
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
                          Category:downloaded
                          Size (bytes):46704
                          Entropy (8bit):7.994860687757006
                          Encrypted:true
                          SSDEEP:
                          MD5:30A274CD01B6EEB0B082C918B0697F1E
                          SHA1:393311BDE26B99A4AD935FA55BAD1DCE7994388B
                          SHA-256:88DF0B5A7BC397DBC13A26BB8B3742CC62CD1C9B0DDED57DA7832416D6F52F42
                          SHA-512:C02C5894DFB5FBF47DB7E9EDA5E0843C02E667B32E6C6844262DD5DED92DD95CC72830A336450781167BD21FBFAD35D8E74943C2817BAAC1E4CA34EAAD317777
                          Malicious:false
                          Reputation:unknown
                          URL:https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
                          Preview:wOF2.......p......................................O......^?HVAR.g.`?STAT.8..4/l.....<..6..f.0..\.6.$..H. ..\..>..[`....|...........7o.)....C81=......g#l..PA.c.......%...$.K.....|}}....8H.\Yd.....2c.J....0K.....I..k...F..f......,L.....P...JGwj..KM....n..,..o.....n.ck...1...%.<.....;5...9..2....=b.....("4..:.k...K_...`.5v..2@...,_.3..6..@PR.]...f!X.~..b.....-..9.....?.=:kt.'@_...N...8.i......Fo..S.C.=%.........W.@7d..%......,"h...b@.DE.]l.n..(;......E.ng].`....8..C;m....).u8.....4...%..c.A.hc]....s.{.+....J..Rq...f..I;.B..g.....j.@~.........H.........:]Dc.J.6r..].".c...8j...v. M.PXB.,.v...M..NtOO.......Z`-.i..X.....".y....c.....+..e[..(..q...u..kh.k5W..=OK{.;...7...V...I.FMTWv.Dv.[..^`......JY..:.,.. tgKhC..2-...I..S..'...IL..........p......&:..(...g..B.`......%U....-.m.D.b.m..p..26.0D.....$j.r...w..z.9.)`..n.I..B...s"es...;..vY...6.T...**..2o.....W.Lu:wx.?.7..x......C..E.^SE..F.5WcMi..a..n...X...t.........6.j.j..M.9..a.....f<J.....@.&f..'.|.....p
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:TrueType Font data, 16 tables, 1st "GDEF", 36 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)Inter SemiBoldRegular3.0
                          Category:downloaded
                          Size (bytes):315756
                          Entropy (8bit):6.32484333168468
                          Encrypted:false
                          SSDEEP:
                          MD5:07A48BEB92B401297A76FF9F6AEDD0ED
                          SHA1:431007DA316DE60D85174AEEC9B8389B5C73E7D6
                          SHA-256:E8CBC2B88BC4268237FF5E251776D3C54EDCB14E015A9E66E4883BDE4B55F13F
                          SHA-512:703756E6869BF5D6F2D2C6800216979746C351160A7ADBDB0E31A0ADEDC3BC88C7E4D25176797CA9B3DB535A93BE93437363A71F03CA89FFE438C70B113AE7E8
                          Malicious:false
                          Reputation:unknown
                          URL:https://settled-blockfi.com/claim/inter_normal_600.ttf
                          Preview:............GDEF1.1...I|....GPOS5..;..M.....GSUB...q..{...UxOS/2#_nb..w....`STAT.y.E...(...Dcmap/....x...e.gasp......It....glyf.........&.head-.aF..O....6hhea......w....$hmtx$5.9..O...'.loca..T...'...'.maxp......'.... name..........&post..5r......d.preph.................C..............A.!...!...!...!...!............................@.........................E............a!.!.!.#.!.!...t.......t......8.......\.......E.....[.......#..a!.!.!.#.!.!."&54632....!"&54632.......t.......t......8...OssOQoo..OssOQoo.....\......pLPmmPLppLPmmPLp...E.....V.&.......l.d.....E.......&.......f.......E.......&.......d.R.....E.....v.&.......j.......E.............&..a!.!.!.#.!.!."&546632......'6654&.".......t.......t......8....}.Q.ST.QQ.T:PO;:OO.....\.......{R.PP.RR.P..O88P.O88P...E.....).&.........B.....E.......&.......v.......E.......&.......m.......E.......&.......n.d.....E.......&.......v.......E.....v.&.......s.......E.......&.........N.....E.......&.........b.....E.......&.......{.......E.......&.
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:PNG image data, 160 x 36, 8-bit/color RGBA, non-interlaced
                          Category:dropped
                          Size (bytes):2492
                          Entropy (8bit):7.895957747640232
                          Encrypted:false
                          SSDEEP:
                          MD5:1E447CCBD4899BD7D227D0D48604F172
                          SHA1:7C6BB12ED0A3BE3E8AA3474037C5F97A9F7BEBF0
                          SHA-256:6E12F5DEABC58A126B8A0E5890B585377AB379E148A91E8426A5D48EE81A2130
                          SHA-512:18EAAC09614CB4FFAC54ED8142C81717BA7E397795D6CFD7E61B671033E630A61EAA6D5DD462F2B056AB614D33C6A6FA786B5BF1E2267B06DF1F9DE401B93D65
                          Malicious:false
                          Reputation:unknown
                          Preview:.PNG........IHDR.......$.......1.....bKGD.............qIDATx..k.TG.....2...}.+O.,_.`.Dc$...v..HB0$%U.B|D.PSVQ...$j...4.$.TT`....!.h......!.....,..Vg..gF.....c.a.W.....t/....EXf...e/......(.b.F...l..vh.%..V.o\..`.jV....Q...,.}.3..Vb..L.-./#]...1.}..n!Y..jf%...q..*..[1..@...F..9.fVb@`..6tU1........V..[B|..%...gwV...A8..x7......z..\.2.......\....s...,....9I`.>....@....q`/..h...[...(..._~.t;.......!.S..:..?.....].q.9.C.~..F.W.K....l[.s.x!h).3.....*.C......l...{...~.z..0)...S^.r!.......e..x..*..9.V"Km1...w..s....o......B...>.........}.l..|...DUlE..|......j..>`..o...A...nV.'..L~....\.9....DI.a......H..C]....J.m(f..z.....t.8L.[3.D...EX......[..~.k.0....8).0p....b....!;K/....:c..;.B[9E.....2...A.._...1.0M..X..`.GO.asO...;}..1.>.Wxf..B..n..1..l1.....q.7T...]....E.G....B.....N. 6..H....{........+.Z.7#.......n..}...~..!..,.W.+.-..},.........Q......0`....i..y.."....(5.....Lfy ........l?....L.....|^...K|QY.<..=.<.c...ns.r.._JB.6..r$...j.R....c....]..+.8.
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:JSON data
                          Category:downloaded
                          Size (bytes):2269
                          Entropy (8bit):5.150512978731489
                          Encrypted:false
                          SSDEEP:
                          MD5:A8B7C280DF13DEEABFAA619475C5E0A1
                          SHA1:B4C58EEBA4F8F8E00708D93C3E616BDABC92667F
                          SHA-256:083AE9F3E6F10CFCE8C60F3D764284D0247576A5F65F94DB333C82AF761A4B98
                          SHA-512:EAC62F7BEF352C87A43177EB95C064DA97083981380768730AEC75140F82BB243B9047BBC2A3623D88F5CCA18C84405A30CC91DFB010CAB29AA4F1E67ECA09F1
                          Malicious:false
                          Reputation:unknown
                          URL:https://api.web3modal.com/getWallets?page=1&entries=4&exclude=c57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2Cfd20dc426fb37566d803205b19bbc1d4096b248ac04548e3cfb6b3a38bd033aa%2C19177a98252e07ddfc9af2083ba8e07ef627cb6103467ffebb3f8f4205fd7927
                          Preview:{"count":384,"data":[{"id":"225affb176778569276e484e1b92637ad061b01e13a048b35a9d280c3b58970f","name":"Safe","homepage":"https://safe.global/","image_id":"3913df81-63c2-4413-d60b-8ff83cbed500","order":30,"mobile_link":"safe://","desktop_link":null,"webapp_link":"https://app.safe.global/","app_store":"https://apps.apple.com/app/id1515759131","play_store":"https://play.google.com/store/apps/details?id=io.gnosis.safe","rdns":null,"chrome_store":null,"injected":null},{"id":"1ae92b26df02f0abca6304df07debccd18262fdf5fe82daa81593582dac9a369","name":"Rainbow","homepage":"https://rainbow.me/","image_id":"7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500","order":40,"mobile_link":"rainbow://","desktop_link":null,"webapp_link":null,"app_store":"https://apps.apple.com/app/apple-store/id1457119021?pt=119997837&ct=wc&mt=8","play_store":"https://play.google.com/store/apps/details?id=me.rainbow&referrer=utm_source%3Dwc%26utm_medium%3Dconnector%26utm_campaign%3Dwc","rdns":"me.rainbow","chrome_store":"https://chrome.
                          No static file info