Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://us.docworkspace.com/d/sIALe-cabAaWesrIG?utm_source=wps_office_mac&utm_medium=comp_border_bar&utm_content=link

Overview

General Information

Sample URL:https://us.docworkspace.com/d/sIALe-cabAaWesrIG?utm_source=wps_office_mac&utm_medium=comp_border_bar&utm_content=link
Analysis ID:1447150
Infos:

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Detected non-DNS traffic on DNS port
Drops PE files
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 3964 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://us.docworkspace.com/d/sIALe-cabAaWesrIG?utm_source=wps_office_mac&utm_medium=comp_border_bar&utm_content=link MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6176 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1820,i,17613378975665727923,17014139397757708343,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 7944 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4068 --field-trial-handle=1820,i,17613378975665727923,17014139397757708343,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.16:49770 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:50970 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:49718 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:50968 -> 162.159.36.2:53
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.209.135
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: us.docworkspace.com
Source: global trafficDNS traffic detected: DNS query: us.docs.wps.com
Source: global trafficDNS traffic detected: DNS query: docs.cache.wpscdn.com
Source: global trafficDNS traffic detected: DNS query: www.clarity.ms
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: us-drive.wps.com
Source: global trafficDNS traffic detected: DNS query: us-account.wps.com
Source: global trafficDNS traffic detected: DNS query: s-us.wps.com
Source: global trafficDNS traffic detected: DNS query: api-ad-adapter.wps.com
Source: global trafficDNS traffic detected: DNS query: params.wps.com
Source: global trafficDNS traffic detected: DNS query: s.clarity.ms
Source: global trafficDNS traffic detected: DNS query: lh3.googleusercontent.com
Source: global trafficDNS traffic detected: DNS query: c.clarity.ms
Source: global trafficDNS traffic detected: DNS query: wdl1.pcfg.cache.wpscdn.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 50982 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50979
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50978
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50970
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50972
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50986
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50985
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50987
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50989
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50980
Source: unknownNetwork traffic detected: HTTP traffic on port 50987 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50982
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50981
Source: unknownNetwork traffic detected: HTTP traffic on port 50994 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50980 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50994
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49688 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50985 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50979 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50970 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50978 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 50981 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.16:49770 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:50970 version: TLS 1.2
Source: classification engineClassification label: clean1.win@19/43@54/308
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://us.docworkspace.com/d/sIALe-cabAaWesrIG?utm_source=wps_office_mac&utm_medium=comp_border_bar&utm_content=link
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1820,i,17613378975665727923,17014139397757708343,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1820,i,17613378975665727923,17014139397757708343,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4068 --field-trial-handle=1820,i,17613378975665727923,17014139397757708343,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4068 --field-trial-handle=1820,i,17613378975665727923,17014139397757708343,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\c1f10817-61d1-413b-a5d6-e68bc3f4aed6.tmpJump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\Unconfirmed 457900.crdownloadJump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://us.docworkspace.com/d/sIALe-cabAaWesrIG?utm_source=wps_office_mac&utm_medium=comp_border_bar&utm_content=link0%Avira URL Cloudsafe
https://us.docworkspace.com/d/sIALe-cabAaWesrIG?utm_source=wps_office_mac&utm_medium=comp_border_bar&utm_content=link0%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\Downloads\Unconfirmed 457900.crdownload0%ReversingLabs
C:\Users\user\Downloads\Unconfirmed 457900.crdownload0%VirustotalBrowse

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
istio-gateway.us.entry.4wps.net
54.218.139.120
truefalse
    		unknown
    part-0017.t-0009.t-msedge.net
    		13.107.246.45
    		truefalse
      		unknown
      api-ad-adapter-ff.wps.com
      		90.84.189.232
      		truefalse
        		unknown
        d2y4xxvxls3ktv.cloudfront.net
        		18.66.196.119
        		truefalse
          		unknown
          nginx-gateway-service.default.ff.entry.4wps.net
          		90.84.175.86
          		truefalse
            		unknown
            alb-kae-us-docs-wpscloud-1604201947.us-west-2.elb.amazonaws.com
            		52.88.220.178
            		truefalse
              		unknown
              alb-kae-docworkspace-wpscloud-1966683128.us-west-2.elb.amazonaws.com
              		52.89.38.88
              		truefalse
                		unknown
                www.google.com
                		216.58.206.68
                		truefalse
                  		unknown
                  wdl1-pcfg-cache-wpscdn-com.v4.cn-line.qiniudns.com
                  		104.16.84.69
                  		truefalse
                    		unknown
                    alb-kae-account-wpscloud-1322740792.us-west-2.elb.amazonaws.com
                    		54.218.32.9
                    		truefalse
                      		unknown
                      googlehosted.l.googleusercontent.com
                      		142.250.184.225
                      		truefalse
                        		unknown
                        alb-kae-drive-wpscloud-1551734008.us-west-2.elb.amazonaws.com
                        		34.208.255.235
                        		truefalse
                          		unknown
                          docs.cache.wpscdn.com
                          		unknown
                          		unknownfalse
                            		unknown
                            s-us.wps.com
                            		unknown
                            		unknownfalse
                              		unknown
                              wdl1.pcfg.cache.wpscdn.com
                              		unknown
                              		unknownfalse
                                		unknown
                                us.docs.wps.com
                                		unknown
                                		unknownfalse
                                  		unknown
                                  www.clarity.ms
                                  		unknown
                                  		unknownfalse
                                    		unknown
                                    us-account.wps.com
                                    		unknown
                                    		unknownfalse
                                      		unknown
                                      lh3.googleusercontent.com
                                      		unknown
                                      		unknownfalse
                                        		unknown
                                        s.clarity.ms
                                        		unknown
                                        		unknownfalse
                                          		unknown
                                          us-drive.wps.com
                                          		unknown
                                          		unknownfalse
                                            		unknown
                                            api-ad-adapter.wps.com
                                            		unknown
                                            		unknownfalse
                                              		unknown
                                              us.docworkspace.com
                                              		unknown
                                              		unknownfalse
                                                		unknown
                                                c.clarity.ms
                                                		unknown
                                                		unknownfalse
                                                  		unknown
                                                  params.wps.com
                                                  		unknown
                                                  		unknownfalse
                                                    		unknown

                                                    Contacted URLs

                                                    NameMaliciousAntivirus DetectionReputation
                                                    https://us.docs.wps.com/module/common/loadPlatform/?utm_source=wps_office_mac&utm_medium=comp_border_bar&utm_content=link&sid=sIALe-cabAaWesrIG&v=v2false
                                                      		unknown

                                                      World Map of Contacted IPs

                                                      • No. of IPs < 25%
                                                      • 25% < No. of IPs < 50%
                                                      • 50% < No. of IPs < 75%
                                                      • 75% < No. of IPs

                                                      Public IPs

                                                      IPDomainCountryFlagASNASN NameMalicious
                                                      90.84.189.232
                                                      		api-ad-adapter-ff.wps.comFrance
                                                      		2280OCBHONEYOCBpubliccloudnetworkEUfalse
                                                      142.250.186.170
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      52.89.38.88
                                                      		alb-kae-docworkspace-wpscloud-1966683128.us-west-2.elb.amazonaws.comUnited States
                                                      		16509AMAZON-02USfalse
                                                      54.218.32.9
                                                      		alb-kae-account-wpscloud-1322740792.us-west-2.elb.amazonaws.comUnited States
                                                      		16509AMAZON-02USfalse
                                                      13.107.246.45
                                                      		part-0017.t-0009.t-msedge.netUnited States
                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                      34.208.255.235
                                                      		alb-kae-drive-wpscloud-1551734008.us-west-2.elb.amazonaws.comUnited States
                                                      		16509AMAZON-02USfalse
                                                      216.58.206.78
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      44.231.176.230
                                                      		unknownUnited States
                                                      		16509AMAZON-02USfalse
                                                      18.239.69.119
                                                      		unknownUnited States
                                                      		16509AMAZON-02USfalse
                                                      104.16.83.69
                                                      		unknownUnited States
                                                      		13335CLOUDFLARENETUSfalse
                                                      13.224.222.125
                                                      		unknownUnited States
                                                      		16509AMAZON-02USfalse
                                                      142.250.181.232
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      142.250.185.163
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      68.219.88.97
                                                      		unknownUnited States
                                                      		6389BELLSOUTH-NET-BLKUSfalse
                                                      142.250.184.225
                                                      		googlehosted.l.googleusercontent.comUnited States
                                                      		15169GOOGLEUSfalse
                                                      54.218.139.120
                                                      		istio-gateway.us.entry.4wps.netUnited States
                                                      		16509AMAZON-02USfalse
                                                      142.250.186.110
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      142.250.184.202
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      18.66.196.119
                                                      		d2y4xxvxls3ktv.cloudfront.netUnited States
                                                      		3MIT-GATEWAYSUSfalse
                                                      1.1.1.1
                                                      		unknownAustralia
                                                      		13335CLOUDFLARENETUSfalse
                                                      13.107.21.237
                                                      		unknownUnited States
                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                      23.96.124.68
                                                      		unknownUnited States
                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                      74.125.133.84
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      142.250.184.193
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      142.250.185.110
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      104.16.84.69
                                                      		wdl1-pcfg-cache-wpscdn-com.v4.cn-line.qiniudns.comUnited States
                                                      		13335CLOUDFLARENETUSfalse
                                                      90.84.175.86
                                                      		nginx-gateway-service.default.ff.entry.4wps.netFrance
                                                      		5511OPENTRANSITFRfalse
                                                      142.250.185.232
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      216.58.206.68
                                                      		www.google.comUnited States
                                                      		15169GOOGLEUSfalse
                                                      35.165.176.112
                                                      		unknownUnited States
                                                      		16509AMAZON-02USfalse
                                                      142.250.181.227
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      239.255.255.250
                                                      		unknownReserved
                                                      		unknownunknownfalse
                                                      18.173.205.36
                                                      		unknownUnited States
                                                      		3MIT-GATEWAYSUSfalse
                                                      52.88.220.178
                                                      		alb-kae-us-docs-wpscloud-1604201947.us-west-2.elb.amazonaws.comUnited States
                                                      		16509AMAZON-02USfalse
                                                      142.250.184.238
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse
                                                      142.250.184.234
                                                      		unknownUnited States
                                                      		15169GOOGLEUSfalse

                                                      Private

                                                      IP
                                                      192.168.2.16

                                                      General Information

                                                      Joe Sandbox version:40.0.0 Tourmaline
                                                      Analysis ID:1447150
                                                      Start date and time:2024-05-24 14:37:23 +02:00
                                                      Joe Sandbox product:CloudBasic
                                                      Overall analysis duration:
                                                      Hypervisor based Inspection enabled:false
                                                      Report type:full
                                                      Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                      Sample URL:https://us.docworkspace.com/d/sIALe-cabAaWesrIG?utm_source=wps_office_mac&utm_medium=comp_border_bar&utm_content=link
                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                      Number of analysed new started processes analysed:15
                                                      Number of new started drivers analysed:0
                                                      Number of existing processes analysed:0
                                                      Number of existing drivers analysed:0
                                                      Number of injected processes analysed:0
                                                      Technologies:
                                                      • EGA enabled
                                                      Analysis Mode:stream
                                                      Analysis stop reason:Timeout
                                                      Detection:CLEAN
                                                      Classification:clean1.win@19/43@54/308

                                                      Warnings

                                                      • Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
                                                      • Excluded IPs from analysis (whitelisted): 142.250.185.163, 142.250.185.110, 74.125.133.84, 34.104.35.123, 142.250.185.232, 142.250.186.110, 142.250.184.234, 216.58.206.74, 142.250.184.202, 142.250.186.106, 172.217.18.10, 172.217.16.138, 142.250.186.170, 142.250.185.234, 142.250.185.170, 142.250.186.74, 142.250.185.202, 142.250.185.138, 142.250.186.42, 216.58.206.42, 172.217.16.202, 142.250.181.234, 172.217.23.106, 172.217.18.106, 216.58.212.138, 142.250.186.138, 142.250.74.202, 142.250.185.106, 142.250.185.74, 2.16.202.122, 23.96.124.68, 68.219.88.97, 13.107.21.237, 204.79.197.237
                                                      • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, c-msn-com-nsatc.trafficmanager.net, c-bing-com.dual-a-0034.a-msedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, firebaseinstallations.googleapis.com, clients2.google.com, edgedl.me.gvt1.com, www.googletagmanager.com, c.bing.com, dual-a-0034.a-msedge.net, azurefd-t-prod.trafficmanager.net, clients.l.google.com, firebase.googleapis.com, clarity-ingest-eus-c-sc.eastus.cloudapp.azure.com, www.google-analytics.com
                                                      • Not all processes where analyzed, report is missing behavior information

                                                      Created / dropped Files

                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 11:37:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                      Category:dropped
                                                      Size (bytes):2673
                                                      Entropy (8bit):3.985760105013451
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:82E68AAA02601F99770C5D8A597355D0
                                                      SHA1:388BDCFC361AAB6FFEE0B6C8BA463AC6986F2264
                                                      SHA-256:4BAD7F46E682914DB5A26449066B0462AA0257820349BEF24D06B666E5812CF4
                                                      SHA-512:714D4894B2D2B4075E66572F02E11F5F0A8769467EC3E620D08F6D08291C4D1DBD74AC8DDA74658B1A83599972DB89B4867BE52ED3F7F956DFDC4334D3C0AA65
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:L..................F.@.. ...$+.,....]H.1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.d....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............sX^.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 11:37:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                      Category:dropped
                                                      Size (bytes):2675
                                                      Entropy (8bit):4.001590005146058
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:29C9DAD0AD4A798BB4C6375DA153563E
                                                      SHA1:F59E5FAB8159C38E3E92613DFD067D2690E0D12D
                                                      SHA-256:ABF893850B532567C43F8C38D64576158BBAA97E4A6B792C46CFD98E9172FFBD
                                                      SHA-512:C46BB65CCF93DA1726E8C1E26832F0B2D178510F97799637436FF2F7B02F62A1AFB1F2BFD491D9840F5175617F52DD54A23BD4BD6F203635A634A902BC16D2B7
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:L..................F.@.. ...$+.,.....6.1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.d....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............sX^.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                      Category:dropped
                                                      Size (bytes):2689
                                                      Entropy (8bit):4.0092915607712305
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:FEA7C67B3AA92BF4A106062E71447F6B
                                                      SHA1:13F307D7392C0480B613CE4EE9EA964B2A54A8AE
                                                      SHA-256:7DE6F5F8500A6392CCD1F332BC1D66858D700B35F6F99F5D3B2A16BD420DF368
                                                      SHA-512:F5E56C98D6030C9FC25F588BBEDBCF610B9EDAB974CD9A9F6037FF16DC80D61D84773B15CFCE16AE3F287C85885B4F9CCA7C3621C67A10033C280C0ADA95646F
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.d....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............sX^.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 11:37:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                      Category:dropped
                                                      Size (bytes):2677
                                                      Entropy (8bit):4.001646249733114
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:B0B78E3FC79990CC0D241A3C5DA008A2
                                                      SHA1:A0DA753B7F0DE6E606F333E9B1222D9D9966B845
                                                      SHA-256:71418D12A161A4A6247BF693A9A3DBDF34D664687DF5A5517097D3FFE4EE5C17
                                                      SHA-512:B4E6D79304A81C9E65AD64473948506622AF8F2CAAF2516E87F462B127A783DBB922FF24E9865D7F30853666A2FA5639FABBC00CB1F4A9C98E25643E080A54BA
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:L..................F.@.. ...$+.,......1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.d....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............sX^.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 11:37:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                      Category:dropped
                                                      Size (bytes):2677
                                                      Entropy (8bit):3.9874382968781408
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:CBD8FC44919B76C55C0A87F92CB05D48
                                                      SHA1:CEFC40C9932FA3E77BEC43C08E3A3CA61D2FFA40
                                                      SHA-256:FC3EA893D7EB2FA57EF2CCB3CF937D055667FF72D5164868C20A6B9C7489A732
                                                      SHA-512:3FB02987A5EB3BF4739251B55559D72FE0D50A1900F72FFE846FB1FA20CD2F0086E6B86AC879B0A533FEA1E6BC3211A32C466AB3A984D5FA20E74519BFB9D1C9
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:L..................F.@.. ...$+.,....F?.1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.d....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............sX^.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 11:37:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                      Category:dropped
                                                      Size (bytes):2679
                                                      Entropy (8bit):3.999577493172196
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:17EEEECDFA51B1C3D3034F5F5E844A3D
                                                      SHA1:E6CCF95EA394E4B9029EE4102F49BA17E14C13DF
                                                      SHA-256:B91636DF45592CDEFEA074CA0F24D8389124BB4F8153D6399357245CF9F4D195
                                                      SHA-512:B4BEBAEEDC54E4971769263A2E7750920D03200D2FCE76FF1629DFCB165691EA771F83B0C02B487AB6300A56349B610EB79B3B8D18FEE34D81FFE75E8A4AE413
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:L..................F.@.. ...$+.,....!..1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.d....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............sX^.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                      C:\Users\user\Downloads\Unconfirmed 457900.crdownload

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                      Category:dropped
                                                      Size (bytes):5839760
                                                      Entropy (8bit):6.957955632826702
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:1F78F77D286823417ED1A3AEB12BA90E
                                                      SHA1:7D9AF16F0C08C1805CFA16ABEE6B1C1ED2EAB23D
                                                      SHA-256:1F0F90D4826BA47F716DAA1176A17C3846356A160081F44849A69514D2909E6F
                                                      SHA-512:3FA66E693F3BF1F6FC860BC8565B778FBCC2DE63FA07462725DC107633C3780955A30BB791C9D719A48B2A9C2617301E7CEDA7723CEAFF0AD1031C659CFFECA9
                                                      Malicious:false
                                                      Antivirus:
                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                      • Antivirus: Virustotal, Detection: 0%, Browse
                                                      Reputation:unknown
                                                      Preview:MZ......................@...................................@...........!..L.!This program cannot be run in DOS mode....$.......W..............H.......H........./.....................H.......H...............H...3...H.......................................................................Rich............................PE..L....r?f..................>.........w.&...... >...@..........................pY.....!.Y...@...........................J.......J.(....PL..|............X..Q....V.d.....H.8.....................H.....x.F.@............ >.......J.@....................text.....>.......>................. ..`.rdata....... >.......>.............@..@.data...$V....J.......J.............@....rsrc....|...PL..~....K.............@..@.reloc..d.....V......*V.............@..B........................................................................................................................................................................................................................................

                                                      C:\Users\user\Downloads\c1f10817-61d1-413b-a5d6-e68bc3f4aed6.tmp

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                      Category:dropped
                                                      Size (bytes):10421
                                                      Entropy (8bit):6.323148105968606
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:924FF70051B3FDACFDD6D95CBA3C6DFE
                                                      SHA1:B1ACA62684F2EBBBBF2742CD8BF735EDB19D39C9
                                                      SHA-256:2BE1CF7294D9D84CB8EA314F285E68E6119D8B37462FED7C1BBBC6A0E98F7F8E
                                                      SHA-512:33259FF9F7D494986EFE4D281B000ADC5FF92C4ABCDBCC0AF701BCAAF95649F0B305F457AB9F19C4DC3D82E2698B70A8E8455B1F6C04A6791BA48CCE80FD6A46
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:MZ......................@...................................@...........!..L.!This program cannot be run in DOS mode....$.......W..............H.......H........./.....................H.......H...............H...3...H.......................................................................Rich............................PE..L....r?f..................>.........w.&...... >...@..........................pY.....!.Y...@...........................J.......J.(....PL..|............X..Q....V.d.....H.8.....................H.....x.F.@............ >.......J.@....................text.....>.......>................. ..`.rdata....... >.......>.............@..@.data...$V....J.......J.............@....rsrc....|...PL..~....K.............@..@.reloc..d.....V......*V.............@..B........................................................................................................................................................................................................................................

                                                      Chrome Cache Entry: 100

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (5945)
                                                      Category:downloaded
                                                      Size (bytes):260498
                                                      Entropy (8bit):5.573732313114092
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:A220782D8EE3C73612D3A12C3667193A
                                                      SHA1:D4EFCEE1F0F1E4B522BFAECF9E531983FE1148DA
                                                      SHA-256:321BA209998E069C30133B7B238A9DAD606A8125BB2E4662BEA8B4F7A27A167C
                                                      SHA-512:F921312BC6A7896310566B1B9F62D6831F1F80BC7D32DBAF09CAC84C66695F3CEE8621395CCFDB8B80228C1118877DEF02E8E0A02125E60EC92EF6BDFC6E3389
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://www.googletagmanager.com/gtag/js?id=G-WER4F69QT5&l=dataLayer&cx=c
                                                      Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_ga_send","priority":7,"vtp_value":true,"tag_id":17},{"function":"__ogt_referral_exclusion","priority":7,"vtp_includeConditions":["list","wpscdn\\.com"],"tag_id":19},{"function":"__ogt_session_timeout","priority":7,"vtp_sessionMinutes":30,"vtp_sessionHours":0,"tag_id":20},{"function":"__ogt_dma","priority":7,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":21},{"function":"__ogt_1p_data_v2","priority":7,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled

                                                      Chrome Cache Entry: 101

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):18
                                                      Entropy (8bit):3.5724312513221195
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:53AF239EE5D3E261545DEDEDCB6FFD57
                                                      SHA1:04CA7E137E1E9FEEAD96A7DF45BB67D5AB3DE190
                                                      SHA-256:99EB12F2AB3C4866A353E098FFA3CB7A967E617C49B98480394EC5D8EA92B094
                                                      SHA-512:C734E4A5FF5D335A91518DBF47861BDAF8012AF49371DCD2E3350E269C9A5A1CC094114D17C4F5B053F3757B4B07487EBD0D309C91EF97ACF4665CC5D5C9A2D3
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:404 page not found

                                                      Chrome Cache Entry: 102

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SVG Scalable Vector Graphics image
                                                      Category:dropped
                                                      Size (bytes):1875
                                                      Entropy (8bit):5.002399718833619
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:98673A5A06DD303B4D60E3DB391EE885
                                                      SHA1:3E0B50D727939A5E964F3AB7F78F3908456B5571
                                                      SHA-256:3BB8A44CCF9FCB0443D329834FC6BA9E958D0693BFFFF3B1E6A3B489AFD2012F
                                                      SHA-512:35DF54A9C34CEB8081022BE75904C6CC6CF7ADEAF91FBF66922396AA2F0A3A76BABCB8B76551A2E929558262B9E6DA4CAEACF6F47A09CF047CA0501A8E498745
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:<svg width="323" height="209" viewBox="0 0 323 209" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M160.277 48.6271C239.995 14.2871 322.543 53.6201 322.543 53.6201C321.364 52.8429 319.962 51.8871 318.346 50.7856C291.711 32.6285 207.028 -25.1009 106.308 25.701C74.9611 41.5118 47.4256 70.5266 35.0306 84.7974L3.07139 63.0244C2.39311 62.5623 1.4777 63.0689 1.50909 63.889L7.01621 207.792C7.04634 208.579 7.93263 209.024 8.58188 208.577L134.44 122.077C135.29 121.493 135.556 120.359 135.056 119.458L131.48 113.022C131.336 112.763 131.085 112.581 130.794 112.526L91.9473 105.093C96.05 91.6554 110.84 69.9231 160.277 48.6271Z" fill="url(#paint0_linear_359_320)"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M151.866 44.4102C229.935 6.41133 322.528 53.613 322.528 53.613C320.983 52.5946 319.039 51.2334 316.719 49.6091C288.084 29.563 202.227 -30.5426 103.404 19.3025C71.989 35.1477 44.4019 64.2545 32.046 78.4919L4.07375 59.7843C2.71444 58.8752 0.897

                                                      Chrome Cache Entry: 105

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 264 x 288, 8-bit/color RGBA, non-interlaced
                                                      Category:downloaded
                                                      Size (bytes):68199
                                                      Entropy (8bit):7.993204101840522
                                                      Encrypted:true
                                                      SSDEEP:
                                                      MD5:BDF2F8170FC3F50ED090FBAACB2A449E
                                                      SHA1:C8B8AF204C55F444F79D488337D56A3F9321D1C0
                                                      SHA-256:B618065C46D4A894945516759F4CFB70CC676709B7F24A676DD18A7C35C41192
                                                      SHA-512:7336A87939C66C6918DFE7C21C9BCE861FF6AA9809BA8A2325B3E39AA6264D35A1425EF0D8DF009D84110F98CCF20B8F290015674C6CE08071AC71AEC99ED7EB
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/img/design.683750d.png
                                                      Preview:.PNG........IHDR....... .....H......pHYs.................sRGB.........gAMA......a.....IDATx.....eWy.........N..f.;......`.+.\.....$.K\.$N^...Nb.9/yv...?6`.t....P.f..F........V_....`.Y.s.k.....%0n_....-.G.0..L`)Mqg%->}.|....q..6n_.&0n_..s.....[..... t.Y.$.....$..5.....Y....C......6n.S....I).....+.\N./...+..$AR. .2...J..H.'E"....so.r..x.U..].6...a{.)Y...9.).z....6.S..]j.../IH.H5hh.HQ.....|h8.>|.......4.b...9jc........E..........,Sh.HD...W@.fH+,edhT..I*>*e..Zr.K./..."...hc.......'{....c.......&.m..d.H.(..VM..E;..O.......{..6........5no.7..:.bF..NB..7...N..@.@"l,a....1..Y.".fl.i.<.%..F..{...._z[.0.m..ic.........9..B.........a.#.......~z...p..d.*IJ..{N...A....7..........w.%..7|......s..*.._.<4..K.^.^...z!...']...~E...........>.4.=...t.:. .X...o}u.S..Lt1n.pm...s.............,.O..]k.......J...<............LX.B.C...#>9V_.Q.]B..DK..S.?..4Mno$.L-.<..74.{......u.........IV..^_.G....X..8.<..C,..8.R..g.-.....P...[Yj....pA.a.u...a...{b...0.JE.{.@..Q...+

                                                      Chrome Cache Entry: 106

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1136)
                                                      Category:dropped
                                                      Size (bytes):1595
                                                      Entropy (8bit):5.263414274513186
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:32B804F982135852AF39ACF42B00A356
                                                      SHA1:44040A629D00382BEF11C8042102CCD0B9307DF2
                                                      SHA-256:44F7B001E68CF97CC5D4EBE00412F2937171F5973460608725F26719504D4412
                                                      SHA-512:11DFB40719CAEFD11BDD0BB7CF0B8DAD3442CC622487FCF19AF26BA6C4ED114359EC18388D144D02C18A176059BD041B00A56E603BC67DE214CC394C27AF6008
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 404 (Not Found)!!1</title>. <style>. *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.

                                                      Chrome Cache Entry: 107

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 96 x 96, 8-bit grayscale, non-interlaced
                                                      Category:downloaded
                                                      Size (bytes):800
                                                      Entropy (8bit):7.590091267300851
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:F4AD0CD10E81664F025DD1F5B6A5AD9F
                                                      SHA1:54C9B4B9FA481F1820B088AF79F5855793A0E48D
                                                      SHA-256:091C0E2FE196A438759D5014383ED0F659A13E1B557EB6FA776F4F27A82ED12F
                                                      SHA-512:EB3244651C6B9C9D6F792F42203EE505C6B3F02CA8034ACB06007990A0E43C9F11CC424CA1146DA2419FAE48B699C13452C9ED4E6EAAED4F779326ECA89990EF
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://lh3.googleusercontent.com/a/ALm5wu3p7UDE0Vc9oqdGN0pnCoVXDbSLfLdcKtwqDSOx=s96-c
                                                      Preview:.PNG........IHDR...`...`.......(.....sBIT...[.....IDATh....r.0....e...2-.M3......C...I8.....!.,.+....W.....di.B:............P.+."..."...T...*.>% "...JZ.P...A..o..T.........w..#m.1........OT..D.....~......C...t)._..-..I....E}H.:L@.%....Q.....z....KS.x*.R..;]..M.X..A|.#j..\.2...\=0..A@$.o..RA.F2.f..s..r~@$pM.l.] p]..df...>=..tK.....6..S...-[./u......N..I.6.....BR...o\2w..;[ENZ.....(sa5.Ak..W.....A...I...Q.}.Y.=.aq..9. ........{j.....X....m...2...G..............Kp.j.........m.x.V@M.....l..=CN.C.4.sw|....../..e0.t_&X.GI.D...2.....J......29.`......)......B ....a..=.:..u]=......8.Xr& ...].Cp' .?j...Y... f.......`cGf9...-$.y.P..+........|.......:.`b|h......-...".f..\.......:.Q...%i...@.2..P.r.x.0Gu.'..{......V..5..:}.M..H:....c:.._@........./..jp`^......IEND.B`.

                                                      Chrome Cache Entry: 108

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 17 x 40, 8-bit/color RGBA, non-interlaced
                                                      Category:dropped
                                                      Size (bytes):1215
                                                      Entropy (8bit):7.751210923391593
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:A83956CB86C8BAABD34903313B3EF89A
                                                      SHA1:53517EBE645B070E5941EAAC9483F8EB5FB6AFF0
                                                      SHA-256:F852369E51AB6F90C6DAB2B29A286A29B45F6F170FA1D07C82F88490CB870907
                                                      SHA-512:EB129E740DF776EDA76901AB3999F6BABC141946A96F99B3B31925E5CDBAC4A362FC8C6CC019C288E1660F6E33470A9A0CE46423C592BC4D408C95EFF402078D
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:.PNG........IHDR.......(.............pHYs.................sRGB.........gAMA......a....TIDATx..V_h[e.?.w.e.../.8...A. ...P.m....n...M...M.GuIiqL[.A....Z.oMW:d..[.2..fI..s...[....!7.....;........;.............=..r...)..,.(.1.@....>G........F.....0.....>.u........bc..1......I...5An.|..lhff..r`P...W..k..B.....5_yd.Q.@..G.5B......o'...........9ai.4.....!f...0#.S..lU'=s....5+.f..sD).*#.Nl.4.].I..~z....../.3.../....:....I....l.R....Ie.....'....Qer..P...K...w..1.L=D0..b..Q...i....._....*..."..dC..Q.}...".L...x..eTA.+II...a..I...._..@..S.."....)J...j.-.......3}A...acu.....k...._.r..bh.......W....."n+S....)i<yf.X.~9JD....."..(..Gea....z..-].....#.=n..... =~.Z.....}H....<..%....0k~.\.....5.vo6..'.......}..[...~c).0..+.....,...>)..I....b............G.:..m. M.B).u.....?.f..E..km>..d.{.@.I.s c..Q..._~*.........C...h.. XGN.S..l..R..A.?..+.IA.bs..%..+&......F.-2.4.]z|.X.V..W...9p...f`..Z...(E.]z..9FE.p.Z./ru....5.....B..U..;.fS.:.0X....`xa.5.......m.dr..

                                                      Chrome Cache Entry: 109

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:HTML document, ASCII text, with very long lines (2503), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):2503
                                                      Entropy (8bit):5.253238937241519
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:02BAFEB18C99E2D50AC42C503F63F038
                                                      SHA1:A77EA8E5D4DACF67D08FA3F7C20028BDADE2A8FB
                                                      SHA-256:850DBBA3DF72DA397DFE79492F311D5DA91D264841CC38D525747ACBAFEC5D54
                                                      SHA-512:99DEA257280473C47B47CD970266CC33D536C15D9458932E58F36BBEC8C262727FA5C7ECD785C20F01E9BEC59426C7C2EBA39BA9BE8643270E309CFA62FFA6E5
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://wdl1.pcfg.cache.wpscdn.com/wps/download.html?channel=200.1095&lid=lid-u8MZ5zkxnzvZ
                                                      Preview:<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>WPS Office Download</title> </head> <body> <script async src="https://www.googletagmanager.com/gtag/js?id=UA-126693142-4"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-126693142-4'); </script> <script> var BAK_DOWNLOAD_URL = '//wdl1.pcfg.cache.wpscdn.com/wpsdl/wpsoffice/onlinesetup/distsrc/200.1087/wpsinst/wps_office_inst.exe'; function getDownloadUrl(channel) { return '//wdl1.pcfg.cache.wpscdn.com/wpsdl/wpsoffice/onlinesetup/distsrc/' + channel + '/wpsinst/wps_office_inst.exe'; } function getQueryString(name, url) { var pattern = new RegExp('[\\?&#]' + name + '=([^&#]+)', 'gi'); var ma = (url || location.search).match(pattern); var strArr; if (ma && ma.length > 0) { strArr = ma[ma.length - 1]

                                                      Chrome Cache Entry: 110

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 269 x 153, 8-bit/color RGBA, non-interlaced
                                                      Category:downloaded
                                                      Size (bytes):9318
                                                      Entropy (8bit):7.955170107895405
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:4EAFFEE8872F9E13C75B4B8DD8082CC1
                                                      SHA1:45E2EF097A88941A8B6D2A108B17EE7926667F87
                                                      SHA-256:09AABFFA09C899A48AE3C130270F8DEFC85F00084FE179ED542FCCF30C8A2336
                                                      SHA-512:0BF83B81684D0358205362B8F3E3A36F4F4F4A01C248A60453F2E7994D1D6823B935AC42365F3E62BA2E870FC43DE7344498E5E66BB2F02F5D509313DF805AF1
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/img/win_download.e48ddfe.png
                                                      Preview:.PNG........IHDR.............5.o.....pHYs.................sRGB.........gAMA......a...#.IDATx...tU....H".PQ.`.Pl.<Z....@]..Q....E...}z..u.....]K@..B.^]K.m..E..q.@"...3..@......9.3..>..9.......=3{...|.....`...+**.T,....0L!.Ih.....;&L...~.H.l.qHEE...]}..eb.#f`.a.....IB0&......c.....<y.~.....(//.....]]]7.....6;w......3!.3:::>....*..m.Rb...P__..t..E.1v...;..C..!.a.......~.N>.d.D....X0..q.}.:t(...A)&.....a........H.4p.@b.......>L%.h;p.....e...&\I.~TR.On3L>RBL.x.'.8.....u.....K....'X4.DOo/.t.J..8.?;....E#.@<.vt......[.]]]r....am....K..l...g...F....KT&.;B..l..CpmmmR(l@< $X.....Dz.+**..MX4...C...|..^aA577.C..:..w.^)4......|r...>..QTT..].X....uAR.......a....r.....q3m...w7QGg.._]UEU..h.I......r....zo..#..;0.[Q^....NQ.`ad..G.vW .......u? ..C.^|..*...,........S.].X..X.6 .#F...Jss........).. .?X..: .<.."hq;.&h*.!Y.d.m..r.4.~.ah....?.K..g...l....._Y...ys..k.\E..='....#...../. *m.]x...X..k..@..?.(U...FIYf[..B.W>*...N.v.e..1\#$...U..l7e....TX..C

                                                      Chrome Cache Entry: 111

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:downloaded
                                                      Size (bytes):54
                                                      Entropy (8bit):4.11545555747864
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:5928675A7D500DED076650C6DD53A0F1
                                                      SHA1:CDF8A58D635EA02AE825C6878C70504DDC41F5C8
                                                      SHA-256:31DB804EDACBA37574062367A2D45790862CCAAF060C186689578C9BE9B19AE1
                                                      SHA-512:6BD607B7F7E6A3FD785762762FC17A3FEFB6C006329A3DB3DC8E6824100F6AE560C4906857FC6E8CE412385822E316938AE32AAA16A83EE69C85C20CA4733426
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://api-ad-adapter.wps.com/op/docs/open
                                                      Preview:{"msg":"","data":{"flags":["footer_banner"]},"code":0}

                                                      Chrome Cache Entry: 112

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:dropped
                                                      Size (bytes):1395
                                                      Entropy (8bit):5.289374400679927
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:4AAA5D83156D8846C9BF5FEC228ACD9F
                                                      SHA1:DB9FC8ACB36D9ED3799A44C4DA87CCA9A51A976B
                                                      SHA-256:C3954AFAD1F3F800441EAC9775ACB6D211AD673801B1E6DBBB0AB13C24423699
                                                      SHA-512:44D38C303D1DC9326258E7F367F80C959BE429E160D2E7BC7D15D4C586C48E3EC693B0AA6824B9B3A8F16F80499632C4F740BDE3F94FC54DBE295D62CFA8DD68
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:{"approver_info":{"approver_id":326221022,"approver_nickname":"ADP Workforce","approver_avatar":"https://lh3.googleusercontent.com/a/ALm5wu3p7UDE0Vc9oqdGN0pnCoVXDbSLfLdcKtwqDSOx=s96-c"},"fileinfo":{"id":89315421742635,"groupid":2250091237,"parentid":89315421689755,"fname":"Q-04961-20230816-1447.pdf","fsize":250555,"ftype":"sharefile","ctime":1716293400,"mtime":1716293400,"store":4,"storeid":"","fver":1,"fsha":"0278aaef0aa7ce92ae4095d804bc1a28","deleted":false,"creator":{"id":326221022,"name":"ADP Workforce","avatar":"https://lh3.googleusercontent.com/a/ALm5wu3p7UDE0Vc9oqdGN0pnCoVXDbSLfLdcKtwqDSOx=s96-c","corpid":0},"modifier":{"id":326221022,"name":"ADP Workforce","avatar":"https://lh3.googleusercontent.com/a/ALm5wu3p7UDE0Vc9oqdGN0pnCoVXDbSLfLdcKtwqDSOx=s96-c","corpid":0}},"linkinfo":{"sid":"sIALe-cabAaWesrIG","link_permission":"read","groupid":2250091237,"group_corpid":0,"fileid":89315421742635,"status":"open","expire_time":0,"download_perm":1,"expire_period":0,"ranges":"anyone","link

                                                      Chrome Cache Entry: 113

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:HTML document, ASCII text, with very long lines (11837)
                                                      Category:dropped
                                                      Size (bytes):18054
                                                      Entropy (8bit):5.2712993838631945
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:737C4B70CEE3532CF0E6A026E6A7A29F
                                                      SHA1:CD9DCFCA94B48D60B421C612D20A8EED6E9BD647
                                                      SHA-256:2761E6FCCD3B00C994F51F37E0EEF6A110F39D0B7F54AAE3E2556E5D7A0A7221
                                                      SHA-512:EBEF71ADCDD751D883048E6A31A5DC292EED3AB7A40D28454C11AE3AB203C2103EE5E6B7AE900321F0EE85D9B31C98256F6788B42369415AD5D03C02EEF9E01D
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:<!doctype html>.<html data-n-head-ssr env="production" time="5/22/2024, 6:35:45 AM" lang="en-US" data-n-head="%7B%22env%22:%7B%22ssr%22:%22production%22%7D,%22time%22:%7B%22ssr%22:%225/22/2024,%206:35:45%20AM%22%7D,%22lang%22:%7B%22ssr%22:%22en-US%22%7D%7D">. <head >. <title>WPS 365</title><meta data-n-head="ssr" charset="utf-8"><meta data-n-head="ssr" name="viewport" content="width=device-width, initial-scale=1"><link data-n-head="ssr" rel="icon" type="image/x-icon" href="https://docs.cache.wpscdn.com/encs/icons/favicon.ico"><link data-n-head="ssr" rel="shortcut icon" href="https://docs.cache.wpscdn.com/encs/icons/favicon.ico"><link data-n-head="ssr" rel="apple-touch-icon" href="https://docs.cache.wpscdn.com/encs/icons/favicon.ico"><link data-n-head="ssr" rel="preconnect" href="https://docs.cache.wpscdn.com"><link data-n-head="ssr" rel="preconnect" href="https://www.googletagmanager.com"><link data-n-head="ssr" rel="preconnect" href="https://www.clarity.ms"><script data-n-head="ss

                                                      Chrome Cache Entry: 114

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (65462), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):71297
                                                      Entropy (8bit):5.771947832707624
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:88BD397109EA7DBF0E9CED97E5DC4D09
                                                      SHA1:E6884F0C9F1669E9DB62A6B3F4A4809BBC47A4EC
                                                      SHA-256:4F7F38F602796FA4C86555789EF73CA7E531074EDD8F534F3E664912E4AC7B6D
                                                      SHA-512:9844BCA33B10F0C01370D0F9ADE9063126EFDD16592DA18F9CE7CF0EC048F03FE45633F15EA36ED3F3406B8F5D498A38C31E4DF9603E390522B427266D44A59A
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/829da7a.js
                                                      Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[30,17,28],{279:function(e,t,n){"use strict";n.d(t,"a",(function(){return a}));var o=n(282).ConfigLoader,r={INTL_PER:"international_personal",JP_PER:"japan_personal",JP_ENT:"japan_enterprise",INTL_ENT:"international_enterprise"};function a(e){return new o(function(e){switch(e){case"sg.pro.wps.com":return r.INTL_ENT;case"jp.pro.wps.com":return r.JP_ENT;case"jp.docs.wps.com":return r.JP_PER;default:return r.INTL_PER}}(e))}},280:function(e,t,n){"use strict";n.d(t,"a",(function(){return i})),n.d(t,"b",(function(){return c})),n.d(t,"g",(function(){return x})),n.d(t,"f",(function(){return h})),n.d(t,"d",(function(){return A})),n.d(t,"e",(function(){return y})),n.d(t,"c",(function(){return v}));var o,r,a=n(15),i=(n(53),n(54),"others"),c={WRITER:"writer",ET:"et",PPT:"ppt",PDF:"pdf",IMAGE:"image",ZIP:"zip"},s=(o={},Object(a.a)(o,c.WRITER,["wps","wpt","doc","docx","dot","rtf","xml","docm","dotm","wdoc"]),Object(a.a)(o,c.ET,["et","ett","xls","xl

                                                      Chrome Cache Entry: 115

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (5945)
                                                      Category:downloaded
                                                      Size (bytes):294517
                                                      Entropy (8bit):5.573247125962763
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:A5D02DF180BFE7E2F13D4DBFEB0DDD1F
                                                      SHA1:429B31488A4DB622E960AFEBD822470ABEC0FF41
                                                      SHA-256:5719D4CBBBE90C84FA665B313780DFBC59FA7704322AF201BE6B888704DC78FE
                                                      SHA-512:1EA9B213FF3CFF473A11D8EC8F816EC92BA7AEF5E6886E6E29876D2B115BF150FEA50F9B655F231529F170CEE85F8A8A2F58071D7792329391B5313EA1D04062
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://www.googletagmanager.com/gtag/js?id=G-PE2STH1E8E
                                                      Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_dma","priority":13,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":8},{"function":"__ogt_1p_data_v2","priority":13,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vt

                                                      Chrome Cache Entry: 119

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (4179)
                                                      Category:downloaded
                                                      Size (bytes):208162
                                                      Entropy (8bit):5.538231892686449
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:EEC979F1F737DB00B4102999CB3CBB5C
                                                      SHA1:7247B2C5E7B2948A248682D7E4B3C56C37DAF652
                                                      SHA-256:27EAC38A4C883B5AE92ACD0D2ABAAEF75ABE0AA7573A7A691081F5EE9F8CFA77
                                                      SHA-512:47E45D18DF20A474043A1FA417F00C63B9A6D56E2330A76DCFEF93497B80E46F069DA813344FC6C247FA23D536533A93C2D083382627981579B72E445667D66B
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://www.googletagmanager.com/gtag/js?id=UA-126693142-4
                                                      Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_1p_data_v2","priority":2,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_autoEmailEnabled":true,"vtp_autoPhoneEnabled":false,"vtp_autoAddressEnabled":false,"vtp_isAutoCollectPiiEnabledFlag":false,"tag_id":6},{"function":"__ccd_ga_first","priority":1,"vtp_instanceDestinationId":"UA-126693142-4","tag_id":9},{"function":"__rep","vtp_containerId":"UA-126693142-4","vtp_remoteConfig":["map"],"tag_id":1},{"function":"__zone","vtp_childContainers":["list",["map","publicId","G-WER4F69QT5"]],"vtp_enableConfiguration":false,"tag_id":3},{"function":"__ccd_ga_last","priority":0,"vtp_instanceDestinationId":"UA-126693142-4","tag_id":8}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"},{"function":"_eq","arg0":["macro",0],"arg1"

                                                      Chrome Cache Entry: 120

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (2694), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):2694
                                                      Entropy (8bit):5.369508378494004
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:879A75A961B01CE2B192777DF1ED1501
                                                      SHA1:10951D9760F4FEAD5E637B929B0A01E5BDFCC05A
                                                      SHA-256:9C4CA2058BEF6CDC32D3C96248F17B49D00DA51A97203EE516E2F583467C7806
                                                      SHA-512:9530877EB00ECB39EC0AC08C250F793FCFB5EFD2F414A57CD6CE7693BFE5219449BC4DD2D80B28950496981374E340217F631EF95AE90FF36D83A729633239FE
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/4ecb681.js
                                                      Preview:!function(e){function t(t){for(var n,c,u=t[0],i=t[1],f=t[2],p=0,d=[];p<u.length;p++)c=u[p],Object.prototype.hasOwnProperty.call(o,c)&&o[c]&&d.push(o[c][0]),o[c]=0;for(n in i)Object.prototype.hasOwnProperty.call(i,n)&&(e[n]=i[n]);for(l&&l(t);d.length;)d.shift()();return a.push.apply(a,f||[]),r()}function r(){for(var e,t=0;t<a.length;t++){for(var r=a[t],n=!0,u=1;u<r.length;u++){var i=r[u];0!==o[i]&&(n=!1)}n&&(a.splice(t--,1),e=c(c.s=r[0]))}return e}var n={},o={33:0},a=[];function c(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,c),r.l=!0,r.exports}c.e=function(e){var t=[],r=o[e];if(0!==r)if(r)t.push(r[2]);else{var n=new Promise((function(t,n){r=o[e]=[t,n]}));t.push(r[2]=n);var a,u=document.createElement("script");u.charset="utf-8",u.timeout=120,c.nc&&u.setAttribute("nonce",c.nc),u.src=function(e){return c.p+""+{0:"c982598",1:"2e3c7cc",2:"070e212",3:"1bbf2e2",4:"295ed2a",7:"f835f5c",8:"ca185e7",9:"2897d05",10:"015baf7",11:"ca7428e",1

                                                      Chrome Cache Entry: 121

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 17 x 40, 8-bit/color RGBA, non-interlaced
                                                      Category:dropped
                                                      Size (bytes):1234
                                                      Entropy (8bit):7.75912362238391
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:0C5485AE009026986C1BBBD9D5923C9F
                                                      SHA1:DC78751F3574723EFAE83F1C50E6530C209C04DC
                                                      SHA-256:52008A47A9ACACAF96DA87A39953F3AB0726A1F531F3EAB64B1BBF21BDA71F1D
                                                      SHA-512:42DA29D884A15DA4CFC72605E3D801F37628CE4E5C5FF8F31BCABB85C7F5351DCF3DD197C596C7BC3CC8715C890554936BFDE01C48379C1BE00C8670B0D574B9
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:.PNG........IHDR.......(.............pHYs.................sRGB.........gAMA......a....gIDATx..VMl.W..yk..`../.P{(l...,.".VH.aJUU-I.E.8..z Q..4..Uj.!.r...?$94U..jz"..?"YA.P.......f:......Y....y.y.f.@.~...........1...m.'>p@. #.Y..4...`'.~._.D.6..|Z.2.$.T...40..u.$.DW3..K...1.@.J.S.b.I...D.TZ,.43.O.X.UjL.'.9.I..\..V...e.W.......vx\.Jx8..<..7/R.$.....-........a...X.zr...x.fC...2...Y...|5T.mba...z8v..`.....;N(9...".TcC..0..\..a%.V}....../1..9.`.c....i=}.8.u{w0.!$.d.jHEQ.....i...y.........:j...9.Y.+1..iH{..Ta.\C....k#.!..^=.X${S_..)..r(...-i.. .Mm...=.v.....:bR{O.o....'..*;4.../.M...j{O.V...A.eB.$....9...i.../E..VX...b..|.H=...!...G....[....;.*...F...Lu,4....B...G..>.....x..8.}.\...t....;..1.a6...C.d6w0...5m.>.A.D<.......u%.%........f.K*@..D^%......|..Sd. 5...=S.....P$..TD;...m'.$.jA.........?^.......Ap..+I;........;.y.}..XN.*...fDt....L.rY..35..S.[JhIR!....f.ZF.....p.~.v......i.,...#W..If..,5GA6#...x......E..fS.kq{.UQ7....|.^9)..ywK.....+CN-...;.x.K

                                                      Chrome Cache Entry: 122

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (24079), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):24079
                                                      Entropy (8bit):5.440244902711292
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:208DC764153AE049BAB4B7E4206370CD
                                                      SHA1:55B6BD87EECBC5EBE8D095AD971FA9822F38F068
                                                      SHA-256:2A2C39A3F14D45833AFB06FD0D9A8CE541DF91CFEA10E1794DCC79A1C024A070
                                                      SHA-512:65C3EF58F09576139E091035D86CC79736C6716C8508CA55AF06B1BD6D381B6AEBB446F7ECFD213730C3C436458C5F35963A5ADDDEE0CB834F3B1F01024BAB59
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/295ed2a.js
                                                      Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[4],{277:function(e,t,i){"use strict";e.exports=function(e,t){return t||(t={}),"string"!=typeof(e=e&&e.__esModule?e.default:e)?e:(/^['"].*['"]$/.test(e)&&(e=e.slice(1,-1)),t.hash&&(e+=t.hash),/["'() \t\n]/.test(e)||t.needQuotes?'"'.concat(e.replace(/"/g,'\\"').replace(/\n/g,"\\n"),'"'):e)}},326:function(e,t,i){"use strict";var s=i(17),n=i(11),r=i(85),o=i(29),a=i(19),d=i(56),c=i(143),u=i(83),p=i(8),g=i(68),h=i(84).f,w=i(55).f,l=i(21).f,f=i(195).trim,m="Number",b=n[m],k=b.prototype,x=d(g(k))==m,v=function(e){var t,i,s,n,r,o,a,d,c=u(e,!1);if("string"==typeof c&&c.length>2)if(43===(t=(c=f(c)).charCodeAt(0))||45===t){if(88===(i=c.charCodeAt(2))||120===i)return NaN}else if(48===t){switch(c.charCodeAt(1)){case 66:case 98:s=2,n=49;break;case 79:case 111:s=8,n=55;break;default:return+c}for(o=(r=c.slice(2)).length,a=0;a<o;a++)if((d=r.charCodeAt(a))<48||d>n)return NaN;return parseInt(r,s)}return+c};if(r(m,!b(" 0o1")||!b("0b1")||b("+0x1"))){for(v

                                                      Chrome Cache Entry: 125

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SVG Scalable Vector Graphics image
                                                      Category:dropped
                                                      Size (bytes):4092
                                                      Entropy (8bit):4.332899747461483
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:274DAF61E8C5CED348D12802759B3DAA
                                                      SHA1:C4975B12331B27E77F69BA966D1A4CF46F836DE4
                                                      SHA-256:A1B1BD0B47737C670D96D5A8C2F2B353BD469132D8AFA8CA4049137D7E42D147
                                                      SHA-512:BE1FC73F1725A7542A7E0BA7C0F1C9B21733C101F152FBCAAE6E2E903163DDEA897515D00BA5A766A9059E1626DE61F6137ED72FF08513F5861F4AD05FEEEC1A
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:<svg width="125" height="48" viewBox="0 0 125 48" fill="none" xmlns="http://www.w3.org/2000/svg">.<g clip-path="url(#clip0_47_590)">.<path d="M38.6667 0H9.33334C4.17868 0 0 4.17868 0 9.33334V38.6667C0 43.8213 4.17868 48 9.33334 48H38.6667C43.8213 48 48 43.8213 48 38.6667V9.33334C48 4.17868 43.8213 0 38.6667 0Z" fill="url(#paint0_linear_47_590)"/>.<path d="M22.8823 14.203L23.202 14.9558C23.2321 15.0268 23.2322 15.107 23.2022 15.1779L21.3732 19.5065C21.2756 19.7375 20.9488 19.7387 20.8495 19.5085L19.7287 16.9115C19.6837 16.8071 19.5809 16.7396 19.4673 16.7396H11.5754C11.3723 16.7396 11.2344 16.9462 11.3125 17.1337L17.6127 32.2675C17.7099 32.5011 18.0407 32.5013 18.1383 32.2679L25.6854 14.2177C26.1283 13.1584 27.1642 12.4688 28.3123 12.4688H39.2347C41.2649 12.4688 42.6427 14.5329 41.8642 16.4079L33.6239 36.2508C33.1605 37.3665 32.0711 38.0937 30.8629 38.0937H30.5842C29.3756 38.0937 28.2858 37.3659 27.8228 36.2495L25.4297 30.4794C25.4008 30.4098 25.4007 30.3315 25.4295 30.2617L27.2249 25.9

                                                      Chrome Cache Entry: 126

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (62300), with CRLF line terminators
                                                      Category:downloaded
                                                      Size (bytes):62397
                                                      Entropy (8bit):5.350884702903751
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:B31E76D22DA4399DB4B8C8ECCD35DC2B
                                                      SHA1:B36D4554849D3F05DF0363366BE9133D35EACA98
                                                      SHA-256:5BA7B351020430E304E1C38988858E13690202831484697551E56FED5826004E
                                                      SHA-512:DE2A305DC568D53CA6961D0C9E9FF4497A9A7FE462620417DB3F7ABB2FD508E3729C5090A1119A0DF7DA998AE7C9BF6BB140838681AFCAD493848187BDB9A312
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://www.clarity.ms/s/0.7.32/clarity.js
                                                      Preview:/* clarity-js v0.7.32: https://github.com/microsoft/clarity (License: MIT) */..!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return Fa},get start(){return Ua},get stop(){return Va},get track(){return Pa}}),e=Object.freeze({__proto__:null,get clone(){return hr},get compute(){return pr},get data(){return ir},get keys(){return or},get reset(){return vr},get start(){return dr},get stop(){return mr},get trigger(){return fr},get update(){return gr}}),n=Object.freeze({__proto__:null,get check(){return Or},get compute(){return Tr},get data(){return rr},get start(){return Er},get stop(){return Sr},get trigger(){return Nr}}),a=Object.freeze({__proto__:null,get compute(){return Dr},get data(){return xr},get log(){return Cr},get reset(){return Ar},get start(){return _r},get stop(){return Ir},get updates(){return Mr}}),r=Object.freeze({__proto__:null,get callbacks(){return Rr},get clear(){return qr},get consent(){return Yr},get data(){return jr},get electron(){return Lr},

                                                      Chrome Cache Entry: 127

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
                                                      Category:downloaded
                                                      Size (bytes):3082
                                                      Entropy (8bit):7.742548580563852
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:F4DAF9E5B7CAAEEA8183BB42A49C56A8
                                                      SHA1:B0B7BB5FAF449D3A3751752B815E09B9F29D16A9
                                                      SHA-256:4D987A2ABB4C63F18179B7FA3F9DC33C13A2F66BBD6A3F5F1B9F8FEA904080D3
                                                      SHA-512:30D2395BEE817AC055E966191CA394FC573CCCD03AA31966E4EDC8FE774532930E653D863F9A387DCB26BBF1646B0DF682DC45B9E21BA09362A00AB3CF42A819
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/img/pdf.f5cdafd.png
                                                      Preview:.PNG........IHDR.............R.l.....pHYs..!8..!8.E.1`....sRGB.........gAMA......a.....IDATx...KlT......;....!`U.9...68..RK`.*9.I7.Q.np.Q.JV..c..Z.t..."..-(JWq."..e...U.R.+.5f.y..]g...xf.s.s.?i4x.........<pcx,..z.,..M$RB..d.I..$.6..^.v1...."af...]..3=...K..r..}..=E.8 .:@..v..6##l.J.Z.@...2O.......7dA.*...V..R...9:.......U.Hw.....~......i.....a..#.........6S....pg..n3v....Bv.S1.u.4..X....;{.O.ASh.@.%.e\*....z_.....H.@..".^.j..#G.P..c.....u.._=........:../8.8......@.i}.6?t.dL./....p._....#.....LW..:........p),...dc...>...Vk..iM.@.K......N...?x!"5.[......4...>Vk.'..a."...2....h..W"..r.f.&....U.\.3e/..<AO.9l......G.....3..'..<.."...9..pG.@.C.@o..h.....Hc... .....T....o..g.u.s....u..fn.u^..[(1.s......t.&.._.........-.m?......s.....x.}...0...i..Y....x....J....... .7............!......o..M.o..A.",y...Y..!....c..=... ..!...C.>A.....}...eh...0..27..4...0<a.i.0As......!..7...\.3r.T..:.u..........`.$.<C.>. @..se......x....s-.{..>4.B..<.q.]...1y....G.A.B.w.=..yz....

                                                      Chrome Cache Entry: 128

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:dropped
                                                      Size (bytes):248
                                                      Entropy (8bit):4.7095712973278365
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:8C4C7804C239ACEA89A1A11804589CE5
                                                      SHA1:3E4D60649634D333E02695BB657B05E6A0BFF121
                                                      SHA-256:DA4B1CE0A6833588F4A9BD24350C9F16C31426D439F92B3342B43BFFEC6667C2
                                                      SHA-512:DB1FEFC6ACF6BD213F147CFCB79CD1864DE90ED5705D1020FC472F0CB62C590807D7D1C4453BF43AD9F7300EE3D89DD5DF5D03D9B2B9909C5458C9D64368FE92
                                                      Malicious:false
                                                      Reputation:unknown
                                                      Preview:{. "error": {. "code": 403,. "message": "Method doesn't allow unregistered callers (callers without established identity). Please use API Key or other form of API consumer identity to call this API.",. "status": "PERMISSION_DENIED". }.}.

                                                      Chrome Cache Entry: 131

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
                                                      Category:downloaded
                                                      Size (bytes):16958
                                                      Entropy (8bit):2.7363325351575143
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:C5A49151188324B97A545F8E4503D425
                                                      SHA1:F71A9FB7FA9E839A193A6DCC932D5397645B8D36
                                                      SHA-256:EECC6EB9A84ABF04B2D278A67AC92C4A025F3D365994904A6BEDB49F720B112A
                                                      SHA-512:47F29D61CE0FCC447578EA6AC33356A602E3651C1A0F342A9C0DD62BAAFC3E19F2FC2EBC36C5913560C76CB0BB0258A53DE36C5284F676E1799AEF1A8E371DE7
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/encs/icons/favicon.ico
                                                      Preview:......@@.... .(B......(...@......... ......@............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                      Chrome Cache Entry: 132

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (65485)
                                                      Category:downloaded
                                                      Size (bytes):175029
                                                      Entropy (8bit):5.3301293128755916
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:02FE9B828C130E46292D816E28DE9176
                                                      SHA1:3BAB2D9100017D7CFA1773BB1B1E39441154330F
                                                      SHA-256:6D8F977577A5DAF2EDA8A94E8426EADC0E458BD410CF27D99C65A8F74F24F917
                                                      SHA-512:1F2D376C3A4E800D34573300A65BD6B20817BEE201D905B9D736CA4B426A9B8DAEAD9DABBAB17D6097959E1928BFBD5BAB522F93B4A914F247A3376B1C9F4BDF
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/e2d2219.js
                                                      Preview:/*! For license information please see LICENSES */.(window.webpackJsonp=window.webpackJsonp||[]).push([[34],{0:function(e,t,n){"use strict";n.d(t,"c",(function(){return i})),n.d(t,"a",(function(){return o})),n.d(t,"b",(function(){return a})),n.d(t,"d",(function(){return s})),n.d(t,"g",(function(){return c})),n.d(t,"e",(function(){return u})),n.d(t,"f",(function(){return l}));var r=function(e,t){return r=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},r(e,t)};function i(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}r(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}var o=function(){return o=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var i in t=arguments[n])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]

                                                      Chrome Cache Entry: 133

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (47478), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):51084
                                                      Entropy (8bit):5.594342096782827
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:6A215B6FEE5059C0FF5104DC627C85A5
                                                      SHA1:405426F7C9B36776F2573DC29B9EB3F6F26279E9
                                                      SHA-256:32CB72CE60E0D9F124A7065BEB308F7E8D5AB1707343411BF67A12AA6E44046A
                                                      SHA-512:39346513208754C2F0A75F6CD53EC3D33C4C1F6FBFA8A19B8D9E97700844664039364E30804C9F17F750A953CED8AB777516C357BA4304576DC20AF26E9A92C9
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/c982598.js
                                                      Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[0],{281:function(e,i){e.exports={"zh-cn":{logo_desc:"WPS Docs",plat_title:"Use WPS Office for the Best Experience",outer_plat_title:"Use WPS Office for ",open_with_wps:"Open with WPS Office",open_width_browser:"Open with browser",no_client_dialog_tip0:"Dear user,",no_client_dialog_tip1:"you haven't installed <span>WPS Office</span>",no_client_dialog_tip2:"Please install free WPS Office to open it.",no_client_dialog_button:"OK",free_download:"Free Download.",banner_title:"Free Office Suit with PDF Editor Make Your Life Better",nextstep_title0:"Next step",nextstep_title1:"After download.double click the installer to start install WPS Office",nextstep_title2:"By using WPS Office, you agree to the WPS Office ",nextstep_title3:"License agreement",nextstep_title4:" and ",nextstep_title5:"Privacy policy",nextstep_tip1:"You got free WPS Office suite.Click to install.",nextstep_tip2:"You got free <br/> <span>WPS Office</span> suite!",

                                                      Chrome Cache Entry: 134

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:downloaded
                                                      Size (bytes):277
                                                      Entropy (8bit):5.087973302721264
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:A77DDCC76E5376AAF36F9339946F9253
                                                      SHA1:404FF2410583485F40D40F786DA6CE73CBE77D21
                                                      SHA-256:57894D21B3152D2E89A052605D583AAEAFFD53D5A6B721C5C6E9130692B8DAAA
                                                      SHA-512:93151E447031007CC14F1DB489E1527E9CABBD90121E34A053406E21E91629B8DCB1C059EDD47B2172F3179F7FE692C8A2840190253C88FC7A0843E4D9C3FEB8
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://firebase.googleapis.com/v1alpha/projects/-/apps/1:913527679496:web:fcfb5a648715ac0f3cffbd/webConfig
                                                      Preview:{. "projectId": "wps-docs",. "appId": "1:913527679496:web:fcfb5a648715ac0f3cffbd",. "storageBucket": "wps-docs.appspot.com",. "locationId": "us-central",. "authDomain": "wps-docs.firebaseapp.com",. "messagingSenderId": "913527679496",. "measurementId": "G-PE2STH1E8E".}.

                                                      Chrome Cache Entry: 135

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (27700), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):27700
                                                      Entropy (8bit):5.596132433867591
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:F7E9B8EDA5BC713C4D4BDFCB69D95A05
                                                      SHA1:5E56E35F3504CFB20F9CC6B644D497DC300FCAF1
                                                      SHA-256:DD42C5154C8376E0FEF5EDDC5DCB287888A44DD3F73C2A0B037920A5E2FE7A1C
                                                      SHA-512:3F217212AFBCCF6D494AB48016DBB41AD84891BC4D103182FD21B3346820F8448F9F97B036C72363730B54E4CC9374CF1B5FE0BA0131EB27FBABC0A144234612
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/2e3c7cc.js
                                                      Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[1,13,29],{278:function(t,e,o){var i=o(281);function n(){try{return(window.navigator.language||window.navigator.browserLanguage).toLowerCase()}catch(t){return"en-us"}}t.exports={lang_42:function(){return i[n()]||i["en-us"]},getCurrentBrowserLang:n}},284:function(t,e,o){t.exports=o.p+"img/design.683750d.png"},285:function(t,e,o){t.exports=o.p+"img/arrow_01.1db9f0c.png"},286:function(t,e,o){var i=o(340);i.__esModule&&(i=i.default),"string"==typeof i&&(i=[[t.i,i,""]]),i.locals&&(t.exports=i.locals);(0,o(107).default)("cfc84910",i,!0,{sourceMap:!1})},287:function(t,e,o){var i=o(342);i.__esModule&&(i=i.default),"string"==typeof i&&(i=[[t.i,i,""]]),i.locals&&(t.exports=i.locals);(0,o(107).default)("272c4eae",i,!0,{sourceMap:!1})},327:function(t,e){t.exports="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAARCAYAAADUryzEAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAACrSURBVHgB3ZC9EcMgDIUB1/QwAT2sEa+RrJE1kj6ZIANkARb

                                                      Chrome Cache Entry: 137

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (5945)
                                                      Category:downloaded
                                                      Size (bytes):294517
                                                      Entropy (8bit):5.573104199401101
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:ADEABA1AA242BEE343ABF6D76D8B8C6D
                                                      SHA1:CEAC8C2F241D122057265F6C7110918025D81153
                                                      SHA-256:AA26A387A579E9070DC3F16D30B36CD964A44394AF4F1C1AE81A6FA1CEB98E63
                                                      SHA-512:1B77E146F3D3515A0E5CDE0FDB7DF51D267EF2C4F89F68E763E4BA97368BA22D6C31CAC8357C625666FFA6AC9F0267459456AB6E3D6F446D453C24518A477305
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-PE2STH1E8E
                                                      Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"vtp_signal":0,"function":"__c","vtp_value":0},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_dma","priority":13,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":8},{"function":"__ogt_1p_data_v2","priority":13,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vt

                                                      Chrome Cache Entry: 92

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (2343)
                                                      Category:downloaded
                                                      Size (bytes):52916
                                                      Entropy (8bit):5.51283890397623
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:575B5480531DA4D14E7453E2016FE0BC
                                                      SHA1:E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
                                                      SHA-256:DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
                                                      SHA-512:174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://www.google-analytics.com/analytics.js
                                                      Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self,p=function(a,b){a=a.split(".");var c=n;a[0]in c||"undefined"==typeof c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r||u();v=v||q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING||[];w.TAGGING[a]=!0};var ba=Array.isArray,c

                                                      Chrome Cache Entry: 93

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:downloaded
                                                      Size (bytes):60
                                                      Entropy (8bit):4.196834613373055
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:A74E66ACDA3A202BF5FB3C4B1B416D18
                                                      SHA1:CA9AEF40685CBFA626CBDA1ED206697748990A89
                                                      SHA-256:8229F780BE39E3995A84999BE91EEA14AA6D58ABC37899B337980277EB1E73A7
                                                      SHA-512:224B2067E3759DC8974B5661E2E5DC13038FFFAFC47D58F654C919F60FFD4BE120B7304E3B0EBD8C40953D48AB3412250CC1D1B611639CE74317BF6E15464861
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://us-account.wps.com/p/session/correlate
                                                      Preview:{"result":"userNotLogin","msg":"The user is not logged in."}

                                                      Chrome Cache Entry: 94

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (64612), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):86917
                                                      Entropy (8bit):5.401685885158704
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:2D685F7EF9B21A4D3CD792EE1C29C89C
                                                      SHA1:EF86EBCA1B96B4AFAA0C8851735B2585AFACF2F5
                                                      SHA-256:66911F0660E8C470FF328DFBCF28FA50E6B555328B9A282B87398D8D31817BAE
                                                      SHA-512:1EF604F05ADAC75B14144717ED709915AB71EF20E7E25BD97F19147F2B83D087240941AE68C1ED1DE67D77D28F2AB6F9A46CCA1971CAB51EE3C75E67EAFC2742
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/2fcb74b.js
                                                      Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[5],{1:function(e,t,n){"use strict";n.d(t,"k",(function(){return m})),n.d(t,"m",(function(){return g})),n.d(t,"l",(function(){return b})),n.d(t,"e",(function(){return v})),n.d(t,"b",(function(){return y})),n.d(t,"s",(function(){return x})),n.d(t,"g",(function(){return w})),n.d(t,"h",(function(){return _})),n.d(t,"d",(function(){return O})),n.d(t,"r",(function(){return j})),n.d(t,"j",(function(){return k})),n.d(t,"t",(function(){return P})),n.d(t,"o",(function(){return S})),n.d(t,"q",(function(){return C})),n.d(t,"f",(function(){return $})),n.d(t,"c",(function(){return R})),n.d(t,"i",(function(){return E})),n.d(t,"p",(function(){return L})),n.d(t,"a",(function(){return M})),n.d(t,"v",(function(){return q})),n.d(t,"n",(function(){return B})),n.d(t,"u",(function(){return F}));n(40),n(20),n(41),n(42),n(48),n(25),n(49);var r,o,a=n(14),i=n(6),c=n(15),u=n(9),s=(n(46),n(13),n(37),n(135),n(28),n(47),n(50),n(27),n(30),n(31),n(18),n(69),n(36),n(

                                                      Chrome Cache Entry: 96

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (28144)
                                                      Category:downloaded
                                                      Size (bytes):28247
                                                      Entropy (8bit):5.559281924044436
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:717C515E7A6E62314B2E17EC39230484
                                                      SHA1:272632A3201A5599764A0D7F9F78DB9D1E5E18BB
                                                      SHA-256:C34864F00C9E1970C39E4DDD54DF88DBA1D9F572BA3BE8D4B4089054558FC875
                                                      SHA-512:5A27B6BA790D55EE33D0EFE2E8193FB9A45DB9903F9315C90072A48EE4E0C9F02460853ED4331CC9F0AE02089618902F8564B0797DD2BCF535CC3B30A881C8CC
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/53b3017.js
                                                      Preview:/*! For license information please see LICENSES */.(window.webpackJsonp=window.webpackJsonp||[]).push([[35],{282:function(n,e,t){"use strict";(function(n){var t;function o(){if("undefined"!=typeof window)switch(window.location.host){case"sg.pro.wps.com":return t.INTL_ENT;case"jp.pro.wps.com":return t.JP_ENT;case"jp.docs.wps.com":return t.JP_PER;case"365.wps.com":return t.INTL_PER;default:t.INTL_PER}return t.INTL_PER}e.__esModule=!0,e.ConfigLoader=e.smartBusinessLine=e.BusinessLineEnum=e.configs=e.japan_personal=e.japan_enterprise=e.international_personal=e.international_enterprise=void 0,e.international_enterprise={name:"WPS 365",icon:"https://docs.cache.wpscdn.com/encs/icons/favicon.ico",logo:"https://docs.cache.wpscdn.com/encs/icons/logo.svg",logos:"https://docs.cache.wpscdn.com/encs/icons/logo-s.png",pwa_icons:["https://docs.cache.wpscdn.com/encs/pwa-icons/wpsdocs-icon-76x76.png","https://docs.cache.wpscdn.com/encs/pwa-icons/wpsdocs-icon-120x120.png","https://docs.cache.wpscdn.com/e

                                                      Chrome Cache Entry: 97

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (65485)
                                                      Category:downloaded
                                                      Size (bytes):236070
                                                      Entropy (8bit):5.248463590145608
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:36D39398833139167A2F9F2DCBD85549
                                                      SHA1:E373B3F2B8D88E6A3D659ABE7394986ECE4B0950
                                                      SHA-256:1406B63FC5FCE598FFEFFB075220244C34C95FE478B9E8037C2E5CEF54B2592D
                                                      SHA-512:BE28FD9484669267A9B13B4FF3F0CA4E15C363C7795B09102D92061A3E323621291971E86C86725B65EE6B44095411CD03CFC53FDAB14256F237A78BE8CE1B4E
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://docs.cache.wpscdn.com/intl/docs/acea2bf.js
                                                      Preview:/*! For license information please see LICENSES */.(window.webpackJsonp=window.webpackJsonp||[]).push([[6],[,,function(t,e,n){"use strict";(function(t,n){var r=Object.freeze({});function o(t){return null==t}function i(t){return null!=t}function a(t){return!0===t}function s(t){return"string"==typeof t||"number"==typeof t||"symbol"==typeof t||"boolean"==typeof t}function c(t){return null!==t&&"object"==typeof t}var u=Object.prototype.toString;function f(t){return"[object Object]"===u.call(t)}function l(t){return"[object RegExp]"===u.call(t)}function p(t){var e=parseFloat(String(t));return e>=0&&Math.floor(e)===e&&isFinite(t)}function h(t){return i(t)&&"function"==typeof t.then&&"function"==typeof t.catch}function d(t){return null==t?"":Array.isArray(t)||f(t)&&t.toString===u?JSON.stringify(t,null,2):String(t)}function v(t){var e=parseFloat(t);return isNaN(e)?t:e}function y(t,e){for(var n=Object.create(null),r=t.split(","),o=0;o<r.length;o++)n[r[o]]=!0;return e?function(t){return n[t.toLow

                                                      Chrome Cache Entry: 98

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:downloaded
                                                      Size (bytes):82
                                                      Entropy (8bit):4.197680891427464
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:07C831427C445CFA6718026D11AD7657
                                                      SHA1:3D3225271FEA9F62C2A6D0AF42AD04AE2BDEE17D
                                                      SHA-256:0A2393F1F2BC99085099D2D1BE349866B97458C13D4B5747185331992456E954
                                                      SHA-512:2D0D14783918765ED46B22841F57D377F61992C40574E7CDA80BABE07D433D56B59FBBD00D759F3D75077D0A9DFC8666A6C6F58EF96F853EDF82E3CD2ABDB547
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://us.docs.wps.com/api/v3/office/asynctasks/normal_export?id=null
                                                      Preview:{"errno":10000,"msg":"task id is invalid","reason":"","result":"permissionDenied"}

                                                      Chrome Cache Entry: 99

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:downloaded
                                                      Size (bytes):60
                                                      Entropy (8bit):4.148824871352451
                                                      Encrypted:false
                                                      SSDEEP:
                                                      MD5:4BB1156AAD1C446F3294EF1C9441F120
                                                      SHA1:DDD8C5DA87D432925E96D03E9600B8522B4A71C7
                                                      SHA-256:A8012A0CF548A0C9DC90AC8D6C43D717A767A71E5FE75B4ABD154E3F63ADF4D7
                                                      SHA-512:F8F2F8BAA92A438C43CD94171304A02BDC7982D45582CAEC47C2598F7EFED4EF758E6851903B3A39912C7147D8732E9D2639ED420D0BD62DCA490FA4D66AD159
                                                      Malicious:false
                                                      Reputation:unknown
                                                      URL:https://params.wps.com/api/map/kdocs/docs_channel?device_type=windows&kdocssrc=loadPlatform&region=us
                                                      Preview:{"staticjs":{"website":{"docs_channel":{"pdfSwitch":"on"}}}}

                                                      Static File Info

                                                      No static file info