Edit tour

Windows Analysis Report
https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6

Overview

General Information

Sample URL:	https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6
Analysis ID:	1447158
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

No high impact signatures.

Classification

Process Tree

System is w10x64

chrome.exe (PID: 772 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2540 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2544,i,14126899083489953635,4150502049998718689,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6368 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49762 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.151
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.151
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /s/nipz5zxkc5e6gayscgq0oa5oqha53te6 HTTP/1.1Host: app.box.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /app-api/enduserapp/current-user/features/secondary HTTP/1.1Host: app.box.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /X-Box-Client-Version: 21.217.2X-Box-Client-Name: enduserappsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: z=iqun34kj1vsujctm76d2lsao4q; box_visitor_id=66508d06747bf3.35757431; bv=ISF-13727; cn=54; site_preference=desktop
Source: global traffic	HTTP traffic detected: GET /app-api/enduserapp/current-user/features/secondary HTTP/1.1Host: app.box.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: z=iqun34kj1vsujctm76d2lsao4q; box_visitor_id=66508d06747bf3.35757431; bv=ISF-13727; cn=54; site_preference=desktop

Source: global traffic	DNS traffic detected: DNS query: app.box.com
Source: global traffic	DNS traffic detected: DNS query: cdn01.boxcdn.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49762 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@16/48@10/5

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2544,i,14126899083489953635,4150502049998718689,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2544,i,14126899083489953635,4150502049998718689,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6	0%	Avira URL Cloud	safe
https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6	0%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://app.box.com/app-api/enduserapp/current-user/features/secondary	0%	Avira URL Cloud	safe
https://app.box.com/app-api/enduserapp/current-user/features/secondary	1%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
bg.microsoft.map.fastly.net	199.232.210.172	true	false	unknown
www.google.com	142.250.184.228	true	false	unknown
app.box.com	74.112.186.144	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
cdn01.boxcdn.net	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6	false		unknown
https://app.box.com/app-api/enduserapp/current-user/features/secondary	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
74.112.186.144	app.box.com	United States	33011	BOXNETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.184.228	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.23
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1447158
Start date and time:	2024-05-24 14:49:21 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 14s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@16/48@10/5

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.99, 142.250.185.174, 142.250.110.84, 34.104.35.123, 104.16.144.15, 104.16.145.15, 20.114.59.183, 199.232.210.172, 192.229.221.95, 20.166.126.56, 13.95.31.18, 142.250.186.35
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, cdn01.boxcdn.net.cdn.cloudflare.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 66

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65456)
Category:	downloaded
Size (bytes):	121209
Entropy (8bit):	5.238704925753861
Encrypted:	false
SSDEEP:	1536:zV/uxhfb53YwylmiixDnM9QD5GC0zC2Pe:zV6hfbZYwPBM9QT0lPe
MD5:	F9653E825EA4669BF3DF737D6C4A0599
SHA1:	E644E452CCEF9F4E513BE0321725A5AA13D46BD3
SHA-256:	F85E34E6C9CC1488EA98A8AFF27FBD49EC3C3E1230A2756F4281EBF736B87CDF
SHA-512:	11165DA2213AAC7CEDEC51BA22D064D4B7CB986834BBE0462E7038440D9FBBD3191BB32B8DFCC2871E1D3B0AAB09610D43AF599B4286588F23390BA5BAA47482
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/vendors~app.d2e7b41441.js
Preview:	/! For license information please see vendors~app.d2e7b41441.js.LICENSE.txt /.(globalThis.webpackChunkEndUserApp=globalThis.webpackChunkEndUserApp\|\|[]).push([[3481],{71972:(t,e,n)=>{"use strict";Object.defineProperty(e,"__esModule",{value:!0});var r=n(1866);Object.keys(r).forEach((function(t){"default"!==t&&"__esModule"!==t&&(t in e&&e[t]===r[t]\|\|Object.defineProperty(e,t,{enumerable:!0,get:function(){return r[t]}}))}))},5233:(t,e,n)=>{"use strict";Object.defineProperty(e,"__esModule",{value:!0}),e.importLib=void 0;e.importLib=()=>n.e(3028).then(n.t.bind(n,62153,23))},43342:(t,e,n)=>{"use strict";var r=n(64836);Object.defineProperty(e,"__esModule",{value:!0}),e.init=void 0;var i=r(n(77285)),o=n(5233);e.init=t=>((0,i.default)(t),(0,o.importLib)("heap"))},28229:(t,e,n)=>{"use strict";Object.defineProperty(e,"__esModule",{value:!0});var r=n(43342);Object.keys(r).forEach((function(t){"default"!==t&&"__esModule"!==t&&(t in e&&e[t]===r[t]\|\|Object.defineProperty(e,t,{enumerable:!0,get:funct

Chrome Cache Entry: 67

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (27757), with no line terminators
Category:	downloaded
Size (bytes):	27757
Entropy (8bit):	5.386363166555239
Encrypted:	false
SSDEEP:	768:OzElXsAreC74RYCHMZU1NnHDWZ/n1gpSTz9WG+xc3gd:eElXGC7EYQVjWHg64Nc3gd
MD5:	85BD2A3A5259F092655E6634D1471FE0
SHA1:	8DD77DEBF0B5B2C0396DB88F6C41E5AAA927FEDC
SHA-256:	048379378A3EB14A36628385D797F0A910A49976F6A0969ACED29E464378CCF0
SHA-512:	8EB5A71F54030BB1A2E85350616E16FCAA0AAF98EBE432F1652B2FF926B6438C0C90CD327A683802DC6611F2E3A095C48AF7888BFBE20C830E2520FB698BDAF3
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/runtime.5048e74c69.js
Preview:	(()=>{"use strict";var e,a,d,t,o,r,n,c,l,i={},f={};function s(e){var a=f[e];if(void 0!==a)return a.exports;var d=f[e]={id:e,loaded:!1,exports:{}};return i[e].call(d.exports,d,d.exports,s),d.loaded=!0,d.exports}s.m=i,s.c=f,s.amdO={},e=[],s.O=(a,d,t,o)=>{if(!d){var r=1/0;for(i=0;i<e.length;i++){for(var[d,t,o]=e[i],n=!0,c=0;c<d.length;c++)(!1&o\|\|r>=o)&&Object.keys(s.O).every((e=>s.O[e](d[c])))?d.splice(c--,1):(n=!1,o<r&&(r=o));if(n){e.splice(i--,1);var l=t();void 0!==l&&(a=l)}}return a}o=o\|\|0;for(var i=e.length;i>0&&e[i-1][2]>o;i--)e[i]=e[i-1];e[i]=[d,t,o]},s.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return s.d(a,{a}),a},d=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,s.t=function(e,t){if(1&t&&(e=this(e)),8&t)return e;if("object"===typeof e&&e){if(4&t&&e.__esModule)return e;if(16&t&&"function"===typeof e.then)return e}var o=Object.create(null);s.r(o);var r={};a=a\|\|[null,d({}),d([]),d(d)];for(var n=2&t&&e;"object"==typeof n&&!~a.indexOf(n);n=d(n))Object.getOwnPrope

Chrome Cache Entry: 68

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1045
Entropy (8bit):	7.666936027167787
Encrypted:	false
SSDEEP:	24:ckrym2PhepwEweR9lL7GLOIIadIVvfYYnsyEoWyvfUyvA9Q:trjEQwfe1tdVXYYn0yEM
MD5:	B17B8C3B3D2EF285E825644080717A59
SHA1:	900301257290A919A89EEFCEE0A7321FEBE7764E
SHA-256:	0CB9A48421820365CA54FB035DD124B469BD0AEA890D59B2FF82572A40529058
SHA-512:	5FC156A4C6555DD2875C078DA090EBCF26984D8526952E57123C90D36612A54D06E5B716F097785D782D993E066A0AF6A3745EA3FCBAB76838498B19E15EA61B
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....IDATx..WYH.Q.V..Z(h!.. ... h{..=(.(h.6J-(-_.).4.L.MI....\.ur.G.......a9.6........s.w....A}"B7..FXFX>....R........=..`.\HN.!.0..........!...`..j....(\..,%.4 `..C...0s.!H`'a.6......8..1..4.@lf.Z.n,.PNJh@ .C....,..........D`1)0b..I.K....b...p..#.DV..g.........E.Z`uz..}3R.:P\.@.....f.8Q...E.I.k)M.Rf.R.@ja..=...z\InB..VL;Z..D.uQUx....nU....px.@K...T.......u.X.]......&'..l0w...."..Y6...c+F.S0...y.v8]^l.12!...T..F.F..c...$...........hF.)1..W\. "VQnOB-R.;.&.QD.-..q+..iU...D>.E.61..6......Qht`:I.....\T.[....F;..!.O>\.." .7..=r....y.b4u..i.l....:$~..Z.;^63.).D'...q.y...w/...K........?.X.../....OX.n>M...J....8............a..2..^.7.k{....I...Y...v....p..........F1.....?~...).....t...C.^()AI.......v..N.i..E...7.H..~..q.T..)P!....}.I......=.$.K...k....,.L.[y.Rz..~...:>=>./:_.{..XEJ..@..j.}.=.c1fH.o.#...7g..........?......tR[...i@ ...};.K..`.

Chrome Cache Entry: 69

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24427), with no line terminators
Category:	downloaded
Size (bytes):	24427
Entropy (8bit):	5.39392683593856
Encrypted:	false
SSDEEP:	384:SCw/xPJpL6A+YrqpQ8+jC/8BTRO0Me4jG+tb3fjCakowW9r4PvOsdYyQfD7IqrJB:xw/xj6X9pQ8++oTM0M1jG+tbv+aBwWmY
MD5:	98A245A8CA9B8A0D28E57E31AE16A0A0
SHA1:	BAD12939C01BDA853F23DEF7C8E421E9486F6D3F
SHA-256:	7CC9FA8170BEA1B95FEF77AD994AE745F3879F5DEAFCAF32F9B422C264055010
SHA-512:	A82E8BF67CC8E5953897D15281FA3A901E314E660C594C2FEB30D5C1AEA1634A019FDF82D26A77B2925666E87C28C197FC9839084E8210DDFFAE8713B8901F2F
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/app.2ccbe7154d.js
Preview:	(globalThis.webpackChunkEndUserApp=globalThis.webpackChunkEndUserApp\|\|[]).push([[2143],{1450:(e,t,n)=>{"use strict";n.d(t,{$7:()=>u,CT:()=>m,K5:()=>c,S5:()=>i,Uq:()=>l,X3:()=>p,Zc:()=>a,i2:()=>f,kd:()=>o,lW:()=>s,lX:()=>g,qo:()=>d,tK:()=>r});const r=2,i="group",o="user",s={id:"GHOSTED_ITEM_ID",type:"GHOSTED_ITEM_TYPE",typedID:"GHOSTED_ITEM_TYPED_ID"},a="hubs",c="file",u="folder",d="web_link",l=13,p="sidebar_buttons",f=0,g=`d_${f}`,m={SHORT:150,LONG:300}},23545:(e,t,n)=>{"use strict";n.d(t,{Z:()=>p});var r=n(77533),i=n.n(r),o=n(41618),s=n(6060),a=n(16403),c=n(58896),u=n(65662),d=n(73389),l=n(95032);const p=function(e){let t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{},n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const r=(0,c.Q)(e),p=!1===n,f={headers:{Accept:"application/json","Content-Type":"object"===typeof n&&n.dataIsFormURLEncoded?"application/x-www-form-urlencoded; charset=UTF-8":"application/json","X-Box-Client-Name":(0,a.PO)(),"X-Box-Client-Version":(0

Chrome Cache Entry: 70

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Category:	downloaded
Size (bytes):	154292
Entropy (8bit):	5.058882284996022
Encrypted:	false
SSDEEP:	3072:f0A20zSqfM6I1SQK4YkNX3pUi/gysiozQTroV+SylBSsYMT:f0A20zSqfM6I1SQK4YkNX3pUi/gysio8
MD5:	546C948F04B07505D96EDC401733180A
SHA1:	C6B3B34577A4AD72BE7FE6E79263EE0732457D0A
SHA-256:	9283F32768F77BE094146FF4C04A6C598FABF34F712E2E76A9066431710942D3
SHA-512:	DC656EBE79B873CA6D55FD7F6F081848C4900AE971AC4788E1BBB97C5BF4A222DDAF03BA9F9EE2A6185BE7BDAA3ED9703E536F6088900E391DD358DF8446FA72
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/main.d001f394ff.css
Preview:	.flyout-overlay{-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;text-rendering:optimizeLegibility;box-sizing:border-box;color:#222;font-family:Lato,Helvetica Neue,Helvetica,Arial,sans-serif;font-size:13px;font-weight:400;letter-spacing:.3px;line-height:20px;z-index:190}.flyout-overlay>div:not(.should-outline-focus):focus{outline:none}.flyout-overlay .overlay{border-radius:6px;padding:15px}.flyout-overlay.dropdown-menu-element-attached-center .overlay,.flyout-overlay.flyout-overlay-target-attached-left .overlay,.flyout-overlay.flyout-overlay-target-attached-right .overlay{animation:fade-in .15s cubic-bezier(0,0,.6,1)}@media(max-width:767px){.flyout-overlay.bdl-Flyout--responsive.flyout-overlay-enabled{transform:none!important}.flyout-overlay.bdl-Flyout--responsive .bdl-Overlay>.overlay{background-color:#fff;border:none;border-radius:0;bottom:0;box-shadow:none;left:0;margin:0;padding:0;position:fixed;right:0;top:0}.flyout-overlay.bdl-Flyout--responsive .bdl-OverlayHe

Chrome Cache Entry: 71

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65453)
Category:	downloaded
Size (bytes):	154212
Entropy (8bit):	5.293859451943458
Encrypted:	false
SSDEEP:	3072:qHhjXOh0CPYaIM71ECUXnBW7B4ifBJfuW6:qRCPfXjU3BwB4dW6
MD5:	54741C7811D7956744D4E0AF5969514A
SHA1:	5D09B8A3C365BC869FA7D70C015D760472E881DE
SHA-256:	EE85E3416A064E4E7DEDAA448A54E7D7FFCF2441E8C7A3B72C134643BF285B83
SHA-512:	F01864D53DDB3AA96BAF1743558D4E2BCA92E2746853FC7C6D0231DE8120AFAAC4C521BE66B91DD7A7C00B1A485292546CB0C024AA05D6F520766959C25A4516
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/vendors~shared.40d6ec0fb7.js
Preview:	/! For license information please see vendors~shared.40d6ec0fb7.js.LICENSE.txt /."use strict";(globalThis.webpackChunkEndUserApp=globalThis.webpackChunkEndUserApp\|\|[]).push([[6641],{96141:(e,t,n)=>{var r=n(78066);Object.defineProperty(t,"__esModule",{value:!0});var l=void 0,a=void 0,o=void 0;t.unstable_now=void 0;var i=Date,u="function"===typeof setTimeout?setTimeout:void 0,s="function"===typeof clearTimeout?clearTimeout:void 0,c="function"===typeof requestAnimationFrame?requestAnimationFrame:void 0,f="function"===typeof cancelAnimationFrame?cancelAnimationFrame:void 0,d=void 0,p=void 0;function h(e){d=c((function(t){s(p),e(t)})),p=u((function(){f(d),e(t.unstable_now())}),100)}if("object"===typeof performance&&"function"===typeof performance.now){var m=performance;t.unstable_now=function(){return m.now()}}else t.unstable_now=function(){return i.now()};if("undefined"===typeof window\|\|"function"!==typeof MessageChannel){var v=null,y=function(e){if(null!==v)try{v(e)}finally{v=null}};l=f

Chrome Cache Entry: 72

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (44561), with no line terminators
Category:	downloaded
Size (bytes):	44561
Entropy (8bit):	4.937998555053139
Encrypted:	false
SSDEEP:	384:436WIj061mQKQmhgu4CAf61xLE361dDcbkwYi+eCHbHBPEGk1+0qv8vPmAvecN:vHCAnj+81FqkPveM
MD5:	CA5397FB716FA28876CE3CE50177A7EB
SHA1:	5DDE0FA557423A4D7B3FF9E31AFE8F6C9852BF9A
SHA-256:	594AF0FA4FCFEEFFCCFE4DE815075FB6488F8D9D7289BF07663C5A2546FE9A3E
SHA-512:	CAD7148490625A0D22309C95BB3A5B384BF9F1522D4BE7BA3406560F914692E2C45FD8294BF76F0E7E110AA9671258B53E8B8CEA4520468A6FE749EC16FD7D13
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/app.06b8d9b170.css
Preview:	.bdl-PillSelector-input--hidden,.pill-selector-hidden-input{position:absolute;visibility:hidden}.bdl-PillSelectorDropdown,.pill-selector-wrapper{margin:0 0 20px;position:relative}.bdl-PillSelectorDropdown .bdl-PillSelector,.bdl-PillSelectorDropdown .pill-selector-input-wrapper,.pill-selector-wrapper .bdl-PillSelector,.pill-selector-wrapper .pill-selector-input-wrapper{-webkit-font-smoothing:antialiased;align-content:flex-start;align-items:flex-start;background-color:#fff;border:1px solid #ccc;border-radius:6px;box-shadow:inset 0 1px 1px #00000014;cursor:text;display:flex;flex-flow:row wrap;margin-top:5px;overflow-x:hidden;overflow-y:auto;padding:5px;transition:border-color .15s linear,box-shadow .15s linear;width:262px}.bdl-PillSelectorDropdown .bdl-PillSelector:hover,.bdl-PillSelectorDropdown .pill-selector-input-wrapper:hover,.pill-selector-wrapper .bdl-PillSelector:hover,.pill-selector-wrapper .pill-selector-input-wrapper:hover{border:1px solid #004aa2}.bdl-PillSelectorDropdown .bdl

Chrome Cache Entry: 73

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8881), with no line terminators
Category:	downloaded
Size (bytes):	8881
Entropy (8bit):	5.451166673799247
Encrypted:	false
SSDEEP:	192:kThD8YPWNCCtkpag7iIDJA2Qgmwc2Z33YlKn6h7utsrL:sF+N7kpag7bDogmM3YMn6h7ue/
MD5:	7BB373DC7683AF723220A9BA644DA0F2
SHA1:	6CD928C95D9D96C6C921F7700DFF1EA599FBF330
SHA-256:	125E6D2D8134A408CC200CF7B6CAC2AF5F8D07F77A1EDD5F3160B36E8D1BBFB5
SHA-512:	A0DD200E3869823EE316ABA7C1ED9BD395DF7D80B0F0F04FB91153E25391197588C939A1A9F24011E454226D4A9DEA1EAF1BB002C8ED2C3B01E4478D66C635E6
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/docgen-assets/box_docgen_client_remote.0.51.5.js
Preview:	var box_docgen_client;(()=>{"use strict";var e,r,t,n,o,a,i,f,d,l,c,u,s,p,h,b,v,g,m,y={79588:(e,r,t)=>{var n={"./DocgenPage":()=>Promise.all([t.e(5),t.e(592),t.e(199),t.e(433)]).then((()=>()=>t(82798)))},o=(e,r)=>(t.R=r,r=t.o(n,e)?n[e]():Promise.resolve().then((()=>{throw new Error('Module "'+e+'" does not exist in container.')})),t.R=void 0,r),a=(e,r)=>{if(t.S){var n="default",o=t.S[n];if(o&&o!==e)throw new Error("Container initialization failed as it has already been initialized with a different share scope");return t.S[n]=e,t.I(n,r)}};t.d(r,{get:()=>o,init:()=>a})}},w={};function x(e){var r=w[e];if(void 0!==r)return r.exports;var t=w[e]={id:e,loaded:!1,exports:{}};return y[e].call(t.exports,t,t.exports,x),t.loaded=!0,t.exports}x.m=y,x.c=w,x.n=e=>{var r=e&&e.__esModule?()=>e.default:()=>e;return x.d(r,{a:r}),r},r=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,x.t=function(t,n){if(1&n&&(t=this(t)),8&n)return t;if("object"==typeof t&&t){if(4&n&&t.__esModule)return t;if

Chrome Cache Entry: 74

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (22504)
Category:	downloaded
Size (bytes):	22558
Entropy (8bit):	5.401305598634435
Encrypted:	false
SSDEEP:	384:vIKss4LtZfTHieKttGx5wNMpUXcUOEzSNRaMgVl1P5B:vI3sy/H7usx5CeUXcUOEzSyMgvjB
MD5:	9E6EFCD4D3B4CF2FC399A80711F80198
SHA1:	3039D39E950BF12B0D223297337006686E311B8C
SHA-256:	5C48452A921DB54B218FFEA7A3990E75C9064718D04A14BD07C1DA49C39B83B7
SHA-512:	37A850E8D6FAC8BB8EC2FD91AC8171EF51B16A6BAD5863B4E854B382E8F397B399F8D5D911B4AEEA1E5BCDD1BAF552F162CB726DCD061F9841D74AB27F3A3472
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/relay-trigger-assets/box_trigger_client_remote.14.114.0.js
Preview:	var box_trigger_client;!function(){"use strict";var e,n,t={59683:function(e,n,t){var r={"./RelayPage":function(){return Promise.all([t.e(8593),t.e(4776),t.e(1483),t.e(768),t.e(3315),t.e(5426),t.e(4770)]).then((function(){return function(){return t(14770)}}))},"./TriggerSummary":function(){return Promise.all([t.e(8593),t.e(4776),t.e(1483),t.e(768),t.e(3315),t.e(5426),t.e(7331)]).then((function(){return function(){return t(27331)}}))},"./OutcomeSummary":function(){return Promise.all([t.e(8593),t.e(4776),t.e(1483),t.e(768),t.e(3315),t.e(5426),t.e(815)]).then((function(){return function(){return t(90815)}}))},"./ManualStartOutcomeForm":function(){return Promise.all([t.e(8593),t.e(4776),t.e(1483),t.e(768),t.e(3315),t.e(5426),t.e(8297)]).then((function(){return function(){return t(48297)}}))},"./reducers":function(){return Promise.all([t.e(8593),t.e(4776),t.e(768),t.e(3315),t.e(5426),t.e(7487)]).then((function(){return function(){return t(7487)}}))},"./utils":function(){return Promise.all([t

Chrome Cache Entry: 75

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	217234
Entropy (8bit):	5.442541147238781
Encrypted:	false
SSDEEP:	6144:lj+Gb8DU+lGBm/TnSOX3hW3W952WGyTWowZiJa7YunMRsJTAkWZBh:ljVb8NlGBm/TnSOX3hW3W95rGUWowZil
MD5:	0EB301F1F1993095BEE8E810D4AE1479
SHA1:	8DC7AC1CE392D17FFB88DBB3D14185603949B8E5
SHA-256:	1C365335455111827DCD6B4D2E8BCCB04DB54C1348D9484958232D97FB7AFC01
SHA-512:	A3F3D7C90555F60C60CEA4536D05F1BE9F5607748CC68E6C241A738E903F05FD70A1C9DF86375589E79FA64A1B143CF03B8637A278B5D70320F169D83EBF1FEC
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/vendors~blueprint.b9638531e7.js
Preview:	"use strict";(globalThis.webpackChunkEndUserApp=globalThis.webpackChunkEndUserApp\|\|[]).push([[2946],{92938:(e,a,l)=>{l.d(a,{Z:()=>r});var t=l(13182);const r=e=>(0,t.jsxs)("svg",{width:"1em",height:"1em",viewBox:"0 0 32 32",role:"img",...e,children:[(0,t.jsx)("path",{fill:"#9F3FED",d:"M9 3h9.172a2 2 0 0 1 1.414.586l5.83 5.828A2 2 0 0 1 26 10.83V26a3 3 0 0 1-3 3H9a3 3 0 0 1-3-3V6a3 3 0 0 1 3-3Z"}),(0,t.jsx)("path",{fill:"white",fillOpacity:.5,d:"m19.286 3.286 5.01 5.009 1.412 1.412a1 1 0 0 1 .203.293H21a2 2 0 0 1-2-2V3.09a1 1 0 0 1 .286.196Z"}),(0,t.jsx)("path",{fill:"white",d:"M18.75 17h-5.5a.25.25 0 0 0-.25.25v4.25a1.5 1.5 0 1 1-1.5-1.5.9.9 0 0 1 .5.1v-6.35a.75.75 0 0 1 .75-.75h6.5a.75.75 0 0 1 .75.75v7.75a1.5 1.5 0 1 1-1.5-1.5.9.9 0 0 1 .5.1v-2.85a.25.25 0 0 0-.25-.25Zm-5.5-1h5.5a.25.25 0 0 0 .25-.25V14.5a.5.5 0 0 0-.5-.5h-5a.5.5 0 0 0-.5.5v1.25c0 .138.112.25.25.25Z"})]})},83466:(e,a,l)=>{l.d(a,{Z:()=>r});var t=l(13182);const r=e=>(0,t.jsxs)("svg",{width:"1em",height:"1em",viewBox:"0

Chrome Cache Entry: 76

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	204688
Entropy (8bit):	5.041152856994837
Encrypted:	false
SSDEEP:	1536:vokOEketxXUg2LQGtgDx7f72rCppYmdeAfdJ2xdhy2Az+vIYrZ0XeG+4k++vuo+:rzke/B4gDx7f72KPG7rIqt+
MD5:	998AEFA97CFDD9A008B4A524CBDD809E
SHA1:	78DB4C9DF7AEA91F98387A60AB848B32BE975D36
SHA-256:	8E58453D028DE5919D17C71579ECB84292491B93A2214705E2A24D030BE85405
SHA-512:	729CE71D607BBA1D43BA449274F4B04B0A89CD432BD1FC178F5BF69B273C93B5B127563717B9525C9D53C4C54C09D9C0E2C74A9F341F359F69AACA07D0926954
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/vendors~blueprint.249a744ab5.css
Preview:	.bp_ghost_module_ghost--a8ff6{animation:bp_ghost_module_ghost-keyframes--a8ff6 1.2s ease-in-out infinite;background-color:var(--surface-surface-hover);border-radius:var(--radius-1);display:inline-block}.bp_ghost_module_ghost--a8ff6.bp_ghost_module_circle--a8ff6{border-radius:50%;min-height:var(--space-6);min-width:var(--space-6)}.bp_ghost_module_ghost--a8ff6.bp_ghost_module_pill--a8ff6{border-radius:var(--radius-half);height:var(--space-5);width:100%}.bp_ghost_module_ghost--a8ff6.bp_ghost_module_rectangle--a8ff6{border-radius:var(--radius-1);height:var(--space-5);width:100%}@keyframes bp_ghost_module_ghost-keyframes--a8ff6{0%{background-color:var(--surface-surface-hover)}50%{background-color:var(--surface-surface-secondary)}to{background-color:var(--surface-surface-hover)}}.bp_status_module_interactiveStatus--66c28{border:initial;cursor:default;max-width:100%;padding:initial;vertical-align:top}.bp_status_module_interactiveStatus--66c28:focus-visible{box-shadow:0 0 0 .125rem #2486fc;out

Chrome Cache Entry: 77

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	407
Entropy (8bit):	4.080566420556739
Encrypted:	false
SSDEEP:	6:voaqoX0XB79i8eJOezXXhKvNsTX0XB79S66Oez114vN8K2GTagGT4Swqn:zNgBU8eJh0NIgB86jN8YTaDTxhn
MD5:	1282D079215E4C614112DF6FC53EA926
SHA1:	4C7AA9F41DD8C198A81720B4F95FBEA2354F682C
SHA-256:	D0BA0A2BDD509815497C0DF60D043B06E1F5022FD1EFDBFFB5E4F6CF5314B93A
SHA-512:	B49D69C39210AA5D21E83460FAF5587EB393C043B58D4A274DF622760469D577371DA84EEB99B3FC6AFDCE0FA4C1B26A63F9373A8D5CB0F4D148B14E6CCD2FDC
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json
Preview:	{. "name": "Box",. "icons": [. {. "src": "/android-chrome-192x192.png",. "sizes": "192x192",. "type": "image/png". },. {. "src": "/android-chrome-512x512.png",. "sizes": "512x512",. "type": "image/png". }. ],. "theme_color": "#ffffff",. "background_color": "#ffffff",. "display": "standalone".}.

Chrome Cache Entry: 78

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	dropped
Size (bytes):	1150
Entropy (8bit):	4.194659874353689
Encrypted:	false
SSDEEP:	12:XdZMi3fV7VxjA1Eb0HDGXl77YouKoxKabyaA8Im+6tfwbJhw2Slpfx9LV793ZMi3:XjjzmSGDGXRjv9C+6pOJh+Lhn
MD5:	A74D15243280A569CD8F985119271509
SHA1:	AFA4B4F88A0A405F0513407098121FB264CFF660
SHA-256:	5D1EBBD7B88D4B0F748CB8DDC964A1D159268F0831AF26F709D692A570168902
SHA-512:	FCB827B46204055396C9BF20C247CE5CCDAA5BB68CF81CDE69EE246E80CD7009CB5D446185E7F5C38BFD1777F4583A03F989400BA4FBDBC1872452DFE4A23D0E
Malicious:	false
Reputation:	low
Preview:	............ .h.......(....... ..... ..........................a...a.B.a...a...a...a...a...a...a...a...a...a...a...a...a.B.a...a.B.a...a...a...a...a...a...a...a...a...a...a...a...a...a...a.B.a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...`...b...f...`..._...f...i...a...c...`...a...e...a...a...a...`...r........n...C........q.....1..K..~..c...a...a...a.....{..{+.........Y..4................I..`...a...`...g......=..Y...m......o...].....w..........k...`...a...`...g.........\|........................x..a...a...`...g......x..t..5..k...^..p..~/..H..j...q....@..b...a...`...g......w'..]..._...`..._...^..._..._...`...`..._...a...a...a...b...{*..g...a...a...a...a...a...a...a...a...a...a...a...a...a...a...`...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a.B.a...a...a...a...a...a...a...a...a...a

Chrome Cache Entry: 79

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11143), with no line terminators
Category:	downloaded
Size (bytes):	11143
Entropy (8bit):	5.523933054796373
Encrypted:	false
SSDEEP:	192:6uiE0mYhYgQNTENKLB0Wh1YJ42OQgmIcKSa/WgMSiVWV/zhPcGvP4:6ul9VKwKQ1YbgmIc9aVMSiVQ/zhPTI
MD5:	65D04B9EDF95D95F210FD350A84B28FC
SHA1:	1CC4C3952E3124818C970534E3CAFE559AA0F3B1
SHA-256:	F6359FC9AF0470AF44EE8A0149B97670841F33D33A75760E9216BFA9E2DDCC19
SHA-512:	1CAC9E1D6050AC5FD940D98407DA5E74A1BB5DB7120A8B3386AFD391830849DD1B361D645D7DFD66F87A80964F371AB786B022120D6A9F470E940128212CEEDB
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/money-assets/box_money_client_remote.0.1.18.js
Preview:	var box_money_client;(()=>{"use strict";var e,r,t,a,n,s,o,f,d,i,c,l,u,b,h,p,m,g,v,y={8554:(e,r,t)=>{var a={"./SignupPage":()=>Promise.all([t.e(7284),t.e(768),t.e(5484),t.e(4912)]).then((()=>()=>t(4005))),"./TrialBillingBlockPage":()=>Promise.all([t.e(7284),t.e(768),t.e(5484),t.e(8848)]).then((()=>()=>t(5006)))},n=(e,r)=>(t.R=r,r=t.o(a,e)?a[e]():Promise.resolve().then((()=>{throw new Error('Module "'+e+'" does not exist in container.')})),t.R=void 0,r),s=(e,r)=>{if(t.S){var a="default",n=t.S[a];if(n&&n!==e)throw new Error("Container initialization failed as it has already been initialized with a different share scope");return t.S[a]=e,t.I(a,r)}};t.d(r,{get:()=>n,init:()=>s})}},j={};function w(e){var r=j[e];if(void 0!==r)return r.exports;var t=j[e]={id:e,loaded:!1,exports:{}};return y[e](t,t.exports,w),t.loaded=!0,t.exports}w.m=y,w.c=j,w.n=e=>{var r=e&&e.__esModule?()=>e.default:()=>e;return w.d(r,{a:r}),r},r=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,w.t=function(t

Chrome Cache Entry: 80

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12898), with no line terminators
Category:	downloaded
Size (bytes):	12898
Entropy (8bit):	5.4535681805272445
Encrypted:	false
SSDEEP:	192:isNPKEgHOOYh2QkNGcT0zw8dRuLa2hBOoEyG+btBiNS0fdPG6aEOcpVI:isNPNguOL0zw2IBbo+btWbpG6aEOcpu
MD5:	49B7CB027573E6D6EC681FF7345D3B87
SHA1:	D4548007F02A34D29580EEC0DDB8494CEC7BFBC0
SHA-256:	6D4263FB2FD7D226D9813EBFDE71C09B61E3BF38F238534256D5B1574C50FA53
SHA-512:	B6C2139CD626FCCC0957D044E4AAA17A78B4B4033D35D836C746F8A6F309ECFDFCFD5EAB7F5CDA9D5015AD1DB97420F734B56FC00173E795953B5BC18E320498
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/hubs-assets/box_hubs_client_remote.1.183.1.js
Preview:	var box_hubs_client;!function(){"use strict";var e,n,t,r,u,f,o,c,i,a,s,d,l,b,h,p,m,g={61199:function(e,n,t){var r={"./HubsPage":function(){return Promise.all([t.e(8675),t.e(925),t.e(768),t.e(1611),t.e(3061)]).then((function(){return function(){return t(53061)}}))},"./AddToHubModal":function(){return Promise.all([t.e(8675),t.e(925),t.e(768),t.e(1611),t.e(3885)]).then((function(){return function(){return t(13885)}}))},"./HubsSearch":function(){return Promise.all([t.e(8675),t.e(925),t.e(768),t.e(1611),t.e(9217)]).then((function(){return function(){return t(69217)}}))}},u=function(e,n){return t.R=n,n=t.o(r,e)?r[e]():Promise.resolve().then((function(){throw new Error('Module "'+e+'" does not exist in container.')})),t.R=void 0,n},f=function(e,n){if(t.S){var r="default",u=t.S[r];if(u&&u!==e)throw new Error("Container initialization failed as it has already been initialized with a different share scope");return t.S[r]=e,t.I(r,n)}};t.d(n,{get:function(){return u},init:function(){return f}})}},

Chrome Cache Entry: 81

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11633), with no line terminators
Category:	downloaded
Size (bytes):	11633
Entropy (8bit):	5.506278320904661
Encrypted:	false
SSDEEP:	192:oPKEHkANfFkbOf0c4sRkoVsZsEJaa2BkoKcp7uwBusIjCh6ttWdut:oPNHkgfuOfH4joV0sEmLp6wBvIjCh2kM
MD5:	9BF77DAABFA4875DA1E586229C9900A3
SHA1:	AC1165FA0CBEB6E4D979294BFD0508A4B04DDD50
SHA-256:	62B15B54B1732553834B57EA850CC46B6979D4E11A941531A3D920F9FF70DD17
SHA-512:	F3DBB2F56CB872AE863C5CEBBEBFB94C2A00753A540D6FCDDFD82C5F41CD15620B88E3A0FC532D2EF0D53C5DE44F25CCE66AABB647B82A53E13459C6E30B4886
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/sign-assets/box_sign_client_remote.1.587.10.js
Preview:	var box_sign_client;!function(){"use strict";var e,n,t,r,o,a,c,u,f,i,s,l,d,b,h,p,g,m,v={1401:function(e,n,t){var r={"./SignPage":function(){return Promise.all([t.e(1158),t.e(768),t.e(3796)]).then((function(){return function(){return t(63796)}}))}},o=function(e,n){return t.R=n,n=t.o(r,e)?r[e]():Promise.resolve().then((function(){throw new Error('Module "'+e+'" does not exist in container.')})),t.R=void 0,n},a=function(e,n){if(t.S){var r="default",o=t.S[r];if(o&&o!==e)throw new Error("Container initialization failed as it has already been initialized with a different share scope");return t.S[r]=e,t.I(r,n)}};t.d(n,{get:function(){return o},init:function(){return a}})}},_={};function y(e){var n=_[e];if(void 0!==n)return n.exports;var t=_[e]={id:e,loaded:!1,exports:{}};return v[e].call(t.exports,t,t.exports,y),t.loaded=!0,t.exports}y.m=v,y.c=_,y.amdO={},y.n=function(e){var n=e&&e.__esModule?function(){return e.default}:function(){return e};return y.d(n,{a:n}),n},n=Object.getPrototypeOf?func

Chrome Cache Entry: 82

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12001)
Category:	downloaded
Size (bytes):	17381
Entropy (8bit):	5.5736473380714715
Encrypted:	false
SSDEEP:	192:OwWPq4cbJwj2yk4+JKwP9H/HkTL4Zqa7jEngOTVDw8Q+u+ttGVLthHrcmlPKAFV7:OwA+4oKwtkX4Z8QgWtCmtLFSRepuCK0N
MD5:	260ADDCF225977F2A10A8F85414984D2
SHA1:	BCDA3B39F45C4CFE0168449FF4E8CF5EDD42631F
SHA-256:	81D39BD6DAD40BFA96E383FBE32899B5BF9BCE560CA2D5C338137AD0C0D9A5E7
SHA-512:	0511A33D2A3E36EAB7384148D2BCA6FF74E7592395CC6E1F453904C2FEF87D509329E3418DD7A9BC5B4D36626BB4F55D5D9499C2B0ADB794256A0EBE58535964
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/canvas-assets/box_canvas_remote.0.256.4.js
Preview:	var box_canvas;(()=>{"use strict";var F={7008:(d,s,l)=>{var b={"./CanvasApp":()=>Promise.all([l.e(92),l.e(6303),l.e(7963),l.e(6128)]).then(()=>()=>l(19287))},v=(i,S)=>(l.R=S,S=l.o(b,i)?b[i]():Promise.resolve().then(()=>{throw new Error('Module "'+i+'" does not exist in container.')}),l.R=void 0,S),u=(i,S)=>{if(l.S){var f="default",E=l.S[f];if(E&&E!==i)throw new Error("Container initialization failed as it has already been initialized with a different share scope");return l.S[f]=i,l.I(f,S)}};l.d(s,{get:()=>v,init:()=>u})}},R={};function e(d){var s=R[d];if(s!==void 0)return s.exports;var l=R[d]={id:d,loaded:!1,exports:{}};return F[d].call(l.exports,l,l.exports,e),l.loaded=!0,l.exports}e.m=F,e.c=R,e.amdO={},e.n=d=>{var s=d&&d.__esModule?()=>d.default:()=>d;return e.d(s,{a:s}),s},(()=>{var d=Object.getPrototypeOf?l=>Object.getPrototypeOf(l):l=>l.__proto__,s;e.t=function(l,b){if(b&1&&(l=this(l)),b&8\|\|typeof l=="object"&&l&&(b&4&&l.__esModule\|\|b&16&&typeof l.then=="function"))return l;var v=

Chrome Cache Entry: 83

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	167466
Entropy (8bit):	5.360545348673135
Encrypted:	false
SSDEEP:	3072:xr4Jr/2x5Tga/6WnynhzjwdKTGszGTkdU9W:xAr/23SiKzGTkdU9W
MD5:	38ED11AFB41AA1FA8D76425EB98E9563
SHA1:	C45824EC4C920C9615B9CFFA98AF5627D801A5AB
SHA-256:	A7EE7C9739CE91520FC358240EBE590BA2B7428F3F91135262144FB3D3D56C1A
SHA-512:	E2362B95219E31A7AB0E2F6651BC2BA828E7C6ED2BB51597F9822651B253886A137328D54BD158C5F3CB3F911C95E7DF5290D6CBA9F2FDA0AC31AEBFB2E0EEE5
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/vendors~observability.db24a5ee75.js
Preview:	(globalThis.webpackChunkEndUserApp=globalThis.webpackChunkEndUserApp\|\|[]).push([[30],{8542:(t,e,n)=>{"use strict";n.d(e,{lq:()=>Jo,tE:()=>$o});var r=n(45436);const o={applicationName:"unknown",beaconEndpoint:void 0,rumAccessToken:void 0};class i{options;startActiveSpan;startSpan;constructor(t){this.options={...o,...t};const e=this.getTracer();this.startActiveSpan=e.startActiveSpan.bind(e),this.startSpan=e.startSpan.bind(e)}getTracer(){return r.g.getTracer(this.options.applicationName)}startActiveWorkflowSpan(t,{attributes:e,...n}={},r){const o={"workflow.name":t,...e};return this.startActiveSpan(t,{...n,attributes:o},r)}startWorkflowSpan(t,{attributes:e,...n}={},r){const o={"workflow.name":t,...e};return this.startSpan(t,{...n,attributes:o},r)}}class a extends i{init(){}destroy(){}setGlobalAttributes(){}traceError(){}}n(9758);var s=n(38079);function u(t){void 0===t&&(t=[]);for(var e=[],n=0,r=t.length;n<r;n++){var o=t[n];if(Array.isArray(o)){var i=u(o);e=e.concat(i.instrumentations)}els

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65463)
Category:	downloaded
Size (bytes):	2488183
Entropy (8bit):	5.494412580626319
Encrypted:	false
SSDEEP:	49152:LyYCf1+ixh5iRyAWpRcBgnmGqGfdu2PDRFO/rBtA/+6LZ233o:MIIu2PQt4Jx
MD5:	8DF820B38185AAFD8B3B060F50B90236
SHA1:	C4FA97FF608164DFA97EB9FB16F60D479397B03F
SHA-256:	16B5B9370DB45A3FBC88E6135D4E06837E44F5E52E47023E229F72C43D4275E9
SHA-512:	C851D20AE6B3B78EBD64F38015EE2E477C86350C53B45CEE6DF7D04BAB49D3BC58C92288101C613BD0E7345FA7E34BCB0D2C68135F27E6F4BCA7CA5F001A71F0
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/enduser/main.231957dc67.js
Preview:	/! For license information please see main.231957dc67.js.LICENSE.txt /.(globalThis.webpackChunkEndUserApp=globalThis.webpackChunkEndUserApp\|\|[]).push([[179],{43634:(e,t,r)=>{var n={"./bn-IN":[96133,6016],"./bn-IN.js":[96133,6016],"./da-DK":[31362,3900],"./da-DK.js":[31362,3900],"./de-DE":[34508,2140],"./de-DE.js":[34508,2140],"./en-AU":[7342,4382],"./en-AU.js":[7342,4382],"./en-CA":[1751,8044],"./en-CA.js":[1751,8044],"./en-GB":[12319,85],"./en-GB.js":[12319,85],"./en-US":[75275,8844],"./en-US.js":[75275,8844],"./en-x-pseudo":[67658,8154],"./en-x-pseudo.js":[67658,8154],"./es-419":[82945,831],"./es-419.js":[82945,831],"./es-ES":[34857,8066],"./es-ES.js":[34857,8066],"./fi-FI":[73430,381],"./fi-FI.js":[73430,381],"./fr-CA":[43509,4308],"./fr-CA.js":[43509,4308],"./fr-FR":[45057,4841],"./fr-FR.js":[45057,4841],"./hi-IN":[20265,1436],"./hi-IN.js":[20265,1436],"./it-IT":[94241,4584],"./it-IT.js":[94241,4584],"./ja-JP":[3244,8615],"./ja-JP.js":[3244,8615],"./ko-KR":[56786,3729],"./ko-KR.j

Chrome Cache Entry: 85

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1045
Entropy (8bit):	7.666936027167787
Encrypted:	false
SSDEEP:	24:ckrym2PhepwEweR9lL7GLOIIadIVvfYYnsyEoWyvfUyvA9Q:trjEQwfe1tdVXYYn0yEM
MD5:	B17B8C3B3D2EF285E825644080717A59
SHA1:	900301257290A919A89EEFCEE0A7321FEBE7764E
SHA-256:	0CB9A48421820365CA54FB035DD124B469BD0AEA890D59B2FF82572A40529058
SHA-512:	5FC156A4C6555DD2875C078DA090EBCF26984D8526952E57123C90D36612A54D06E5B716F097785D782D993E066A0AF6A3745EA3FCBAB76838498B19E15EA61B
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png
Preview:	.PNG........IHDR... ... .....szz.....gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....IDATx..WYH.Q.V..Z(h!.. ... h{..=(.(h.6J-(-_.).4.L.MI....\.ur.G.......a9.6........s.w....A}"B7..FXFX>....R........=..`.\HN.!.0..........!...`..j....(\..,%.4 `..C...0s.!H`'a.6......8..1..4.@lf.Z.n,.PNJh@ .C....,..........D`1)0b..I.K....b...p..#.DV..g.........E.Z`uz..}3R.:P\.@.....f.8Q...E.I.k)M.Rf.R.@ja..=...z\InB..VL;Z..D.uQUx....nU....px.@K...T.......u.X.]......&'..l0w...."..Y6...c+F.S0...y.v8]^l.12!...T..F.F..c...$...........hF.)1..W\. "VQnOB-R.;.&.QD.-..q+..iU...D>.E.61..6......Qht`:I.....\T.[....F;..!.O>\.." .7..=r....y.b4u..i.l....:$~..Z.;^63.).D'...q.y...w/...K........?.X.../....OX.n>M...J....8............a..2..^.7.k{....I...Y...v....p..........F1.....?~...).....t...C.^()AI.......v..N.i..E...7.H..~..q.T..)P!....}.I......=.$.K...k....,.L.[y.Rz..~...:>=>./:_.{..XEJ..@..j.}.=.c1fH.o.#...7g..........?......tR[...i@ ...};.K..`.

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	390
Entropy (8bit):	4.775874639295591
Encrypted:	false
SSDEEP:	12:jF6sOqm6ZRoTdJqBYJqNMF6sO6ZyqtVBqC:5tOBYsdJqBYJqKtOYyaVBqC
MD5:	8A6E9B5D7E991233FBCBB28F1FEBA7E1
SHA1:	9A8D48105863306E390232AC9D05E20810CE7F33
SHA-256:	1CE0A7AB4A7204E698F731970D2A898AFFE60A2671126FD4A0D9CB753C15A7F9
SHA-512:	F7040C139EDE0672A58DF04189591F76D36AE308DF76E54F8851EA9420676A4479755CC74C1B78D01A60245E8FB366B0728427EEB50CE39C1CBE61275A4B1955
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/fonts/1.0.17/lato/main-fonts.css
Preview:	@font-face {. font-family: "Lato";. font-style: normal;. font-display: swap;. font-weight: 400;. src: url("./Lato-Regular.woff2") format("woff2"), url("./Lato-Regular.woff") format("woff");.}..@font-face {. font-family: "Lato";. font-style: normal;. font-weight: bold;. font-display: swap;. src: url("./Lato-Bold.woff2") format("woff2"), url("./Lato-Bold.woff") format("woff");.}.

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24074)
Category:	downloaded
Size (bytes):	24126
Entropy (8bit):	5.411122064580822
Encrypted:	false
SSDEEP:	384:xs8w+/tWSrn7lSXxIoKFzEQCfC/v30H7iIY/YvFM3:Kern74azFzpCfC/v30hY/863
MD5:	8378CE9F384BA438C66B84C2AE7E7203
SHA1:	995FC339F6784EEC46EBAC933124E0430EB067DA
SHA-256:	BF9FDCE047A7979FC8AAE854E6E5B8E226B9BBF3E4B10A0719822063311EF7CC
SHA-512:	F37CFA606AD7B4BEA6483EBA1752F89B2B39E74E36345E9D5693D91A02EF787C447878145132DA7E9D48662C0BB683D36436102DD00C1E65A0F98D272CA1B24F
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/file-request-forms/box_forms_client_remote.2.269.1.js
Preview:	var box_forms_client;!function(){"use strict";var e,n,t,r,u={73720:function(e,n,t){var r={"./BuilderPage":function(){return Promise.all([t.e(1485),t.e(8195),t.e(4536),t.e(6900),t.e(2899),t.e(1695),t.e(8976),t.e(6877),t.e(768),t.e(3948),t.e(4993),t.e(4144),t.e(1626),t.e(7638),t.e(3263),t.e(8905)]).then((function(){return function(){return t(38905)}}))},"./FileRequestAndSettingModal":function(){return Promise.all([t.e(1485),t.e(8195),t.e(4536),t.e(2899),t.e(768),t.e(3948),t.e(4993),t.e(1626),t.e(5763)]).then((function(){return function(){return t(43145)}}))},"./FileRequestDashboard":function(){return Promise.all([t.e(1485),t.e(8195),t.e(4536),t.e(2899),t.e(8976),t.e(6109),t.e(768),t.e(3948),t.e(4993),t.e(1626),t.e(3323)]).then((function(){return function(){return t(60115)}}))},"./SubmissionPage":function(){return Promise.all([t.e(1485),t.e(8195),t.e(4536),t.e(6900),t.e(1695),t.e(1340),t.e(768),t.e(3948),t.e(4993),t.e(4144),t.e(7638),t.e(399),t.e(9754)]).then((function(){return function()

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 84992, version 2.983
Category:	downloaded
Size (bytes):	84992
Entropy (8bit):	7.996797351733394
Encrypted:	true
SSDEEP:	1536:JEd0IY9YbGvf6ZAX2pLKOF7jJfyNRLhqcGeSi2475rwNLj5LMF1AM2QMhKZI8fh:JEdA9R6ZAGBDKpGfi2E50NL9iuVh+IC
MD5:	8B1868B7BCE455BF0DA2712EC5D1A6C8
SHA1:	576498905760A76534FEFC8A6A770B643E10AF01
SHA-256:	0ABCEFA9EF9546CAD5811B5A32F096F8B9407E43DE385227A78182C32DC3451B
SHA-512:	1D3F39EF3F6626FFC5AC2CAE218351062CFE5E14A15B7E0DDFD03DA3C3BBBBC6B3A323CB8A537CEAD70EC7725323A0E16EA1C9D58AE3979B23664627EF334448
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/fonts/1.0.17/lato/Lato-Regular.woff2
Preview:	wOF2......L...........K.........................?FFTM..8...b..F.`.. ..j........L../.6.$........ ..r..`..9?webf.[PD..4..+.......SE..t....M(E.\N0.j....O...cD>.P.6....n.....H.....g............%?.sk.}..$i.^.e....YqU.+....{..Bdf.$.xL...4.o...R....UG....z..){........Rc:..8MP=.&..T...oh.i.....i;n....b...w..!1'x.....l.......%....a..k........j............d........].~.IH...o.....w..i....sHB..5kVUUU...]-...$.X..UUU....]].@...Lzr!s.CJ..2...\|?.29:..7......&o.eG...=i..\:.8..uk;.46.$.....Mb....6.H..t..m...bb.....Mc....(....^.Xu...[B./..7.T..(1gdt.b3....ZtTQ..w-1.j.........9...QR.d..P.k.A.@.C....:.. +.K.AD...!."D.T?R....J..)C.`..w..21.m3..W.....vW..Q.(c.(.~...&.....t.C...;....Tn..}i....,.Q.1.b....../.....Q.....u?O.2.......\|g..o.G..R.3A.fjo...%.@O...v.$.m........\g.$m..J.n..o...L.Q..'R..W.z..tn...6.....Y.wG.....:...O....L.i.Z..f..T!.....B&j...C3TI@\.~..O9......l*.x.db.B&H...A..0....i..Z.w.v.....fV..,.2a.....z_m.Ox..r.....e(.!..S.K..@]-U.!...-.0....

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 84396, version 2.983
Category:	downloaded
Size (bytes):	84396
Entropy (8bit):	7.996116383259223
Encrypted:	true
SSDEEP:	1536:lhWk7aeOTww2X4owbcnRqvjFkw8cyW/fTJnh2r667bZ3fTyG/q+TBpMLB:lHdOk9ojj2a//rFoeutTyG/ZBC
MD5:	8A54EA1AEB67D07C751BD5F03068317B
SHA1:	CFBEE4F2FD7F359A2A60648BB6797CAC1FD4DA3E
SHA-256:	4230A20B841519BDBE4B0C154BAD414E017CF80B3918127D45C4F907EEA07280
SHA-512:	A3CA9E052DBB81A20C71DDD24962CE57E842134A8B30842328410DF3FCF76EED4367C3A5A1148DD11092CF0CF3E29B57040CF79D40AC6450D8234F27204D47E1
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/fonts/1.0.17/lato/Lato-Bold.woff2
Preview:	wOF2......I.......m...I;........................?FFTM..8...>..F.`.. ..j...........\|.6.$..$..(.. ..Z.....9?webf.[/0..B%.^..m.m..[..F...&...v....!.......i.V]\.l....b.a..96....H.............J...../....3.H...X.g.*.j.....v.!p4.-.I....P..i..1vTS..}..&A.Z..FT}?([..j..[.....c..@...LmwV...B.A.9$!.....z..'..C.1.....$!...uu....>......4....R&..}9.h-.T../..Iz.....W>......7..u...z~...V...~2....b.>....{~e[..HP:qT.L.o..P.hF..B...U.w.+E..o..dV>.......,.U^L....... .............Y.pN......{1T...V.....\|.&.?/Q...\|4.I.k.... .v..T...;....7B..]..\|..R_.].\|..D.:b............%.....D../.!.@......;p.%.g...w..(\|...[.9......T...y.,... .N.i..L..AVe.>..B.e.H.O!?.@/..ku.f.......w...Xg..YR.gD....i=...\.$Y.iG.......F...CN.(\|.A.{\..K5x....>i!....."....N..0.R.y...G.A..jt.Lg.ML.`......3Y{=.m$..x....%..\|f.wvU..\...R.x......_...tl.NH._.Y......2....r.).J.....R..DLo.zG.U.xj.4..~..7G=!.......X&.(.a.-........$..;._qL.,.d..i..XJ5.P.-{......J.$o@b...l.h....r..5..i..Jx@..T..I.Nt/."7.z.K>2...\

Chrome Cache Entry: 90

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	downloaded
Size (bytes):	1150
Entropy (8bit):	4.194659874353689
Encrypted:	false
SSDEEP:	12:XdZMi3fV7VxjA1Eb0HDGXl77YouKoxKabyaA8Im+6tfwbJhw2Slpfx9LV793ZMi3:XjjzmSGDGXRjv9C+6pOJh+Lhn
MD5:	A74D15243280A569CD8F985119271509
SHA1:	AFA4B4F88A0A405F0513407098121FB264CFF660
SHA-256:	5D1EBBD7B88D4B0F748CB8DDC964A1D159268F0831AF26F709D692A570168902
SHA-512:	FCB827B46204055396C9BF20C247CE5CCDAA5BB68CF81CDE69EE246E80CD7009CB5D446185E7F5C38BFD1777F4583A03F989400BA4FBDBC1872452DFE4A23D0E
Malicious:	false
Reputation:	low
URL:	https://cdn01.boxcdn.net/_assets/img/favicons/favicon-yz-tj-.ico
Preview:	............ .h.......(....... ..... ..........................a...a.B.a...a...a...a...a...a...a...a...a...a...a...a...a.B.a...a.B.a...a...a...a...a...a...a...a...a...a...a...a...a...a...a.B.a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...`...b...f...`..._...f...i...a...c...`...a...e...a...a...a...`...r........n...C........q.....1..K..~..c...a...a...a.....{..{+.........Y..4................I..`...a...`...g......=..Y...m......o...].....w..........k...`...a...`...g.........\|........................x..a...a...`...g......x..t..5..k...^..p..~/..H..j...q....@..b...a...`...g......w'..]..._...`..._...^..._..._...`...`..._...a...a...a...b...{*..g...a...a...a...a...a...a...a...a...a...a...a...a...a...a...`...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a...a.B.a...a...a...a...a...a...a...a...a...a

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 24, 2024 14:50:03.671837091 CEST	49678	443	192.168.2.4	104.46.162.224
May 24, 2024 14:50:04.843590021 CEST	49675	443	192.168.2.4	173.222.162.32
May 24, 2024 14:50:13.826461077 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:13.826550961 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:13.826628923 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:13.827496052 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:13.827584028 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:13.827651978 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:13.827697992 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:13.827728987 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:13.827996016 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:13.828037977 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.320609093 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.320934057 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.320988894 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.322668076 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.322762012 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.324017048 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.324110985 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.324278116 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.324294090 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.347615957 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.349262953 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.349323034 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.352878094 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.353066921 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.353914022 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.354100943 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.374172926 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.405869007 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.405927896 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.452282906 CEST	49675	443	192.168.2.4	173.222.162.32
May 24, 2024 14:50:14.452316046 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.633126974 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.634804964 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.634882927 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.634885073 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.634960890 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.635019064 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.638633013 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.640680075 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.640753984 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.640768051 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.691092014 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.736026049 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.739923954 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.740133047 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.740164042 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.743982077 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.744076967 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.744095087 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.745560884 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.745623112 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.745635033 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.798062086 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.894371033 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.898561954 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.898629904 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.898648024 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.898845911 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:14.898900986 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.899288893 CEST	49735	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:14.899300098 CEST	443	49735	74.112.186.144	192.168.2.4
May 24, 2024 14:50:15.868355036 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:15.868388891 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:15.868457079 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:15.868772030 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:15.868787050 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:16.535583019 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:16.536168098 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:16.536176920 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:16.537606955 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:16.537663937 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:16.671617985 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:16.671659946 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:16.671740055 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:16.673398018 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:16.673414946 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:16.934504986 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:16.934825897 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:16.976907969 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:16.976927996 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:17.030314922 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:17.343637943 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.343703032 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.347579002 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.347594023 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.347811937 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.390685081 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.418808937 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.466491938 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.625125885 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.625190973 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.625236034 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.625315905 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.625340939 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.625356913 CEST	49760	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.625365019 CEST	443	49760	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.662437916 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.662466049 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:17.662599087 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.663698912 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:17.663716078 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:18.368232965 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:18.368407011 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:18.370564938 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:18.370618105 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:18.371438980 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:18.373805046 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:18.414535999 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:18.672101021 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:18.672267914 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:18.672348022 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:19.008795023 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:19.013710022 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:19.013710022 CEST	49762	443	192.168.2.4	184.28.90.27
May 24, 2024 14:50:19.013736963 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:19.013758898 CEST	443	49762	184.28.90.27	192.168.2.4
May 24, 2024 14:50:19.050528049 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:19.234899044 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:19.239727974 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:19.239984989 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:19.239984989 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:19.541147947 CEST	49736	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:19.541213989 CEST	443	49736	74.112.186.144	192.168.2.4
May 24, 2024 14:50:19.597697020 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:19.597790956 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:19.597892046 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:19.598283052 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:19.598310947 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:20.148905039 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:20.149264097 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:20.149358034 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:20.152868032 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:20.152954102 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:20.153470993 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:20.153650045 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:20.153781891 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:20.153800011 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:20.205164909 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:20.409641027 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:20.409962893 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:20.410218000 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:20.410765886 CEST	49765	443	192.168.2.4	74.112.186.144
May 24, 2024 14:50:20.410804033 CEST	443	49765	74.112.186.144	192.168.2.4
May 24, 2024 14:50:26.443150043 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:26.443284988 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:50:26.443389893 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:28.458532095 CEST	49755	443	192.168.2.4	142.250.184.228
May 24, 2024 14:50:28.458549023 CEST	443	49755	142.250.184.228	192.168.2.4
May 24, 2024 14:51:15.975953102 CEST	49777	443	192.168.2.4	142.250.184.228
May 24, 2024 14:51:15.975999117 CEST	443	49777	142.250.184.228	192.168.2.4
May 24, 2024 14:51:15.976070881 CEST	49777	443	192.168.2.4	142.250.184.228
May 24, 2024 14:51:15.976392031 CEST	49777	443	192.168.2.4	142.250.184.228
May 24, 2024 14:51:15.976406097 CEST	443	49777	142.250.184.228	192.168.2.4
May 24, 2024 14:51:16.638329029 CEST	443	49777	142.250.184.228	192.168.2.4
May 24, 2024 14:51:16.638643980 CEST	49777	443	192.168.2.4	142.250.184.228
May 24, 2024 14:51:16.638676882 CEST	443	49777	142.250.184.228	192.168.2.4
May 24, 2024 14:51:16.639146090 CEST	443	49777	142.250.184.228	192.168.2.4
May 24, 2024 14:51:16.640250921 CEST	49777	443	192.168.2.4	142.250.184.228
May 24, 2024 14:51:16.640343904 CEST	443	49777	142.250.184.228	192.168.2.4
May 24, 2024 14:51:16.687006950 CEST	49777	443	192.168.2.4	142.250.184.228
May 24, 2024 14:51:22.625274897 CEST	49723	80	192.168.2.4	2.19.126.151
May 24, 2024 14:51:22.625312090 CEST	49724	80	192.168.2.4	93.184.221.240
May 24, 2024 14:51:22.630871058 CEST	80	49723	2.19.126.151	192.168.2.4
May 24, 2024 14:51:22.630989075 CEST	49723	80	192.168.2.4	2.19.126.151
May 24, 2024 14:51:22.635536909 CEST	80	49724	93.184.221.240	192.168.2.4
May 24, 2024 14:51:22.635785103 CEST	49724	80	192.168.2.4	93.184.221.240
May 24, 2024 14:51:26.541765928 CEST	443	49777	142.250.184.228	192.168.2.4
May 24, 2024 14:51:26.541898012 CEST	443	49777	142.250.184.228	192.168.2.4
May 24, 2024 14:51:26.542021990 CEST	49777	443	192.168.2.4	142.250.184.228
May 24, 2024 14:51:28.392411947 CEST	49777	443	192.168.2.4	142.250.184.228
May 24, 2024 14:51:28.392450094 CEST	443	49777	142.250.184.228	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 24, 2024 14:50:12.248471975 CEST	53	63678	1.1.1.1	192.168.2.4
May 24, 2024 14:50:12.267599106 CEST	53	50207	1.1.1.1	192.168.2.4
May 24, 2024 14:50:13.415374041 CEST	53	58808	1.1.1.1	192.168.2.4
May 24, 2024 14:50:13.804204941 CEST	49888	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:13.804460049 CEST	50338	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:13.813967943 CEST	53	49888	1.1.1.1	192.168.2.4
May 24, 2024 14:50:13.831454992 CEST	53	50338	1.1.1.1	192.168.2.4
May 24, 2024 14:50:14.660161972 CEST	51411	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:14.660368919 CEST	65485	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:15.848573923 CEST	60657	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:15.848721027 CEST	55769	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:15.856532097 CEST	53	60657	1.1.1.1	192.168.2.4
May 24, 2024 14:50:15.866245031 CEST	53	55769	1.1.1.1	192.168.2.4
May 24, 2024 14:50:19.572643042 CEST	50187	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:19.573220968 CEST	56043	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:19.584036112 CEST	53	50187	1.1.1.1	192.168.2.4
May 24, 2024 14:50:19.604104042 CEST	53	56043	1.1.1.1	192.168.2.4
May 24, 2024 14:50:19.781742096 CEST	62130	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:19.781888008 CEST	57946	53	192.168.2.4	1.1.1.1
May 24, 2024 14:50:30.551562071 CEST	53	57541	1.1.1.1	192.168.2.4
May 24, 2024 14:50:34.228964090 CEST	138	138	192.168.2.4	192.168.2.255
May 24, 2024 14:50:49.606259108 CEST	53	57441	1.1.1.1	192.168.2.4
May 24, 2024 14:51:11.596087933 CEST	53	50050	1.1.1.1	192.168.2.4
May 24, 2024 14:51:12.613084078 CEST	53	63068	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
May 24, 2024 14:50:13.831535101 CEST	192.168.2.4	1.1.1.1	c222	(Port unreachable)	Destination Unreachable
May 24, 2024 14:50:19.604190111 CEST	192.168.2.4	1.1.1.1	c222	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
May 24, 2024 14:50:13.804204941 CEST	192.168.2.4	1.1.1.1	0x79c5	Standard query (0)	app.box.com	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:13.804460049 CEST	192.168.2.4	1.1.1.1	0x87d3	Standard query (0)	app.box.com	65	IN (0x0001)	false
May 24, 2024 14:50:14.660161972 CEST	192.168.2.4	1.1.1.1	0x9b4f	Standard query (0)	cdn01.boxcdn.net	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:14.660368919 CEST	192.168.2.4	1.1.1.1	0xd415	Standard query (0)	cdn01.boxcdn.net	65	IN (0x0001)	false
May 24, 2024 14:50:15.848573923 CEST	192.168.2.4	1.1.1.1	0x258f	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:15.848721027 CEST	192.168.2.4	1.1.1.1	0x22df	Standard query (0)	www.google.com	65	IN (0x0001)	false
May 24, 2024 14:50:19.572643042 CEST	192.168.2.4	1.1.1.1	0xf4f3	Standard query (0)	app.box.com	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:19.573220968 CEST	192.168.2.4	1.1.1.1	0x63e7	Standard query (0)	app.box.com	65	IN (0x0001)	false
May 24, 2024 14:50:19.781742096 CEST	192.168.2.4	1.1.1.1	0xf311	Standard query (0)	cdn01.boxcdn.net	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:19.781888008 CEST	192.168.2.4	1.1.1.1	0xf81e	Standard query (0)	cdn01.boxcdn.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
May 24, 2024 14:50:13.813967943 CEST	1.1.1.1	192.168.2.4	0x79c5	No error (0)	app.box.com		74.112.186.144	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:14.693960905 CEST	1.1.1.1	192.168.2.4	0xd415	No error (0)	cdn01.boxcdn.net	cdn01.boxcdn.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
May 24, 2024 14:50:14.698729992 CEST	1.1.1.1	192.168.2.4	0x9b4f	No error (0)	cdn01.boxcdn.net	cdn01.boxcdn.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
May 24, 2024 14:50:15.856532097 CEST	1.1.1.1	192.168.2.4	0x258f	No error (0)	www.google.com		142.250.184.228	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:15.866245031 CEST	1.1.1.1	192.168.2.4	0x22df	No error (0)	www.google.com			65	IN (0x0001)	false
May 24, 2024 14:50:19.584036112 CEST	1.1.1.1	192.168.2.4	0xf4f3	No error (0)	app.box.com		74.112.186.144	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:19.797919035 CEST	1.1.1.1	192.168.2.4	0xf81e	No error (0)	cdn01.boxcdn.net	cdn01.boxcdn.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
May 24, 2024 14:50:19.806528091 CEST	1.1.1.1	192.168.2.4	0xf311	No error (0)	cdn01.boxcdn.net	cdn01.boxcdn.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
May 24, 2024 14:50:28.081326008 CEST	1.1.1.1	192.168.2.4	0xe74a	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:28.081326008 CEST	1.1.1.1	192.168.2.4	0xe74a	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:28.634413004 CEST	1.1.1.1	192.168.2.4	0xdaf6	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 24, 2024 14:50:28.634413004 CEST	1.1.1.1	192.168.2.4	0xdaf6	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 24, 2024 14:50:41.575679064 CEST	1.1.1.1	192.168.2.4	0xe5cb	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 24, 2024 14:50:41.575679064 CEST	1.1.1.1	192.168.2.4	0xe5cb	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 24, 2024 14:51:04.695101023 CEST	1.1.1.1	192.168.2.4	0xb9e5	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 24, 2024 14:51:04.695101023 CEST	1.1.1.1	192.168.2.4	0xb9e5	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 24, 2024 14:51:24.820856094 CEST	1.1.1.1	192.168.2.4	0xf7f5	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 24, 2024 14:51:24.820856094 CEST	1.1.1.1	192.168.2.4	0xf7f5	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

app.box.com

fs.microsoft.com

https:

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49735	74.112.186.144	443	2540	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-24 12:50:14 UTC	688	OUT	GET /s/nipz5zxkc5e6gayscgq0oa5oqha53te6 HTTP/1.1 Host: app.box.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-24 12:50:14 UTC	1056	IN	HTTP/1.1 200 OK Date: Fri, 24 May 2024 12:50:14 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked X-Robots-Tag: noindex, nofollow Strict-Transport-Security: max-age=31536000 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: z=iqun34kj1vsujctm76d2lsao4q; path=/; domain=.app.box.com; secure; HttpOnly Set-Cookie: z=iqun34kj1vsujctm76d2lsao4q; Path=/; Domain=.app.box.com; Secure; HttpOnly; SameSite=None Set-Cookie: box_visitor_id=66508d06747bf3.35757431; expires=Sat, 24-May-2025 12:50:14 GMT; Max-Age=31536000; path=/; domain=.box.com; secure; SameSite=None Set-Cookie: bv=ISF-13727; expires=Fri, 31-May-2024 12:50:14 GMT; Max-Age=604800; path=/; domain=.app.box.com; secure Set-Cookie: cn=54; expires=Sat, 24-May-2025 12:50:14 GMT; Max-Age=31536000; path=/; domain=.app.box.com; secure Set-Cookie: site_preference=desktop; path=/; domain=.box.com; secure Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-24 12:50:14 UTC	334	IN	Data Raw: 62 63 66 0d 0a 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 64 61 74 61 2d 72 65 73 69 6e 2d 63 6c 69 65 6e 74 3d 22 77 65 62 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 20 20 3c 74 69 74 6c 65 3e 42 6f 78 3c Data Ascii: bcf <!DOCTYPE html><html lang="en-US" data-resin-client="web"><head><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="robots" content="noindex, nofollow"> <title>Box<
2024-05-24 12:50:14 UTC	1390	IN	Data Raw: 61 74 6f 2d 52 65 67 75 6c 61 72 2e 77 6f 66 66 32 22 20 61 73 3d 22 66 6f 6e 74 22 20 74 79 70 65 3d 22 66 6f 6e 74 2f 77 6f 66 66 32 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 2f 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 30 31 2e 62 6f 78 63 64 6e 2e 6e 65 74 2f 66 6f 6e 74 73 2f 31 2e 30 2e 31 37 2f 6c 61 74 6f 2f 4c 61 74 6f 2d 42 6f 6c 64 2e 77 6f 66 66 32 22 20 61 73 3d 22 66 6f 6e 74 22 20 74 79 70 65 3d 22 66 6f 6e 74 2f 77 6f 66 66 32 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 2f 3e 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 Data Ascii: ato-Regular.woff2" as="font" type="font/woff2" crossorigin="anonymous" /> <link rel="preload" href="https://cdn01.boxcdn.net/fonts/1.0.17/lato/Lato-Bold.woff2" as="font" type="font/woff2" crossorigin="anonymous" /> <link rel="stylesheet" href="https://cd
2024-05-24 12:50:14 UTC	1306	IN	Data Raw: 30 61 34 39 31 30 2e 6a 73 22 20 61 73 3d 22 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 30 31 2e 62 6f 78 63 64 6e 2e 6e 65 74 2f 65 6e 64 75 73 65 72 2f 61 70 70 2e 32 63 63 62 65 37 31 35 34 64 2e 6a 73 22 20 61 73 3d 22 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 30 31 2e 62 6f 78 63 64 6e Data Ascii: 0a4910.js" as="script" type="text/javascript" crossorigin="anonymous"> <link rel="preload" href="https://cdn01.boxcdn.net/enduser/app.2ccbe7154d.js" as="script" type="text/javascript" crossorigin="anonymous"> <link rel="preload" href="https://cdn01.boxcdn
2024-05-24 12:50:14 UTC	1390	IN	Data Raw: 62 65 35 0d 0a 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 6c 6f 61 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 30 31 2e 62 6f 78 63 64 6e 2e 6e 65 74 2f 64 6f 63 67 65 6e 2d 61 73 73 65 74 73 2f 62 6f 78 5f 64 6f 63 67 65 6e 5f 63 6c 69 65 6e 74 5f 72 65 6d 6f 74 65 2e 30 2e 35 31 2e 35 2e 6a 73 22 20 61 73 3d 22 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 22 20 73 69 7a 65 73 3d 22 35 37 78 35 37 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 30 31 2e 62 6f 78 63 64 6e 2e 6e 65 74 2f Data Ascii: be5"anonymous"> <link rel="preload" href="https://cdn01.boxcdn.net/docgen-assets/box_docgen_client_remote.0.51.5.js" as="script" type="text/javascript" crossorigin="anonymous"> <link rel="apple-touch-icon" sizes="57x57" href="https://cdn01.boxcdn.net/
2024-05-24 12:50:14 UTC	1390	IN	Data Raw: 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 30 31 2e 62 6f 78 63 64 6e 2e 6e 65 74 2f 5f 61 73 73 65 74 73 2f 69 6d 67 2f 66 61 76 69 63 6f 6e 73 2f 66 61 76 69 63 6f 6e 2d 33 32 78 33 32 2d 56 77 57 33 37 62 2e 70 6e 67 22 20 64 61 74 61 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 69 63 6f 6e 2d 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 30 31 2e 62 6f 78 63 64 6e 2e 6e 65 74 2f 5f 61 73 73 65 74 73 2f 69 6d 67 2f 66 61 76 69 63 6f 6e 73 2f 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 66 61 76 69 63 6f 6e 2d 33 32 78 33 32 2d 62 72 77 57 5f 57 2e 70 6e 67 22 20 73 69 7a 65 73 3d 22 33 32 78 33 32 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 Data Ascii: "icon" type="image/png" href="https://cdn01.boxcdn.net/_assets/img/favicons/favicon-32x32-VwW37b.png" data-notification-icon-href="https://cdn01.boxcdn.net/_assets/img/favicons/notification-favicon-32x32-brwW_W.png" sizes="32x32"><link rel="icon" type="i
2024-05-24 12:50:14 UTC	272	IN	Data Raw: 65 74 73 2f 69 6d 67 2f 66 61 76 69 63 6f 6e 73 2f 6d 73 74 69 6c 65 2d 31 34 34 78 31 34 34 2d 70 6c 6c 43 4d 38 2e 70 6e 67 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6d 73 61 70 70 6c 69 63 61 74 69 6f 6e 2d 63 6f 6e 66 69 67 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 30 31 2e 62 6f 78 63 64 6e 2e 6e 65 74 2f 5f 61 73 73 65 74 73 2f 69 6d 67 2f 66 61 76 69 63 6f 6e 73 2f 62 72 6f 77 73 65 72 63 6f 6e 66 69 67 2d 66 64 42 52 65 4b 2e 78 6d 6c 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 66 66 66 66 66 66 22 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 63 6c 61 73 73 3d 22 69 73 2d 6c 6f 61 64 69 6e 67 20 22 20 64 61 74 61 2d 72 65 73 69 6e 2d 61 70 70 6c 69 63 Data Ascii: ets/img/favicons/mstile-144x144-pllCM8.png"><meta name="msapplication-config" content="https://cdn01.boxcdn.net/_assets/img/favicons/browserconfig-fdBReK.xml"><meta name="theme-color" content="#ffffff"></head><body class="is-loading " data-resin-applic
2024-05-24 12:50:14 UTC	1390	IN	Data Raw: 32 30 61 36 0d 0a 20 3c 6e 6f 73 63 72 69 70 74 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 73 63 72 69 70 74 2d 77 61 72 6e 69 6e 67 22 3e 20 4a 61 76 61 53 63 72 69 70 74 20 69 73 20 63 75 72 72 65 6e 74 6c 79 20 64 69 73 61 62 6c 65 64 20 69 6e 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 20 59 6f 75 20 6d 75 73 74 20 68 61 76 65 20 4a 61 76 61 53 63 72 69 70 74 20 65 6e 61 62 6c 65 64 20 74 6f 20 74 61 6b 65 20 66 75 6c 6c 20 61 64 76 61 6e 74 61 67 65 20 6f 66 20 42 6f 78 2e 3c 2f 64 69 76 3e 3c 2f 6e 6f 73 63 72 69 70 74 3e 3c 64 69 76 20 69 64 3d 22 61 70 70 22 20 63 6c 61 73 73 3d 22 72 65 61 63 74 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 3c 2f 64 69 76 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 42 6f 78 20 3d 20 77 69 6e 64 6f 77 2e 42 6f 78 20 7c Data Ascii: 20a6 <noscript><div class="noscript-warning"> JavaScript is currently disabled in your browser. You must have JavaScript enabled to take full advantage of Box.</div></noscript><div id="app" class="react-container"></div><script>window.Box = window.Box \|
2024-05-24 12:50:14 UTC	1390	IN	Data Raw: 65 61 72 36 69 34 6b 76 6d 65 62 34 32 61 22 2c 22 65 6e 74 65 72 70 72 69 73 65 22 3a 5b 5d 2c 22 74 68 65 6d 65 22 3a 7b 22 69 64 22 3a 31 2c 22 69 73 44 65 66 61 75 6c 74 54 68 65 6d 65 22 3a 74 72 75 65 2c 22 70 72 69 6d 61 72 79 43 6f 6c 6f 72 22 3a 22 23 30 30 36 31 44 35 22 2c 22 6c 6f 67 6f 55 52 4c 73 22 3a 7b 22 73 6d 61 6c 6c 22 3a 6e 75 6c 6c 2c 22 6c 61 72 67 65 22 3a 6e 75 6c 6c 2c 22 70 72 65 76 69 65 77 22 3a 6e 75 6c 6c 2c 22 78 73 6d 61 6c 6c 22 3a 6e 75 6c 6c 2c 22 78 73 6d 61 6c 6c 32 78 22 3a 6e 75 6c 6c 2c 22 78 73 6d 61 6c 6c 33 78 22 3a 6e 75 6c 6c 7d 2c 22 6c 6f 67 6f 32 55 52 4c 73 22 3a 7b 22 73 6d 61 6c 6c 22 3a 6e 75 6c 6c 2c 22 6c 61 72 67 65 22 3a 6e 75 6c 6c 2c 22 70 72 65 76 69 65 77 22 3a 6e 75 6c 6c 2c 22 78 73 6d 61 6c Data Ascii: ear6i4kvmeb42a","enterprise":[],"theme":{"id":1,"isDefaultTheme":true,"primaryColor":"#0061D5","logoURLs":{"small":null,"large":null,"preview":null,"xsmall":null,"xsmall2x":null,"xsmall3x":null},"logo2URLs":{"small":null,"large":null,"preview":null,"xsmal
2024-05-24 12:50:14 UTC	1316	IN	Data Raw: 73 65 2c 22 68 75 62 73 47 61 6c 6c 65 72 79 22 3a 66 61 6c 73 65 2c 22 6d 65 74 61 64 61 74 61 22 3a 66 61 6c 73 65 2c 22 6e 6f 74 65 73 22 3a 74 72 75 65 2c 22 6f 6e 62 6f 61 72 64 69 6e 67 45 78 70 65 72 69 65 6e 63 65 41 70 69 22 3a 66 61 6c 73 65 2c 22 6f 70 65 6e 57 69 74 68 50 72 6f 67 72 61 6d 22 3a 66 61 6c 73 65 2c 22 6f 77 6e 65 64 42 79 4d 65 22 3a 66 61 6c 73 65 2c 22 70 72 65 76 69 65 77 41 6e 6e 6f 74 61 74 69 6f 6e 73 22 3a 66 61 6c 73 65 2c 22 72 65 61 63 74 46 69 6c 65 73 50 61 67 65 46 46 22 3a 66 61 6c 73 65 2c 22 72 65 63 65 6e 74 73 22 3a 74 72 75 65 2c 22 72 65 6c 61 79 45 6e 74 65 72 70 72 69 73 65 4c 65 76 65 6c 22 3a 22 22 2c 22 72 65 6c 61 79 55 73 65 72 4c 65 76 65 6c 22 3a 22 22 2c 22 72 65 6c 61 79 41 6c 6c 6f 77 45 64 69 74 Data Ascii: se,"hubsGallery":false,"metadata":false,"notes":true,"onboardingExperienceApi":false,"openWithProgram":false,"ownedByMe":false,"previewAnnotations":false,"reactFilesPageFF":false,"recents":true,"relayEnterpriseLevel":"","relayUserLevel":"","relayAllowEdit
2024-05-24 12:50:14 UTC	1390	IN	Data Raw: 2c 22 64 79 6e 61 6d 69 63 4e 61 6d 69 6e 67 22 3a 66 61 6c 73 65 2c 22 73 69 67 6e 32 66 61 50 61 73 73 77 6f 72 64 22 3a 66 61 6c 73 65 2c 22 73 69 67 6e 53 69 67 6e 61 74 75 72 65 55 70 6c 6f 61 64 22 3a 74 72 75 65 2c 22 73 69 67 6e 42 61 74 63 68 53 65 6e 64 22 3a 66 61 6c 73 65 2c 22 73 69 67 6e 46 72 65 65 6d 69 75 6d 22 3a 66 61 6c 73 65 2c 22 64 79 6e 61 6d 69 63 4e 61 6d 69 6e 67 45 6e 68 61 6e 63 65 6d 65 6e 74 73 22 3a 66 61 6c 73 65 2c 22 61 69 41 63 74 69 6f 6e 50 72 6f 6d 70 74 4f 75 74 63 6f 6d 65 22 3a 66 61 6c 73 65 2c 22 73 69 67 6e 53 69 67 6e 61 74 75 72 65 46 72 61 6d 65 22 3a 66 61 6c 73 65 2c 22 73 69 67 6e 52 65 63 69 70 69 65 6e 74 47 72 6f 75 70 73 22 3a 66 61 6c 73 65 2c 22 73 69 67 6e 53 69 67 6e 65 72 41 74 74 61 63 68 6d 65 Data Ascii: ,"dynamicNaming":false,"sign2faPassword":false,"signSignatureUpload":true,"signBatchSend":false,"signFreemium":false,"dynamicNamingEnhancements":false,"aiActionPromptOutcome":false,"signSignatureFrame":false,"signRecipientGroups":false,"signSignerAttachme

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49760	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-05-24 12:50:17 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-05-24 12:50:17 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Cache-Control: public, max-age=184797 Date: Fri, 24 May 2024 12:50:17 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49762	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-05-24 12:50:18 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-05-24 12:50:18 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=184732 Date: Fri, 24 May 2024 12:50:18 GMT Content-Length: 55 Connection: close X-CID: 2
2024-05-24 12:50:18 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49736	74.112.186.144	443	2540	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-24 12:50:19 UTC	804	OUT	GET /app-api/enduserapp/current-user/features/secondary HTTP/1.1 Host: app.box.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/plain, / X-Box-Client-Version: 21.217.2 X-Box-Client-Name: enduserapp sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: z=iqun34kj1vsujctm76d2lsao4q; box_visitor_id=66508d06747bf3.35757431; bv=ISF-13727; cn=54; site_preference=desktop
2024-05-24 12:50:19 UTC	749	IN	HTTP/1.1 200 OK Date: Fri, 24 May 2024 12:50:19 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Strict-Transport-Security: max-age=31536000 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: z=iqun34kj1vsujctm76d2lsao4q; Path=/; Domain=.app.box.com; Secure; HttpOnly; SameSite=None Set-Cookie: box_visitor_id=66508d06747bf3.35757431; expires=Sat, 24-May-2025 12:50:19 GMT; Max-Age=31536000; path=/; domain=.box.com; secure; SameSite=None Set-Cookie: site_preference=desktop; path=/; domain=.box.com; secure X-EndUserApp-CurrentVersion: 21.217.2 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-24 12:50:19 UTC	128	IN	Data Raw: 37 61 0d 0a 7b 22 66 65 61 74 75 72 65 73 22 3a 7b 22 63 61 6e 41 64 64 53 65 61 74 73 22 3a 66 61 6c 73 65 2c 22 63 68 61 74 62 6f 74 22 3a 66 61 6c 73 65 2c 22 70 65 72 73 69 73 74 65 6e 74 44 72 69 76 65 50 72 6f 6d 6f 74 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 75 70 67 72 61 64 65 49 6e 6c 69 6e 65 22 3a 66 61 6c 73 65 7d 2c 22 65 78 70 65 72 69 6d 65 6e 74 73 22 3a 5b 5d 7d 0d 0a Data Ascii: 7a{"features":{"canAddSeats":false,"chatbot":false,"persistentDrivePromotion":false,"upgradeInline":false},"experiments":[]}
2024-05-24 12:50:19 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49765	74.112.186.144	443	2540	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-24 12:50:20 UTC	509	OUT	GET /app-api/enduserapp/current-user/features/secondary HTTP/1.1 Host: app.box.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: z=iqun34kj1vsujctm76d2lsao4q; box_visitor_id=66508d06747bf3.35757431; bv=ISF-13727; cn=54; site_preference=desktop
2024-05-24 12:50:20 UTC	749	IN	HTTP/1.1 200 OK Date: Fri, 24 May 2024 12:50:20 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Strict-Transport-Security: max-age=31536000 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: z=iqun34kj1vsujctm76d2lsao4q; Path=/; Domain=.app.box.com; Secure; HttpOnly; SameSite=None Set-Cookie: box_visitor_id=66508d06747bf3.35757431; expires=Sat, 24-May-2025 12:50:20 GMT; Max-Age=31536000; path=/; domain=.box.com; secure; SameSite=None Set-Cookie: site_preference=desktop; path=/; domain=.box.com; secure X-EndUserApp-CurrentVersion: 21.217.2 Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-24 12:50:20 UTC	128	IN	Data Raw: 37 61 0d 0a 7b 22 66 65 61 74 75 72 65 73 22 3a 7b 22 63 61 6e 41 64 64 53 65 61 74 73 22 3a 66 61 6c 73 65 2c 22 63 68 61 74 62 6f 74 22 3a 66 61 6c 73 65 2c 22 70 65 72 73 69 73 74 65 6e 74 44 72 69 76 65 50 72 6f 6d 6f 74 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 75 70 67 72 61 64 65 49 6e 6c 69 6e 65 22 3a 66 61 6c 73 65 7d 2c 22 65 78 70 65 72 69 6d 65 6e 74 73 22 3a 5b 5d 7d 0d 0a Data Ascii: 7a{"features":{"canAddSeats":false,"chatbot":false,"persistentDrivePromotion":false,"upgradeInline":false},"experiments":[]}
2024-05-24 12:50:20 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 772, Parent PID: 5744

General

Target ID:	0
Start time:	08:50:07
Start date:	24/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2540, Parent PID: 772

General

Target ID:	2
Start time:	08:50:10
Start date:	24/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2572 --field-trial-handle=2544,i,14126899083489953635,4150502049998718689,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6368, Parent PID: 5744

General

Target ID:	3
Start time:	08:50:13
Start date:	24/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 66

Chrome Cache Entry: 67

Chrome Cache Entry: 68

Chrome Cache Entry: 69

Chrome Cache Entry: 70

Chrome Cache Entry: 71

Chrome Cache Entry: 72

Chrome Cache Entry: 73

Chrome Cache Entry: 74

Chrome Cache Entry: 75

Chrome Cache Entry: 76

Chrome Cache Entry: 77

Chrome Cache Entry: 78

Chrome Cache Entry: 79

Chrome Cache Entry: 80

Chrome Cache Entry: 81

Chrome Cache Entry: 82

Chrome Cache Entry: 83

Chrome Cache Entry: 84

Chrome Cache Entry: 85

Chrome Cache Entry: 86

Chrome Cache Entry: 87

Chrome Cache Entry: 88

Chrome Cache Entry: 89

Chrome Cache Entry: 90

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

ICMP Packets

Windows Analysis Report
https://app.box.com/s/nipz5zxkc5e6gayscgq0oa5oqha53te6