Edit tour

Windows Analysis Report
https://publuu.com/flip-book/518284/1161698

Overview

General Information

Sample URL:	https://publuu.com/flip-book/518284/1161698
Analysis ID:	1447361

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Detected non-DNS traffic on DNS port

HTML body contains password input but no form action

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 7124 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://publuu.com/flip-book/518284/1161698 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6312 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1968,i,1719994904520051820,16281583124312491066,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6744 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5220 --field-trial-handle=1968,i,1719994904520051820,16281583124312491066,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://publuu.com/flip-book/518284/1161698

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://publuu.com/flip-book/518284/1161698

HTTP Parser: Title: Voice mail (12 seconds) does not match URL

Source: https://publuu.com/flip-book/518284/1161698

HTTP Parser: <input type="password" .../> found

Source: https://publuu.com/flip-book/518284/1161698	HTTP Parser: No <meta name="author".. found
Source: https://publuu.com/flip-book/518284/1161698	HTTP Parser: No <meta name="author".. found
Source: https://publuu.com/flip-book/518284/1161698	HTTP Parser: No <meta name="author".. found
Source: https://publuu.com/flip-book/518284/1161698	HTTP Parser: No <meta name="author".. found

Source: https://publuu.com/flip-book/518284/1161698	HTTP Parser: No <meta name="copyright".. found
Source: https://publuu.com/flip-book/518284/1161698	HTTP Parser: No <meta name="copyright".. found
Source: https://publuu.com/flip-book/518284/1161698	HTTP Parser: No <meta name="copyright".. found
Source: https://publuu.com/flip-book/518284/1161698	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 2.19.85.159:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.85.159:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:50158 version: TLS 1.2

Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:50154 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.209.133
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.85.159
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10

Source: global traffic	DNS traffic detected: DNS query: publuu.com
Source: global traffic	DNS traffic detected: DNS query: dkl18tmi4r0t8.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: d1u9ua4yk0lyeu.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: d1uiew9hysv4w7.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: utty56o2qi.execute-api.us-east-2.amazonaws.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50167 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50169 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 50166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50157
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50159
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50158
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50160
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50162
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50166
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50168
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50167
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50169
Source: unknown	Network traffic detected: HTTP traffic on port 50157 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50170
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 2.19.85.159:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.85.159:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:50158 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@21/43@24/212

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://publuu.com/flip-book/518284/1161698
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1968,i,1719994904520051820,16281583124312491066,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5220 --field-trial-handle=1968,i,1719994904520051820,16281583124312491066,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1968,i,1719994904520051820,16281583124312491066,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5220 --field-trial-handle=1968,i,1719994904520051820,16281583124312491066,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://publuu.com/flip-book/518284/1161698	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
d1uiew9hysv4w7.cloudfront.net	18.66.137.144	true	false	unknown
publuu.com	3.136.115.193	true	false	unknown
www.google.com	142.250.185.164	true	false	unknown
d1u9ua4yk0lyeu.cloudfront.net	18.238.248.110	true	false	unknown
utty56o2qi.execute-api.us-east-2.amazonaws.com	3.19.254.28	true	false	unknown
dkl18tmi4r0t8.cloudfront.net	18.239.47.59	true	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://publuu.com/flip-book/518284/1161698	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
34.104.35.123	unknown	United States	15169	GOOGLEUS	false
74.125.133.84	unknown	United States	15169	GOOGLEUS	false
142.250.185.106	unknown	United States	15169	GOOGLEUS	false
18.66.137.144	d1uiew9hysv4w7.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
172.217.23.110	unknown	United States	15169	GOOGLEUS	false
18.189.90.121	unknown	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.23.99	unknown	United States	15169	GOOGLEUS	false
3.22.179.31	unknown	United States	16509	AMAZON-02US	false
142.250.185.164	www.google.com	United States	15169	GOOGLEUS	false
18.238.248.76	unknown	United States	16509	AMAZON-02US	false
142.250.184.238	unknown	United States	15169	GOOGLEUS	false
18.238.248.110	d1u9ua4yk0lyeu.cloudfront.net	United States	16509	AMAZON-02US	false
3.19.254.28	utty56o2qi.execute-api.us-east-2.amazonaws.com	United States	16509	AMAZON-02US	false
18.239.47.185	unknown	United States	16509	AMAZON-02US	false
172.217.16.195	unknown	United States	15169	GOOGLEUS	false
18.239.47.59	dkl18tmi4r0t8.cloudfront.net	United States	16509	AMAZON-02US	false
3.136.115.193	publuu.com	United States	16509	AMAZON-02US	false
99.86.153.199	unknown	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1447361
Start date and time:	2024-05-24 21:50:57 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://publuu.com/flip-book/518284/1161698
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	16
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean2.win@21/43@24/212

Warnings

Exclude process from analysis (whitelisted): audiodg.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.238, 172.217.23.99, 74.125.133.84, 34.104.35.123, 142.250.185.106, 142.250.185.234, 142.250.185.170, 142.250.186.42, 172.217.16.138, 142.250.181.234, 216.58.206.42, 142.250.185.202, 142.250.185.138, 142.250.184.234, 142.250.184.202, 216.58.206.74, 172.217.18.10, 172.217.16.202, 142.250.186.74, 142.250.74.202
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://publuu.com/flip-book/518284/1161698

LLM Input / Output

Input	Output
URL: https://publuu.com/flip-book/518284/1161698 Model: gpt-4o	```json { "riskscore": 0, "reasons": "The provided JavaScript code checks for device types and initializes some global variables. There is no indication of malicious behavior." }
var isLandscape = false; var isAndroid = (/android/gi).test(navigator.appVersion); var isIDevice = (/iphone\|ipad/gi).test(navigator.appVersion); var isIPhone = (/iphone/gi).test(navigator.appVersion); var iOsHeight = 0; window.timingcount = 0; window.timingsum = 0; window.dlid = 0
URL: https://publuu.com/flip-book/518284/1161698 Model: gpt-4o	```json { "riskscore": 0, "reasons": "The provided JavaScript code contains only louserzation strings for various UI elements of a flipbook application. There are no indications of malicious behavior such as data exfiltration, unauthorized access, or harmful operations." }
window._translations = {"Default Description":"Welcome to interactive presentation, created with Publuu. Enjoy the reading!","Powered By":"Flipbook powered by Publuu.com","Security Title":"Wrong name","Security Description":"Wrong description","State Proteced":"Proteced","State Still Converting":"Flipbook is converting. This will take just a moment.","QR Code Name":"QR Code to my Flipbook","Sidebar Thumbnails Title":"Thumbnails","Sidebar Table Of Content Title":"Table of Contents","Sidebar Search Title":"Search","Sidebar Search Enter Query":"Enter query","Sidebar Search Min Symbols":"min. {n} symbols","Sidebar Search Clear":"clear","Sidebar Search No Results":"No results found!","Sidebar Search Error":"Error","Sidebar Search List Item":"<span>Page {n}<\/span><span>{n} {n}<\/span>","Sidebar Search List Result Text":"result","Sidebar Search List Results 2 Text":"results","Sidebar Search List Results 5 Text":"results","Sidebar Wishlist Title":"My Wishlist","Sidebar Wishlist Text":"E-mail provided below will be used for a follow-up action by flipbook owner.","Sidebar Wishlist Button":"Send Message","Sidebar Wishlist Email Placeholder":"Your e-mail adress","Sidebar Wishlist Mail Status Success":"Successfully sended!","Access Denied Title":"Sorry","Access Denied Subtitle":"You cannot open this publication because of its privacy settings.","Access Denied Text":"You can contact the person who shared it with you and ask to modify its setting.","Lead Form Privacy With Link":"By clicking Submit, you confirm that you agree to the <a target='_blank' href='{n}' id='lead-modal-privacy'>flipbook Owner Privacy Policy<\/a> and <a target='_blank' href='{n}' id='lead-modal-privacy'>Publuu Privacy Policy<\/a>.","Lead Form Privacy":"By clicking Submit, you confirm that you agree to the <a target='_blank' href='{n}' id='lead-modal-privacy'>Publuu Privacy Policy<\/a>.","Lead Form Submit":"SUBMIT","Lead Form Skip":"skip >","Lead Form Tooltip":"This is only a preview version \u2013 to check how the actual lead capture form will work in your flipbook, click SAVE and open it in a separate tab.","Lead Form Validation Required":"Required field","Lead Form Validation Format":"Wrong format","Lead Form Caption Default":"Enter your contact details to access this flipbook","Password Form Title":"This document is password protected","Password Form Placeholder":"Type your password here","Password Form Send":"ENTER","Password Form Error Invalid":"Invalid password.","Print Form Title":"Print flipbook","Print Form Option All":"Print all pages","Print Form Option Current":"Print current page","Print Form Option Range":"Print range","Print Form Submit":"PRINT","Print Form Preview Page":"Page <span id=\"{n}\">{n}<\/span>","Print Form Option Range Error":"Invalid range!","Print Form Modal Message":"Retrieving Document...","Share Form Title":"Share flipbook","Share Form Copy Link":"Copy this link:","Share Form Copy":"COPY","Share Form Copied":"Copied","Alert Form Title":"Audio Autoplay Req
URL: https://publuu.com/flip-book/518284/1161698 Model: gpt-4o	```json { "riskscore": 0, "reasons": "The provided JavaScript code does not exhibit any malicious behavior. It contains configuration settings for various APIs and paths, which are typical for legitimate web applications. There are no indications of phishing or other harmful activities." }
window._config = { ROOT_PATH: 'https://publuu.com/flip-book/', API_PUBLUU: 'https://api1.publuu.com', CMS_PUBLUU_CF: 'https://d1u9ua4yk0lyeu.cloudfront.net', PATH_CF_FLIP: 'https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/', VIEWER_API: 'https://cvn5wqeu20.execute-api.us-east-2.amazonaws.com/viewer', LEADS_API: 'https://mbx7b28fh6.execute-api.us-east-2.amazonaws.com/leads', LOGS_API: 'https://utty56o2qi.execute-api.us-east-2.amazonaws.com/logs' };
URL: https://publuu.com/flip-book/518284/1161698 Model: gpt-4o	```json { "riskscore": 2, "reasons": "The code includes an event listener for visibility change and touchmove, which are generally benign. However, the use of window.parent.postMessage with a wildcard (*) target origin could potentially be exploited for cross-site scripting (XSS) or other attacks if not properly handled. This slightly increases the risk score." }
window.document.addEventListener("visibilitychange", function(e) { if (!oLogs) { return; } if(window.document.visibilityState == "hidden"){ if(oLogs.logs_state_visible === 3){ oLogs.logs_state_visible = 2; } else { oLogs.logs_state_visible = 1; oLogs.lastActionTime = Date.now(); } } else { oLogs.sleepTime += Date.now() - oLogs.lastActionTime; oLogs.logs_state_visible = 3; } }); document.addEventListener('touchmove', function (event) { if (event.scale !== 1) { event.preventDefault(); } }, false); function showLoginSend() { window.parent.postMessage({ 'func': 'showLoginSend', 'message': 'Message text from iframe.' }, "*"); }

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 18:51:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.984408576152229
Encrypted:	false
SSDEEP:
MD5:	880D452930E82B9076D767358C6847B6
SHA1:	8834C334B5B88C729DDEE43E789F4B78E0ED3E48
SHA-256:	DB3B510DC2002BC1ABF657318E69DF51C3FA7401F413E4EB26AB2B98BA49C7DE
SHA-512:	8797DD94F0904F20C167AF54E4C71F419D31840BD7E25C9B41CF6404E8DF6F2A7DE8E7FF558C78B751258B43BAA021DDFCF36F8EAAE8D03164EF8090A7770C00
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....m.4.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xe.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xn.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xn.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xn............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xo............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............(......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 18:51:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.0035637995263595
Encrypted:	false
SSDEEP:
MD5:	292258C0B45BFFF55DE832CDD6B653CF
SHA1:	9664ACC71BE53BB8EF2E07B70A375FE0B234090A
SHA-256:	9450BEAD4B78E769AD811697AC0C616B950B6C281D1DB9307062415C7A07BC36
SHA-512:	D0E9F3BE550DE8CE527690541DC2AF97FFD3F38FAF49C2855FFF545A5C226DBBD85CA1779FFE41D0BD69B0C7B643FF00FDD3F8DEAD499185354D1160916C2360
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......).....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xe.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xn.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xn.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xn............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xo............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............(......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.011316778303669
Encrypted:	false
SSDEEP:
MD5:	C99D014329E9265F87EDE98DE0E40F2F
SHA1:	46DB4C7A882EEDC7E055A82FDEC93DBACCDC58F8
SHA-256:	B0C9FE0F4BEA3E4D8CA3FA0D935136900AEB03402AFB4744168AE26B1A6AC93A
SHA-512:	0F3216CEB5B47EF8FDE99F2435248087278A9BBEF386073AAD7377F6CF4450A9144C5A727E5F66989CCB9A5CB4DD6FE1DA22CC1FF41073017BFCC0452E64F678
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xe.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xn.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xn.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xn............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............(......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 18:51:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.00297948502377
Encrypted:	false
SSDEEP:
MD5:	5AEC31A8D746931AD8B93608D05B6CA0
SHA1:	44101F8A5CE838A3327E07C7AEEE64767E3859B6
SHA-256:	2785576C321442DD06BB6AAF61C02CB875FEC22CB27CBC84E56F72FD06B89267
SHA-512:	15117FB10A2D0F810336EF9F062ED24603816DCE027B2D84F27E022E96642E18B41C511A3B05810BDA5FBF99BD5F6ABF5F4D4F9BD8F4E6B8CC2AF5EB59E31046
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......$.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xe.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xn.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xn.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xn............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xo............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............(......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 18:51:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.988532349804363
Encrypted:	false
SSDEEP:
MD5:	82F76432C33C30E3CB322A86C63D01F7
SHA1:	57304451BB69E312CF71445D18D576DBF446F8CD
SHA-256:	3A7CAFBBABFEF2F4A4A8A0AC8BB28C9FC08EA0120221BF29C90085B6AA168D73
SHA-512:	B7C7E92A6BE47486F46FFF11C8AAB85654C654771B636F14D0D6C4595F65F9EEB97D4092E6344E0B985CD5FC665A8D1495974D0454F150CDFD9C96593D47BBC2
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....a#0.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xe.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xn.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xn.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xn............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xo............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............(......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri May 24 18:51:29 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9996470158080117
Encrypted:	false
SSDEEP:
MD5:	FE7F7AFE3C6A36BB9C89EFD087072A16
SHA1:	636778BF399CF82C7568F8081CD1EB29BA9BEA6C
SHA-256:	F8ED4EEE362D9A79182B528B5A0DD6CE6E2C0D0394A527E3EBD5B59B3A3FAD43
SHA-512:	17192AF2AC8217202607EA64AA10FC9FEF9F563956714C7AF7150CE95E6616EB1D26490388A394252A90CEC57C255C5EE36DE276EE92975F79AEFF579A54399C
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....^......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xe.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xn.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xn.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xn............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xo............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............(......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Ogg data, Vorbis audio, stereo, 44100 Hz, ~112000 bps
Category:	downloaded
Size (bytes):	9432
Entropy (8bit):	7.333684449842632
Encrypted:	false
SSDEEP:
MD5:	D569802DF0E5D89B3959D846A8DE838D
SHA1:	25394966DB7A3FCB5B58508F0455358048414337
SHA-256:	89BAC5598AFFBC317630B4441A96B811977EFB56425B9A91F167D3245E2F4C3B
SHA-512:	A4406755AEAAF049D3F819E660E0F9D0B97B473184FABA362F61464FC668C7B49692D92F2CAA474DFB41F10983C00D8B65CD3CFF43028F411A491326CE273E77
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/audio/v1_2.ogg:2f77cec70d2e8d:0
Preview:	OggS..........b.MB...........vorbis.....D.................OggS..........b.MB.....X=....................vorbis....Lavf58.45.100........encoder=Lavc58.91.100 libvorbis"...encoded_by=WavePad . NCH Software....genre=Blues....date=2021-03-19 11:03..vorbis%BCV..@..$s.F.s....BP...B.k..BL...2L[.%s.!..B.[(..U..@...Ax...A.!.%=X..'=.!..9x..iA.!..B.!..B.!.E9h..'A....08...8...E9X..'A. ..B....9.!.$5HP..9....,(...0....5(...0...B...I5...gAx..iA.!.$AH...A...FAX...9....A...9... 4d.......(..(..........@Q..q........Y.........H..H..H.$Y.%Y.%Y..,.,.,.2.....H..PQ.Eq....Y..d....8..X..h...............4CS<G.D.TU.m.m.m.m.m[.e...Y..@....if...0...BCV........0..U..@....J....9..Y..J.9..H.y....9.s...1.9..Y....9..Y....9.'.y..9.q..`...9.&.y....9...i..K.9.H.yR.K.9.s.9.s.9........9.......9.O.....9.s.9.s.9. 4d.....@...a.)...h F.b.2.A..0....B...h..:.%.qRJ'..Y.....@.!..RH!..RH!..b.!..r.)...J....2.,..2.,..:..;.1..C+..RSm5.Xk.9..VZk..RJ)..R.BCV.. ...B..d.QH!..b.)..r.*...U.. .

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	735
Entropy (8bit):	5.485891317745332
Encrypted:	false
SSDEEP:
MD5:	F890E9134112CCB2624B08864D6AB45B
SHA1:	DC79DD5F8BA5B837539E6539E241D7C812BD6B30
SHA-256:	C40AC0A8F5989D1E976A8664B382C015C6FCE68DEA9E6062DE9C6550620178F4
SHA-512:	BCB503EEDA429377EC7B5D1E0A0723BFBC9D5E14F826B697BBCE768E416A1CCB99B409561C9083EE85EA4C124B16B73C3B4BD681CF34D205C54AFA85A424561E
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="utf-8"?>.. Generator: Adobe Illustrator 22.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->..<svg version="1.1" id="Warstwa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"... viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">..<style type="text/css">....style_arrow {fill:#FFFFFF;stroke:#FFFFFF;stroke-miterlimit:50; stroke-width: 30;}..</style>..<path id="svg_3_2_" class="style_arrow" d="M190.7,255.6l144-139c2.5-2.3,2.5-6.3,0.2-8.7c-2.3-2.5-6.3-2.5-8.7-0.2L177.3,251.5...c-2.5,2.3-2.3,6.5,0,9l0,0l148.9,143.9c1.2,1.1,2.8,1.7,4.3,1.7c1.6,0,3.2-0.6,4.5-1.9c2.3-2.5,2.3-6.4-0.2-8.7L190.7,255.6z"/>..</svg>..

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (20983), with no line terminators
Category:	downloaded
Size (bytes):	20983
Entropy (8bit):	5.349895751108741
Encrypted:	false
SSDEEP:
MD5:	521966AB71574A063D92512CC22222DD
SHA1:	9FBB7DD1B6BC9E063DABC7AF87C07CB5950299AA
SHA-256:	28842DBBC79338BE1A3C1298EE3B984EFA54014CC836BE1A156AA5BAA735FA0C
SHA-512:	5E7AAFF411B0205281B23E77CC270E8FD912FB4A4582C1AC007187FFE18E140F6DCFF6D126A57F1DAC04038F1F97FFB98C66BB7AE2985364C56F3F335C15A3FC
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/css/APP-xs.css?v=1571
Preview:	:root{--light-color:rgba(68, 68, 68, 0.95);--dark-color:rgba(255, 255, 255, 0.95);--light-hover-color:rgba(255, 255, 255, 0.9);--dark-hover-color:rgba(68, 68, 68, 1);--light-hover-bgcolor:rgba(68, 68, 68, 0.2);--dark-hover-bgcolor:rgba(255, 255, 255, 0.2)}a,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,button,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,em,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,input,ins,kbd,label,legend,li,mark,menu,nav,object,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{margin:0;padding:0;border:0;font:inherit;font-size:100%;vertical-align:baseline}html{-webkit-text-size-adjust:none;-webkit-font-smoothing:subpixel-antialiased;touch-action:manipulation;overflow:hidden;position:fixed}body{-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%;padding:0;margin:0;font:normal 14px Lato,sa

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1827), with no line terminators
Category:	downloaded
Size (bytes):	1827
Entropy (8bit):	4.9374435124377625
Encrypted:	false
SSDEEP:
MD5:	1F0E5931479DCEBFFFB0AA36B30CBD34
SHA1:	56A678C6361186B0AA295E41762871DDC42D8E23
SHA-256:	846598C7AFC8C3298175E6367792CFF07B56E2176FB2C3D36F5F1E33B17C3DF1
SHA-512:	B5C550F2C002315E638E3C1CBC136A697633382680A30012F1F366C6E1166764DD05F86F9C3F9A2EB1A7D25CD20609C2DD1BDC1095EA6F8936809E3EF667BB48
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/Ranger.js?v=1571
Preview:	var Ranger=function(n){var e=this,i={},a=isset(n.min)?n.min:0,u=isset(n.max)?n.max:100,s=null,p=(this.render=function(){var t;return Object.keys(i).length\|\|(t=isset(n.value)?n.value:0,i.parent=document.createElement("div"),i.input=document.createElement("input"),n.isRtl&&(i.input.style.direction="rtl"),i.point=document.createElement("div"),i.point.className=["Ranger__point",n.showInt?"__showInt":""].join(" "),i.point.innerHTML="<span></span>",i.pointSpan=i.point.querySelector("span"),i.parent.className=["Ranger",isset(n.className)?n.className:null].join(" "),i.input.setAttribute("type","range"),i.input.setAttribute("id",n.id),i.input.setAttribute("aria-label",APP._t("Page Ranger Label")),i.input.className="slider",i.input.ariaLabel=APP._t("Page Ranger Label"),i.input.setAttribute("min",a),i.input.setAttribute("max",u),i.input.classList.add(n.theme),i.input.addEventListener("input",function(){p(),is_function(n.oninput)&&n.oninput(parseInt(this.value))}),i.input.addEventListener("change"

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21282)
Category:	downloaded
Size (bytes):	71952
Entropy (8bit):	5.3898588654502815
Encrypted:	false
SSDEEP:
MD5:	4CCECA9A9C9B21011BD2169D648B5645
SHA1:	3D564262FA115B8F3F2072E5D851C7B239275AF9
SHA-256:	A2A79AA07AC80A6F9E31BBC2D2497EA27A3584E0E4E8E6E47C7616101597F1E1
SHA-512:	73641DB71713D07F9FEDB72ECB4024B36902616E1D55515B29138A254D887F76BE0C18620702F1F722714E97EF5815409D7DD762FFBEA6A3EF2A360BE1C89BD1
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/Helper.js?v=1571
Preview:	window.HELPER=new function(){var o=this;const i=[];this.uid=function(e=0){embedmode;var t=HELPER.getLocalStorageData("uid","value");return t&&0<t.length?(HELPER.setLocalStorageData("uid",t,365),t):(t=Date.now().toString(36)+Math.random().toString(36).substr(2),HELPER.setLocalStorageData("uid",t,365),t)},this.getBgSizeByResolution=function(t=!1){var e,l;return is_mobile()?"mobile":!(l=(e=t?[1080]:[768,1024,1280,1536,1920]).find(e=>t?window.innerHeight<=e?e:null:window.innerWidth<=e?e:null))&&t?null:l\|\|e[e.length-1]},this.setBgUrlWithResolution=function(e,t){e=e.split(/(.[a-z]+)$/);return e[0]+"_"+t+e[1]},this.isLocalStorageAvailable=function(){var e="test";try{return localStorage.setItem(e,e),localStorage.removeItem(e),!0}catch(e){return!1}};let r={w:0,h:0};this.copyToClipboard=function(e,t,l){var c,o=document.querySelector("#"+t),i=o.innerHTML;i!==l&&(setTimeout(function(){document.querySelector("#"+t).innerHTML=i,e.classList.remove("noticed")},2e3),void 0!==navigator.clipboard&&window

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 225 x 225, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1482
Entropy (8bit):	7.5460198331562625
Encrypted:	false
SSDEEP:
MD5:	4952055C694567B284BB89E08B20E829
SHA1:	10125EE6C8932CCEF5A9E149F406217A87F30B68
SHA-256:	AEC339011F72FCCC0771C5E7218518CEF70FE7696221C775714C7B1A43914C33
SHA-512:	7A552A572A422E3634BDEFE3C2AF5DDECC03051282150DD8839EAAE107B42CEAC19128B326D14CFB84495DC06206A8E2A58C81F740DBD73AFA61F5C65E4DCBB9
Malicious:	false
Reputation:	unknown
URL:	https://d1u9ua4yk0lyeu.cloudfront.net/cms/publishers/518284/1161698/flipbook-assets/705441296664f79f6d61352-52201689.png
Preview:	.PNG........IHDR..............m"H....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE.A'.-..="..........gU.%.....o`.<..7..1../..8..\G..............H/.\|o..l\.....XD.M4.Q<.....v............}.hW....vh........bKGD...z....tIME......&......@IDATx....v.0..a.Ph.x@.SiQ.....A.V./...0..W.."..K...................................1.....9..H.n%z..=)....(4...B..\|(4...B..\|(4..]h."<-...ZC..s....^a.......KA.J....`8..q<v.I..%p:...S..\|.t.../.a`....."\|.$..[......7..a.......!..].r..\.q-,+.(.<H...w.x\"].YCu{.a.#T.)C..-F..)[e.(....k..M}...T...S..B1.ni..S_Vg.v..K..t..\..h.....~%....i.....B..<&......GS..-oi....../.0.7h...\Xp[[...4.ce.O..L[....~T...^...^.....E....d>.o....fa<.L.....Bw..l....](".yy.E6.0^y".<....,..L.Ay).../._...&n..p.].gm6wCm....+....o'.o.Sq=.......WX...pr.....E..+/.......7By.....~..W...%..,$....}c.]DaO:&..x.s..-.W.?.Fa...3.....lF..E..=.p%.).:.......E.....x.P..fQ.(,.%3..Ug.0S..eL"..1.o.*...n.B...xfJ.:5...^..^...f

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13032), with no line terminators
Category:	downloaded
Size (bytes):	13032
Entropy (8bit):	4.981743241103854
Encrypted:	false
SSDEEP:
MD5:	50DC446D5155956755D4D992B1A7751C
SHA1:	94144C30A4C45518760BD82CF025433D6FC2E091
SHA-256:	23C027D90FC390AE4E06BC487E060FD39612B5DB76D223921DB7727FC1D402DB
SHA-512:	79B211B5032A18405FC1C192C7336049135ABCAC303B8CFE7AFAA76280798BFAF311A0C9CE5E69516EDC1975D6C0CC9863FD4E20D2F0F9019B3AC520939A4EFB
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/css/loader.css?v=1571
Preview:	:is(.loader,.loader--simple){width:100vw;height:100%;position:absolute;top:0;display:flex;flex-direction:column;align-items:center;justify-content:center;z-index:1000}.loader--simple{height:100%;z-index:10000;transition:.2s opacity ease,.2s visibility ease;opacity:0;visibility:hidden}.loader--simple:is(.show){opacity:1;visibility:visible}@keyframes spinLoader{0%{transform:rotate(0)}100%{transform:rotate(360deg)}}.loader--simple svg circle{transform-origin:50% 50%;animation:spinLoader 1s infinite linear}body.dark .loader--simple svg circle{stroke:var(--dark-color)}body.light .loader--simple svg circle{stroke:var(--light-color)}.loader__wrapper{width:100%;height:100%;position:relative;display:flex;align-items:center;justify-content:center;flex-direction:column;opacity:0;visibility:hidden;transition:1s opacity ease,1s visibility ease;animation:loaderFadeIn 1s ease-in-out forwards}.loader:is(.app__loader,.no-animation) .loader__wrapper{animation:none;opacity:1;visibility:visible}.loader.no

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	44
Entropy (8bit):	4.280470187252588
Encrypted:	false
SSDEEP:
MD5:	C199F2D8EE6C11B68D31BB201A566BB5
SHA1:	FDFC712E1D55328C2337CB59BAE380ED305DCADC
SHA-256:	4BA39769AEFE5E3C18B5099A65377EEFE846FF164C0C99B8B3BB3C39B6C5F33B
SHA-512:	28A6DD13FF3E6E66D2BC8602F108C7F3C20C7EE6842B92CCB79E0F31BEE5C34CA2862B78FE540D4012BD9C843EC7F6F52EBE1E6404C225093C281C3FBFF8666B
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgnpJ34pYt8UcBIFDTWGVBwSBQ0r1PdeEgUNNFh3xw==?alt=proto
Preview:	Ch8KCw01hlQcGgQISxgCCgcNK9T3XhoACgcNNFh3xxoA

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1130
Entropy (8bit):	5.050436083209622
Encrypted:	false
SSDEEP:
MD5:	C2949397A31EE86B4CE77770AE5AD969
SHA1:	9AFBC9ABB79A1BF3CB43D320127021439BB24E50
SHA-256:	A9655FAADF93279BA86C7E93A4F80338E289A73D6ED70908B5A1F71F027D3DF3
SHA-512:	39A0C9DC6FEF4D19C071021098094503567AD9B201103DF86C8888503134E87B57E82951BB65AACAB21D78DF956D388FE6609CACAF1CEE11B7BE64C3247C6207
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="utf-8"?>..<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"... viewBox="0 0 64 64" style="enable-background:new 0 0 64 64;" xml:space="preserve">.. <style type="text/css">....iconpath{fill:red;stroke:none!important;stroke-width:2;stroke-miterlimit:10;}.. </style>..<g>...<path d="M62.6,51.8L47.9,37.1c-0.8-1.1-2.1-1.3-3.5-1.3l0,0c-1.3,0-2.7,0.5-3.5,1.3l0,0l-2.4-2.4c6.4-8.3,5.9-20.6-1.9-28.4....c-4.3-4-9.6-6.2-15.3-6.2s-11,2.1-15.3,6.2C2.1,10.6,0,15.9,0,21.6s2.1,11,6.2,15.3c4.3,4,9.9,6.2,15.3,6.2c4.5,0,9.4-1.6,13.1-4.5....l2.4,2.4l0,0c-1.1,1.1-1.3,2.1-1.3,3.5c0,1.3,0.5,2.7,1.3,3.5l14.7,14.7c1.1,1.1,2.1,1.3,3.5,1.3c1.3,0,2.4-0.5,3.5-1.3l3.7-3.7....C64.5,56.9,64.5,53.9,62.6,51.8z M10.2,32.8c-3.2-2.9-4.8-7-4.8-11.2s1.6-8.3,4.8-11.2s7-4.8,11.2-4.8s8.3,1.6,11.2,4.8....c6.2,6.2,6.2,16.3,0,22.7S16.3,39.2,10.2,32.8z M55.1,58.8L40.9,44.6l3.2-3.2l14.2,14.2L55.1,58.8z"/>...<path d="M26.8,1

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1202
Entropy (8bit):	5.0192755748896
Encrypted:	false
SSDEEP:
MD5:	EFDD815EA8C61B1DA4077D19FC3A17F1
SHA1:	64AA1532A8EE93F07AAF4F466AE0CA987CD32EE2
SHA-256:	6B26FC093B4ED9014B298C5F638BDFEEAD5C054A3064B742C5485A4A62A21037
SHA-512:	8F182F5DD660C53988EC14DC22933199C95E5DC54760EA5B2E5CB82C06317E69EE2AFF02410FE7C890E13560493885816E2D226B88881CCD213B355C7C818B78
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/images/zoom-in.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>..<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"... viewBox="0 0 64 64" style="enable-background:new 0 0 64 64;" xml:space="preserve">.. <style type="text/css">....iconpath{fill:red;stroke:none!important;stroke-width:2;stroke-miterlimit:10;}.. </style>.. ..<g>...<path d="M62.6,52.1L47.9,37.3c-1.9-1.9-5.1-1.9-7,0l0,0l-2.4-2.4c6.4-8.3,5.9-20.6-1.9-28.3c-4-4.3-9.4-6.4-15.2-6.4l0,0....c-5.6,0-11,2.1-15.2,6.4c-8.3,8.3-8.3,21.9,0,30.2c4.3,4,9.6,6.1,15.2,6.1c4.8,0,9.4-1.6,13.1-4.5l2.4,2.4l0,0....c-1.9,1.9-1.9,5.1,0,7l14.7,14.7c1.1,1.1,2.1,1.3,3.5,1.3s2.7-0.5,3.5-1.3l3.7-3.7l0,0C64.5,57.1,64.5,53.9,62.6,52.1z M21.5,37.6....c-4.3,0-8.3-1.6-11.2-4.8c-6.1-6.1-6.1-16.6,0-22.7c2.9-2.9,7-4.5,11.2-4.5s8.3,1.6,11.2,4.8c6.1,6.1,6.1,16.6,0,22.7....C29.7,36,25.7,37.6,21.5,37.6z M55.4,58.7L41.2,44.6l3.2-3.2l14.2,14.2L55.4,58.7z"/>...<path d="M26.8,18.9h-2.7v-2.7c0-1.6-1.1-2.7-2.7-2

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	813
Entropy (8bit):	7.582689097914344
Encrypted:	false
SSDEEP:
MD5:	CCDFF90E27263B6C465D08BD87E5E03A
SHA1:	284FB98F610A32947F96DB83CECC4109FF22F038
SHA-256:	05CF9EF13E7D4F62326848B021FAF24FAD5CC1C81BAB62205CC50CEEFEE241B0
SHA-512:	F532E5EA2710EA40594BBC3EE6D7A85F9524C14C48599B2876179BF7A04810059368824227EC06CADBC4A4F929C5F40EA440E3D264DE2B9E1804FC495ED76EAA
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/favicons/favicon-32.png
Preview:	.PNG........IHDR... ... .....szz.....pHYs................IDATX..W=lRQ...Db..........J.K..R'Lq.'.X....uu0i.&..40....@P..t14..i.QLM......._..7.s...s..;.D...xc.Y.!...~.G..r....b$...o.....`..#T...........$4.5..J....W....S.+. ..Q.9.......\..J..2...L..X.7Kq_Z.]....T.j......>"..Bp..g..k.bLc......m..:....0+....Z..3mG......X.k...{....`.s....y.....W..)..l....\.'1w.,#..r....V'.tD...hE.C.BZ..f...\..Q.Zt"..3.._...g.....Pej..X}........I.T3.m..j..Xcm.h.&_5.gZ6.........r.?..=..l......,f.N.x)...._....#RI\c..f.).d>....8.O\|..).gN. ...!.._..g...l.....M....i.P..!Xu#.p?....2..j.]V.....s"9....#..FO....^ .#!jq:6, o.3.!......e.......@&E.S.......w..'....._ m..ku..L.J..)X?......s....q]...>...m....>..6....;......."yT:...oF\|<..T:..^........+O..q.W...r. d..s.?...2..>.....IEND.B`.

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (4700), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	41553
Entropy (8bit):	5.384241528250146
Encrypted:	false
SSDEEP:
MD5:	90BF50C4C3BF8744D51C758DC97D5FD1
SHA1:	2AEC4EED9CF290BFCCF5E75130BDDDA9667DBD48
SHA-256:	2A546AA6DD7A9B63FA9CCFB037D7A0AFB90BB28B4A746A0782F54C3D174618B6
SHA-512:	1256B6A237D02755ADA0602C0857D3D6FE24F8CC1916DB463DCE0FC6FAE328D06CE58D52E0D61F3C6EF40563A5BF8985779BC6DCFE805AEBAA7F8873EBB16728
Malicious:	false
Reputation:	unknown
URL:	https://publuu.com/flip-book/518284/1161698
Preview:	<!DOCTYPE html>..<html lang="en" itemscope itemtype="http://schema.org/Book">..<head>..<meta name="robots" content="noindex">....<meta charset="UTF-8">..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<meta http-equiv="X-UA-Compatible" content="IE=edge">..<meta itemprop="image" content="https://p6aqvvqp5i.execute-api.us-east-2.amazonaws.com/images/share/518284/1161698">..<meta property="og:image" content="https://p6aqvvqp5i.execute-api.us-east-2.amazonaws.com/images/share/518284/1161698">..<meta name="twitter:image:src" content="https://p6aqvvqp5i.execute-api.us-east-2.amazonaws.com/images/share/518284/1161698">..<meta property="og:image:width" content="1200">..<meta property="og:image:height" content="630">..<meta property="og:image:type" content="image/jpeg">..<meta property="og:title" content="Voice mail (12 seconds)">..<meta property="og:type" content="article">..<meta property="og:url" content="https://publuu.com/flip-book/518284/1161698">..<meta property="og:

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16825)
Category:	downloaded
Size (bytes):	25490
Entropy (8bit):	5.327160227669975
Encrypted:	false
SSDEEP:
MD5:	5C338AE39BA29F44249321EE05A4E3F9
SHA1:	066859FF9C3945229936EFAA94CF1512F402B307
SHA-256:	AF7FCB04C84B3FD5B714744911A20C89706934EC22EAC41304014B82154F6982
SHA-512:	4F923A6E0FC6BCE4894BFA80E6C14937830957E357433A6482D23BFC4BE9502253CE32F9873893A0887ADFE9F1E78BB12DB65E144FF37F0EF704E50EE99F7668
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/APP.js?v=1571
Preview:	"use strict";window.APP=new function(){var a=this,e=!1;let l=!1;this.showFSlocked=!0,this.hideFSlocked=!1,this.someUserIteraction=!1,this.countOfSendedErrorLogs=0,this.accessAllowed=null,this.customizeSettings={},this.PATH_CLOUDFRONT_DEMO="https://d1u9ua4yk0lyeu.cloudfront.net/cms/publishers/demo",this.ROOT_PATH=window._config?window._config.ROOT_PATH:"https://publuu.com/flip-book/",this.API_PUBLUU=window._config?window._config.API_PUBLUU:"https://api1.publuu.com",this.CMS_PUBLUU_CF=window._config?window._config.CMS_PUBLUU_CF:"https://d1u9ua4yk0lyeu.cloudfront.net",this.PATH_CF_FLIP=window._config?window._config.PATH_CF_FLIP:"https://dbxsqivh2nmr7.cloudfront.net/flipbook/202310/",this.VIEWER_API=window._config.VIEWER_API\|\|"https://cvn5wqeu20.execute-api.us-east-2.amazonaws.com/viewer",this.LEADS_API=window._config.LEADS_API\|\|"https://mbx7b28fh6.execute-api.us-east-2.amazonaws.com/leads",this.LOGS_API=window._config.LOGS_API\|\|"https://utty56o2qi.execute-api.us-east-2.amazonaws.com/logs"

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7441)
Category:	downloaded
Size (bytes):	17716
Entropy (8bit):	5.438975450412831
Encrypted:	false
SSDEEP:
MD5:	13070AD816B35B8612C61F755A7118EC
SHA1:	1F368BF84FC07D065D93B298011AC8383BABADF2
SHA-256:	93ACFEC0267DC1DA968038F49165835B26A0C67DEF3FF44E80901378A0FC58C7
SHA-512:	A351CFC77A0B15F2367B5F0251E6FAC46D6AF3028CB12FD7E1CC33DD10C8BB69F5551F4D03F8141347A715E6416E743AB95135C5C8ACB0733B0CE4246FBDED09
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/Notes.js?v=1571
Preview:	APPonReady.add(function(){APP.Note=new function(){const u=this;let o=null,c=[],r=null,t="waiting",p=document.querySelector(".stf__block"),n=null,a={name:"red",value:"#d80c7f"},i={isMobile:!1,isEmbed:!1,width:0,height:0};function P(){return APP.Book.getModel().pages}const s=[{name:"red",value:"#d80c7f"},{name:"orange",value:"#f0892d"},{name:"yellow",value:"#dec600"},{name:"green",value:"#4abd2c"},{name:"blue",value:"#37befe"},{name:"purple",value:"#8758fe"}],v={id:null,page:null,coordinates:{x:50,y:100},size:{width:26,height:24},fullSize:{width:230,height:155},color:null,placeholder:APP._t("Note Placeholder"),value:"",time:()=>{var e=new Date;return e.getHours()+" : "+e.getMinutes()},isExpanded:!0};this.init=function(e){o=e,c=this.getLocalStorageNotes(),i={isMobile:is_mobile(),isEmbed:is_small_embed_not_mobile(),width:window.innerWidth,height:window.innerHeight},document.querySelector("body").addEventListener("click",e=>{!(e.path\|\|e.composedPath()).some(e=>e.classList&&e.classList.conta

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28295)
Category:	downloaded
Size (bytes):	30329
Entropy (8bit):	5.357528366337085
Encrypted:	false
SSDEEP:
MD5:	C92C2F8B4EB407F55A99F83018E8899F
SHA1:	331055DD919625C4F58932D77ACCC3F31A92F433
SHA-256:	B0F3B6E2EB00694850CCB38E84D6293EC553C944CF3B91A6AF2EB8296C4C548C
SHA-512:	8C00249EA25479326D4EEA2DF4E38FDF3A0BB0426904A64B2B9C3657302DF7BAA8367043E71366B669D313E7D5BA92C303EAA7A69DDCC39CEE8ADE43B6F81F9C
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/Page_curl.js?v=1571
Preview:	"use strict";var Page=function(f){var E=this;var e=Date.parse(f.publishedAt),e=(isNaN(e)&&Date.parse(f.publishedAt.replace(/-/g,"/")),Number(f.version)&&0<Number(f.version)?"&version="+f.version:""),e=APP.PATH_V2IMAGE+(`?iid=${f.bookId}&pid=${f.publisherId}&page=`+f.page)+e,t="&webp="+(f.Book.useWebP()?1:0),c={vector:APP.PATH_V2SVG+(`?iid=${f.bookId}&pid=${f.publisherId}&page=`+f.page),raster:{400:e+"&size=400&hidetext=0"+t,800:e+"&size=1200&hidetext=0"+t,1200:e+`&size=${is_retina()?"1600":"1200"}&hidetext=0`+t,1600:e+`&size=${is_retina(),"1600"}&hidetext=0`+t},model:{title:"",texts:"",page:f.page,publisherId:f.publisherId,bookId:f.bookId,height:f.height,width:f.width,pageReady:f.pageReady,svg:f.svg,double:f.width>=f.height,publishedAt:f.publishedAt,cloudfront:f.cloudfront,cloudfrontTxt:f.cloudfrontTxt,version:f.version,rotation:f.rotation},Book:f.Book},p=null;let o=c.model.page%2==0?APP.Book.getBookModelSettings().show_right_to_left?"--right":"--left":APP.Book.getBookModelSettings().s

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 13976, version 1.0
Category:	downloaded
Size (bytes):	13976
Entropy (8bit):	7.985218606951253
Encrypted:	false
SSDEEP:
MD5:	E7E52C955AA33E618BAF437A16539524
SHA1:	13ECB55BB760D6980A1B1331085630EF5ED84E9F
SHA-256:	07C94892C3E0AC93D2BCB3A9CB88AA67EA47B3D1AA89BC39DFCC2B025DCD8988
SHA-512:	99465D864CF173B6C7DB67D6A9A44D9241D588564DA443DF0B7E1070E41D7D4E4CE75931FE5E54C5A483D06D68E8DCD181E12DA3BC555DE66B104A346FB1D9EB
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/fonts/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Preview:	wOF2......6.......n...6B..........................z.p.`..D.....h.....B..6.$..v. .....E..^...q0.<d.H..q...Y#........:.X.......4U..J.y.[..^..._mT.2.&..=<.....m.X.`.....s.l....A....l.^..<.......g.....1C..(.)B.MJ..4g...!LPrl..1............mQ-...."...A.....F.[_..)..*M.C..!...h...,.#...#7&..K.....Hm..<.........Tm.....<!\....#.=.b..g..<..$.....n..K......+"-.{9...`.i.Vj.kJ..0T..^.......^.B(S.d.Q..:...4.7...h@.........b.u.V.{......\|.O5z..$...ZS...'d.d.T....".'o..V.T.Xf....W.....L.........H.h.(STT...fV..o4w..d.$..#..........(.P..s...p../M.2]IX.(..\|....Y"d..9..of.......HIa.....'..}.(}V.a}.z...Yf....F..0..Z...cj.....\|v....'K...K.Q..R(.e.?.........z..l....X..9.C.h.M.H]...KC74.......}.^...\|.......M..\.\I.m<my.O.10p$.0.;,..m.....5Y..b.<.d..}.T.5X.=)...q.......l.H..N.Z.....R..k.S..3...j./.p..B.(q..@y...$X(..Tt.Q..b.../A.$....$d...i..iZk..v.m?m....!c..,Y.e.3W.<...@.B..t.U..t.].b.K.,U:,<".L.r.+T...J..T.V.F.Z.......H.Y.V.L.o..=..\.<.../....BM....N.....

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	3049
Entropy (8bit):	4.118545563141429
Encrypted:	false
SSDEEP:
MD5:	E5C858E0081CA79874511B58EF25C1F9
SHA1:	4F1901932BF215C3E3D2F1AE85C12401C582152B
SHA-256:	D09056806D969DB2794CF12F8AA48244078C4FBD3C70EFC3A94ED8FB7C8B3A40
SHA-512:	631FF37939BAAA63392F41073F23A855DE78966AC366BCEAB8457EF48810B17997042CFF50874320D732A06CEA09C983EE546C86FA5E8036DF797FB6F16D9ABF
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/images/notification.svg?v=1571
Preview:	<svg width="33" height="33" viewBox="0 0 33 33" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M20.6746 4.19368C19.4316 3.51095 18.0068 3.125 16.5 3.125C12.0765 3.125 8.36039 6.45108 7.8719 10.8475L7.52567 13.9636C7.44751 14.667 7.41395 14.9615 7.35747 15.2457C7.23964 15.8386 7.0455 16.4138 6.77989 16.9568C6.65259 17.2171 6.50081 17.4717 6.13666 18.0786L5.0849 19.8315L5.04739 19.894L5.04737 19.8941C4.67677 20.5116 4.34233 21.0688 4.14811 21.5371C3.9446 22.0278 3.77585 22.6982 4.15079 23.3604C4.52573 24.0226 5.18736 24.2228 5.71285 24.3008C6.21437 24.3752 6.86429 24.3751 7.58448 24.375H7.5845L7.65738 24.375H25.3426L25.4155 24.375H25.4155C26.1357 24.3751 26.7856 24.3752 27.2871 24.3008C27.8126 24.2228 28.4743 24.0226 28.8492 23.3604C29.2242 22.6982 29.0554 22.0278 28.8519 21.5371C28.6577 21.0688 28.3232 20.5115 27.9526 19.894L27.9151 19.8315L26.8633 18.0786C26.4992 17.4717 26.3474 17.2171 26.2201 16.9568C25.9545 16.4138 25.7604 15.8386 25

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 963x1200, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	109244
Entropy (8bit):	7.997621329914749
Encrypted:	true
SSDEEP:
MD5:	44E50C627229ADF2A6242FAFAB2F5A73
SHA1:	F028DCADCDCF3E8AA46BC58D4D1BFBBBEC4CABF5
SHA-256:	7163C04EA8148C81D21056C13B7985F345FF53E114B148BD3CF69C343FCB9A58
SHA-512:	2A8F2DF9B98B9EB3482FFAF8CF118F9893B51D76CB6F5FE757A9A9C1870291F93AE3050636AFB5754BB469C4449707327BF48D6B7FD548620B6BAB74D8AF5F53
Malicious:	false
Reputation:	unknown
Preview:	RIFF....WEBPVP8 ....0....*....>...@.5....V.}p....]....\....y...O._...3u.w.b7..0...9.D..O."...W.....!.c..................g............G.o...O5.#./.........[.W.........?......s..._...O.?...r./........\..>..v.........../..._........w.7..............}.G.w.w.O....,.......U.!......._......?...9.......O....l......;.....?.O.....~....M...........\...c...}......?..x...?...G..x.......r........._.~.}......3...?..........k.......?..a?...s...^.........._...~..+.........w.c.........O.....u........._......_.....?...>.?..=.....7.?.....~9...c.................._.....E.....7...........'...?./.....~......................y...iC...\|...p@>ZP.8 .-(w.....;....J..........y...iC...\|...p@>ZP.8 .-(w.....;....J..........y...iC..P.\|[.I2..w........wo..c...p@>ZP.4$..L...y...8T`...iC...7EW..v..S....{....u..R..9...\..;.....Q.Rlb.Gq\.F...9.....`...(....ce..!Kx-..%p.....C\|k.7Q.......{Ix.!...0w.....;Z..^.ws..........#3Tm)j_i..O..S...a.J.W..... ...F..c.....l..5.%lg<..x... ..n..o.>.....v\|

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	729
Entropy (8bit):	5.487399409654829
Encrypted:	false
SSDEEP:
MD5:	E19C3D3111DB8EB1A3C38B93739B3361
SHA1:	39B751E740852E620870C9D27A5245F94C7475D3
SHA-256:	5C87DF59B770C6B740DE8E316F8BDC1AE27E375EC911D222961E0757C1C9206D
SHA-512:	FC32BF4F2BE09C0746D1CF52444FDCAAA06DD0140DA6291313F59EA8B8C14C9A162DD8DDCB9346EDBE050B17CF3B6A650FE28B3CE904938EFC34EEFA58358A5A
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="utf-8"?>.. Generator: Adobe Illustrator 22.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->..<svg version="1.1" id="Warstwa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"... viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">..<style type="text/css">....style_arrow {fill:#FFFFFF;stroke:#FFFFFF;stroke-miterlimit:50; stroke-width: 30;}..</style>..<path id="svg_3_2_" class="style_arrow" d="M177.2,395.6c-2.5,2.3-2.5,6.3-0.2,8.7c1.2,1.2,2.8,1.9,4.5,1.9c1.5,0,3.1-0.6,4.3-1.7l149-144.1...l0,0c2.3-2.5,2.5-6.6,0-9l-149-144.1c-2.5-2.3-6.4-2.3-8.7,0.2s-2.3,6.4,0.2,8.7l144.2,139.2L177.2,395.6z"/>..</svg>..

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (27106)
Category:	downloaded
Size (bytes):	74644
Entropy (8bit):	5.2238171524733765
Encrypted:	false
SSDEEP:
MD5:	C82A3F8D1A3E8D35DA622D09BB5B4578
SHA1:	FC57AAC275FF001F904C184707212EE723B4810F
SHA-256:	5920AB96A5FFDA4001D36D314CAC886D9D7C60FF82D91AF6621FE2C480062411
SHA-512:	3DE939922DA77D227EB4BE1DE4660B791518A97A91F23E5FBD4E29C44FD546A3C77A681C220435822DE7A4E56CBA2D1CC24AFDD61C742DA0C293C1360CC18323
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/page-flip.browser.js?v=1571
Preview:	!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports):"function"==typeof define&&define.amd?define(["exports"],e):e((t=t\|\|self).St={})}(this,function(r){"use strict";class s{constructor(t,e){this.state={angle:0,area:[],position:{x:0,y:0},hardAngle:0,hardDrawingAngle:0,bottomPage:!1},this.odblaskDiv=null,this.odblaskDiv2=null,this.createdDensity=e,this.nowDrawingDensity=this.createdDensity,this.render=t}setDensity(t){this.createdDensity=t,this.nowDrawingDensity=t}setDrawingDensity(t){this.nowDrawingDensity=t}setPosition(t,e){this.state.position=t}setAngle(t){this.state.angle=t}setFlipAngle(t){this.state.flipangle=t}setOdblask(){forceOnePage?this.odblaskDiv=document.querySelector("#marcincrop2 .odblask"):this.odblaskDiv=this.element.querySelector(".odblask")}setArea(t){this.state.area=t}setHardDrawingAngle(t){this.state.hardDrawingAngle=t}setHardAngle(t){this.state.hardAngle=t,this.state.hardDrawingAngle=t}setOrientation(t){this.orientation=t}getDrawingDensity(){

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	42
Entropy (8bit):	4.136248672727249
Encrypted:	false
SSDEEP:
MD5:	905B1FBB26E082557FF0B3B3553CDA6C
SHA1:	8FE0790D6026998BDB2C9FFA3B915952E613E1B4
SHA-256:	F249B63CB2FCB66B47E86F906C98F8FD912E82DD035B4E53D7E72FC1960CFD16
SHA-512:	284567E83A5C15761498249B27B4B700AA081A65B858F29458E5D0F3DEBDEA93DD5CFAD94EEFAEB43837E70CC288B2A34EA168D2771CB57C993E269C287097CE
Malicious:	false
Reputation:	unknown
Preview:	{"message":"Missing Authentication Token"}

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8570), with no line terminators
Category:	downloaded
Size (bytes):	8570
Entropy (8bit):	5.329269132168096
Encrypted:	false
SSDEEP:
MD5:	282054BCAB2EF683C38A211DED6D3B01
SHA1:	3F03EC244FBC6A3231BC4873E6D7038858D46733
SHA-256:	5F79297541CE5F693A313873E0FC1055B1D42E08EECD5C6F57FED88A077E6B84
SHA-512:	A1F3907B526FB2D285688839ED438CA3215496035C772A5BA3F56AE310C2945439378CAE4CF5C0D97A28FD2A8145D49F5DC919DEF43344CCD487AFE2D160D295
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/Logs.js?v=1571
Preview:	const Logs=function(){this.logs_state_visible=0,this.lastActionTime=Date.now(),this.inactiveTime=0,this.boringTime=0,this.bufforTimeMS=0,this.uniqueId=null,this.sessionId=!1,this.startTime=0,this.dlid=0,this.lfid=0,this.isAndroid=/android/gi.test(navigator.appVersion),this.isIDevice=/iphone\|ipad/gi.test(navigator.appVersion)\|\|"MacIntel"===navigator.platform&&1<navigator.maxTouchPoints,this.isIPhone=/iphone/gi.test(navigator.appVersion),this.isIPad=/ipad/gi.test(navigator.appVersion),this.isFirefox=-1<navigator.userAgent.toLowerCase().indexOf("firefox"),this.isSafari=-1<navigator.userAgent.toLowerCase().indexOf("safari");const s=[];let d=null,n=!1,g=!1,e=null;let=_isLastLog=!1;const i=2e4,t=localStorage,o=new Object({data:null}),r=(this.bookModel=null,this.setLogViewerStart=(e,i)=>{this.dlid=window.dlid,this.bookModel=e,this.uniqueId\|\|(this.uniqueId=HELPER.uid()),this.sessionId\|\|(this.sessionId=v()),k("user_dlids"),I(),S(),!Array.isArray(i)&&isNaN(i)&&(i=0),J("page_start",i,!0,5,0)},e=>

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 96 kbps, 44.1 kHz, JntStereo
Category:	downloaded
Size (bytes):	4979
Entropy (8bit):	7.465220608582786
Encrypted:	false
SSDEEP:
MD5:	A9125E860E067F6B1AE834D6ABB9AD37
SHA1:	C0F3A30C71A6C0DB5630C6A5B84680F014949684
SHA-256:	9150C6F33600F63065D2BF2AC960153A7E579F57F5998AC043AEA47A52354213
SHA-512:	8C9DE5FDDCCE54E1F8A9ED2887217C2E6B3F37EF95720559F16E3C74242B9F373347EC730296665128D7B8F0D15152B63BF883FC836E76BC29AB4F0729B59288
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/audio/v1_1.mp3:2f77cec70bf248:0
Preview:	ID3.......TYER.........2.0.2.1.TDAT.........1.9.0.3.TENC.../.....W.a.v.e.P.a.d. ... .N.C.H. .S.o.f.t.w.a.r.e.TCON.........(.0.).TIME.........1.1.0.4...pD.......................................................................................................................................................................................................................................................................................................................pd......."..'../.#...?'......htf.v.I..I.i&../sT.E.....RC...\|.._.^...3.3WE...q.&...H2NRQ.!..!....?.....?'...Q6.e.sHN...K)r~..3..ad..'H.vA..p.E..B....N..<.....z~...N..w......y.K..md...@..$.....mJ.u.8pL'.y....x..@.].H'~..).\|..2.<......].^..@...~:x..ch..j.$.........L9..s5..t....1........n.bs5.........rd'...LK...`?.......+8..X...t0.....>.e.....?....H.U..N.J.......6....X....y;.k...........s...+..?.w........R..5.{.).s....Eg........h}...a}..KC..w.<.\|.....\....j.1.i..f....ZZ..!.M....W.Ey(....A\B...X.......{....Q

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	108997
Entropy (8bit):	5.8415430438569675
Encrypted:	false
SSDEEP:
MD5:	3BC2A822D6869406A953136B2A27B4A7
SHA1:	8F60D6C39E0E84D21A7B0AB9D3F4517295962E0A
SHA-256:	8E794CF5EE24B115AA781A295FB642CEE124B1BAFC1832E79E5D7749B8525F59
SHA-512:	19DCADC1666DF1F6D8F482263634045DB9E81A85B757067BF93C2D8838CFAB17BA00EEDAED976066B020362D3191DB875FF0AA40248051A602C4EA8C89408F1B
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/css/Book/xs.css?v=1571
Preview:	:root{--area-highlight-color:92,169,255;--modal-bg-color:rgba(0, 0, 0, .92)}.Page{overflow:hidden;width:100%;height:100%;background-color:#fff;display:none}.Page.last{cursor:default}.Page.__load{background:url('data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiBzdHlsZT0ibWFyZ2luOiBhdXRvOyBiYWNrZ3JvdW5kOiBub25lOyBkaXNwbGF5OiBibG9jazsgc2hhcGUtcmVuZGVyaW5nOiBhdXRvOyIgd2lkdGg9IjIwMHB4IiBoZWlnaHQ9IjIwMHB4IiB2aWV3Qm94PSIwIDAgMTAwIDEwMCIgcHJlc2VydmVBc3BlY3RSYXRpbz0ieE1pZFlNaWQiPgo8Y2lyY2xlIGN4PSI1MCIgY3k9IjUwIiBmaWxsPSJub25lIiBzdHJva2U9IiM2NDczODEiIHN0cm9rZS13aWR0aD0iNiIgcj0iMzUiIHN0cm9rZS1kYXNoYXJyYXk9IjE2NC45MzM2MTQzMTM0NjQxNSA1Ni45Nzc4NzE0Mzc4MjEzOCI+CiAgPGFuaW1hdGVUcmFuc2Zvcm0gYXR0cmlidXRlTmFtZT0idHJhbnNmb3JtIiB0eXBlPSJyb3RhdGUiIHJlcGVhdENvdW50PSJpbmRlZmluaXRlIiBkdXI9IjFzIiB2YWx1ZXM9IjAgNTAgNTA7MzYwIDUwIDUwIiBrZXlUaW1lcz0iMDsxIj48L2FuaW1hdGVUcmFuc2Zvcm0

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 14148, version 1.0
Category:	downloaded
Size (bytes):	14148
Entropy (8bit):	7.986251326799113
Encrypted:	false
SSDEEP:
MD5:	69B28056044BE6438CE7E5214C66BA82
SHA1:	39EE8D4427A6062F942513B5B219A320068C7AE7
SHA-256:	B8E094AD64704C2E4836153E641E432B22159B03D5B240B6DD303461BE83F542
SHA-512:	4ACC21A8C3DC8C5DDEC601426E49F00A43B7F3672B90C59F7D177FE49565E87DC18B65CD138763A7C36BDEDC1A55EFA76FFE5228286381FEF7286927282338D0
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/fonts/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Preview:	wOF2......7D......o...6...........................B.p.`..D...........B..6.$..v. .....E.._%c......g....HVN.%..H....[C..P..~.+.E&R.F.Q(.s56&..6.V.'....r...Y.\-..........]....^.E.;...p[.....q..;..Z.......}...T.a.U.......j..tl].?C0.NB.F-.%1...h66zE...$.B..L0..(......o~..o.&......=fn.........V..H9....X;...L.@.."..Z1.....o@,....W+..&..48..........'......[7Y....h.....'?.7s.`.6m2.Es.K..J(e......"..?...u..a.c.&.h.....M....L.wE+Ij.G......k..q.>.=i...AF..0sv.s..t.].M+...../.:.E....Z.w;.M.'... .s...8.x..\|...:..y.K.kw....\|......@(Qx..y..J..K.'.rp....B.Rh.y.....;.e...S,K..$'.....`.pN.;$&....-.aN..<h.%.n.^\|~l......ri........E...J..H...V...[Gbh...$%.$.x,...&........ B2.)...\V.........<S..Fn.y..&.:.2gHO..w.\|.riX.&.4y...6......<.B.9Z..vmh.).J..Ez(_..X.....a...3o...L.p.x...8$.^....kZ....j....GK...x.R."..@.9.X.c..g.\.Qx..NLMK...../(,.)-+...q....Z..(.)+.....ohl.............?<>=...h,..`.M..l._1.....Y.v....7h.(jD)...0.~.]..\|....;.'W.../.:....S..........b...

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 13904, version 1.0
Category:	downloaded
Size (bytes):	13904
Entropy (8bit):	7.986338789711381
Encrypted:	false
SSDEEP:
MD5:	5589842CC46587294240B2CC0C7A0F98
SHA1:	F1BB816B059ACAACA4E925375C0C440F48810C6E
SHA-256:	FDFDF90531F4BCE8EE5FBB9DA2E6736F462011670E5AF0B0DB44D6152C049076
SHA-512:	48583263D4FEBB36E54138E43A902C9BC2F6189C6793739DEBC6412C28D71C2AD2AC114C9C37903A8A06465C4A8C2D8DFA99F065163C2FA2483074069EEED451
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/fonts/lato/v23/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Preview:	wOF2......6P......n...5...........................z.p.`..D.....x..=..B..6.$..v. .....E.%^%c[...j.,...6...@8.`.@.......9..f...>c.Bi.kI.....B... .T.F.P.AG9..M\.=I+:....z3'..[..#...+....y.J.C}...3.).K..{....$..h..73.w?..P.E".D."..).E.B......"X..l..I......!.f..EQ.E..b....."Q"%i...&:k.qsm..m.J..~-...Z.G.~..X..u{gg..%.5.H..<+.M\|`;...<....I...>`.9]Qz.[%M:..+..<a.@&E>b.CG..}.....X a...-i....WE^.....y.....l.I.N......r~?.\.C...{7...T&...W.)...L..I...W..ks.s..#.x..9.......%.Y0=.>.V...]........m....[A......R.\.M....K..jM+....d.tD..:... .2+..2V@PQU.,...J.....Z....!/.e..D..C<..M..A=..Y.l9.v.X..~../..J..k..E=...c...$.a.).`TV.8nb...^'/..n7n... R.<q.....W...1(..u)..~.r.x...y......C.n.y.\..6. aRraa.7..m.2.CAl.....[z......+.9a.a..1..?....Z/Z...3..=.O..a....R.x...,&W.O.Y.I.!...W.N.`.#B....H...).6.D..9.\....X...\..5...7. \|......'.^..D$).(R...).........X..9.%......U.R.F..Nj..1S.,.l...........c.}....ED..%Ph.VRJZFV.....*V.\.j..5j.J......!.t...z,m........./...e.~H`.#}

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10364)
Category:	downloaded
Size (bytes):	11323
Entropy (8bit):	5.4664579632042445
Encrypted:	false
SSDEEP:
MD5:	B48C8F95B76EE9FF2FF574D876433D65
SHA1:	EF854782F7763D8BC2F83CD6B7CE7C72D7758CC5
SHA-256:	B9D98B4575601C20A1EF9D2BACC674CECC8E20BCFB769CF96356F48082A55AA7
SHA-512:	AEBD78FD004E3465445940E8924C1A091A6D83A3B8FF08F53EE3154AE31FC77D159AC3D9206152AC527290223F887C1551FCBCE09DCAE8C7F8952552ECA7C0F2
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/Layout.js?v=1571
Preview:	"use strict";APPonReady.add(function(){APP.Layout=new function(){function e(){this.classList.add("__active")}function t(e=null){this.classList.remove("__active"),e&&"function"==typeof e&&e()}function i(e=null){this.classList.toggle("__active"),e&&"function"==typeof e&&e()}function o(){g.getBody().classList[is_vertical()?"add":"remove"]("is_vertical"),g.getBody().classList[is_horisontal()?"add":"remove"]("is_horisontal"),g.getBody().classList[is_mobile()?"add":"remove"]("is_mobile"),g.getBody().classList[is_desktop()?"add":"remove"]("is_desktop"),g.getBody().classList[is_small_embed_not_mobile()?"add":"remove"]("is_embed")}var s,l,d,a,r,n,c,_,m,u,h,b,g=this,p=(this.getBody=function(){return document.body},this.getHeader=function(){return null==s&&((s=document.getElementById("header")).show=e,s.hide=t,s.toggle=i),s},this.getMain=function(){return c=null==c?document.getElementById("main"):c},this.getFooter=function(){return null==l&&((l=document.getElementById("footer")).show=e,l.hide=t,l

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7685), with no line terminators
Category:	downloaded
Size (bytes):	7685
Entropy (8bit):	5.25180703592029
Encrypted:	false
SSDEEP:
MD5:	A3264D8D6D1E68035F12BA951C638911
SHA1:	127459C4ABB81B276C7BF6CA183CE8FAD651B746
SHA-256:	9E26BBA9ED4D9A1EE46F0FB6030922F53CF0019F5ADC857621ACED8066ED8848
SHA-512:	E4B63F0B1310225617D4007A8887E26AEBDD45B8861168BADB036E8974B4B10288D8BE37367A5324EB1298FAA9CC8F9EBC7429C75A94A309027D83A3144DD058
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/VideoEmbed.js?v=1571
Preview:	APPonReady.add(function(){APP.EMBED=new function(){self=this;let s=[],l=!1,u=!1,d=null;this.inializeYoutubePlayer=async(t,a,o,r,n,l=null)=>{u\|\|await function(){const e=APP.PATH_CF_FLIP+"assets/scripts/workers/yt/player.js";try{var t=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(e){return e}});e=t.createScriptURL(e)}catch(e){}let a,o;window.YT\|\|(a={loading:0,loaded:0});window.YTConfig\|\|(o={host:"https://www.youtube.com"});if(!a.loading){a.loading=1;const n=[];a.ready=function(e){a.loaded?e():n.push(e)},window.onYTReady=function(){a.loaded=1;for(let e=0;e<n.length;e++)try{n[e]()}catch(e){}},a.setConfig=function(e){for(const t in e)e.hasOwnProperty(t)&&(o[t]=e[t])}}const r=document.createElement("script");return r.id="player-yt",r.type="text/javascript",r.src=e,r.async=!0,document.body.insertAdjacentElement("beforeend",r),new Promise(e=>r.addEventListener("load",()=>{u=!0,e()}))}();const i=setInterval(()=>{if(iframe=document.getElementById(t.id)){const e=

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=GIMP 2.8.22, datetime=2021:05:04 16:29:54], baseline, precision 8, 1279x719, components 1
Category:	dropped
Size (bytes):	129516
Entropy (8bit):	7.922298798541456
Encrypted:	false
SSDEEP:
MD5:	EB7EDC1B2C6BE7E19D2FDC21E8EA93C9
SHA1:	5874B109921A3E7128EA5521F4F8DEFD5A04AD8C
SHA-256:	1E6AFC0AF4D6302EA533B22E9B398B7053E50FF29C2D53E4CDEDCE8DD7C51110
SHA-512:	979D016985C09923D72289F7BD900FB1F663E05DA3C5051BD86854B77FB3AF2E0F3A5B69BB29A9DBFB3B11B9192774AE2B90CBC50C6D2D746891DB8BF7345104
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....H.H......Exif..MM..............................b...........j.(...........1.........r.2.........~.i.................H.......H....GIMP 2.8.22.2021:05:04 16:29:54...........0210........0100.......................~...........6............................."............(.....................2...................H.......H..........JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......n...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...(...(...(...(...(...(...(...(...(...(..

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5300), with no line terminators
Category:	downloaded
Size (bytes):	5300
Entropy (8bit):	4.985995458424912
Encrypted:	false
SSDEEP:
MD5:	C5FCA2BBE3B1EC42C5E9C36270544FBF
SHA1:	6CB5B6B95C92F43570A31947D8EE03C752B57F2D
SHA-256:	8618DFF6E4BDC7A01423C78B0873E481C491A3DC0A584D7328C74E73A5227387
SHA-512:	9126B6FBB580160D10B51AAC6BDC91EDDA5BD4844419CDF33C6C936CB078B3797CE8CA424DB8B0F5B7A6FAB939A250445108742825CAB50608B2ADE9903EAE25
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/css/Menu.css?v=1571
Preview:	#footer,#header{min-height:35px;max-height:45px;height:8.5%;width:100%;transition:margin .3s;padding:0 25px;font-size:14px;width:94%;left:3%;width:100%;position:absolute;width:100%;left:0}#header{display:flex;align-items:center;justify-content:normal;z-index:3}body.is_mobile #header{justify-content:space-between}.header__border{position:absolute;left:0;bottom:0;height:100%;width:100%;background-color:#000;opacity:.1}body.light .header__border{background-color:#fff!important;opacity:.5}.footer__border{position:absolute;left:0;bottom:0;height:100%;width:100%;background-color:#000;opacity:0}#footer{display:flex;justify-content:space-between;align-items:center;position:absolute;bottom:0}.header__icons{width:100%}.header__book-name{font-weight:600;opacity:.95;position:relative;left:0;color:inherit;width:90%;display:block}.header__left{width:25%;position:relative;left:0;display:block;z-index:1}.header__left .header__icons{justify-content:flex-start;height:100%;justify-content:flex-start;alig

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1014
Entropy (8bit):	5.167245133129533
Encrypted:	false
SSDEEP:
MD5:	0B7141E2151947567E90AE3DEC678631
SHA1:	A4CF1DAE878F8FC8B85E6AB842F6A356658C3E3F
SHA-256:	7205A496FDD72B2940C04679A439914223CC71D51F35F690F51F470F634170B7
SHA-512:	B01575F7AFC48480476F919F827483CEC5506AAA30C395DE39BD5D536DD05EAF156EB93E8CF3DD1FC9F6871B0E474EDAD2CECD380D86B69F328C68BA6B739A59
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="utf-8"?>..<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 58.9 64.1">.. <style type="text/css">.. .iconpath{fill:#2c55b3;stroke:none !important;stroke-width:2;stroke-linejoin:round;}.. </style>.. <g id="Warstwa_2" data-name="Warstwa 2">.. <g id="Layer_1" data-name="Layer 1">.. <path class="iconpath" d="M56.1,13.3H53.4V2.7A2.57,2.57,0,0,0,50.7,0H8.1A2.57,2.57,0,0,0,5.4,2.7V13.4H2.7A2.57,2.57,0,0,0,0,16.1V37.4a2.57,2.57,0,0,0,2.7,2.7H5.4V61.4a2.57,2.57,0,0,0,2.7,2.7H50.8a2.57,2.57,0,0,0,2.7-2.7V40h2.7a2.57,2.57,0,0,0,2.7-2.7V16A2.77,2.77,0,0,0,56.1,13.3Zm-45.4-8H48v8H10.7ZM48.1,58.7H10.7V40H48V58.7Zm5.3-24H5.4v-16h48Z"/>.. <path class="iconpath" d="M18.7,48H40a2.7,2.7,0,1,0,0-5.4H18.7A2.57,2.57,0,0,0,16,45.3,2.63,2.63,0,0,0,18.7,48Z"/>..<path class="iconpath" d="M18.7,56H40a2.7,2.7,0,1,0,0-5.4H18.7A2.57,2.57,0,0,0,16,53.3,2.63,2.63,0,0,0,18.7,56Z"/>..<circle class="iconpath" cx="48.1" cy="24" r="2.7"/>..</g>

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	52
Entropy (8bit):	4.508132025833399
Encrypted:	false
SSDEEP:
MD5:	454A7B1F35ECC1C867D26CD9B39211E7
SHA1:	576BE8BC643756753508337439706AA87099079A
SHA-256:	8BD455EB0E2CA015B6C629101E63A781ADD5294B5A78B4671A1AB515B4B403EC
SHA-512:	37BD224EA4678E4228A19476CD3CF021D772B48284B31340B3F7A492A6298845479207AD65F9788CC379CFAF23F67BED84BCCFF7A83A9771A6B9F527617D40A5
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISJQlYmpwahuqVTRIFDTWGVBwSBQ2RYZVOEgUNK9T3XhIFDTRYd8c=?alt=proto
Preview:	CiQKBw01hlQcGgAKBw2RYZVOGgAKBw0r1PdeGgAKBw00WHfHGgA=

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	721
Entropy (8bit):	4.801096583776827
Encrypted:	false
SSDEEP:
MD5:	C367903210123C014EC5E671676601C7
SHA1:	3059F9B6044E3ECE90432553AF10A5692D4DAC3C
SHA-256:	D91E82B7DDA3E4B51CE72438B7B940DC7EA4D877D1E2C5BF1C39BA5E01A6CD7C
SHA-512:	44ECC49CC36F06E0F6AEFDA56107AE891736E73D41AC1006233F7FD02D439B5065C8F333F60BCB6970D7F4BE246A3C5630CF6A90AC145A6DAE870A625C40E62A
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="utf-8"?>..<svg id="galeria" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 60 60" class="rotate-icon">..<g id="ico_4"><path d="M39.77,18.93a5.21,5.21,0,0,1,1.84,3.54,5.28,5.28,0,0,1-1.2,3.82l-4.69,..5.59a5.23,5.23,0,0,1-7.36.64l.73-.86a4.11,4.11,0,0,0,5.76-.51l4.7-5.59a4.09,..4.09,0,0,0-6.27-5.26l-2.35,2.79-.87-.72,2.35-2.8a5.23,5.23,0,0,1,7.36-.64ZM20.23,..42.21a5.23,5.23,0,0,1-.64-7.36l4.69-5.59a5.25,5.25,0,0,1,3.55-1.84,5.17,5.17,0,0..,1,3.81,1.2l-.73.86a4.08,4.08,0,0,0-3-.93A4,4,0,0,0,25.15,30l-4.69,5.59a4.09,4.09,..0,0,0,6.26,5.26L29.07,38l.87.73-2.35,2.79A5.18,5.18,0,0,1,24,43.41,5.25,5.25,0,0,1,20.23,42.21Z" stroke="rgba(255,0,0,1)" fill="rgba(255,0,0,1)"></path>..</g></svg>

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 321x400, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	20832
Entropy (8bit):	7.988947671939297
Encrypted:	false
SSDEEP:
MD5:	25BF1AF33961E063CC0B37ED9A7BA297
SHA1:	ACAFA86B960C1EE5AB1561A69D015D421B717622
SHA-256:	484CC61D6737A69F3C93F09CAC9B3D33FF45DDE1368A3A863F188A8C443F3BBC
SHA-512:	5010D9CB12C75BC342E6C20F9B9C5F23979751D444C981C32A84BAE13290C0AB84F53470DEF91AA45BF7A7AD91EF8BA553607C721290596404D8326377858522
Malicious:	false
Reputation:	unknown
URL:	https://d1uiew9hysv4w7.cloudfront.net/518284/1161698/txt/1161698_1_400.webp
Preview:	RIFFXQ..WEBPVP8 LQ.......A...>...@.%.....#1a.-\|"76..[....4...........[y....v..7._._....{.?`?.}..........^...........o._............C...........].k.....~....8.O.......w.w..g.....<.../............._.>._............k.....c...O...?.}..'...E.O.......?ko...z..g....._\.B._............?......7.?..p............x><...o...........?a.....C..o~.>...........^.......p...?.~[.i.......oQ..........._.?..E.......o.?...}..+.o.....~....>.5.......?..........1...........=.2.@..z......me.71....vp<..w......a.K.,. ..C.T..{.2...)E&]...^i.sO\bz..@.......".....2.......E.<Ot-!..K[...T..GO7.....DM._.+.y..A.^._.......!L`e.8.4J.8.t.........82I.\.+>..#..U_?..._/.q\|.\........m.........<..g1.....L.lC.4f..Wt....,o.....I..i.m.3.t....T.4.M.Vw."...ZZ.z.q.%....G#w .....8....r..,1.?p....X..*.2..y.A.kC.....\|!...b.qZ.\|....8.)...W..z......w...~.......... ..B.%......W....`..x.k..-j..4/.X...)..W.....Y..u.....0..vF".AU.m....Z.48.w..Ro.M...."...-+D....v..+..1QlH8..T...g.........,G.n...3%M'H..

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Ogg data, Vorbis audio, mono, 44100 Hz, ~80000 bps
Category:	downloaded
Size (bytes):	6305
Entropy (8bit):	7.6903142488595275
Encrypted:	false
SSDEEP:
MD5:	962AD009685D2C4647DA605A33BD555D
SHA1:	DD5DA9B020608114867CDD1105261B94AF876B15
SHA-256:	B5F6536DAF4230BC5D6EFA2FC33B05E23EA5CF34724286E1C03A507A7BE65C5E
SHA-512:	97DBCD62002D09FF8219ABDA2DAACAE410798A138C23DF1DD50A70A6C6935C34878B4CD7885EEE5FC980A70BA42F44DB654104C3C8053D7322C9C43648BFF83A
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/audio/v1_4.ogg:2f77cec71d582d:0
Preview:	OggS....................Y...vorbis.....D........8........OggS...................V.................vorbis....Lavf58.45.100........encoder=Lavc58.91.100 libvorbis"...encoded_by=WavePad . NCH Software....genre=Blues....date=2021-03-19 11:04..vorbis"BCV..@..$s.F.s....BP...B.k..BL...2L[.%s.!..B.[(..U..@...Ax...A.!.%=X..'=.!..9x..iA.!..B.!..B.!.E9h..'A....08...8...E9X..'A. ..B....9.!.$5HP..9....,(...0....5(...0...B...I5...gAx..iA.!.$AH...A...FAX...9....A...9... 4d.......(..(..........@Q..q........Y.........H..H..H.$Y.%Y.%Y..,.,.,.2.....H..PQ.Eq....Y..d....8..X..h...............4CS<G.D.TU.m.m.m.m.m[.e...Y..@....if...0...BCV........0..U..@....J....9..Y..J.9..H.y....9.s...1.9..Y....9..Y....9.'.y..9.q..`...9.&.y....9...i..K.9.H.yR.K.9.s.9.s.9........9.......9.O.....9.s.9.s.9. 4d.....@...a.)...h F.b.2.A..0....B...h..:.%.qRJ'..Y.....@.!..RH!..RH!..b.!..r.)...J....2.,..2.,..:..;.1..C+..RSm5.Xk.9..VZk..RJ)..R.BCV.. ...B..d.QH!..b.)..r.*...U.. ....

Chrome Cache Entry: 189

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (42033)
Category:	downloaded
Size (bytes):	119529
Entropy (8bit):	5.37701262676395
Encrypted:	false
SSDEEP:
MD5:	83F1E465C05197B1076046BF4B67A774
SHA1:	BA8E5E757A2C908BD7435F7395F91EE6B4C68337
SHA-256:	CFE176D0D326963F72A414152A04C97BEB789E5BEE9A56A39DB1853519EBBEFA
SHA-512:	BAFE8DFEF95AEDEB6B5E0BE48471559A2D4127FD858CCDC5D740F1DB553F219C83C923422EBC6A97CC41FC6715CBCB61A1CDC0262565D365791C543C2A9E660E
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/scripts/Book_curl.js?v=1571
Preview:	"use strict";var Book=function(d){var u=this,h={padding:(is_mobile(),20),menuHProc:8.5,menuMaxH:45,menuMinH:35,forceOnePage:forceOnePage,menuHeight:90,PreloadImages:PreloadImages,detectOrientationChange:!0,nextPrevButtons:!0,pagesRanger:!0,Scaller:!0,sidebar:!0,min_scale:0,max_scale:20,default_scale:0,PVTtime:100,useVector:!0,fakeRequest:!1,showSinglePageMode:!1,thumbsNumPreload:50,webpSupport:!1,shadowsInZoom:!1,hideArrowsInZoom:!1,loadSvgOnZoom:!0,showPageLikeIMG:!1,minLoaderTime:1700};const c=window.location.href;var n=1;let l,g,F=null,o=!1;var $=!1;let z=null,W=0,i=!1,D=void 0,j=!1;var e,t,m;this.password=null;let U=this.leadform_configured=!1,V=!0,Z=!1,X=!1;this.autoplayInInitialized=!1,this.autoplayIn=null;const Y={val:0,listener:function(e){},set page(e){this.val=e,this.listener(e)},get page(){return this.val},initializeListener:function(e){this.listener=e,window.onerror=function(e,t,o){oLogs.log_send_error(d.ref_id\|\|d.id,d.publisher_id,{acc:"error",data:`ERR: ${e} URL: ${t} L:

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1512), with no line terminators
Category:	downloaded
Size (bytes):	1512
Entropy (8bit):	4.952873070703589
Encrypted:	false
SSDEEP:
MD5:	C9CF33EA44218467EEAE16E8F6729CE2
SHA1:	99EF8F64C844A2568A9028318A458D4A31818CD5
SHA-256:	704F85E70915562AD7BED52F9C8636A6DADE7D7E4DEDBBB0D9B6F2C96DDE4E72
SHA-512:	13B7674F07D94337EC9645ADC95D67A28A3A307F2B12CC8F1A35E94D5FEDF160FE78E2DAB973CA7F231DDD0CD1213783170999F4434F077213B71571102E1206
Malicious:	false
Reputation:	unknown
URL:	https://dkl18tmi4r0t8.cloudfront.net/flipbook/202405/assets/css/Ranger/xs.css?v=1571
Preview:	#zoomranger{background:linear-gradient(to right,#82cfd0 0,#82cfd0 50%,#fff 50%,#fff 100%);border-radius:8px;height:7px;width:356px;outline:0;transition:background 450ms ease-in;-webkit-appearance:none;z-index:3;border-radius:5em;-webkit-appearance:none;appearance:none;width:100%;height:2px;background:currentColor;outline:0;opacity:.7;-webkit-transition:.2s;transition:opacity .2s;z-index:2;cursor:pointer;margin-top:12px}#footer #pageranger{background:linear-gradient(to right,#82cfd0 0,#82cfd0 50%,#fff 50%,#fff 100%);border-radius:8px;height:7px;width:356px;outline:0;transition:background 450ms ease-in;-webkit-appearance:none;z-index:3;border-radius:5em;-webkit-appearance:none;appearance:none;width:100%;height:2px;background:currentColor;outline:0;opacity:.7;-webkit-transition:.2s;transition:opacity .2s;z-index:2;cursor:pointer}.Ranger{display:flex}.Ranger__container{display:flex;align-items:center;justify-content:space-between;position:relative;width:550px}.Ranger_page-num{font-weight:6

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://publuu.com/flip-book/518284/1161698

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 151

Chrome Cache Entry: 153

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 166

Chrome Cache Entry: 168

Chrome Cache Entry: 169

Chrome Cache Entry: 170

Chrome Cache Entry: 173

Chrome Cache Entry: 174

Chrome Cache Entry: 175

Chrome Cache Entry: 176

Chrome Cache Entry: 177

Chrome Cache Entry: 178

Chrome Cache Entry: 179

Chrome Cache Entry: 180

Chrome Cache Entry: 181

Chrome Cache Entry: 183

Chrome Cache Entry: 184

Windows Analysis Report
https://publuu.com/flip-book/518284/1161698