Edit tour

Windows Analysis Report
https://consumlesselectric.blogspot.com/

Overview

General Information

Sample URL:	https://consumlesselectric.blogspot.com/
Analysis ID:	1447907

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 4532 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://consumlesselectric.blogspot.com/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2992 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1948,i,8777731648890855217,12355644242319370358,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://firebasestorage.googleapis.com/v0/b/elon-c52f7.appspot.com/o/elonwatt.html?alt=media

HTTP Parser: No favicon

Source: unknown

HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49779 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95

Source: global traffic	DNS traffic detected: DNS query: consumlesselectric.blogspot.com
Source: global traffic	DNS traffic detected: DNS query: www.blogger.com
Source: global traffic	DNS traffic detected: DNS query: www.blogblog.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.youcan.shop
Source: global traffic	DNS traffic detected: DNS query: topicalpage.world

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown

HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49779 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@15/39@16/160

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://consumlesselectric.blogspot.com/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1948,i,8777731648890855217,12355644242319370358,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1948,i,8777731648890855217,12355644242319370358,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://consumlesselectric.blogspot.com/	0%	Avira URL Cloud	safe
https://consumlesselectric.blogspot.com/	1%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
cdn.youcan.shop	104.18.29.62	true	false	unknown
blogspot.l.googleusercontent.com	216.58.206.33	true	false	unknown
www.google.com	142.250.185.68	true	false	unknown
blogger.l.google.com	142.250.181.233	true	false	unknown
topicalpage.world	13.224.189.48	true	false	unknown
www.blogblog.com	unknown	unknown	false	unknown
consumlesselectric.blogspot.com	unknown	unknown	false	unknown
www.blogger.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://consumlesselectric.blogspot.com/	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.110.84	unknown	United States	15169	GOOGLEUS	false
142.250.186.67	unknown	United States	15169	GOOGLEUS	false
142.250.185.68	www.google.com	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
216.58.206.33	blogspot.l.googleusercontent.com	United States	15169	GOOGLEUS	false
13.224.189.48	topicalpage.world	United States	16509	AMAZON-02US	false
142.250.185.110	unknown	United States	15169	GOOGLEUS	false
142.250.181.233	blogger.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.106	unknown	United States	15169	GOOGLEUS	false
216.58.206.46	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.18.106	unknown	United States	15169	GOOGLEUS	false
104.18.29.62	cdn.youcan.shop	United States	13335	CLOUDFLARENETUS	false
142.250.186.33	unknown	United States	15169	GOOGLEUS	false
142.250.186.105	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1447907
Start date and time:	2024-05-27 12:18:14 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://consumlesselectric.blogspot.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	6
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@15/39@16/160

Warnings

Exclude process from analysis (whitelisted): dllhost.exe
Excluded IPs from analysis (whitelisted): 52.165.165.26
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, sls.update.microsoft.com, fe3cr.delivery.mp.microsoft.com, glb.sls.prod.dcat.dsp.trafficmanager.net
Not all processes where analyzed, report is missing behavior information

LLM Input / Output

Input	Output
URL: https://consumlesselectric.blogspot.com/ Model: gpt-4o	```json { "riskscore": 1, "reasons": "The provided JavaScript code appears to be related to a Blogger site and initializes widgets and data context for the blog. There are no obvious signs of malicious activity such as obfuscated code, unauthorized data access, or suspicious network requests. The code primarily deals with site configuration and social sharing features. The presence of long random hexadecimal strings and tracking elements are considered no risk as per the instructions." }
window['__wavt'] = 'AOuZoY5ytpkRRlh2ZG0E4ZR8g2xEbzmMTg:1716805154966';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d2522934009070233515','//consumlesselectric.blogspot.com/','2522934009070233515'); _WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '2522934009070233515', 'title': 'consumlesselectric', 'url': 'https://consumlesselectric.blogspot.com/', 'canonicalUrl': 'https://consumlesselectric.blogspot.com/', 'homepageUrl': 'https://consumlesselectric.blogspot.com/', 'searchUrl': 'https://consumlesselectric.blogspot.com/search', 'canonicalHomepageUrl': 'https://consumlesselectric.blogspot.com/', 'blogspotFaviconUrl': 'https://consumlesselectric.blogspot.com/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': false, 'httpsEnabled': true, 'enabledCommentProfileImages': true, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': '', 'encoding': 'UTF-8', 'locale': 'fr', 'localeUnderscoreDelimited': 'fr', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22consumlesselectric - Atom\x22 href\x3d\x22https://consumlesselectric.blogspot.com/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22consumlesselectric - RSS\x22 href\x3d\x22https://consumlesselectric.blogspot.com/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22consumlesselectric - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/2522934009070233515/posts/default\x22 /\x3e\n', 'meTag': '\x3clink rel\x3d\x22me\x22 href\x3d\x22https://www.blogger.com/profile/16608853984580722471\x22 /\x3e\n', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': true, 'adsenseAutoAds': false, 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/e21e17d1a8945230', 'plusOneApiSrc': 'https://apis.google.com/js/platform.js', 'disableGComments': true, 'interstitialAccepted': false, 'sharing': {'platforms': [{'name': 'Obtenir le lien', 'key': 'link', 'shareMessage': 'Obtenir le lien', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Partager sur Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'Twitter', 'key': 'twitter', 'shareMessage': 'Partager sur Twitter', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Partager sur Pinterest', 'target': 'pinterest'}, {'name': 'E-mail', 'key': 'email', 'shareMessage': 'E-mail', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlu
URL: https://firebasestorage.googleapis.com/v0/b/elon-c52f7.appspot.com/o/elonwatt.html?alt=media Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "reasons": [ "The text does not contain any form fields for a username or password.", "There is no 'Log In' or 'Sign In' button in the text.", "The text is about news reports and environmental issues, not about logging into a system." ] }
News Reports Claim EXCLUSIVE DISCOUNT NOW A NEWS Just in The environmental problem is pressing, isn't it? This scorching summer weather has caused many lakes to dry up. Elon Musk is calling on everyone to conserve energy and electricity to protect the environment! Order & Save 500/0 >>

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon May 27 09:19:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.983667464518338
Encrypted:	false
SSDEEP:
MD5:	3B9B6E29CE2687C4216B7C3CA39EF1E4
SHA1:	51BDC8A3BBED41F55DCAD1ECE0F74EDD81438C83
SHA-256:	171385A4128E9976AA976F88EFB9FBA1EDF4F3E4DEBBEE076D1FC36D5178994D
SHA-512:	C270EC13872A3ED7ACB5B75ADE6FE1E85012BC9FD13D18E87AB13D88ABD5A6800943CC7F6BF60DDC96AF5191B22B397A8BD11323E31A4A4FC31B101A062C38EC
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.......S....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.XSR....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XfR....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XfR....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XfR..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XhR...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B..z.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon May 27 09:19:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.997887063213389
Encrypted:	false
SSDEEP:
MD5:	6ECED3ED4A10CA451888DB7E7D254698
SHA1:	688CA8345D67611819ADA3E16CD251E7DCF20468
SHA-256:	B81901BAE54C4CD4D155158670898CCBB17F349FBCE9CF090B943D799D6B0B64
SHA-512:	332B3523714DE5373C4734649BA5B7BCDCACE15809BC929A6CF355955222EC848BEDED00FC9F5E34EF280D86CE2EA364581196AB6666F2A51031482B23AD439C
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......S....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.XSR....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XfR....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XfR....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XfR..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XhR...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B..z.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.008022183382734
Encrypted:	false
SSDEEP:
MD5:	F9E547792BFEEC6D8C36479E837EE72D
SHA1:	7EA17425E3BBE491275D75CD8D48A533BA3A7CC5
SHA-256:	73683517D5E5B665C71C301782A1B13AA934C92C9CD374D4F0A591FAE5AE13D9
SHA-512:	6B3CF01BBDDD0FB435D239278E167AA651EC4AF6A7D32405AF6FC030FFE056BAF3C39EF915AEE73E5FD2E27C8A656AA9FDCCC2497D2482BFF7C482DDD7845680
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.XSR....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XfR....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XfR....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XfR..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B..z.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon May 27 09:19:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.995241318788601
Encrypted:	false
SSDEEP:
MD5:	58410AEB918534E5E27F14286553999C
SHA1:	8BF4D3393E0757489937387A2DD9D4A8EBC672F8
SHA-256:	4F4EB0C827366D20C5AB96A819A05965F030C4C13CC4B696EAD5CC2D1944693E
SHA-512:	EC282EB6711C18B3184BF04F4990164D4F16B2858B457DAAAA2A9D68F83A562DF5C3DE0C007AB17A22C63BD43D46C4BEDD71AD19CD55098B2E2AA4A498DF2CFD
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....~..S....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.XSR....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XfR....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XfR....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XfR..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XhR...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B..z.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon May 27 09:19:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.984584609840184
Encrypted:	false
SSDEEP:
MD5:	81993DAFC6A92C33374FE7AE97E8BF79
SHA1:	C17C14A7A12C25FAE728744E78D4AD7B95292723
SHA-256:	1AB6EBA5CCF97AC562A91B5AB404C5239AF99D0B42E8DC01293CC1066E99EB83
SHA-512:	6B9D2C26C25FBD5053E902F157D5DDCC0450BCD5D2783EA40613BFDC3A102E86C2D4817A520DAE6702B7A38E5B92FF946BDD23A0D5FADF5A1864729562BDAAD8
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....;.S....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.XSR....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XfR....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XfR....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XfR..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XhR...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B..z.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon May 27 09:19:15 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9958475195345025
Encrypted:	false
SSDEEP:
MD5:	105907DCA741F3E77383A0E2BCE69BBC
SHA1:	88D4865AA2A74528DB4133BDB1C0AF399C937550
SHA-256:	61FD0086985CA473A86C9541AF4725899FD7348F38949A5196851DD1B880D458
SHA-512:	FDFD4A6BAB57018A201158F72CDB6947E41A57E49EF8211DE0C745BE98C603B6AF39CF8A771C456779345F49146051FC2B5B9518E6097CEC45AA774D3F9217CF
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....[(.S....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.XSR....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XfR....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XfR....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XfR..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XhR...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........B..z.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=560, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1211x492, components 3
Category:	downloaded
Size (bytes):	369076
Entropy (8bit):	7.887234571734643
Encrypted:	false
SSDEEP:
MD5:	1651AB47197910CD7D24CA549B3362C1
SHA1:	CFEB54D978B6F1E061C44337E5CC60D32C6AC997
SHA-256:	D42EE1A44296E5D8045F44AE589912385A94FA8ADF7FDFB5799858F40BFB2456
SHA-512:	E394A85AD88B278CD2EA4D160464D024AC698AF70A11486E0A87BB4112E7BCD888E9E6174CB782E4C692DA37911FACC672A9EACFDAFBAA7EF795A2A1C7F26FC6
Malicious:	false
Reputation:	unknown
URL:	https://cdn.youcan.shop/stores/dfd827e1800ccb4b1a228eb01a78a06d/others/8qmqo74A4FllxWEmcJ1CZABg7wIyCDTaA9SW3yPb.jpeg
Preview:	......Exif..MM.*...............@...........0...........................................................................(...........1.....!.....2..........i.............$............'.......'.Adobe Photoshop 23.1 (Macintosh).2022:03:30 11:15:25..............0231...................................................................r...........z.(.................................Q.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................A...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..:6._.=.]+..C........y.n.W..[..].M..Z.-...\.....S.Ck..>=....Z........X..q

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=410, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=550], baseline, precision 8, 550x410, components 3
Category:	dropped
Size (bytes):	103113
Entropy (8bit):	7.840119451263029
Encrypted:	false
SSDEEP:
MD5:	CDB78F652921363D0F294F358A7C5633
SHA1:	C2AEDE140E10FF3A85B3CCF2604E2D014C0E2C34
SHA-256:	5DB46A66FD39821AFDA4D36DC5247E7441F527FCC1F839310FD6677BB19A890A
SHA-512:	065DCF58277C6AB7C8D75CAFACEAFDFAB2CAAAE149DBE9CE503E7976A7C290E917936383CCA256A6BB2EC0944EB8F78F2A60A69D5C3B2A2D47A38424404B2FE0
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*...............&.......................................................................................(...........1.....!.....2.......................i.............0............'.......'.Adobe Photoshop 23.1 (Macintosh).2022:03:29 12:27:21..............0231.......................&...........................................~.............(.................................U.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................w...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?...T.I..'!@).)...$..S. ...%,....(....j.(\.]/....\...JV.4..._X...

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2775)
Category:	downloaded
Size (bytes):	295787
Entropy (8bit):	5.608774664073882
Encrypted:	false
SSDEEP:
MD5:	D13F5F5837F34C55E7BEE190ADBB90BD
SHA1:	543C6C2F314C0CF4BC2C795C2A161661FDA15A42
SHA-256:	471DC6B422DBCA87CC789062F2CC76CCCFAE236D4327F7B880EC349232336272
SHA-512:	82B36AAFBCE9B81FBD037362ECF900BA2ED40E6A68E05EEA8A426B1ABC8556542F534C69F3CD5952ACAAA4FEAA1694FA7BC5FF339C2DA33D4A4276F6728B1A80
Malicious:	false
Reputation:	unknown
URL:	https://www.blogblog.com/dynamicviews/e21e17d1a8945230/js/common.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. SPDX-License-Identifier: Apache-2.0./.var aa='"Helvetica Neue Light", HelveticaNeue-Light, "Helvetica Neue", Helvetica, Arial, sans-serif',ba="#content",ca="#gadget-dock",da="#overview",ea="#sidebar",fa="#sidebar .items",ia=".filtered",ja=".gadget-content",ka=".gadget-resize-detector",g=".item",la=".item.filtered",ma=".item.open",na='.item[data-id="',oa=".items",pa=".items .item",qa=".lightbox-content",ra=".lightbox-panel",ta=".overview-content",ua=".singleton-element, #injected-iframe",va=".toggle-container",wa=".toggle-switch",xa=".viewitem-panel",.ya="/feeds/posts/default",za="/search/label/",Aa="<a name='more'></a>",Ba="Attribution",Ca="BlogArchive",p="Date",Da="Failed to parse post content",Ea="Item",Fa="Missing or invalid tag",Ga="Overview",Ha="SCRIPT",Ia="Symbol.iterator",Ja="ViewItem",Ka="__filtered",La="__nested:",Ma="_relative",Na="action",Oa="active",Pa="adsense_client_id",Q

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2023:07:26 17:58:24], baseline, precision 8, 750x429, components 3
Category:	dropped
Size (bytes):	65587
Entropy (8bit):	7.854424775364627
Encrypted:	false
SSDEEP:
MD5:	3A6E814276CBA9BE1C775FF5ABECF34E
SHA1:	C949C045D453530755582B4CC394790D1A7E69C1
SHA-256:	ABADEEE61CDA40459DA113C18C74EE5818714E78DFB859944580B2D1437B4973
SHA-512:	77A80EB20D3FF8C09A36350A3FB4503E99AD7E50C016E20EDBCC4160069DF32FE1B0A7E293050D71855B40B48167C5161790360C6661ED3997955CE5F70B0F4B
Malicious:	false
Reputation:	unknown
Preview:	.....\|Exif..MM..............................b...........j.(...........1....."...r.2...........i....................'.......'.Adobe Photoshop CC 2019 (Windows).2023:07:26 17:58:24....................................................................."............(.....................2...........B.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................\...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?.....T.l.<.nKrHg)nC...V.r.......{.aR.]I.U7X...&=.}+5..?g]...ZM...I._..QE./...VXc2.vw.uV.6..9.g.)...]#.a..k....'F...5.....49.C.#.Q.N...!..r.FC(....)a{

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:08:25 00:43:20], baseline, precision 8, 960x540, components 3
Category:	dropped
Size (bytes):	190032
Entropy (8bit):	7.843846414997848
Encrypted:	false
SSDEEP:
MD5:	A7C61170BC53F512870C3CEA3F1B5A4A
SHA1:	8C27DB9553038BD0B90F2B072EFAAB55839C83DD
SHA-256:	723EBF3F9A80658DF56C520D99134E6F00BC943B300F080BA7BC0E85ECC99E38
SHA-512:	865BC3CAE66940EF1E36250A33C8681C383CE723D7E6DFAC312C0F0CAC0BED79624C02228BE61A34178C69A7CCE14023C94A79096B790E6820A0E40587E9D018
Malicious:	false
Reputation:	unknown
Preview:	.....cExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:08:25 00:43:20........................................................................."............(.....................2...........).......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................Z...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..H....N...I;A&..t.$......[.G.F.......u.....?.z.X..R..}.kI.{jR47H......u.5..A...T<.Z..8o.-.A.]..^.nue..`. .B.1..-cK..@...X;(.......H.J...>..i...aQD

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1441x843, components 3
Category:	downloaded
Size (bytes):	92940
Entropy (8bit):	7.712650120085479
Encrypted:	false
SSDEEP:
MD5:	8D0D2E16DA32781227EF1A83A68491A5
SHA1:	0D13045A9C9972E514D2EEDE8E8E2B3FC2A650F1
SHA-256:	617AFDB2A0446393C603539D614D4CBE28EA5AA2DE6F7604D897104E9A3523DA
SHA-512:	718008A16D1F8BA57D7488C9EA40FAF86775DD857983B92B759EBE4DCCFC51FB1444D1135A120D340FF794C2CA87AB2A61BF2024FE17EA07BD9C24B99FE9BA8E
Malicious:	false
Reputation:	unknown
URL:	https://cdn.youcan.shop/stores/dfd827e1800ccb4b1a228eb01a78a06d/others/5K2t4L9zi1AI6iejfKRfjLBHrEQEhKMcwXvQIUvu.jpeg
Preview:	......JFIF...................................................%...#... , #&'))..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......K.............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....qFh.y....h....L.c.h...4.n...._..(..xj..].4.....b.@..kN$.m..]).q...(....Q....K.......G..Q..Q...Q..yb.P.-ir..R....-..w.._J\.W.m..R.h..g_.^...^.q.E....7.h.@...T..8?.hq.3"`.<.b.<.TCkr.GzI..'.P..............0/C/J.....`<.E0+.. (N..@f\...& .i..Tw.A....n.../.. ...".X.Z.................P.rt.....f5...t..B..f8Z...C.........@.j.kt......8q.....~.\HgCm.EhIh.....r.SH..NjJ$D.2.....e\|f.E..

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 640x366, components 3
Category:	downloaded
Size (bytes):	37607
Entropy (8bit):	7.977069739151515
Encrypted:	false
SSDEEP:
MD5:	1A4A52F8FC2E45D9EBFDE89CF46B3DF2
SHA1:	AC8BDFBD983AE303D50D2FA27D84FD29DBD89B69
SHA-256:	23E3B781CAEDB9ABC74194B841EEBC7E9987231C834C9F60035F4270DD6BFC73
SHA-512:	0C11F2263C99B6DD954828FF51A0A5BB04F518B52ADC0879ED7A1AD24ED1D47D80E1F8A0A4DCBE1BFF3C1E81C92F78B2C9B07E6C7FBA3D324111CCA3931CB38F
Malicious:	false
Reputation:	unknown
URL:	https://cdn.youcan.shop/stores/dfd827e1800ccb4b1a228eb01a78a06d/others/JRjjB9TKaWjiRHWJ9YLCugXXUiW0lKokjyYnMAvZ.jpeg
Preview:	......Exif..II*.................Ducky.............+http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)" xmpMM:InstanceID="xmp.iid:03E6C1C8798D11E9AD95CA3F44B20F73" xmpMM:DocumentID="xmp.did:03E6C1C9798D11E9AD95CA3F44B20F73"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:03E6C1C6798D11E9AD95CA3F44B20F73" stRef:documentID="xmp.did:03E6C1C7798D11E9AD95CA3F44B20F73"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...!Adobe.d..................?...............................................#%'%#.//33//@@@@@@@@@@@@@@@......................&.....&0#....#

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 940x459, components 3
Category:	dropped
Size (bytes):	77650
Entropy (8bit):	7.832757286633287
Encrypted:	false
SSDEEP:
MD5:	5DB83CE9ABF22A9B946D9B5FBD59EEBD
SHA1:	0147C36A4BD105ECDD666BB0C8AD7594331EF4E6
SHA-256:	3D2D2305C4936217CADF9C157C6F055045DED61DBEA66B28B968634C1B20065C
SHA-512:	9AA2C9717675A276159B0A7ACD0C6C0E0B9A03CA109CE034D3B490D10A0CEBCBD6D439571A1995548B302788490DA83172E98AB1E535D3FD41760655B583F586
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II*.................Ducky.......<.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmpMM:InstanceID="xmp.iid:E399BC7B241611EB9589F4AE15F065D0" xmpMM:DocumentID="xmp.did:E399BC7C241611EB9589F4AE15F065D0"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E399BC79241611EB9589F4AE15F065D0" stRef:documentID="xmp.did:E399BC7A241611EB9589F4AE15F065D0"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 940x457, components 3
Category:	dropped
Size (bytes):	36346
Entropy (8bit):	7.6065674305636986
Encrypted:	false
SSDEEP:
MD5:	43C991923BBB46755A49EB91A35D147F
SHA1:	D25A5D68345C28FE884B993EF616CD66E4C78B59
SHA-256:	6D5728557A463AB46BE1ABBCBC5DC111B8FB611B5641F0DC857BCF5B44929D3A
SHA-512:	1F24AE2ADAC8C06B0AC1091002915FA4D80A1CF0B62CEDD344CBC3207AC504C812D2160FEDBD7D22B303AE2B19D40B6DFD339BE16386D80FD2A57A4E1D86E0FF
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II*.................Ducky.......<.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmpMM:InstanceID="xmp.iid:046D4F04241711EBAF7FC0F3B7DAB6F4" xmpMM:DocumentID="xmp.did:046D4F05241711EBAF7FC0F3B7DAB6F4"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:046D4F02241711EBAF7FC0F3B7DAB6F4" stRef:documentID="xmp.did:046D4F03241711EBAF7FC0F3B7DAB6F4"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=400, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=730], baseline, precision 8, 730x469, components 3
Category:	dropped
Size (bytes):	203164
Entropy (8bit):	7.921028720367177
Encrypted:	false
SSDEEP:
MD5:	7C113D505FD6189F29D90C214E36E0FA
SHA1:	3198DBBCA8C28627FF6AF8C0DEAAF693AF4002F7
SHA-256:	B3478A42628708DEE8CBB8D6E4CE99F62EE7C35AA92E232955F3D8F4C6C8B9A1
SHA-512:	AAF7801B70608BF74EF3AB8606E40E37DD83E187CEF415EEED3CBBB1FFB3E9109F93A31597EA6116D1F44EE6DFF0A79A61B7501819171237F1191E73BC7D5C2F
Malicious:	false
Reputation:	unknown
Preview:	.....mExif..MM.*.......................................................................................................(...........1.....!.....2..........i.............$.........`..'....`..'.Adobe Photoshop 23.1 (Macintosh).2022:03:29 12:29:17..............0231..................................................................r...........z.(.........................................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................g...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?...)..`-...[.z./M.}....X.~.k..os7}..[g@I..K.7.n\.....c.....F.....7........p?

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 709x368, components 3
Category:	dropped
Size (bytes):	25845
Entropy (8bit):	7.85099275131563
Encrypted:	false
SSDEEP:
MD5:	B2EB1B351CD0635114B4655E0EC7B837
SHA1:	396EAB2637D05C4802A11EA03C1C4EADD0A0CE11
SHA-256:	C176C58F6CA140D6EF64A9C49EE8769D9EA7A84F45958B2C046758FDDA1983F0
SHA-512:	D399811731BC437E5D454339E9EEDF4A0F55E8F922C8F161C318BDD90D9BCB675A2ECFE7DDA2CF7D7775EDF6C163EC0FC45AA3D181E62D8188E58CC52A509762
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II*.................Ducky.......<......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:5E0B2F37F1F411ED80BCF0432335B11F" xmpMM:InstanceID="xmp.iid:5E0B2F36F1F411ED80BCF0432335B11F" xmp:CreatorTool="Adobe Photoshop CS6 Windows"> <xmpMM:DerivedFrom stRef:instanceID="2A82359A4D95B6E7C0CFA63A27DAE410" stRef:documentID="2A82359A4D95B6E7C0CFA63A27DAE410"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.................................................................................................................................................p.

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (452)
Category:	dropped
Size (bytes):	562
Entropy (8bit):	5.031292311037183
Encrypted:	false
SSDEEP:
MD5:	B8EDD443DB133B078DFB36F654A0785B
SHA1:	75256F10B3F498AD07D495A6DE8982341850D4C1
SHA-256:	1435D064C8878135C3071A2D5AF23CEBF13D905BD322B26F0306C9644115DA8D
SHA-512:	745E0CC7AB67E6E27E46D129967F63BCCCE677611F7335C1BE3E9100D68196F6EFEC3196C0031DCF3E62D4F36CBFCC7A7DB3E7FEE0B5B40D250A51DD5AAEF298
Malicious:	false
Reputation:	unknown
Preview:	try {._WidgetManager._HandleControllerResult('Profile1', 'initial',{'title': 'Qui \xeates-vous ?', 'team': false, 'showlocation': false, 'occupation': '', 'showoccupation': false, 'aboutme': '', 'showaboutme': true, 'displayname': 'guer', 'profileLogo': '//www.blogger.com/img/logo-16.png', 'hasgoogleprofile': false, 'userUrl': 'https://www.blogger.com/profile/16608853984580722471', 'viewProfileMsg': 'Afficher mon profil complet', 'isDisplayable': true});.} catch (e) {. if (typeof log != 'undefined') {. log('HandleControllerResult failed: ' + e);. }.}.

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2023:07:05 19:03:00], progressive, precision 8, 750x444, components 3
Category:	dropped
Size (bytes):	94668
Entropy (8bit):	7.912794617821047
Encrypted:	false
SSDEEP:
MD5:	BB82BBB1D3BD9317A7A8A00DCAB5A64C
SHA1:	70BA8C2B6D54454A323FFACB97752B5EEF167A28
SHA-256:	413752596DB82EA3DC150C574FB5E66FE2F8D75957A3692024E6A4C18A0A40A1
SHA-512:	F2F673078FCC159336233CFE1B3E75023367DD5B1FF87A90961853D031CAD22828E284795244EFCD22C19E6789FCE0D5C0415A9A049B029E6B4F1EC4CC972B0E
Malicious:	false
Reputation:	unknown
Preview:	.....IExif..MM..............................b...........j.(...........1....."...r.2...........i....................'.......'.Adobe Photoshop CC 2019 (Windows).2023:07:05 19:03:00....................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d................................................................................................................................................._...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?.(m.p..4.L8v.6.U.cX.SI..pk..DK..>....^.....Vd...i.jx..m.N..WU..}['H.....\R.?U...3E........C}y.s.{d...k..S.{.K..z}l;.Mf.~..p....v...Y9.G3..n6WX.&.

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 940x520, components 3
Category:	dropped
Size (bytes):	39622
Entropy (8bit):	7.740567720961054
Encrypted:	false
SSDEEP:
MD5:	64775FBD9F4A2541FE5D496C22EAE971
SHA1:	2B640CD157E534BFDBE8D6B209B1367F61DEACA0
SHA-256:	67F42E6D6C7A3ED30113825C725985BAA7C440106395D449A4EFF4A6CE20E2AF
SHA-512:	BA57BDFB210BF65C03FBAD558767765BDB48C0FAC3E0E0CA15773A191AF6D3AF05F4BAC8A491D9AAFBE0E19D6422D0BBA4E73D877913B1DA727EE370677F3468
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II*.................Ducky.......<.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmpMM:InstanceID="xmp.iid:F3FFBC6F241611EB832684981C12E116" xmpMM:DocumentID="xmp.did:F3FFBC70241611EB832684981C12E116"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F3FFBC6D241611EB832684981C12E116" stRef:documentID="xmp.did:F3FFBC6E241611EB832684981C12E116"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=298, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=438], baseline, precision 8, 438x304, components 3
Category:	dropped
Size (bytes):	91663
Entropy (8bit):	7.8857044406780465
Encrypted:	false
SSDEEP:
MD5:	EEA2881ED8F97FE333A6846F1737EADA
SHA1:	F55CC44C009742DC251F4F79975C30786141B32E
SHA-256:	46C084D52D17F3C1B2CD5A85B2685BBAC4FE1C9A41944BC3F890D5AA30E7B250
SHA-512:	28114C29F6B397C00B0025347D6CA142784044A66BCB5297EDFE2A440861A436BCB90B222BCABCDD6A50939FA9601E6CBAD2EA4605EC6FD23EAEE8FDD19813A9
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.......................................................................................................(...........1.....!.....2.......................i.............0............'.......'.Adobe Photoshop 23.1 (Macintosh).2022:03:29 12:31:49..............0231...................................0...............................~.............(.........................................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................o...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?.\|;..z>S.."..M.V-....2.n.......Ya....f.....s...G....._.:Z.F

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	14
Entropy (8bit):	3.3787834934861767
Encrypted:	false
SSDEEP:
MD5:	C5836916A782EB4C7A6D0914A4A8EE21
SHA1:	CF0091E1FFFAA7779DFD2606B20A260D96AD3E7D
SHA-256:	5099D27284C2257D2983450585CBD4BEDE6475519755508047E213D985CBC7C9
SHA-512:	3997CDC847C57FEA65EE1A07C53914D5280158BDCECE522B2F28E23E45591CF5BAEB6607B2316548AEA639827A79F375E1BBC74138EBAA2B3D89EB3429F45B05
Malicious:	false
Reputation:	unknown
URL:	https://topicalpage.world/fim/3670/e5127ed9b2c5db6ec6ba179a039b2bb5.svg
Preview:	404 Not Found.

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1942)
Category:	downloaded
Size (bytes):	142995
Entropy (8bit):	5.542653106720442
Encrypted:	false
SSDEEP:
MD5:	E97B35564FF97607C5319E819C6C6DC9
SHA1:	B1C3C84918DCFEB4E89A1238DA71D0D570838236
SHA-256:	52E181A079D431AD90BEF6FAF248E5BDDDBF301AD6FC84353413E74EE7263E4F
SHA-512:	E69040AA1E9798FA577C17ED8E9786C7CBB721DDD1363B2FA7DE5CB459D722B1DEE4AA50F5F3540522DCFFA82C13E4760A8DC0F8BAAC6C1EA6AF119F6D947301
Malicious:	false
Reputation:	unknown
URL:	https://www.blogger.com/static/v1/widgets/3642221003-widgets.js
Preview:	(function(){/.. SPDX-License-Identifier: Apache-2.0././.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var aa="&action=",ba=".wikipedia.org",ca="SCRIPT",da="SPAN",ea="SW_READER_LIST_",fa="SW_READER_LIST_CLOSED_",ha="Share this post",ia="Symbol.iterator",ja="about:invalid#zClosurez",ka="about:invalid#zSoyz",la="block",ma="click",na="collapsed",oa="collapsible",pa="comment-editor",qa="commentId",ra="complete",sa="contact-form-email",ta="contact-form-email-message",ua="contact-form-error-message",va="contact-form-error-message-with-border",wa="contact-form-name",xa="contact-form-submit",ya="contact-form-success-message",.za="contact-form-success-message-with-border",Aa="data-height",Ba="displayModeFull",Ca="displayModeLayout",Da="displayModeNone",l="div",Ea="dropdown-toggle",Fa="error",Ga="expanded",m="function",Ha="hidden",Ia="https:",Ja="layout-widget-description",Ka="layout-widget-title",La="max-height: 0;",Ma="nonce",p="none",q="number",r="object",

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (35959)
Category:	downloaded
Size (bytes):	35960
Entropy (8bit):	5.154449164812877
Encrypted:	false
SSDEEP:
MD5:	1E32420A7B6DDBDCB7DEF8B3141C4D1E
SHA1:	A1BE54D42FF1F95244C9653539F90318F5BC0580
SHA-256:	A9CA837900B6AE007386D400F659C233120B8AF7D93407FD6475C9180D9E83D2
SHA-512:	1357D702A78FFA97F5ABA313BCD1F94D7D80FB6DD15D293FF36ACC4FB063FFDAD6D9F7E8D911B1BBE696C7AD1CDE4C3D52FB2DB2A0FCF6FF8EF154824E013C6D
Malicious:	false
Reputation:	unknown
URL:	https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Preview:	html{height:100%}body{min-height:100%;_height:100%;position:relative}.content{position:relative;word-wrap:break-word}.content-outer,.region-inner{min-height:0;margin:0 auto}.columns{zoom:1}.loading .columns{overflow:hidden}.columns-inner{_height:1%;min-height:0}.column-center-outer,.column-left-outer,.column-right-outer{position:relative;float:left;_display:inline;_overflow:hidden}.column-center-outer{width:100%}.column-left-outer{margin-left:-100%}.fauxcolumns{position:relative;_height:1%}.fauxcolumn-outer{position:absolute;top:0;bottom:0;height:expression(this.parentNode.offsetHeight + 'px');overflow:hidden}.fauxcolumn-outer .fauxborder-left,.fauxcolumn-outer .fauxborder-right,.fauxcolumn-inner{height:100%}.fauxcolumn-left-outer{left:0}.fauxcolumn-right-outer{right:0}.cap-top,.cap-bottom{position:relative;height:0;background-repeat:repeat-x}.cap-top .cap-left,.cap-top .cap-right,.cap-bottom .cap-left,.cap-bottom .cap-right{height:100%;background-repeat:no-repeat}.cap-top,.cap-top .ca

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	299
Entropy (8bit):	5.09741313710795
Encrypted:	false
SSDEEP:
MD5:	D55B3AE27A664107093DD3CD2B59BAF3
SHA1:	32667B2277F72CD1975CD131F3A99C637F2B2C3A
SHA-256:	70F4C73BBF75CB28BE1700420CBD0459A85A06182BEF881A1AA424C07189DDF2
SHA-512:	BAF858EC50471EFCC8B7B7E014A0CB9C256A962FC1B9E6ACB3F4C9EF22982F5753FF5C616BADB15136CE0FE0FF1D9FEE133DF473EE7C1DE7FA10BAE6C3A30E40
Malicious:	false
Reputation:	unknown
Preview:	try {._WidgetManager._HandleControllerResult('Attribution1', 'initial',{'attribution': 'Fourni par \x3ca href\x3d\x27https://www.blogger.com\x27 target\x3d\x27_blank\x27\x3eBlogger\x3c/a\x3e.'});.} catch (e) {. if (typeof log != 'undefined') {. log('HandleControllerResult failed: ' + e);. }.}.

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (930)
Category:	downloaded
Size (bytes):	10986
Entropy (8bit):	5.394692413050626
Encrypted:	false
SSDEEP:
MD5:	05C4F87E141CBF9F3594CB5D896FE92E
SHA1:	6F11B38345F0289999E9640BEC8F0DAB58F10D28
SHA-256:	256FE29B735E52736883E3CB551C8792E8EED4E6934136B3F761301623D9625C
SHA-512:	80AA8BAF4C52CC856A3A6F53A0387D630963C6E6CC0ACB3EEFE9C20D3173DC185F56142467CC7C62BA18695BF43AC363AD68C326D6C0EBBBD3C5BC464907EA04
Malicious:	false
Reputation:	unknown
URL:	https://www.blogblog.com/dynamicviews/e21e17d1a8945230/js/languages/lang__fr.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var a=a\|\|{};a.global=this\|\|self;a.J=function(b,c,d,e){b=b.split(".");e=e\|\|a.global;b[0]in e\|\|"undefined"==typeof e.execScript\|\|e.execScript("var "+b[0]);for(var f;b.length&&(f=b.shift());)if(b.length\|\|void 0===c)e=e[f]&&e[f]!==Object.prototype[f]?e[f]:e[f]={};else if(!d&&a.C(c)&&a.C(e[f]))for(var g in c)c.hasOwnProperty(g)&&(e[f][g]=c[g]);else e[f]=c};a.define=function(b,c){return b=c};a.va=2012;a.m=!0;a.za="fr";a.Aa=!0;a.S=!a.m;a.ta=!1;.a.fb=function(b,c){var d=a.ga(a.T);b=d&&d[b];return null!=b?b:c};a.T="CLOSURE_FLAGS";a.wa=!0;a.gb=function(b){var c="object"===typeof CLOSURE_TOGGLE_ORDINALS?CLOSURE_TOGGLE_ORDINALS:void 0;b=c&&c[b];return"number"!==typeof b?!!b:!!(a.X[Math.floor(b/30)]&1<<b%30)};a.Y="_F_toggles";a.X=a.global[a.Y]\|\|[];a.s=a.global;a.eb=function(b){if(a.M())throw Error("goog.provide cannot be used within a module.");a.H(b)};a.H=function(b,c,d){a.J(b,c,d,a.s)};a.U=/^[\w+/_-]+[

Chrome Cache Entry: 77

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (59959), with no line terminators
Category:	downloaded
Size (bytes):	60001
Entropy (8bit):	5.073978566838264
Encrypted:	false
SSDEEP:
MD5:	CCA11C2AC3503CC89D2E071F5BA8B4E2
SHA1:	100D843DB4D4CD4D0E1A43AD248E92B82F1D3E68
SHA-256:	7DCF2C1D5C67AEF3BCC7061E358D5109A1AFDE4C4A020D8184F9C761E707B21D
SHA-512:	2B4A200FB8BFED3083556F064B3DF361888ED788A5EEAAC461B3B7DCFE3C766C8195194068A6A1985EEB75B01D6867270BD422D22F743300A6B6A8034EF8549D
Malicious:	false
Reputation:	unknown
URL:	https://firebasestorage.googleapis.com/v0/b/elon-c52f7.appspot.com/o/elonwatt.html?alt=media
Preview:	<header style="-webkit-font-smoothing: antialiased; margin: 0px; padding: 0px; border-width: 0px 0px 4px; border-top-style: initial; border-right-style: initial; border-bottom-style: solid; border-left-style: initial; border-top-color: initial; border-right-color: initial; border-bottom-color: rgb(200, 0, 20); border-left-color: initial; border-image: initial; vertical-align: baseline; display: block; width: 1263.33px; color: rgb(0, 0, 0); font-family: roboto, sans-serif; font-size: medium; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: normal; text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;"><div style="-webkit-font-smoothing: antialiased; margin: 0px; padding: 0px; border: 0px; vertical-align: baseline;"><div style="

Chrome Cache Entry: 79

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=323, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=552], baseline, precision 8, 552x323, components 3
Category:	downloaded
Size (bytes):	88567
Entropy (8bit):	7.849776107174881
Encrypted:	false
SSDEEP:
MD5:	5B3A937F82935B6E7589123F1088623E
SHA1:	4CE8451A782F89915C6550BB2641F6D0FF9C03FB
SHA-256:	54B6F0838DCFF6B1FFD12A87D04F971222EEE4EB1A4AEA634B815B9728ED3D03
SHA-512:	43B684B4B6119B7D63EC1C0E3AFD98534AB787C25F9EA1C700D611DD5381A6AC426C05965F8A0F52330B8ACA05FB9DA57CCA4EAA4F5E7620C4D1B46CF35DB091
Malicious:	false
Reputation:	unknown
URL:	https://cdn.youcan.shop/stores/dfd827e1800ccb4b1a228eb01a78a06d/others/bub53KYTuQ5tyNyd3XUc06hK0pxKv6lQD04wXbax.jpeg
Preview:	......Exif..MM.*...............(...........C...........................................................................(...........1.....!.....2.......................i.............0............'.......'.Adobe Photoshop 23.1 (Macintosh).2022:03:29 12:26:52..............0231.......................(...........C...............................~.............(.................................g.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................^...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?.4.).P2...b..x...c...:g.<[Y.....:....T..im...A-.....;....o...

Chrome Cache Entry: 80

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 940x459, components 3
Category:	downloaded
Size (bytes):	86326
Entropy (8bit):	7.8363164756246535
Encrypted:	false
SSDEEP:
MD5:	FCC8481FB3D361B67F135F3E25540D6A
SHA1:	B1EC26D867E4F730D4C495BAF5625323DE7107BF
SHA-256:	A2326F2ADE558A0C7B6C8AA9FC2E0CF2F36D7C1345A1A49DEA6CDCBD31159C80
SHA-512:	ABA6F65FD6ABEEE7A3192CD81BA1F9C0214DE66A31486E4E0F7ADD2F6034486E0FB38F11D69B1585BAF41F27C17F20E909D32E1FF45795951D19676AB7A68C2A
Malicious:	false
Reputation:	unknown
URL:	https://cdn.youcan.shop/stores/dfd827e1800ccb4b1a228eb01a78a06d/others/GIZ1hTNYomL3zrzK1B6pKnGUpXvomGMmtQNpc2Ux.jpeg
Preview:	......Exif..II*.................Ducky.......<.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmpMM:InstanceID="xmp.iid:E399BC7B241611EB9589F4AE15F065D0" xmpMM:DocumentID="xmp.did:E399BC7C241611EB9589F4AE15F065D0"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E399BC79241611EB9589F4AE15F065D0" stRef:documentID="xmp.did:E399BC7A241611EB9589F4AE15F065D0"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

Chrome Cache Entry: 83

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	downloaded
Size (bytes):	1572
Entropy (8bit):	5.2647442020070505
Encrypted:	false
SSDEEP:
MD5:	13FEC0C2FBF5C47C4608CE0C9405E5A7
SHA1:	DAFB6CA27CFD22E88A2D53150C4350FCA3D32A21
SHA-256:	7F25FD0260C4EF8C26A87A5A126634E846BA539C75E5D508103F4D98831654A5
SHA-512:	7B9C5B92CDB7C3CEA0B6B862EBE67F75D92C1F1A8D5AAFE771CA50A724E4AF7F3C1CA280CBC53BF3EA3FB6344C41D1BA06BC032FC9B408C3B30BD301239CD001
Malicious:	false
Reputation:	unknown
URL:	https://firebasestorage.googleapis.com/favicon.ico
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 404 (Not Found)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:
MD5:	FC10C2818B864FCC38006936127A647C
SHA1:	8DFA775095871ACE8C1DFCF13355D2065357C2F6
SHA-256:	B561DE696009B98E613484A1A0BA09326B1C90DA362766D0B954CECCC899F16F
SHA-512:	2D03E67202EB4E789E04133B8FBAEB3A851005003CEFB67EF41614E6E5982DB0EA37AAF37F8A0A0ACA3CFC9F2AD8CED95FDF78CF7F41D664D22B2A870B1F42A2
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkMytwI26wuIBIFDWdns_4=?alt=proto
Preview:	CgkKBw1nZ7P+GgA=

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (5537)
Category:	downloaded
Size (bytes):	17592
Entropy (8bit):	5.450058600560418
Encrypted:	false
SSDEEP:
MD5:	114B2B5D164783AB21D8FEB1EBF07405
SHA1:	AED7376A0F2FA8D8BA11090ED4F1EEFA8CC7FF59
SHA-256:	2C1424663434B17918673950772B8F363332BB4F49DC01A88CDEEF884F9374BE
SHA-512:	D1127CE6C3FFF6F1D881E3871A59EBF7345943BB31509FCCD17ED584948C599C322F282A1DE8A0D3706076E97BBF14286B0E07D882B947C61B51169C479AD1CA
Malicious:	false
Reputation:	unknown
URL:	https://consumlesselectric.blogspot.com/
Preview:	<!DOCTYPE html>.<html class='v2' dir='ltr' lang='fr' xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/gml/b' xmlns:data='http://www.google.com/2005/gml/data' xmlns:expr='http://www.google.com/2005/gml/expr'>.<head>.<link href='https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css' rel='stylesheet' type='text/css'/>.<meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/>.<meta content='blogger' name='generator'/>.<link href='https://consumlesselectric.blogspot.com/favicon.ico' rel='icon' type='image/x-icon'/>.<link href='https://consumlesselectric.blogspot.com/' rel='canonical'/>.<link rel="alternate" type="application/atom+xml" title="consumlesselectric - Atom" href="https://consumlesselectric.blogspot.com/feeds/posts/default" />.<link rel="alternate" type="application/rss+xml" title="consumlesselectric - RSS" href="https://consumlesselectric.blogspot.com/feeds/posts/default?alt=rss" />.<link rel="service.post" type="application/ato

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1518
Entropy (8bit):	5.078196186098537
Encrypted:	false
SSDEEP:
MD5:	9573A0F465136E3809EDFCA52D30876F
SHA1:	1CB751F43459C45F9EE4B9E0C4583D587F9BAE07
SHA-256:	F9706064345D6357D6AA5F70368AC794249B99971A286E26D1A3FF4577411232
SHA-512:	8FD1C83EE5C272BA40948D950F58D8A26A2A82119D12300C1069AAE9A9CED286173D35504CE7BEEF2DFBFD354ED513CB291D79237C443A9E20B5778CCA5CCE03
Malicious:	false
Reputation:	unknown
Preview:	{"version":"1.0","encoding":"UTF-8","feed":{"xmlns":"http://www.w3.org/2005/Atom","xmlns$openSearch":"http://a9.com/-/spec/opensearch/1.1/","xmlns$blogger":"http://schemas.google.com/blogger/2008","xmlns$georss":"http://www.georss.org/georss","xmlns$gd":"http://schemas.google.com/g/2005","xmlns$thr":"http://purl.org/syndication/thread/1.0","gd$etag":"W/\"D0UAQXoyeCp7ImA9XhdVFko.\"","id":{"$t":"tag:blogger.com,1999:blog-2522934009070233515"},"updated":{"$t":"2024-05-25T15:14:00.490-07:00"},"title":{"$t":"consumlesselectric"},"subtitle":{"type":"html","$t":""},"link":[{"rel":"http://schemas.google.com/g/2005#feed","type":"application/atom+xml","href":"https:\/\/consumlesselectric.blogspot.com\/feeds\/posts\/default"},{"rel":"self","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/2522934009070233515\/posts\/default?alt=json\u0026orderby=published\u0026v=2"},{"rel":"alternate","type":"text/html","href":"https:\/\/consumlesselectric.blogspot.com\/"},{"rel":"hub","href

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
Category:	dropped
Size (bytes):	3638
Entropy (8bit):	1.2843393639542857
Encrypted:	false
SSDEEP:
MD5:	59A0C7B6E4848CCDABCEA0636EFDA02B
SHA1:	30EF5C54B8BBC3487EA2B4C45CD11EA2932E4340
SHA-256:	A1495DA3CF3DB37BF105A12658636FF628FEE7B73975B9200049AF7747E60B1F
SHA-512:	BCFEBB2CA5AF53031C636D5485125A1405CA8414D0BC8A5D34DD3B3FEB4C7425BE02CF4848867D91CF6D021D08630294F47BDC69D6CD04A1051972735B0F04D4
Malicious:	false
Reputation:	unknown
Preview:	...... ..........&...........h.......(... ...@................................f..........Z..........."z.......r..........r.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	309
Entropy (8bit):	4.897662641473813
Encrypted:	false
SSDEEP:
MD5:	F44EF467AAECC5D459302C9F4BFF36B8
SHA1:	A8D9686B41046DDEDFA7D010D723CD8EA9EC47C2
SHA-256:	7BC17DF2B2E0368D3E2670D76C48B90EAC59A518C95916B8CCE7D46B5F283125
SHA-512:	E47DC317F8221DB910C32FD6C2F16BA0E148A2AF648DC09CF3893BA0961C107B43D65CED31C7A48C810A9F1DF3F21847DA1E93B0A2C55B0D6C5BA696BBE58E69
Malicious:	false
Reputation:	unknown
Preview:	try {._WidgetManager._HandleControllerResult('PopularPosts1', 'initial',{'title': '', 'showSnippets': true, 'showThumbnails': true, 'thumbnailSize': 72, 'showAuthor': true, 'showDate': true, 'posts': []});.} catch (e) {. if (typeof log != 'undefined') {. log('HandleControllerResult failed: ' + e);. }.}.

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	122124
Entropy (8bit):	5.6795267599687005
Encrypted:	false
SSDEEP:
MD5:	DE8E1DB100334D1BEE98F18807045DB2
SHA1:	5F4F858EF92595C5BDBCB36E11CF086682ED1533
SHA-256:	BDDD0A4F03C243E9F5F19714EBC06B26B6625E94509D7384DD556A90816DE52D
SHA-512:	8FA40268108B26104E2ED2F9CA1D9D21E2424285E5905B15415175186948C778B8C75F44CA6CB3EC5428A361450480DD290D9A1EB5B2555B27ACF3E2FB667173
Malicious:	false
Reputation:	unknown
URL:	https://www.blogblog.com/dynamicviews/e21e17d1a8945230/js/flipcard.js
Preview:	(function(){blogger.compileTemplate('\x3c!-- Expected scope: Any. Attributes {format, type} --\x3e\n{template:Adsense}\n{block:HasAdsense}\n<div class=\'adsense\' data-host=\'{AdsenseHost}\' data-client=\'{AdsenseClient}\'\n data-format=\'{format}\' data-type=\'{type}\'></div>\n{/block:HasAdsense}\n{/template:Adsense}\n\x3c!-- Attributes {class, top, bottom, title} --\x3e\n{template:Ribbon}\n{block:Ifurl}\n<a class="ribbon {class} {block:small}small{/block:small}" title="{title}" href="{url}" itemprop="url">\n{/block:Ifurl}\n{block:IfNoturl}\n<abbr class="ribbon {class} {block:small}small{/block:small}" title="{title}">\n{/block:IfNoturl}\n <div class="top ribbon-piece">{top}</div>\n <div class="bottom ribbon-piece">{bottom}</div>\n <div class="tail">\n <div class="left ribbon-piece"></div>\n <div class="right ribbon-piece"></div>\n </div>\n{block:Ifurl}\n</a>\n{/block:Ifurl}\n{block:IfNoturl}\n</abbr>\n{/block:IfNoturl}\n{/template:Ribbon}\n\n\x3c!-- Attributes {class, e

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3000x2104, components 3
Category:	dropped
Size (bytes):	395305
Entropy (8bit):	7.971434291670264
Encrypted:	false
SSDEEP:
MD5:	59A06BCA6E05ECBF01E35D8FDC5D28D2
SHA1:	F1C7BB0EC63CC58F1F0079249B7F77A5328B4858
SHA-256:	63A2A521FAA91600722365EDA2C180557BC2762DE9BE62E220EB51D36A7F15C1
SHA-512:	BCFE05C288AC62C31A4F0B3B3AEECD90F6FC4BFA3ACD08D83B4708887F01DB77AEE724A9DEE57D7E33109D971EF2C4588002D912075D1573868B2FBE715B3338
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.............................................!..!..)1(%(1)I9339ITGCGTf[[f.z...................................!..!..)1(%(1)I9339ITGCGTf[[f.z..........8...."...................................................s.-.6.9E....S..... ....I7)._O.Q.<.m.....(DlI9Nr....s!.+..[njl...N.B.W....H...;4.bD....@...!)W.B..VW......Rv;'.vK..r].p]...\.;...,r............7I".l.A.Jh.8J.R....L.a.M{....&..._.;6...r\|. .h..<0....&.=[6.&.............h.c..=/AG..Zm..NO?2q.@m!.s..3]bQ....U.D.d..c.DhLs.8....;.M..s..........n".Nqd....9.w..\a...;k6.94NR...R.]...e..r.0.M....,UFW7)...#2N1sd\...5..4B>S....h.}...*..pY'2].Eh.v....d......m...d.;5k.\|.....i..M. !....;5.......}.......$...s..M..@)p,...JQd...D......e.`7e...V.......HNss...W-.I.c.].F..z.L...?Wr..B......JQr...Th..^. .Q.nr.u91.@r.2ee.0v......~~...."r....Cg_.h.........`..V2wN@L..M.f..R..@..QME. .. L.7;t...~}..u.Y(SHf.ss.......%5M.F(..D..Ev...4.....q..wi...[l...^\tDr..I........JRa..%........Gs..>.u.a..(......LW.>...

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2077x1167, components 3
Category:	dropped
Size (bytes):	160464
Entropy (8bit):	7.966178194651841
Encrypted:	false
SSDEEP:
MD5:	D0D1202714D51E948EF04B736CBFB5B9
SHA1:	B635A20278ECC4FA3FD904106F886A3510DEA47E
SHA-256:	10AF5364F5BAB002E6586D8066BD5FC5531E36C9F817928EB7B10DB58136665F
SHA-512:	399F2DCBD249A9D3C1364FF936E9752402FC21C9BA283D6E6F375FA4F3BDD64240836558B6F5ADAEA27E448A9CF1AF62EF93DE2FB2065BD5879E2840D2B6BE52
Malicious:	false
Reputation:	unknown
Preview:	......JFIF..........................................................) .. )/'%'/9339GDG]]}............................................) .. )/'%'/9339GDG]]}..........."...........................................................k.b}..i..kSn.\i.............$.L.I..X...1.1k.c&...]..m...g2..;.).l.<..9q.<.;..R.U......]...V.g;6.l..Z.q...........u...4.I$..-.r.7.=..".=..y7OaO.C..KY.m..1i.5.V..3b^.V...s.5o.\|fCIo>.'.5..f-u....7.g+...;T..:.]X...\|....\|.w..............b...X.I..{.....:G.\|.qK.,.8.....rk......qk.Q.....[....^..E...n.w.-c.i6..w#.0.p..3._.h.....A....&..s...].}..iv.i..............>..6'.I.i..v5...<.M6..#......lE[..a.X..H..]..Y......j..G..v.y6.,cMq6...k..}.\....'..>....7)s.o...c.=.....,.o.ssO;.@............j...4.I$.o.u.H..3.\|mc.1....c..q.. cH#...&.......}.6A..W.O%.../S.-..}u..o..7..?....?.......C..}..3..]#..M5...Ys&s..r.........../.-X.bi...]..&v.l.1k...X..g8....8".G.......I.o.....(..T.q.<4y.o...m.4.m..g...{?......v9....Z.}..l6.....Y.ji..y6.<.....

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (2028)
Category:	downloaded
Size (bytes):	399248
Entropy (8bit):	5.610142581215378
Encrypted:	false
SSDEEP:
MD5:	F7C41BB3B904CBCC49BA53232535E983
SHA1:	DC873D1F036DA0B53B011A5046A23D258B5A5BD2
SHA-256:	266C8725E6911FF0E2F23572D0EBF1E30C7594E49EA8BED00AF914C924FC086A
SHA-512:	E3C1A0DE4E34E36BD6F5A8282DC59C6DE32FC9001B127535024A493ED252923A82D18ABEB5D581D4DAB76BD136D260997807A43CF81A085FC4BB0BD04D324E12
Malicious:	false
Reputation:	unknown
URL:	https://www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js
Preview:	function comments(){var ec='',fc='" for "gwt:onLoadErrorFn"',gc='" for "gwt:onPropertyErrorFn"',hc='"><\/script>',ic='#',jc='&',kc='/',lc='64BDB373F71DCDD39C5F4123A6643CA5',mc=':',nc=':1',oc=':10',pc=':11',qc=':12',rc=':13',sc=':14',tc=':15',uc=':16',vc=':17',wc=':18',xc=':19',yc=':2',zc=':20',Ac=':21',Bc=':22',Cc=':23',Dc=':3',Ec=':4',Fc=':5',Gc=':6',Hc=':7',Ic=':8',Jc=':9',Kc='<script id="',Lc='=',Mc='?',Nc='ActiveXObject',Oc='Bad handler "',Pc='ChromeTab.ChromeFrame',Qc='DOMContentLoaded',Rc='SCRIPT',Sc='Single-script hosted mode not yet implemented. See issue ',Tc='__gwt_marker_comments',Uc='android',Vc='base',Wc='chromeframe',Xc='clear.cache.gif',Yc='comments',Zc='content',$c='debug',_c='error',ad='gecko',bd='gecko1_8',cd='gwt.codesvr=',dd='gwt.hosted=',ed='gwt.hybrid',fd='gwt:onLoadErrorFn',gd='gwt:onPropertyErrorFn',hd='gwt:property',id='http://code.google.com/p/google-web-toolkit/issues/detail?id=2079',jd='ie6',kd='ie8',ld='ie9',md='img',nd='iphone',od='ipod',pd='ll',qd='loglev

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://consumlesselectric.blogspot.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 115

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 77

Chrome Cache Entry: 79

Chrome Cache Entry: 80

Chrome Cache Entry: 83

Chrome Cache Entry: 84

Chrome Cache Entry: 86

Chrome Cache Entry: 87

Chrome Cache Entry: 88

Chrome Cache Entry: 89

Chrome Cache Entry: 93

Chrome Cache Entry: 94

Chrome Cache Entry: 95

Windows Analysis Report
https://consumlesselectric.blogspot.com/