Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9

Overview

General Information

Sample URL:	https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9
Analysis ID:	1466888
Infos:

Detection

HTMLPhisher

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Submit button contains javascript call

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 3568 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6728 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2008,i,104075655256908395,2497679829599006770,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_160	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish10

Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_160, type: DROPPED

Source: https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9

HTTP Parser: Number of links: 0

Source: https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9

HTTP Parser: Title: Sharing Link Validation does not match URL

Source: https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9

HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))

Source: https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9

HTTP Parser: No <meta name="author".. found

Source: https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 40.126.31.73:443 -> 192.168.2.18:49694 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.18:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.15.178.234:443 -> 192.168.2.18:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.18:52588 version: TLS 1.2

Source: global traffic	TCP traffic: 192.168.2.18:52586 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52586 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52586 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52586 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52591 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52586 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52591 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52586 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52591 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.18:52586 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.73
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.73
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.73
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.73
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.73
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.73
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.73
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.73
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103

Source: global traffic	DNS traffic detected: DNS query: netorg40617-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49694
Source: unknown	Network traffic detected: HTTP traffic on port 49694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52588
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52590
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723

Source: unknown	HTTPS traffic detected: 40.126.31.73:443 -> 192.168.2.18:49694 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.18:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.15.178.234:443 -> 192.168.2.18:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.18:52588 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@19/17@8/97

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2008,i,104075655256908395,2497679829599006770,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2008,i,104075655256908395,2497679829599006770,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	Windows Management Instrumentation	1 Scripting	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
dual-spo-0005.spo-msedge.net	13.107.136.10	true	false		unknown
www.google.com	142.250.186.100	true	false		unknown
netorg40617-my.sharepoint.com	unknown	unknown	false		unknown
m365cdn.nel.measure.office.net	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.186.67	unknown	United States		15169	GOOGLEUS	false
34.104.35.123	unknown	United States		15169	GOOGLEUS	false
1.1.1.1	unknown	Australia		13335	CLOUDFLARENETUS	false
13.107.136.10	dual-spo-0005.spo-msedge.net	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
74.125.133.84	unknown	United States		15169	GOOGLEUS	false
172.217.16.206	unknown	United States		15169	GOOGLEUS	false
2.22.242.16	unknown	European Union		20940	AKAMAI-ASN1EU	false
142.250.181.227	unknown	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
142.250.185.174	unknown	United States		15169	GOOGLEUS	false
2.16.164.19	unknown	European Union		20940	AKAMAI-ASN1EU	false
142.250.186.100	www.google.com	United States		15169	GOOGLEUS	false
216.58.212.170	unknown	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.18

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1466888
Start date and time:	2024-07-03 14:39:16 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	15
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@19/17@8/97

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.181.227, 74.125.133.84, 142.250.185.174, 34.104.35.123, 2.22.242.16, 2.22.242.171, 2.22.242.4, 2.22.242.202, 2.22.242.153, 216.58.212.170, 142.250.185.138, 142.250.186.138, 142.250.185.202, 142.250.185.106, 142.250.185.234, 142.250.184.202, 142.250.186.74, 142.250.185.170, 172.217.18.106, 142.250.74.202, 142.250.181.234, 172.217.16.138, 172.217.23.106, 216.58.206.42, 142.250.186.42, 2.16.164.19, 2.16.164.121
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, a1894.dscb.akamai.net, 189444-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net, clients2.google.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9

LLM Input / Output

Input

Output

URL: https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9 Model: Perplexity: mixtral-8x7b-instruct

{"loginform": true,"urgency": false,

Title: Sharing Link Validation OCR: OneDrive Microsoft Verify Your Identity You've received a secure link to: EEECorpGroup To open this secure link. we'll need you to enter the email that this item was shared to. knter email O Next By clicking Next you allow Eeeasc to use your email address In accordance with their privacy statement. Eeeasc has not prNided links to their terms for you to review. 2017 Microsoft Privacy & Cookies

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:39:47 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.977738026226833
Encrypted:	false
SSDEEP:
MD5:	351C4EEF960E6C7AB98297EE2A6F63AE
SHA1:	8EF1850BBF3B0774D430A249C5E3D5172E7207A0
SHA-256:	DC4CD11CBE528EC59BE37650FF6D231F9C368187449C0F4155E873FEAC36BB36
SHA-512:	C48F373D28BCD0E48864FC2ECD96DB585ADC9EDB5F860C794FA84CF327FBFD4208CB9769D6348A2480FF377E42C971CB6BC4CC78B812C63109122666BDE91AF0
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,........F.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:39:47 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.990745753868057
Encrypted:	false
SSDEEP:
MD5:	34B7501AEE45970FFA5D2D3D253E449C
SHA1:	EFD5F13C63E06FF7FDC14078E851A399A8AAB281
SHA-256:	72C197D1B4ECB597EA0E6BC02CB70C5567C13C2590C4533C9755EB2CAAEDF145
SHA-512:	B3CC7378BFCDE0CFFED71E81B0018A62F90E0A44A06193D638C6995444750E387FE14B97805F4D67281872E39F778E8B39415C07907619128D1FB83BEF67C478
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,........F.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 09:23:19 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2691
Entropy (8bit):	4.001654652309182
Encrypted:	false
SSDEEP:
MD5:	7E0CDA819F015520745DBE1227F5ADBF
SHA1:	ACE7248C087350E1B65064857151FB822A91F93C
SHA-256:	9DEBB8BEF0131C60E4A2BC916FCAAF2332D6308622118340EA668B483F225891
SHA-512:	02B7D2325280D8ACDFAD0398F5FBF72E2B013872D23096942C36A7CB217F456997A190EF318BDD773F226A09007A10414AA2E44390CF32EB8A23C5310129F320
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....?.4 ?.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.R.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:39:47 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9921239458722058
Encrypted:	false
SSDEEP:
MD5:	1C2140920E57799B780DAE8B9A734CBE
SHA1:	2D0FAD4647E3262146B37D33FF3E190B8C074F42
SHA-256:	03AFE36B7771910E3A63BCD9F6E9BD0ED40A3F49D8B26D623CDB88AF2EFFE6A2
SHA-512:	8684CF221498129B45A624D302FDEA5A57BDB8657FF4EE0766D145FD9EF41396A2F0FDF145E610182CDD66234F1B4922B1CC6E7E7435C7F5F648BDDC82890D98
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....1..F.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:39:47 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9800203634467652
Encrypted:	false
SSDEEP:
MD5:	3C2AD49CA52481EF2D2763C86868AF8B
SHA1:	213E2DF750A5F8FFACD6FA79CD7660108FBC4557
SHA-256:	C3E2415C19BA761AF9CF9D40605812766A1D39A777D96698F3ED8F9A086C3ED2
SHA-512:	26EB4FB8A444B61534740DB01C8707B82D6914ED6D50D7524744705F9128576F0E2FE441495563A9895EB60A5A68A292195D53B28AE0ED511D38014AC551843B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....f..F.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 11:39:47 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.99165726255771
Encrypted:	false
SSDEEP:
MD5:	EEB12BD0CCDC7469F31A6CAEC643288B
SHA1:	98B7019FA3360C517D1B3B34830237A0008C6FE8
SHA-256:	D01E4D38A5AF4612ACB9804607B2FF4FE3A6CC1734C0EB9BD85D290580E0C9D9
SHA-512:	46D6D92DACD04BA4B9D85ACB3B0F14421DDEC5D576B6257EEE0068C4D16EF209F1228DDC06D72075EA9DE56A8351399F204255C0DECB9ECFFD927734E68E6F84
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,........F.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.d....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.d....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.d....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.d...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.d.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............}......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 151

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	downloaded
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	unknown
URL:	https://netorg40617-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 152

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17444)
Category:	downloaded
Size (bytes):	17672
Entropy (8bit):	5.233316811547578
Encrypted:	false
SSDEEP:
MD5:	6EFDDF589864D2E146A55C01C6764A35
SHA1:	EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F
SHA-256:	2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999
SHA-512:	1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A
Malicious:	false
Reputation:	unknown
URL:	https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12008/require.js
Preview:	/** vim: et:ts=4:sw=4:sts=4. * @license RequireJS 2.1.22 Copyright (c) 2010-2015, The Dojo Foundation All Rights Reserved.. * Available via the MIT or new BSD license.. * see: http://github.com/jrburke/requirejs for details. */.var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var r;for(r=0;r<e.length&&(!e[r]\|\|!t(e[r],r,e));r+=1);}}function eachReverse(e,t){if(e){var r;for(r=e.length-1;r>-1&&(!e[r]\|\|!t(e[r],r,e));r-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var r;for(r in e)if(hasProp(e,r)&&t(e[r],r))break}function mixin(e,t,r,i){return t&&eachProp(t,function(t,n){(r\|\|!hasProp(e,n))&&(!i\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[n]=t:(e[n]\|\|(e[n]={}),mixin(e[n],t,r,i)))}),e}function bind(e,t){return function(){return t.apply(e,ar

Chrome Cache Entry: 153

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	23063
Entropy (8bit):	4.7535440881548165
Encrypted:	false
SSDEEP:
MD5:	90EA7274F19755002360945D54C2A0D7
SHA1:	647B5D8BF7D119A2C97895363A07A0C6EB8CD284
SHA-256:	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
SHA-512:	7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
Malicious:	false
Reputation:	unknown
URL:	https://netorg40617-my.sharepoint.com/WebResource.axd?d=bopeFufani_bJQ36Oi3ZRADPfbfezjkZtMoXlk7-gZL9RODs4__VPt--iUApyuVfbHQGfxjpj_lBrjfkzQcTAmAmj6D2prBiz-5XjU1hmWM1&t=638533172441064469
Preview:	function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

Chrome Cache Entry: 154

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.702819531114783
Encrypted:	false
SSDEEP:
MD5:	858372DD32511CB4DD08E48A93B4F175
SHA1:	CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43
SHA-256:	3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359
SHA-512:	6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAkvf7c690HHExIFDfSCVyI=?alt=proto
Preview:	CgkKBw30glciGgA=

Chrome Cache Entry: 155

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39257), with CRLF line terminators
Category:	downloaded
Size (bytes):	40326
Entropy (8bit):	5.245555585297941
Encrypted:	false
SSDEEP:
MD5:	DA9DC1C32E89C02FC1E9EEB7E5AAB91E
SHA1:	3EFB110EFA6068CE6B586A67F87DA5125310BC30
SHA-256:	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
SHA-512:	D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
Malicious:	false
Reputation:	unknown
URL:	https://netorg40617-my.sharepoint.com/ScriptResource.axd?d=A0IF4jB6a-9aPMlC-oeFE01qaz7oHkGF0x_ypwBf2RiOwBRA-vY1k55q2Vo5LBMFxdGc3mssqPOVyVrOJgXBgXWMArYjjXCPnwZQXO30Mzgn3Hbcvv6quaIGxjQjRAWk6p0Y767qIRWSGgPQ_Hg9GGjiSvXvyOLBUngs2y8iP38pvDwYhzgh_qiR50f0Iq9S0&t=74258c30
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

Chrome Cache Entry: 156

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	26951
Entropy (8bit):	4.514992390210281
Encrypted:	false
SSDEEP:
MD5:	B3D7A123BE5203A1A3F0F10233ED373F
SHA1:	F4C61F321D8F79A805B356C6EC94090C0D96215C
SHA-256:	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
SHA-512:	A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
Malicious:	false
Reputation:	unknown
URL:	https://netorg40617-my.sharepoint.com/ScriptResource.axd?d=A6TvuG29O3BCONPbWVqc4d9juLpJtoJZcxSRUIeyYeiScyN_y-8yw3jgbfVCM-_9PpHlsXp_NQ_2Q2Yp_MWPlLqLhaAobFAN-5jq9ziS4yjDvoc60xtrNXJyLnlnTyt4gdyWIEfGruOQxnFN2FrYLcl-le3eZw7s6I87_XPtwtM1&t=ffffffffa8ad04d3
Preview:	var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

Chrome Cache Entry: 157

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37521)
Category:	downloaded
Size (bytes):	40512
Entropy (8bit):	5.386921349191213
Encrypted:	false
SSDEEP:
MD5:	8DCE60169BA666CA03A31D123DB49908
SHA1:	956C46BB6058C23D35440DCC656CE61C7B151399
SHA-256:	F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75
SHA-512:	26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E
Malicious:	false
Reputation:	unknown
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/spoguestaccesswebpack/spoguestaccess.js
Preview:	/! For license information please see spoguestaccess.js.LICENSE.txt /.document.currentScript,define("@fluentui/react-file-type-icons",[],()=>{var e;return(()=>{"use strict";var t=[e=>{var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.call(o,l)&&(c[l]

Chrome Cache Entry: 158

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, Unicode text, UTF-8 (with BOM) text
Category:	downloaded
Size (bytes):	215
Entropy (8bit):	5.34670377896536
Encrypted:	false
SSDEEP:
MD5:	D37CF5BDA0061A6FFA76483838AAB620
SHA1:	C2B6FC50AD5AAECE4BAFF88FB4768DECAB99EB4C
SHA-256:	AA5A50C30C7D84E1C28FED9F3344EEC224FF4D9C80C5F92A40EEF3AEBC03EB59
SHA-512:	8BE5E4E201B3C3F9D5C0A6E2F73C507415FC870D00C9D8FA5977C8C94A510E3351546D68C2FB4E2622F75231CDFE71BD78803687A3DEDA006FCBC4B2F342BA70
Malicious:	false
Reputation:	unknown
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-06-14.009/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js
Preview:	.<?xml version="1.0" encoding="utf-8"?><Error><Code>BlobNotFound</Code><Message>The specified blob does not exist..RequestId:5c062ff2-501e-0076-6846-cde248000000.Time:2024-07-03T12:39:49.7887779Z</Message></Error>

Chrome Cache Entry: 159

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65329), with CRLF line terminators
Category:	downloaded
Size (bytes):	102801
Entropy (8bit):	5.336080509196147
Encrypted:	false
SSDEEP:
MD5:	C89EAA5B28DF1E17376BE71D71649173
SHA1:	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
SHA-256:	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
SHA-512:	B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
Malicious:	false
Reputation:	unknown
URL:	https://netorg40617-my.sharepoint.com/ScriptResource.axd?d=jFqUWn6T37qCrW5iAbH_PT3WxGCOYc5l_Xaem2WM3JX3GsbnQ6prtGQvPMFz7iLdGHIEGTM9-_ymp2GS__ZkrERfjpuCfw_J1rb4u-t8tdftaLqfF2h_K7gC8l08I_u6zoGl9bX2eCSnN8vmYe8NaR6n8X52Y988oazMn2fhWyBs79dlWMUOU_cB7MBTq80A0&t=74258c30
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c\|\|typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

Chrome Cache Entry: 160

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (30522), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	69018
Entropy (8bit):	5.66682605576858
Encrypted:	false
SSDEEP:
MD5:	B2C3A347462EC0303DD26AD47F670264
SHA1:	2C1DD02027C407666C5937824ABA84F14457FA0B
SHA-256:	C5551AEAC5DC3B078BEC295095E29009A4F3B6A5F9B403E4BEE86F6C59426CE8
SHA-512:	101503BF41E4CFC341F2641EA0D12A1632A1F831EB96A007E030E44846D8F4D91AD0BACD57116EE1CC42B93E1C46E6F2C0B758142EC5D2AE95654A0DB183721D
Malicious:	false
Reputation:	unknown
URL:	https://netorg40617-my.sharepoint.com/:o:/g/personal/negin_eeeasc_com/EkVB7FirdotMvG978qS6ihUB3Y22hA6ZH5YE34JME34-Pg?e=5%3aGZ1JUi&at=9
Preview:	..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta name="Robots" content="NOHTMLINDEX" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><link id="favicon" rel="shortcut icon" href="/_layouts/15/images/favicon.ico?rev=47" type="image/vnd.microsoft.icon" /><title>...Sharing Link Validation..</title>...<style type="text/css" media="screen, print, projection">....html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,ma

Chrome Cache Entry: 161

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Static File Info

⊘No static file info