Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9

Overview

General Information

Sample URL:https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9
Analysis ID:1467115

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

HTML page contains hidden URLs or javascript code
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 3632 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 3612 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2000,i,10393924366684507257,4208757801503123544,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9HTTP Parser: Base64 decoded: d+)\.)?(?:(\d+)\.\d+))/.test(navigator.userAgent) || /[?&]env=TeamsWebView/.test(location.search) || /Teams\/((?:(\d+)\.)?(?:(\d+)\.)?(?:(\d+)\.\d+))(?:\/(\\d+))?/.test(navigator.userAgent) || ...
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.18:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.123.104.30:443 -> 192.168.2.18:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49722 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: global trafficDNS traffic detected: DNS query: actessudcloud-my.sharepoint.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49697 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49693 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49697
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49693
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49692
Source: unknownNetwork traffic detected: HTTP traffic on port 49692 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.18:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49713 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.18:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.123.104.30:443 -> 192.168.2.18:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.18:49722 version: TLS 1.2
Source: classification engineClassification label: clean1.win@14/19@6/79
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2000,i,10393924366684507257,4208757801503123544,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2000,i,10393924366684507257,4208757801503123544,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=90%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
dual-spo-0005.spo-msedge.net
13.107.136.10
truefalse
    		unknown
    www.google.com
    		172.217.18.4
    		truefalse
      		unknown
      actessudcloud-my.sharepoint.com
      		unknown
      		unknownfalse
        		unknown

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9false
          		unknown

          World Map of Contacted IPs

          • No. of IPs < 25%
          • 25% < No. of IPs < 50%
          • 50% < No. of IPs < 75%
          • 75% < No. of IPs

          Public IPs

          IPDomainCountryFlagASNASN NameMalicious
          1.1.1.1
          		unknownAustralia
          		13335CLOUDFLARENETUSfalse
          13.107.136.10
          		dual-spo-0005.spo-msedge.netUnited States
          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
          239.255.255.250
          		unknownReserved
          		unknownunknownfalse
          23.15.178.138
          		unknownUnited States
          		20940AKAMAI-ASN1EUfalse
          74.125.133.84
          		unknownUnited States
          		15169GOOGLEUSfalse
          142.250.185.142
          		unknownUnited States
          		15169GOOGLEUSfalse
          172.217.18.4
          		www.google.comUnited States
          		15169GOOGLEUSfalse
          216.58.206.67
          		unknownUnited States
          		15169GOOGLEUSfalse
          142.250.184.227
          		unknownUnited States
          		15169GOOGLEUSfalse
          142.250.185.238
          		unknownUnited States
          		15169GOOGLEUSfalse

          Private

          IP
          192.168.2.18

          General Information

          Joe Sandbox version:40.0.0 Tourmaline
          Analysis ID:1467115
          Start date and time:2024-07-03 17:44:45 +02:00
          Joe Sandbox product:CloudBasic
          Overall analysis duration:
          Hypervisor based Inspection enabled:false
          Report type:full
          Cookbook file name:defaultwindowsinteractivecookbook.jbs
          Sample URL:https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9
          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
          Number of analysed new started processes analysed:16
          Number of new started drivers analysed:0
          Number of existing processes analysed:0
          Number of existing drivers analysed:0
          Number of injected processes analysed:0
          Technologies:
          • EGA enabled
          Analysis Mode:stream
          Analysis stop reason:Timeout
          Detection:CLEAN
          Classification:clean1.win@14/19@6/79

          Warnings

          • Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
          • Excluded IPs from analysis (whitelisted): 216.58.206.67, 74.125.133.84, 142.250.185.142, 34.104.35.123, 23.15.178.138, 23.15.178.200, 93.184.221.240
          • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, 189651-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net, e40491.dscd.akamaiedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, res-1.cdn.office.net, clients2.google.com, edgedl.me.gvt1.com, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net
          • Not all processes where analyzed, report is missing behavior information
          • VT rate limit hit for: https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9

          LLM Input / Output

          InputOutput
          URL: https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9 Model: Perplexity: mixtral-8x7b-instruct
          {"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form.","The text does not create a sense of urgency.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
          Title: Erreur OCR: Dsol... Nous avons rencontr un problme Dsol. Vous ne pouvez pas accder ce document. Contactez la personne qui lla partag avec vous. DETAILS TECHNIQUES REVENIR AU SITE
          URL: https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9 Model: Perplexity: mixtral-8x7b-instruct
          {"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form.","The text does not create a sense of urgency.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
          Title: Erreur OCR: Dsol... Nous avons rencontr un problme Dsol. Vous ne pouvez pas accder ce document. Contactez la personne qui lla partag avec vous. DETASLS TECHNIQUE REVENIR AU SITE

          Created / dropped Files

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 14:45:13 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2675
          Entropy (8bit):3.9821875601060728
          Encrypted:false
          SSDEEP:
          MD5:BF8506B339F7A6CB3B25EAA03DDF3039
          SHA1:D2B17B3646F46708ED63E80F4CFA1B4BEB2E35E5
          SHA-256:FD469212D2AEA4CC57C1800E824EAA788DD4830DEA183DF9ED1283B5BDA860A4
          SHA-512:C22C79E200D5BD88E76853C5F71C70EF694B3C1ED3881EF99565E2551BE5BC888570DEB7582CA37916E77E30BE520B2621C48062B9F9A47FA1028B61237281E6
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,....tjZ._.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.}....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.}....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.}....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.}...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.}.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............-7......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 14:45:13 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2677
          Entropy (8bit):3.998548030799792
          Encrypted:false
          SSDEEP:
          MD5:5DFA407B311437A8ADC8BE0D88FB17A9
          SHA1:F74BB725E9E96AB8BD3761E32901E0147F587A08
          SHA-256:0970CFB15F945333AC3DB2060B4EFBC34412AF38E39F94770615DCED7056242F
          SHA-512:83E61960D30B0E08AD48DB52718AFF31C5D474BDA6FFFB8517EB1B7657CA085C4DCBA25935A98E5820052DA05125ABDC2F7DC075CD11093DA55B753F60D338D3
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,......O._.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.}....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.}....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.}....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.}...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.}.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............-7......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 09:23:19 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2691
          Entropy (8bit):4.006554576457928
          Encrypted:false
          SSDEEP:
          MD5:3DFDE1962EC8C71D3E7006ADFCCA28EB
          SHA1:C40E89E5DE79D6273FDD663DAEB872EFE2E985ED
          SHA-256:DC61541DDC254CEDC4EA2C99C831B9CC4FA3E0E6866B46FD8FFBCF44B60307BE
          SHA-512:EFCB25940E151227EA3DDCA5745D0AA592530EEC4336156DEB8626CA3120A5ECE7143785E5A2EBC1BD33C445EF4433D95A2A78290E300042E2DDD19F1E0DE813
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,....?.4 ?.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.}....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.}....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.}....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.}...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.R.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............-7......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 14:45:13 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2679
          Entropy (8bit):3.995918085324692
          Encrypted:false
          SSDEEP:
          MD5:79C6A400EC87BDAF300A8F2ED96949C1
          SHA1:FD3EAFFBF0EA1273F98005115808AA84EA7C1F8B
          SHA-256:E6193B57FBBB4E20969FFDE69146B3E8B831852642EF4036582B5BF0360CDBB0
          SHA-512:28171BF233F94D96EB01A2E6EE176797EA449B4D6C007FB30946B681D2A9C180F824DC3F1A436AD08ACFD3F9392CC2A1B5860120E1F17573D6A37A61446F64FF
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,....qSI._.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.}....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.}....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.}....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.}...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.}.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............-7......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 14:45:13 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2679
          Entropy (8bit):3.9832109077188536
          Encrypted:false
          SSDEEP:
          MD5:170DF77C8202291B7FD45667195CC4D3
          SHA1:066070F6E4560D551BBED65E9B29902C82780C1D
          SHA-256:2E0AE0CC6DE5CFED23D199E4D96228ADE1ED4E7B51C760EF3BCBD62170AE0D90
          SHA-512:8E4F727047B2327F1195A5655A02FB95A02F16C3B990AE520FA9CA8A5DFE8EA8F58E098BA515CAB05AE68DCB6C23561D2F1887D8AF7AC61FB38ECFD962ACA5A0
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,....C.U._.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.}....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.}....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.}....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.}...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.}.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............-7......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jul 3 14:45:13 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2681
          Entropy (8bit):3.998313055897049
          Encrypted:false
          SSDEEP:
          MD5:987502C86167CE4BB039531347A7FB24
          SHA1:FF07C8198B5E6AF0FD4C077AB19616C6196DD3D2
          SHA-256:24089B1A6601EB22BC546B5FDD16DAE9A75D58E447CBD83193EBD7B4CDFDEC38
          SHA-512:C57DCAF9654A678E02E1B4C9E0EFE1478608DCB187DF70B094F84D7695A057043D0AE3E50CFC104266F8A8B88A4DEB9FDE4BD5B643C70AAECB0D9D057B96C893
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,.....y@._.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X.}....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.}....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X.}....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.}...........................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.}.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............-7......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          Chrome Cache Entry: 77

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (35238), with no line terminators
          Category:downloaded
          Size (bytes):35238
          Entropy (8bit):5.390650418562352
          Encrypted:false
          SSDEEP:
          MD5:C637DE6889D81964119BA1FD124E2454
          SHA1:5DB2B1681BE6FF9A7B26E269CD80D817D41A01BE
          SHA-256:18E8366C8C5590C3D056BA6CA9691B7471D6970EE00D0E22A4B68E517B54F087
          SHA-512:78288767F08DB38F6DC8C366546CECC05DF35C25BCD898B94DCCC5ECCB3ACD7807817BAF813BCA11F4CCAC169A980E4F10EBF4334000C4D2D0F74DCC30BB36EE
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/theming.js
          Preview:var Theming={__namespace:true};Theming_module_def();function Theming_module_def(){Theming.ApplyThemeToCss=tb;Theming.ReplaceCssTextForElement=J;Theming.ThemeInfo=E;Theming.ImageProcessor=R;Theming.Colors={Color:a,ColorApplication:x,HslColor:h};function cb(d,c,e){for(var b=true,a=0;a<c.length;a++)if(d.charCodeAt(e+a)!==c.charCodeAt(a)){b=false;break}return b}var c={text:0,comment:1,string:2,url:3,right_par:4,font_family:5,rgb:6,rgba:7,colon:8,semicolon:9,right_curly:10,color:11};function d(a,b){this.kind=a;this.text=b}function Db(b){var e,a,g,f,l="*/",u="url(",i=")",j="font-family",t="rgb(",s="rgba(",o="#",w=":",y=";",x="}",k=new d(c.text,"");if(!Boolean(b))b="";a=0;f=b.length;m.prototype={kind:0,text:"",getToken:function(){return null}};function m(){}var r={"/":{},"'":{},'"':{},"#":{},")":new d(c.right_par,")"),";":new d(c.semicolon,";"),":":new d(c.colon,":"),"}":new d(c.right_curly,"}"),u:{getToken:q},f:{getToken:n},r:{getToken:p}};function h(c){var a=b.indexOf(")",c);if(a<0)a=f;retu

          Chrome Cache Entry: 78

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
          Category:downloaded
          Size (bytes):7886
          Entropy (8bit):3.9482833105763633
          Encrypted:false
          SSDEEP:
          MD5:0B60F3C9E4DA6E807E808DA7360F24F2
          SHA1:9AFC7ABB910DE855EFB426206E547574A1E074B7
          SHA-256:ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
          SHA-512:1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
          Malicious:false
          Reputation:unknown
          URL:https://actessudcloud-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
          Preview:...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

          Chrome Cache Entry: 79

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (65536), with no line terminators
          Category:downloaded
          Size (bytes):511765
          Entropy (8bit):5.440738195248785
          Encrypted:false
          SSDEEP:
          MD5:82FE98765210064987E2FEF335718821
          SHA1:F54F508450E364482D33DC05A9BDD317BC1549B9
          SHA-256:244EF9F3E4CB2CB403E557C49A0DBDF54530D89E76686C808652DE2D8D8BA246
          SHA-512:0892C9E7ADDD956D4517C510C7ABF08980B30616C1756AD123434059B30EA0CEEF333DF04AAD22DBF74F598DFE7FE150D57C98EB235711A802F5651571F7B6B0
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/core.js
          Preview:function $_global_core(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["core.js"]={version:{rmj:16,rmm:0,rup:25012,rpr:12009}};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_core.js");SPAnimation={};SPAnimation.g_Curves=new Array(7);SPAnimation.g_Curves[0]=new SPCurve(0,0,0,0,0,0);SPAnimation.g_Curves[1]=new SPCurve(1,1,0,0,0,0);SPAnimation.g_Curves[2]=new SPCurve(2,2,0,0,0,0);SPAnimation.g_Curves[3]=new SPCurve(3,3,.1,.9,.2,1);SPAnimation.g_Curves[4]=new SPCurve(4,3,.42,0,1,1);SPAnimation.g_Curves[5]=new SPCurve(5,3,0,0,.58,1);SPAnimation.g_Curves[6]=new SPCurve(6,3,.42,0,.58,1);SPKeyFrame.prototype={type:0,curveID:0,startTime:0,endTime:0,startValue:0,endValue:0,relativeTo:0,operationType:0};SPAnimation.Attribute={PositionX:1,PositionY:2,Height:3,Width:4,Opacity:5};SPAnimation.ID={Basic_Show:0,Basic_SlowShow:1,Basic_Fade:2,Basic_Move:3,Basic_Size:4,Content_SlideInFadeInRight:5,Content_SlideInFadeInRightInc:6,Content_SlideOutFadeOutRigh

          Chrome Cache Entry: 80

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:Unicode text, UTF-8 text, with very long lines (25986), with CRLF line terminators
          Category:downloaded
          Size (bytes):26548
          Entropy (8bit):5.170766357197057
          Encrypted:false
          SSDEEP:
          MD5:A40585F221C2F120840E1DC98B3DC7E3
          SHA1:340823CE778F7E0C60C5CA669028826067A09409
          SHA-256:97BA87D284E47B4E551C3A1BC00697F074A3929D5349B8702FB26BF6F4E339F7
          SHA-512:D67ACD092148A7A7A1A30213CBC03A7F62BD5D83A81470D538382DD640CC8A0A54370B6BB820678C46EB21038A3923D0881428C465774C18BB4532DC3695CD47
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/1036/initstrings.js
          Preview:var Strings; if (Strings === undefined) { Strings=new Object(); }Strings.STS=function(){};Strings.STS.L_NewTab="Nouvel onglet";Strings.STS.L_CalloutLastEditedNameAndDate="Modifi. par ^1 le ^2";Strings.STS.L_CalloutSourceUrlHeader="Emplacement";Strings.STS.L_SPDiscBestUndo="Supprimer la meilleure r.ponse";Strings.STS.L_SPClientManage="g.rer";Strings.STS.L_SPAddNewWiki="nouvelle page Wiki";Strings.STS.L_SPCategorySortRecent="R.centes";Strings.STS.L_ViewSelectorTitle="Changer d'affichage";Strings.STS.L_SPDiscNumberOfLikes="{0} J'aime||{0} J'aime||{0} J'aime";Strings.STS.L_Timeline_DfltViewName="Chronologie";Strings.STS.L_TimelineToday="Aujourd.hui";Strings.STS.L_SPDiscNoPreviewAvailable="Aucun aper.u n'est disponible pour cette r.ponse";Strings.STS.L_NODOCView="Il n.y a aucun document dans cette vue.";Strings.STS.L_SPBlogPostAuthorCategories="par {0} dans {1}";Strings.STS.L_SPBlogsNoItemsInCategory="Cette cat.gorie ne contient aucun billet.";Strings.STS.L_QRCodeDescription="Sc

          Chrome Cache Entry: 81

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:HTML document, ASCII text, with very long lines (64250), with CRLF, LF line terminators
          Category:downloaded
          Size (bytes):228086
          Entropy (8bit):5.000225127416325
          Encrypted:false
          SSDEEP:
          MD5:5F7AC0B641E1F067F62517A76D5CD4F8
          SHA1:C5F12BD128CB93E61101CAE1ED6C9AFFA66FF491
          SHA-256:997E21BAAEB3343E39F5A848ECC33C116CD1BBA7FC705684B55C51C8E2712242
          SHA-512:4793F2062305C643DCDBD5D1BBD759525413DF44D4F7F47F1F417AF3E030AA86A728C034D5B0CF5A9C8CF2A46CDA0045BD946906D692960B5BE4989F9C8CD11C
          Malicious:false
          Reputation:unknown
          URL:https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9
          Preview:..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN".."http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="fr-fr" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta http-equiv="X-UA-Compatible" content="IE=8"/><meta name="ROBOTS" content="NOHTMLINDEX" /><title>......Erreur....</title><link id="CssLink-4fa1f0d3e386424ca729f3f28b4da9fd" rel="stylesheet" type="text/css" href="/_layouts/15/1036/styles/corev15.css?rev=8MvzY67%2F8bEzrF0d%2F1H2gw%3D%3DTAG370"/>.<link id="CssLink-8466bed3e79b4bb0944a6552bbee4c0b" rel="stylesheet" type="text/css" href="/_layouts/15/1036/styles/error.css?rev=X%2F738uia9T2TC1R9SubHww%3D%3DTAG370"/>.<style id="SPThemeHideForms" type="text/css">body {opacity:0 !important}</style><script type="text/javascript">// <![CDATA[ ...var _initGlobalSnapShot = {};try {

          Chrome Cache Entry: 82

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (456), with no line terminators
          Category:downloaded
          Size (bytes):456
          Entropy (8bit):5.223800250608757
          Encrypted:false
          SSDEEP:
          MD5:23A8222E55875C496BA64A15056DFBC0
          SHA1:06326F45D1CAD64E561F0753B93A54C31C379CC4
          SHA-256:6A9186367DE67F1B5629E9A9FB6101B6FE2B2B275AFD4275E315560E61D056CE
          SHA-512:59C9F87DD5572725D3C9A8A4787FA0D80D6ED6988DCE4C7D935F3BCDEF7244224765F2CDF59EAC5389C4666BE69D968632CDF217950642A1442E4296605DB697
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/blank.js
          Preview:function $_global_blank(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["blank.js"]={version:{rmj:16,rmm:0,rup:25012,rpr:12009}};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_blank.js");typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkEnd_blank.js")}function ULSaew(){var a={};a.ULSTeamName="Microsoft SharePoint Foundation";a.ULSFileName="blank.commentedjs";return a}$_global_blank();

          Chrome Cache Entry: 83

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (65536), with no line terminators
          Category:downloaded
          Size (bytes):340993
          Entropy (8bit):5.442853498235433
          Encrypted:false
          SSDEEP:
          MD5:6869ADE0550EE8D9E96A55FFF1D4DC1C
          SHA1:C2BF9A7A34E112D526F814E68CD48F7675EBB9E1
          SHA-256:A9A83B2BF397CF0162F12C5020A568CA659EF2D1766EF14CF0F8674D8246E360
          SHA-512:254EC4980C7741503D56FB27108526A0728A46B5D1AB3D3465E6059FDF8E21939C7390E44BDA9DC999EEF15B52E2632197FF0A81AF1E9CB691250B1BBAD2510C
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/init.js
          Preview:function $_global_init(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["init.js"]={version:{rmj:16,rmm:0,rup:25012,rpr:12009}};if(-1!=navigator.userAgent.indexOf("ProfilerMark")&&"function"==typeof msWriteProfilerMark)spWriteProfilerMark=function(a){window.msWriteProfilerMark(a)};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_init.js");if(typeof OffSwitch=="undefined"){OffSwitch={__namespace:true};OffSwitch_module_def()}if(typeof RuntimeErrors=="undefined"){RuntimeErrors={__namespace:true};RuntimeErrors_module_def()}if(typeof Verify=="undefined"){Verify={__namespace:true};Verify_module_def()}if(typeof Define=="undefined"){Define={__namespace:true};Define_module_def()}if(typeof BrowserDetection=="undefined"){BrowserDetection={__namespace:true};BrowserDetection_module_def()}(function(){b.prototype={firefox:undefined,firefox36up:undefined,firefox3up:undefined,firefox4up:undefined,ie:undefined,ie55up:undefined,ie5up:undefined,ie7down:undefi

          Chrome Cache Entry: 84

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:Unicode text, UTF-8 text, with very long lines (64320), with no line terminators
          Category:downloaded
          Size (bytes):213955
          Entropy (8bit):5.200613822277909
          Encrypted:false
          SSDEEP:
          MD5:8D72AB82FFA74E9BE7F04D6BD715AF73
          SHA1:2EF7560B04A135C2D7EBE5B27B66559C8E60A119
          SHA-256:CC160AFB12ACBBF1C3D61A7B56ED57E389A8E51C5C3AE6069BC2174EA74B3396
          SHA-512:2EA6FD46345FB1C699C72E76736FF2285ACC815EFB53D3448962DE1C08F767DE9703BCD1368E5CF2E11A401D894762B1BA7246534F8DA9D6C35958D15DAEFD79
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/1036/strings.js
          Preview:var Strings; if (Strings === undefined) { Strings=new Object(); }Strings.CMS=function(){};Strings.CMS.L_SelectAllAltKey_TEXT="false";Strings.CMS.L_SpellCheckKey_VALUE="0x76";Strings.CMS.L_Callout_Usage_Count="<p>{0}</p>vue||<p>{0}</p>vues";Strings.CMS.L_NoElementStylesWereRemoved_TEXT="La s.lection ne contenait aucune instance de styles d'.l.ment . supprimer.";Strings.CMS.L_DecWidthAltKey_TEXT="false";Strings.CMS.L_ExpandedTagNameH4="Titre 4";Strings.CMS.L_DecWidthShiftKey_TEXT="true";Strings.CMS.L_EditImageRenditionsAction="Modifier les rendus";Strings.CMS.L_TabBackKey_TEXT="N";Strings.CMS.L_SvrBusySpellchecker_TEXT="Le serveur de v.rification de l.orthographe .tait occup.";Strings.CMS.L_RemoveLinkShiftKey_TEXT="false";Strings.CMS.L_Show_TEXT="Afficher";Strings.CMS.L_Title_TEXT="Titre.:";Strings.CMS.L_ShowSpecific_TEXT="Afficher l'.l.ment s.lectionn. dans le volet de navigation";Strings.CMS.L_DecHeightShiftKey_TEXT="true";Strings.CMS.L_ChangeColumnWidthAndRowHeightKey_T

          Chrome Cache Entry: 85

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
          Category:downloaded
          Size (bytes):342553
          Entropy (8bit):5.329564352559992
          Encrypted:false
          SSDEEP:
          MD5:F0CBF363AEFFF1B133AC5D1DFF51F683
          SHA1:A2828AECDDB56C719AA8CE14838B1A522049A57E
          SHA-256:1DCEBE7BEF35D2AF749741DAA55BF0E6AFA41404121C83FA366A311827D5FA2E
          SHA-512:FA85D9ABB975311BD9A41570D229490971A0B0FEB6972BDBF96C5309DBB9F5B70D49FFF02F4063B517BA6F329C6D40750476967301DA11F869AED0CA25B84DBA
          Malicious:false
          Reputation:unknown
          URL:https://actessudcloud-my.sharepoint.com/_layouts/15/1036/styles/corev15.css?rev=8MvzY67%2F8bEzrF0d%2F1H2gw%3D%3DTAG370
          Preview:./* _lcid="1033".._LocalBinding */..body,...ms-core-defaultFont,..#pageStatusBar,..#hybridTooltipStatusBar,...ms-status-msg,...js-callout-body..{../* [ReplaceFont(themeFont:"body")] */ font-family:"Segoe UI","Segoe",Tahoma,Helvetica,Arial,sans-serif;..font-size:13px;..}..body,...ms-core-defaultFont,...js-callout-body..{../* [ReplaceColor(themeColor:"BodyText")] */ color:#444;..}...ms-core-defaultFont..{..font-weight:normal;..text-decoration:none;..white-space:normal;..word-break:normal;..line-height:normal;..}..body..{..margin:0px;..overflow:hidden;../* [ReplaceColor(themeColor:"PageBackground")] */ background-color:#fff;..background-size:cover;..background-repeat:no-repeat;..}..html > .ms-core-needIEFilter..{../* [ReplaceBGImage] */ -ms-filter:"progid:DXImageTransform.Microsoft.AlphaImageLoader(src='about:blank',sizingMethod='scale');";..}...ms-backgroundImage..{../* [ReplaceBGImage] */ background-image:url();..}..#s4-ribbonrow..{..position:relative;..}..#s4-workspace..{..overflow:a

          Chrome Cache Entry: 86

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 102804
          Category:downloaded
          Size (bytes):25609
          Entropy (8bit):7.992070293592458
          Encrypted:true
          SSDEEP:
          MD5:B62553925BD98826C60457D2EB6B9A46
          SHA1:84DBBB6D9B36A587C21B5A56B1D9E587E33BA943
          SHA-256:C58166FE4DF4BA8F25A960C21451EAF841D97F6F552F104E43431C9DB1C2E2CC
          SHA-512:7B6872144AE308224FF671A1EC63F040A40115888790CF6834AD85D517471CE5DAD3EC297EE751FB196B55118A181017151F7F06FCE0F2F26FF94E8EEC070033
          Malicious:false
          Reputation:unknown
          URL:https://actessudcloud-my.sharepoint.com/ScriptResource.axd?d=khEFMjP3-axdk4IjcRmTN9L4zECVwagOu1MepNPUUvKWvv1FccdcT8Fz3pRfvuhNsrt7xASlLbHTFrFEsIduylrtdaJa9TuUrnQm07xCup1cAWKU26ySszkz4xuVpvD3IOxOsgvhiiI9L_0WAfHs0S-Uq7Gny614PXghAIlHt8KrqXJCVnhYFmp8VF8MCdZP0&t=74258c30
          Preview:............r.I.(.>f..d..B6. )U/.(....mGRuw.... I..B..X...<.O..p}.=#.P.>s.Y...D,..........................'.......;.'..2.Uu5.C..%..v.M&;T...u1.T.=...m....'_z.......4.&?~.__....".db00..IR..|.(tj6+.y.$.L.$..."..FIx3+..tG%.7...N.'..........A9....9;.O...j...Y|8.........LW........h&.%WW...|\.Q..Tr....$\..?-&....}O...w..$R}....W.k.+.._..q...P..dR......`^.j]0.L..9......)...."...I....,.K..j...`1.a9-.`..-p..O..t...|Bo..Uu.~.t...uB9S.J.o..Fe<.....A.SM.....d>.].HO..Qx...ao....a.J..h6K..q7.N.n'..Ga78....v..n...>..0.I.X?...$=...x..H*..&.V.+.h..GyTJ....AT...x.Jl..*.X..t.H4...$9..^u....r9rq3.._..a...^I.{{.Ch....@.l.....@..BW.[..8~6.U3].I#....8....H`...4..I..6...I...Q1...W^]>...P.KJ.L......A...>.@hf.M...RP..)m.F...Wp{.!.R.".j.....!soO..]k...a."eo.S,...G|n.|!F[..O../.aR...$.\..4.N.-p1..}...2...r\a[`e.E..{H..?.....J.ak.Y...P......DP.d.?...<..Y.8....%d...@..e.....exc..g...b.....<z....7*8!...n..wG0.C..f..Y5....qE..p....2.rH-..r.S........q..R.$Q^q....!....

          Chrome Cache Entry: 87

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
          Category:downloaded
          Size (bytes):625
          Entropy (8bit):5.058050762897387
          Encrypted:false
          SSDEEP:
          MD5:5FFEF7F2E89AF53D930B547D4AE6C7C3
          SHA1:E0F23E9C2551C170BC29B7D8873B891DEF8D612F
          SHA-256:349C05D49D201AA1595E961B60DF089F34B2578E95C45F4C6035B290D7203130
          SHA-512:236319E71BF4CCA4B03F19008AAA06DD3AEB0F68BF890D6D31DE0BF271EDA712AF80EBF222ABD8E0C7DE64733931DE2DDF58C0595DC342F5A05D772B73DBFA35
          Malicious:false
          Reputation:unknown
          URL:https://actessudcloud-my.sharepoint.com/_layouts/15/1036/styles/error.css?rev=X%2F738uia9T2TC1R9SubHww%3D%3DTAG370
          Preview:./* _lcid="1033".._LocalBinding */..#ms-error-header..{..margin:118px 0px 16px;..min-height:50px;..}..#ms-error-gobackcont..{..margin-top:28px;..}..#ms-accessDenied-reqDialog..{..max-width:100%;..}..#ms-error-body..{..background-size:auto;..overflow:auto;..width:830px;..margin-right:auto;..margin-left:auto;..}...ms-error-returnLink..{..line-height:19px;..vertical-align:middle;..}...ms-error-detailsFold..{..padding-top:42px;..}...ms-error-techMsg..{..padding-top:28px;..}...ms-error-groupJoinPanel..{..margin-top:15px;..}...ms-error-groupProfileText..{..margin-top:17px;..}...ms-error-separator..{..margin:34px 0px;..}..

          Chrome Cache Entry: 88

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 40329
          Category:downloaded
          Size (bytes):9984
          Entropy (8bit):7.979200972475404
          Encrypted:false
          SSDEEP:
          MD5:027A7D52E1CEED8AEF7DC13505B81D36
          SHA1:33CF0BCE6A4C8B44B4A80B3116C978C12EE93FD0
          SHA-256:29061464FB6FCE2326B952EACAA95C3C6183BFEA74C3851390E9838720D372A6
          SHA-512:FCDDEBF6DE759B5079E7DF2432771A866DE1824B119AD8CB3BAE11F9FAA060B943D52F121E4C63E7E20D43F31B2220C1D4E9C24A20004C4B061CD1A0A5EE5AC9
          Malicious:false
          Reputation:unknown
          URL:https://actessudcloud-my.sharepoint.com/ScriptResource.axd?d=eeygiHuhg50x_hbTNWXmUBnGJGFOFVvKsWQ5zO6Jnrn0k5x4XYBCaIZfidGJwOUMNHazR_5K0-AZm-Fz-TuXN8uVWXxkFJPscdixBS8G-n69RZU3Jl1WEQ3Ec7m-q0tytdU7KDuJA-poYTFXixVlaeBJcf4kc1k4nEwHqfuPAy5eqtQHPmgbNSMeAFEHEWFc0&t=74258c30
          Preview:...........}ks.H......@a{ebU......h.^.._a..3!k...HB....m.%....?i..e..U@.........wefefefU........O.....?8).we:...?x..eQ.....EQ.:-.`p.e.^....b.W..X.........UQ.......,...4.jV~..tQ........`......Y..,.]........sR..E...M....\.c>H5.t......xW.jt.?6?.c(..`_....B.G..'.<.1.c....o...yZ..cZ.a=K+....l.l...EQ..4.=......L_..Z..4gYuQ|._!]m1.`Q.uQ....)..=..|.....2.8G."XY.......]c..*|xT....3@..?..Zm..E.'..*......2..E gy..<(.Z...8XY..4O2....U...4.0..5.W!}x._i.`.T,.V.G...b/.t..j>...<.((....,."Uo5X}.@QE.b.khU.h...>...Q~=.k.?.....o.0k........GM..X......P^G....=..<fY.U..S....K....H..9:*......'...J=).O....#G[m...30k...j.2+.im.(Km3.uxv._.pT.4.>..f.-..UZ.=e...C....._5..xR.:..\U..jR. .....9A..1:1.......a..2...U......YTP..`...l0.9.t.}.'.p.c3q.. {m.,...G1..".L.Aj@.D.h.p......fZ{...eYB......1.Ep.b&..% .c.._i9.).,.eD.'...`.E.i..M3#+6...9+....B..NYB..%..8..?....zv.r..XP..W.../+..e.N........Z..i..... ....4I..iR...8+.>....k...N?....MA.....uU...&...Xyb..u*..H....%.

          Chrome Cache Entry: 90

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with CRLF line terminators
          Category:downloaded
          Size (bytes):23063
          Entropy (8bit):4.7535440881548165
          Encrypted:false
          SSDEEP:
          MD5:90EA7274F19755002360945D54C2A0D7
          SHA1:647B5D8BF7D119A2C97895363A07A0C6EB8CD284
          SHA-256:40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
          SHA-512:7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
          Malicious:false
          Reputation:unknown
          URL:https://actessudcloud-my.sharepoint.com/WebResource.axd?d=MQY2LbUPIuD_DPY2gZcKxLTYr4-bLEDR3oF4QIPQf6wpHksUyW77ZAKlEGIfwrujBzpfXLZiEz2eH13WE1cm8n6dDWFL9eZ4NS9tv04CfqY1&t=638509456120891867
          Preview:function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

          Static File Info

          No static file info