Windows
Analysis Report
https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64_ra
chrome.exe (PID: 3632 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// actessudcl oud-my.sha repoint.co m/:b:/g/pe rsonal/c_l esaulnier_ librairie_ actes-sud_ fr/EV-iZ8x qYM9IrLUop iO70n8BvYo UIv1ExWSSU XYo87zqMQ? e=4%3a0f4T 5i&at=9 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA) chrome.exe (PID: 3612 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2300 --fi eld-trial- handle=200 0,i,103939 2436668450 7257,42087 5780150312 3544,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dual-spo-0005.spo-msedge.net | 13.107.136.10 | true | false | unknown | |
www.google.com | 172.217.18.4 | true | false | unknown | |
actessudcloud-my.sharepoint.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | false | |
13.107.136.10 | dual-spo-0005.spo-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
23.15.178.138 | unknown | United States | 20940 | AKAMAI-ASN1EU | false | |
74.125.133.84 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.142 | unknown | United States | 15169 | GOOGLEUS | false | |
172.217.18.4 | www.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.67 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.184.227 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.238 | unknown | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.18 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1467115 |
Start date and time: | 2024-07-03 17:44:45 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9 |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 16 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@14/19@6/79 |
- Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 216.58.206.67, 74.125.133.84, 142.250.185.142, 34.104.35.123, 23.15.178.138, 23.15.178.200, 93.184.221.240
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, 189651-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net, e40491.dscd.akamaiedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, res-1.cdn.office.net, clients2.google.com, edgedl.me.gvt1.com, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9
Input | Output |
---|---|
URL: https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9 Model: Perplexity: mixtral-8x7b-instruct | {"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form.","The text does not create a sense of urgency.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]} |
Title: Erreur OCR: Dsol... Nous avons rencontr un problme Dsol. Vous ne pouvez pas accder ce document. Contactez la personne qui lla partag avec vous. DETAILS TECHNIQUES REVENIR AU SITE | |
URL: https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9 Model: Perplexity: mixtral-8x7b-instruct | {"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form.","The text does not create a sense of urgency.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]} |
Title: Erreur OCR: Dsol... Nous avons rencontr un problme Dsol. Vous ne pouvez pas accder ce document. Contactez la personne qui lla partag avec vous. DETASLS TECHNIQUE REVENIR AU SITE |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2675 |
Entropy (8bit): | 3.9821875601060728 |
Encrypted: | false |
SSDEEP: | |
MD5: | BF8506B339F7A6CB3B25EAA03DDF3039 |
SHA1: | D2B17B3646F46708ED63E80F4CFA1B4BEB2E35E5 |
SHA-256: | FD469212D2AEA4CC57C1800E824EAA788DD4830DEA183DF9ED1283B5BDA860A4 |
SHA-512: | C22C79E200D5BD88E76853C5F71C70EF694B3C1ED3881EF99565E2551BE5BC888570DEB7582CA37916E77E30BE520B2621C48062B9F9A47FA1028B61237281E6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.998548030799792 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5DFA407B311437A8ADC8BE0D88FB17A9 |
SHA1: | F74BB725E9E96AB8BD3761E32901E0147F587A08 |
SHA-256: | 0970CFB15F945333AC3DB2060B4EFBC34412AF38E39F94770615DCED7056242F |
SHA-512: | 83E61960D30B0E08AD48DB52718AFF31C5D474BDA6FFFB8517EB1B7657CA085C4DCBA25935A98E5820052DA05125ABDC2F7DC075CD11093DA55B753F60D338D3 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2691 |
Entropy (8bit): | 4.006554576457928 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3DFDE1962EC8C71D3E7006ADFCCA28EB |
SHA1: | C40E89E5DE79D6273FDD663DAEB872EFE2E985ED |
SHA-256: | DC61541DDC254CEDC4EA2C99C831B9CC4FA3E0E6866B46FD8FFBCF44B60307BE |
SHA-512: | EFCB25940E151227EA3DDCA5745D0AA592530EEC4336156DEB8626CA3120A5ECE7143785E5A2EBC1BD33C445EF4433D95A2A78290E300042E2DDD19F1E0DE813 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.995918085324692 |
Encrypted: | false |
SSDEEP: | |
MD5: | 79C6A400EC87BDAF300A8F2ED96949C1 |
SHA1: | FD3EAFFBF0EA1273F98005115808AA84EA7C1F8B |
SHA-256: | E6193B57FBBB4E20969FFDE69146B3E8B831852642EF4036582B5BF0360CDBB0 |
SHA-512: | 28171BF233F94D96EB01A2E6EE176797EA449B4D6C007FB30946B681D2A9C180F824DC3F1A436AD08ACFD3F9392CC2A1B5860120E1F17573D6A37A61446F64FF |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9832109077188536 |
Encrypted: | false |
SSDEEP: | |
MD5: | 170DF77C8202291B7FD45667195CC4D3 |
SHA1: | 066070F6E4560D551BBED65E9B29902C82780C1D |
SHA-256: | 2E0AE0CC6DE5CFED23D199E4D96228ADE1ED4E7B51C760EF3BCBD62170AE0D90 |
SHA-512: | 8E4F727047B2327F1195A5655A02FB95A02F16C3B990AE520FA9CA8A5DFE8EA8F58E098BA515CAB05AE68DCB6C23561D2F1887D8AF7AC61FB38ECFD962ACA5A0 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.998313055897049 |
Encrypted: | false |
SSDEEP: | |
MD5: | 987502C86167CE4BB039531347A7FB24 |
SHA1: | FF07C8198B5E6AF0FD4C077AB19616C6196DD3D2 |
SHA-256: | 24089B1A6601EB22BC546B5FDD16DAE9A75D58E447CBD83193EBD7B4CDFDEC38 |
SHA-512: | C57DCAF9654A678E02E1B4C9E0EFE1478608DCB187DF70B094F84D7695A057043D0AE3E50CFC104266F8A8B88A4DEB9FDE4BD5B643C70AAECB0D9D057B96C893 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 35238 |
Entropy (8bit): | 5.390650418562352 |
Encrypted: | false |
SSDEEP: | |
MD5: | C637DE6889D81964119BA1FD124E2454 |
SHA1: | 5DB2B1681BE6FF9A7B26E269CD80D817D41A01BE |
SHA-256: | 18E8366C8C5590C3D056BA6CA9691B7471D6970EE00D0E22A4B68E517B54F087 |
SHA-512: | 78288767F08DB38F6DC8C366546CECC05DF35C25BCD898B94DCCC5ECCB3ACD7807817BAF813BCA11F4CCAC169A980E4F10EBF4334000C4D2D0F74DCC30BB36EE |
Malicious: | false |
Reputation: | unknown |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/theming.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7886 |
Entropy (8bit): | 3.9482833105763633 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0B60F3C9E4DA6E807E808DA7360F24F2 |
SHA1: | 9AFC7ABB910DE855EFB426206E547574A1E074B7 |
SHA-256: | ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341 |
SHA-512: | 1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80 |
Malicious: | false |
Reputation: | unknown |
URL: | https://actessudcloud-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 511765 |
Entropy (8bit): | 5.440738195248785 |
Encrypted: | false |
SSDEEP: | |
MD5: | 82FE98765210064987E2FEF335718821 |
SHA1: | F54F508450E364482D33DC05A9BDD317BC1549B9 |
SHA-256: | 244EF9F3E4CB2CB403E557C49A0DBDF54530D89E76686C808652DE2D8D8BA246 |
SHA-512: | 0892C9E7ADDD956D4517C510C7ABF08980B30616C1756AD123434059B30EA0CEEF333DF04AAD22DBF74F598DFE7FE150D57C98EB235711A802F5651571F7B6B0 |
Malicious: | false |
Reputation: | unknown |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/core.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 26548 |
Entropy (8bit): | 5.170766357197057 |
Encrypted: | false |
SSDEEP: | |
MD5: | A40585F221C2F120840E1DC98B3DC7E3 |
SHA1: | 340823CE778F7E0C60C5CA669028826067A09409 |
SHA-256: | 97BA87D284E47B4E551C3A1BC00697F074A3929D5349B8702FB26BF6F4E339F7 |
SHA-512: | D67ACD092148A7A7A1A30213CBC03A7F62BD5D83A81470D538382DD640CC8A0A54370B6BB820678C46EB21038A3923D0881428C465774C18BB4532DC3695CD47 |
Malicious: | false |
Reputation: | unknown |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/1036/initstrings.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 228086 |
Entropy (8bit): | 5.000225127416325 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5F7AC0B641E1F067F62517A76D5CD4F8 |
SHA1: | C5F12BD128CB93E61101CAE1ED6C9AFFA66FF491 |
SHA-256: | 997E21BAAEB3343E39F5A848ECC33C116CD1BBA7FC705684B55C51C8E2712242 |
SHA-512: | 4793F2062305C643DCDBD5D1BBD759525413DF44D4F7F47F1F417AF3E030AA86A728C034D5B0CF5A9C8CF2A46CDA0045BD946906D692960B5BE4989F9C8CD11C |
Malicious: | false |
Reputation: | unknown |
URL: | https://actessudcloud-my.sharepoint.com/:b:/g/personal/c_lesaulnier_librairie_actes-sud_fr/EV-iZ8xqYM9IrLUopiO70n8BvYoUIv1ExWSSUXYo87zqMQ?e=4%3a0f4T5i&at=9 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 456 |
Entropy (8bit): | 5.223800250608757 |
Encrypted: | false |
SSDEEP: | |
MD5: | 23A8222E55875C496BA64A15056DFBC0 |
SHA1: | 06326F45D1CAD64E561F0753B93A54C31C379CC4 |
SHA-256: | 6A9186367DE67F1B5629E9A9FB6101B6FE2B2B275AFD4275E315560E61D056CE |
SHA-512: | 59C9F87DD5572725D3C9A8A4787FA0D80D6ED6988DCE4C7D935F3BCDEF7244224765F2CDF59EAC5389C4666BE69D968632CDF217950642A1442E4296605DB697 |
Malicious: | false |
Reputation: | unknown |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/blank.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 340993 |
Entropy (8bit): | 5.442853498235433 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6869ADE0550EE8D9E96A55FFF1D4DC1C |
SHA1: | C2BF9A7A34E112D526F814E68CD48F7675EBB9E1 |
SHA-256: | A9A83B2BF397CF0162F12C5020A568CA659EF2D1766EF14CF0F8674D8246E360 |
SHA-512: | 254EC4980C7741503D56FB27108526A0728A46B5D1AB3D3465E6059FDF8E21939C7390E44BDA9DC999EEF15B52E2632197FF0A81AF1E9CB691250B1BBAD2510C |
Malicious: | false |
Reputation: | unknown |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/init.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 213955 |
Entropy (8bit): | 5.200613822277909 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8D72AB82FFA74E9BE7F04D6BD715AF73 |
SHA1: | 2EF7560B04A135C2D7EBE5B27B66559C8E60A119 |
SHA-256: | CC160AFB12ACBBF1C3D61A7B56ED57E389A8E51C5C3AE6069BC2174EA74B3396 |
SHA-512: | 2EA6FD46345FB1C699C72E76736FF2285ACC815EFB53D3448962DE1C08F767DE9703BCD1368E5CF2E11A401D894762B1BA7246534F8DA9D6C35958D15DAEFD79 |
Malicious: | false |
Reputation: | unknown |
URL: | https://res-1.cdn.office.net/bld/_layouts/15/16.0.25012.12009/1036/strings.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 342553 |
Entropy (8bit): | 5.329564352559992 |
Encrypted: | false |
SSDEEP: | |
MD5: | F0CBF363AEFFF1B133AC5D1DFF51F683 |
SHA1: | A2828AECDDB56C719AA8CE14838B1A522049A57E |
SHA-256: | 1DCEBE7BEF35D2AF749741DAA55BF0E6AFA41404121C83FA366A311827D5FA2E |
SHA-512: | FA85D9ABB975311BD9A41570D229490971A0B0FEB6972BDBF96C5309DBB9F5B70D49FFF02F4063B517BA6F329C6D40750476967301DA11F869AED0CA25B84DBA |
Malicious: | false |
Reputation: | unknown |
URL: | https://actessudcloud-my.sharepoint.com/_layouts/15/1036/styles/corev15.css?rev=8MvzY67%2F8bEzrF0d%2F1H2gw%3D%3DTAG370 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 25609 |
Entropy (8bit): | 7.992070293592458 |
Encrypted: | true |
SSDEEP: | |
MD5: | B62553925BD98826C60457D2EB6B9A46 |
SHA1: | 84DBBB6D9B36A587C21B5A56B1D9E587E33BA943 |
SHA-256: | C58166FE4DF4BA8F25A960C21451EAF841D97F6F552F104E43431C9DB1C2E2CC |
SHA-512: | 7B6872144AE308224FF671A1EC63F040A40115888790CF6834AD85D517471CE5DAD3EC297EE751FB196B55118A181017151F7F06FCE0F2F26FF94E8EEC070033 |
Malicious: | false |
Reputation: | unknown |
URL: | https://actessudcloud-my.sharepoint.com/ScriptResource.axd?d=khEFMjP3-axdk4IjcRmTN9L4zECVwagOu1MepNPUUvKWvv1FccdcT8Fz3pRfvuhNsrt7xASlLbHTFrFEsIduylrtdaJa9TuUrnQm07xCup1cAWKU26ySszkz4xuVpvD3IOxOsgvhiiI9L_0WAfHs0S-Uq7Gny614PXghAIlHt8KrqXJCVnhYFmp8VF8MCdZP0&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 625 |
Entropy (8bit): | 5.058050762897387 |
Encrypted: | false |
SSDEEP: | |
MD5: | 5FFEF7F2E89AF53D930B547D4AE6C7C3 |
SHA1: | E0F23E9C2551C170BC29B7D8873B891DEF8D612F |
SHA-256: | 349C05D49D201AA1595E961B60DF089F34B2578E95C45F4C6035B290D7203130 |
SHA-512: | 236319E71BF4CCA4B03F19008AAA06DD3AEB0F68BF890D6D31DE0BF271EDA712AF80EBF222ABD8E0C7DE64733931DE2DDF58C0595DC342F5A05D772B73DBFA35 |
Malicious: | false |
Reputation: | unknown |
URL: | https://actessudcloud-my.sharepoint.com/_layouts/15/1036/styles/error.css?rev=X%2F738uia9T2TC1R9SubHww%3D%3DTAG370 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9984 |
Entropy (8bit): | 7.979200972475404 |
Encrypted: | false |
SSDEEP: | |
MD5: | 027A7D52E1CEED8AEF7DC13505B81D36 |
SHA1: | 33CF0BCE6A4C8B44B4A80B3116C978C12EE93FD0 |
SHA-256: | 29061464FB6FCE2326B952EACAA95C3C6183BFEA74C3851390E9838720D372A6 |
SHA-512: | FCDDEBF6DE759B5079E7DF2432771A866DE1824B119AD8CB3BAE11F9FAA060B943D52F121E4C63E7E20D43F31B2220C1D4E9C24A20004C4B061CD1A0A5EE5AC9 |
Malicious: | false |
Reputation: | unknown |
URL: | https://actessudcloud-my.sharepoint.com/ScriptResource.axd?d=eeygiHuhg50x_hbTNWXmUBnGJGFOFVvKsWQ5zO6Jnrn0k5x4XYBCaIZfidGJwOUMNHazR_5K0-AZm-Fz-TuXN8uVWXxkFJPscdixBS8G-n69RZU3Jl1WEQ3Ec7m-q0tytdU7KDuJA-poYTFXixVlaeBJcf4kc1k4nEwHqfuPAy5eqtQHPmgbNSMeAFEHEWFc0&t=74258c30 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 23063 |
Entropy (8bit): | 4.7535440881548165 |
Encrypted: | false |
SSDEEP: | |
MD5: | 90EA7274F19755002360945D54C2A0D7 |
SHA1: | 647B5D8BF7D119A2C97895363A07A0C6EB8CD284 |
SHA-256: | 40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB |
SHA-512: | 7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07 |
Malicious: | false |
Reputation: | unknown |
URL: | https://actessudcloud-my.sharepoint.com/WebResource.axd?d=MQY2LbUPIuD_DPY2gZcKxLTYr4-bLEDR3oF4QIPQf6wpHksUyW77ZAKlEGIfwrujBzpfXLZiEz2eH13WE1cm8n6dDWFL9eZ4NS9tv04CfqY1&t=638509456120891867 |
Preview: |