Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://gmoq4wwvl9phy.pages.dev/smart89/

Overview

General Information

Sample URL:https://gmoq4wwvl9phy.pages.dev/smart89/
Analysis ID:1467866
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Program does not show much activity (idle)
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 1868 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3440 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2036,i,13450155602685850713,6857457299213347422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5960 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4688 --field-trial-handle=2036,i,13450155602685850713,6857457299213347422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 4204 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gmoq4wwvl9phy.pages.dev/smart89/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://gmoq4wwvl9phy.pages.dev/smart89/Avira URL Cloud: detection malicious, Label: phishing
Source: chrome.exeMemory has grown: Private usage: 0MB later: 100MB
Source: chromecache_194.2.drString found in binary or memory: http://jquery.com/
Source: chromecache_194.2.drString found in binary or memory: http://jquery.org/license
Source: chromecache_194.2.drString found in binary or memory: http://sizzlejs.com/
Source: chromecache_167.2.drString found in binary or memory: https://ezgif.com/optimize
Source: classification engineClassification label: mal48.win@23/72@0/13
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2036,i,13450155602685850713,6857457299213347422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gmoq4wwvl9phy.pages.dev/smart89/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4688 --field-trial-handle=2036,i,13450155602685850713,6857457299213347422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2036,i,13450155602685850713,6857457299213347422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4688 --field-trial-handle=2036,i,13450155602685850713,6857457299213347422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: all processesThread injection, dropped files, key value created, disk infection and DNS query: no activity detected
Source: all processesThread injection, dropped files, key value created, disk infection and DNS query: no activity detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		1
Extra Window Memory Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveSteganographyAutomated ExfiltrationData Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1467866 URL: https://gmoq4wwvl9phy.pages... Startdate: 05/07/2024 Architecture: WINDOWS Score: 48 28 Antivirus / Scanner detection for submitted sample 2->28 6 chrome.exe 9 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 16 192.168.2.5 unknown unknown 6->16 18 192.168.2.6 unknown unknown 6->18 20 239.255.255.250 unknown Reserved 6->20 11 chrome.exe 6->11         started        14 chrome.exe 6->14         started        process5 dnsIp6 22 195.201.57.90 HETZNER-ASDE Germany 11->22 24 142.250.186.131 GOOGLEUS United States 11->24 26 8 other IPs or domains 11->26

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://gmoq4wwvl9phy.pages.dev/smart89/100%Avira URL Cloudphishing

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://jquery.org/license0%URL Reputationsafe
http://jquery.com/0%URL Reputationsafe
http://sizzlejs.com/0%URL Reputationsafe
https://ezgif.com/optimize0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

No contacted domains info

Contacted URLs

NameMaliciousAntivirus DetectionReputation
https://gmoq4wwvl9phy.pages.dev/smart89/true
    		unknown

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    http://jquery.org/licensechromecache_194.2.drfalse
    • URL Reputation: safe
    		unknown
    https://ezgif.com/optimizechromecache_167.2.drfalse
    • Avira URL Cloud: safe
    		unknown
    http://jquery.com/chromecache_194.2.drfalse
    • URL Reputation: safe
    		unknown
    http://sizzlejs.com/chromecache_194.2.drfalse
    • URL Reputation: safe
    		unknown

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    142.250.186.68
    		unknownUnited States
    		15169GOOGLEUSfalse
    1.1.1.1
    		unknownAustralia
    		13335CLOUDFLARENETUSfalse
    34.104.35.123
    		unknownUnited States
    		15169GOOGLEUSfalse
    74.125.133.84
    		unknownUnited States
    		15169GOOGLEUSfalse
    172.217.18.14
    		unknownUnited States
    		15169GOOGLEUSfalse
    239.255.255.250
    		unknownReserved
    		unknownunknownfalse
    188.114.97.3
    		unknownEuropean Union
    		13335CLOUDFLARENETUSfalse
    188.114.96.3
    		unknownEuropean Union
    		13335CLOUDFLARENETUSfalse
    142.250.186.131
    		unknownUnited States
    		15169GOOGLEUSfalse
    195.201.57.90
    		unknownGermany
    		24940HETZNER-ASDEfalse
    172.217.16.131
    		unknownUnited States
    		15169GOOGLEUSfalse

    Private

    IP
    192.168.2.6
    192.168.2.5

    General Information

    Joe Sandbox version:40.0.0 Tourmaline
    Analysis ID:1467866
    Start date and time:2024-07-05 00:11:18 +02:00
    Joe Sandbox product:CloudBasic
    Overall analysis duration:0h 3m 14s
    Hypervisor based Inspection enabled:false
    Report type:full
    Cookbook file name:browseurl.jbs
    Sample URL:https://gmoq4wwvl9phy.pages.dev/smart89/
    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
    Number of analysed new started processes analysed:9
    Number of new started drivers analysed:0
    Number of existing processes analysed:0
    Number of existing drivers analysed:0
    Number of injected processes analysed:0
    Technologies:
    • HCA enabled
    • EGA enabled
    • AMSI enabled
    Analysis Mode:default
    Analysis stop reason:Timeout
    Detection:MAL
    Classification:mal48.win@23/72@0/13
    EGA Information:Failed
    HCA Information:
    • Successful, ratio: 100%
    • Number of executed functions: 0
    • Number of non-executed functions: 0

    Warnings

    • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
    • Not all processes where analyzed, report is missing behavior information
    • Report size getting too big, too many NtSetInformationFile calls found.
    • Skipping network analysis since amount of network traffic is too extensive
    • VT rate limit hit for: https://gmoq4wwvl9phy.pages.dev/smart89/

    Simulations

    Behavior and APIs

    No simulations

    Joe Sandbox View / Context

    IPs

    No context

    Domains

    No context

    ASNs

    No context

    JA3 Fingerprints

    No context

    Dropped Files

    No context

    Created / dropped Files

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jul 4 21:12:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2677
    Entropy (8bit):3.98594115457069
    Encrypted:false
    SSDEEP:48:8xd2WTWyppMHtZidAKZdA19ehwiZUklqehHy+3:8Xv6roy
    MD5:9C538F12AD87BAFAD0A549BCB891ADFD
    SHA1:CB570DF1028FD10B4BD471F97DD9C3E8F4DF425E
    SHA-256:E45EFD7C8633F046A8F80226B6A3C296C471D064FEAB11F33D8045D746B516BE
    SHA-512:A2884EE84B00C4230BA1DAAF0385A848ABB7251A8273CA3FAA6841CD5953DE143E11D1E9413D14738346C2B3A9C85633012B84BAA14AB910977EF7C20F53E325
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,....E..5_...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jul 4 21:12:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2679
    Entropy (8bit):4.001160745524701
    Encrypted:false
    SSDEEP:48:8Cd2WTWyppMHtZidAKZdA1weh/iZUkAQkqehYy+2:8Cv6Z9QBy
    MD5:9EF986D6C2ED09F8294C2710C02F3B57
    SHA1:FE0B94F09911608ADC35DE28D7A59C32C733CA55
    SHA-256:88BB882B1CB3B64DBEF1C5F1F394A4CE90016FBBCE925A8D221DA149A9ED80A0
    SHA-512:E8FD039C3BC00F7D90D59605C2F0C7019A32CE1EE588D6278F1561577BB511C74647561F1ABA784CD1C7926DCB2BAD8B6DABFFF9EC9CF2EE0E6FE5EE41C861EB
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,.......5_...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2693
    Entropy (8bit):4.010554056787417
    Encrypted:false
    SSDEEP:48:8xgd2WTWyppsHtZidAKZdA14tseh7sFiZUkmgqeh7sqy+BX:8xEvapn0y
    MD5:F062F5A4C92664968BF5D0DF44C3C0F5
    SHA1:55223BE2764D9C89503F8E66CDBD140A8A0BB653
    SHA-256:6ECEB78E27B99F081B485A8571518906ACA667B2780A0B2B11B126A4B5B17F23
    SHA-512:DCC584C7BF7A12D7750B7824BE4DB04CC9EDA6C21F67479ED920D06D7128054DCE41AA94DE8BB49AE2808FCF9279ACEBDFE7F8559B4B973E5A7D5C9D19A6AED1
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jul 4 21:12:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2681
    Entropy (8bit):3.9965656936824607
    Encrypted:false
    SSDEEP:48:8Ud2WTWyppMHtZidAKZdA1vehDiZUkwqeh8y+R:8gv66yy
    MD5:453EFDB5ACF53D91A40EE2DE2FB0433F
    SHA1:799654FF20B48D695865E1C02D8529E908173773
    SHA-256:591A9834F7F9D59BA8641FBBFBC080B4C9133D8D719C7FB84F35EB590FB1B2E8
    SHA-512:961919C5FDA28A4757233CABD45F5F3B2421925339308C04847DC2122C1FC5AB2A826FF3579FB734188DE7FEE4BB66C32C1BCDDF79F6BC6AFA92F0F171EEA747
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,.......5_...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jul 4 21:12:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2681
    Entropy (8bit):3.987521461665823
    Encrypted:false
    SSDEEP:48:8pgd2WTWyppMHtZidAKZdA1hehBiZUk1W1qehWy+C:8Gv6692y
    MD5:C6027020AA9F52834100CBD6BEDF5FAC
    SHA1:695A3B4AC2751A252792685B006A5DA8A1E223AB
    SHA-256:583210AF794170A4A22D13E1E6D899398F5E92C42F4A65C32F38BBFD0CFC1B2A
    SHA-512:B69FABC44CB657FDCF05DA02FC77ABCD5946CE02270C1C1CBD7D9AC816F4648C9B564FA48D381361B82DC35D3A8812EB22580EFEBCBFFE782AE82F6C434F250A
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,....56.5_...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jul 4 21:12:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2683
    Entropy (8bit):3.9982869687172937
    Encrypted:false
    SSDEEP:48:8God2WTWyppMHtZidAKZdA1duT+ehOuTbbiZUk5OjqehOuTb0y+yT+:8Gsv6ET/TbxWOvTb0y7T
    MD5:29A0811A002BCA7EBBFF952335D753C3
    SHA1:AE81DF772710E9DDD343CECF1BC5BE2AE9EBE4CD
    SHA-256:B2C74E7929421D6E474B877C363FC65F305CAA6B3515BCE46C4E925FC2863D35
    SHA-512:1B234BE3D966E94BC7DA21F045A224948EC8EA11C20D4CB1E3EDC13D8B028937DB700FC48F9C26180C1C7A296BA83E671F97B52379BC74C9D219AB599877AF5F
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,......5_...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    Chrome Cache Entry: 167

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:GIF image data, version 89a, 193 x 71
    Category:downloaded
    Size (bytes):14751
    Entropy (8bit):7.927919850442063
    Encrypted:false
    SSDEEP:384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
    MD5:6FCB78E0CD7933A70EEA2CF071F82118
    SHA1:70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
    SHA-256:4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
    SHA-512:AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/RlyxsZdFwqBt.gif
    Preview:GIF89a..G............d....;.........z..|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../...*..!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i*..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....|..!.n....H[.8L:.P...Z.

    Chrome Cache Entry: 168

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:Unicode text, UTF-8 text
    Category:downloaded
    Size (bytes):257
    Entropy (8bit):4.219654953679015
    Encrypted:false
    SSDEEP:6:wLGIKCU5TgRWUWYI97i/uXM+TL2EwxKTigVMAw:wfKwi77pTLbba
    MD5:4ADAA47E00921C22B14305058EDFD45D
    SHA1:A7148536EC85B093D08A5450A802377ED3C689CC
    SHA-256:39B9B055BB2F82C6AF76E96CAB3B45C0ACB94A2FA824A86EEEC08C398B861D9B
    SHA-512:CB08B65CAF3FC678E0AA79082704DEB230E9B091A6E97F3734AEBAEEA377706C886B9B6427EE2D4F4FBEA73ECBB2B27819442CAA0520635203BEF57BB0AE9D20
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/aWYxBjIivEGM.js
    Preview:$(function() {. var a = 0,. b = setInterval(function() {. a += 10;. $("#dynamic").css("width", a + "%").attr("aria-valuenow", a).text(a + "% ..");. 100 <= a && clearInterval(b). }, 100). });

    Chrome Cache Entry: 169

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 140 x 30, 1-bit colormap, non-interlaced
    Category:dropped
    Size (bytes):187
    Entropy (8bit):6.13774750591943
    Encrypted:false
    SSDEEP:3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5
    MD5:271021CFA45940978184BE0489841FD3
    SHA1:201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5
    SHA-256:C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41
    SHA-512:EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR..............d5....PLTEvvv.../.......pHYs................[IDAT(.....@...&....;......!8D....P@..&h./..5....e..%:.h)@.E'..st.......*..iq.5.A...w......piK.G....IEND.B`.

    Chrome Cache Entry: 170

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text, with very long lines (32478)
    Category:downloaded
    Size (bytes):84734
    Entropy (8bit):5.372613942820327
    Encrypted:false
    SSDEEP:1536:iP1Wk7i6GUHdXXeyQazBu+4HhiO2Id0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:M4UdeJiz6UAIJ8pa98Hrb
    MD5:433B079C773AE63F4E1AF2F9B92D09F1
    SHA1:54F6987C955ACE72DEB8864572BE36E526029614
    SHA-256:E6AA5558980389B32F515FBCCD1C46DD127CEB9705908F2DF2405C96713A5E7C
    SHA-512:C18F5F3E98D7838CF22AEDA3451E62E238A6B9EF66A95C3C25E60AC556A8607E89243726B4ECF487A3B05D1609BC828A152309612225A3770E0FF7A121446DEE
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/rUFlPhHvrDxXfwH.js
    Preview:!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(d.apply(thi

    Chrome Cache Entry: 171

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text, with very long lines (2051), with no line terminators
    Category:downloaded
    Size (bytes):2051
    Entropy (8bit):5.026556603887781
    Encrypted:false
    SSDEEP:48:W/iGbnd2lcCB2/GxUH3Mu+RW9FNGDzjJYx7u9rDTlRSg40:Y9d2ldWPEy7MDE0
    MD5:2DCB8BBD4BE0845B6EBA41578137EF61
    SHA1:5C71A26C9C3CC73B15A888DBDDBBE6CEB2189984
    SHA-256:F84BEA5397057E0AB07EFC0DD7F7B674783DF7234276DC010BB88FB84DDFD4A1
    SHA-512:4A3ACCC622439BE4224A5FC3FF5DBB13A7B63E1D704DFB6DFFAAAEFA9E0013CF5AD6889B6658033AE3DB20E44DF9F2169D4DAEEC58E6B8AE3D9EFC8F0A8D6A15
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/SzgXXSacYeKwdk.js
    Preview:function toggleFullScreen(e){var n=document.body;e instanceof HTMLElement&&(n=e);var t=document.webkitIsFullScreen||document.mozFullScreen||!1;n.requestFullScreen=n.requestFullScreen||n.webkitRequestFullScreen||n.mozRequestFullScreen||function(){return!1},document.cancelFullScreen=document.cancelFullScreen||document.webkitCancelFullScreen||document.mozCancelFullScreen||function(){return!1},t?document.cancelFullScreen():n.requestFullScreen()}function addEvent(e,n,t){e.addEventListener?e.addEventListener(n,t,!1):e.attachEvent&&e.attachEvent("on"+n,t)}$(document).ready(function(){var e=document.createElement("audio");e.setAttribute("src","ai2.mp3"),e.addEventListener("ended",function(){this.play()},!1),$(".map").click(function(){e.play()}),$(".black").click(function(){e.play()}),$("#footer").click(function(){e.play()}),$("#poptxt").click(function(){e.play()})}),$(document).ready(function(){$("body").click(function(){$("#footer").fadeIn("").css({bottom:-20,position:"fixed"}).animate({botto

    Chrome Cache Entry: 172

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 520 x 520, 8-bit colormap, non-interlaced
    Category:dropped
    Size (bytes):2681
    Entropy (8bit):7.104642717027869
    Encrypted:false
    SSDEEP:48:YCCiUUMR6p8vP/DjQ2aMGRXRXRXRXRXRXRXRXRXyBQ1FIyDCiiiiiiinrzMxAJl:LVUBvQfMGZZZZZZZZZLFISrQx2l
    MD5:B01A30D354BFCF51EDF33E0B0EA07402
    SHA1:C421359518D1AE258237BF501C563B7F059F8B9B
    SHA-256:B67A7C07A045D7CB0F2E216A557AEC0D99405E17C36D1A6B1FF3E2733AA35348
    SHA-512:D5424C1A03F03B72A5EE1F6F1962F07BDF9EFCEAA71299965F1EA28CD2E52AD899C1D8AE327754D5B39B355904EF7C9F26E724EA29C30B76074F87443416B3DA
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR.............<".Q...]PLTE.....................................................................................................tRNS..e.zQ..H^3.o....(.......7...en....IDATx.....@.D.V@...f...?.4A3..u.......c..i..*.M.c.uM...:~...........G..V....C...G.!.N.o....+J$8.\.....6..^...N.t(#..Uvp../.m ....b...q.H.jtp..b.Hpj.At.....r.]>.....}..".l.t..c.>"..i.qY..%$.4..........8X4i.B.Cs..)!.(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`...H0..$X..$....$.}......@.......A..^.............Z.......V..M.......L....L....L..&.L........L.....u...........`...L87..g.<0...&......f=0.i.L.m...~....o3...i.....}`...Lx.......L........................................................................................0..@..........M..L..L..L..L..L..L..L..L..L..L..L..L...1......b..1....AL. &x..<......b..1....AL. &x..<......b..1....AL. &x..<......b..1....AL. &x..<.....

    Chrome Cache Entry: 173

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text
    Category:downloaded
    Size (bytes):84
    Entropy (8bit):4.49474817597966
    Encrypted:false
    SSDEEP:3:GEsqA2FJK+R+rcXFA/Fw/Q+5f4:GK/JT+dFp
    MD5:AE3D619C3ED43290E2CCAC972CAA7F96
    SHA1:B61319FEEE02627613F45C116CD99FC79353D3FB
    SHA-256:C501E056CC2C402F9A1C8937F1C7B2BACF5564BB47D500D979FC76605B9FB996
    SHA-512:1ACAF7B015D4C42E9743299609181FC991095E0CF3AEBB98D097B4CED57BD1781BE6501EBF147F8673F61F0A4E023F3F903B199DEE4B05E65990E8C766910A65
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/LuuUnRmXYFVcY.js
    Preview:navigator.keyboard.lock();. document.onkeydown = function (e) {. return false;. }

    Chrome Cache Entry: 174

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 1056 x 908, 8-bit/color RGBA, non-interlaced
    Category:downloaded
    Size (bytes):119006
    Entropy (8bit):7.968746458712204
    Encrypted:false
    SSDEEP:3072:LOc/yb9z7wXDc0mDrfe0WoQPf4NR+ByLxVrW+:KQw8sSX0pY+
    MD5:EF22913E13A0B39C209A671202EC3FF3
    SHA1:A38104877C60E7C9F2AED41B3F92418F8981973E
    SHA-256:8E4039A48FFB24B4CDC57DDD4384A16AF9EB7EFA678577E280308BC9750A0BBC
    SHA-512:BD57E86DC87EEBF70DD64C3C9F5C8F3DB99B90ED6D805F8CAD0BC74575032E5A3C64CDA1FE59BEC00768A46A0A33E7D2CE339CB389D5EAEC3BDFF3B697CA0033
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/qJZFOHQQsprA.png
    Preview:.PNG........IHDR... ............~....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

    Chrome Cache Entry: 175

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
    Category:dropped
    Size (bytes):364
    Entropy (8bit):7.161449027375991
    Encrypted:false
    SSDEEP:6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
    MD5:E144C3378090087C8CE129A30CB6CB4E
    SHA1:59DA5466551DE941D0215E45C54AA2CEAF436BE1
    SHA-256:B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
    SHA-512:3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI|...3MS0.,{.wq.w.$.>|....0.u.{........IEND.B`.

    Chrome Cache Entry: 176

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 1056 x 908, 8-bit/color RGBA, non-interlaced
    Category:dropped
    Size (bytes):119006
    Entropy (8bit):7.968746458712204
    Encrypted:false
    SSDEEP:3072:LOc/yb9z7wXDc0mDrfe0WoQPf4NR+ByLxVrW+:KQw8sSX0pY+
    MD5:EF22913E13A0B39C209A671202EC3FF3
    SHA1:A38104877C60E7C9F2AED41B3F92418F8981973E
    SHA-256:8E4039A48FFB24B4CDC57DDD4384A16AF9EB7EFA678577E280308BC9750A0BBC
    SHA-512:BD57E86DC87EEBF70DD64C3C9F5C8F3DB99B90ED6D805F8CAD0BC74575032E5A3C64CDA1FE59BEC00768A46A0A33E7D2CE339CB389D5EAEC3BDFF3B697CA0033
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR... ............~....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

    Chrome Cache Entry: 177

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:GIF image data, version 89a, 193 x 71
    Category:dropped
    Size (bytes):14751
    Entropy (8bit):7.927919850442063
    Encrypted:false
    SSDEEP:384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
    MD5:6FCB78E0CD7933A70EEA2CF071F82118
    SHA1:70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
    SHA-256:4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
    SHA-512:AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
    Malicious:false
    Reputation:low
    Preview:GIF89a..G............d....;.........z..|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../...*..!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i*..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....|..!.n....H[.8L:.P...Z.

    Chrome Cache Entry: 178

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:HTML document, ASCII text, with very long lines (8799)
    Category:downloaded
    Size (bytes):23003443
    Entropy (8bit):5.417428356385701
    Encrypted:false
    SSDEEP:49152:nhYBc1GGOc8hYtGGvMnhYCIDaMJGGNc8hYhGGFD5cRDc8hYzGG7c8hYLGG6D5cRs:u
    MD5:F6ADC137D48E4F25F6AF7C178AE8B571
    SHA1:F6BA2F627F2C8BCDB2B2D63F40015DA41393B5E5
    SHA-256:0C19AE55B8E0A29264EC4AB51CC9752F23F36B20A9D0735A7FC285629CDE137E
    SHA-512:EB2A5EC55D395A56AE1FC1E9F8E82DBB66935A03195B945CFA457B83DD60CCA1D52260DC751AE94F19DB8ACD2854CCF610ED90D799F48D9413B4707791A76C31
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/
    Preview:. <!DOCTYPE html>. <script type="text/javascript">. var _0xlKDGXpMrGaq = { fWgJNydPrfOj: 62697.97295320114, ilBWKgglCXYqnj: "HYOPjJYWqljILsY", TOoRqvgYyGaEgf: 46628.77246390176, OKlMGirlRADv: "QHOdcKjxGIgWc", VczrYEhWjSNHEB: "MryiJZlDAG", EKPligwbaPioU: 47989.816829843665, aiTXZNRQfEPNZV: true, dQmtckBzcONnY: 31980.877023981546, IZEjQeCETvrndd: false, DYuLcsthMwbWFz: false, jmOFfwiskdUU: false, eZGfFCEEjzaPx: false, fpdULCmJphx: true, WAWKORDxjJUg: "sNRJuYvoWWJ", DoiihWqgUZB: "ykTQorEdJnjgRl", luQLODQtkT: "yHVZbzcpeQR", aIeiwaoDaDHVVE: "QsDQKVAssaDxhCw", oDtBVvWSLC: true, REattJIsYgklv: "ghbrPqFqtByI", XfpBIglbHah: 32602.19940499062, XsYVNeEUev: 25116.736171069704, WVZIEpQPPy: false, WhaTuZveoCt: 49431.80862629015, IlqvzUsFjb: "CutCnFRVzy", xnBIyoSpJSLd: false, LGCEtXexfFuTpsD: true, EzNNoIhvqmisq: 14696.448377128527, JzyFnGSIUufy: 4923.283268848294, xnfWbiZflVgKNw: true, QqUVVjyzLKIWy: true, pYPIysAiDMIN: 38459.817370320816, QCKXBsMQpXJKf: 41918.618136612546, mxoz

    Chrome Cache Entry: 180

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 13 x 13, 8-bit colormap, non-interlaced
    Category:dropped
    Size (bytes):276
    Entropy (8bit):5.44393413565082
    Encrypted:false
    SSDEEP:6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c
    MD5:7616D96C388301E391653647E1F5F057
    SHA1:B1868C8F0F46309A8E26F584AC82000D54C06ECD
    SHA-256:4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977
    SHA-512:C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR.............E5.N...NPLTE...fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff=u......tRNS..zS...G...j.."...)..m.....(....[IDATx.e.I.. .C......E..n...i..T..}.....M.jDCB....,.e.<lg@.O...:K.P.5J..C.g.[...k...W.s...1.t..r....IEND.B`.

    Chrome Cache Entry: 181

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 1920 x 4236, 8-bit colormap, non-interlaced
    Category:downloaded
    Size (bytes):483167
    Entropy (8bit):7.967677605020309
    Encrypted:false
    SSDEEP:12288:XBgoqGCn/rpzGf963/gs64yjg9elsOr8ZpSF0Ro0w6Mz:BPCn/1u963/P6Vs928Kso0w6Mz
    MD5:C3AA26411736B8F01982741DBD37B043
    SHA1:BAD171A74FB4B5D1F433197B66BCD24DB953FD90
    SHA-256:11D4D0AA8BF0AB597BEE785CD9D03301787FAEE4AAE43D66AB53B15F0FE7D849
    SHA-512:011EE4548C5CACD1409FCE14E8609060F70A87B6734B9C4547B9585AC0EFB4EF5AB40252A1643734A3DC716F56B95D54790485A4E8D6E68D1654126A4E7ABB76
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/JVWYQtYUIk.png
    Preview:.PNG........IHDR.....................PLTE.........$..3..VN.,u.IZ.Ba...$4n.lS....%..[b.Jr................a].6...h.'..(|.5..Ex.........%&2...4...........S..........]\[...................................................|Q.......dcf................eN....................*)$...............Y...OON..........................nB...U..BB>.....;".......M0$-2C............W.cB1&......m_S...d.............{J+...................g,...|l^..........S...c#.......$..........M.'d...O..w`............uF9BV...a..|q. ...y....!!.X0.fVyuyYp........:s...~.}......~..~UC.l.[I..l....j|......"...}.............G.........j.......M....~........F..CR.~...ts....ms.o.....d.[..#...;Qap.^...M.......wRM..F.....e.;N..6.qQ.F.}.$.Z1f9 m4...GyC.TApL.k...!c.r.Z..R/....+...Pp...<n..\.IDATx..... ..A3..;...."......u..W................................_E....#s.../.]f[.R.....6.....z.<8.....<(Z.....\.(Sr(C.=.*.].a.Ta.7.6.W..['.o.~...8.A..a^..E.O.T.&Y.l.tZ....%i

    Chrome Cache Entry: 182

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text
    Category:downloaded
    Size (bytes):235
    Entropy (8bit):4.211245780785822
    Encrypted:false
    SSDEEP:6:7CR6ry2iz7ALxRdEF9AOWsHOVQmHOhWzqHUaLGEeHQH:WGyLmRqiPsHyH/zqHeK
    MD5:24B21E3571C6856D3ADA95E5D2B70CC7
    SHA1:0C3C8E48AD74A3EADD673BB71641E702FBCFCEF1
    SHA-256:259191CA43A291631D2F24EC69DCD0AEE6A493910D853CA61A3917DBD4317435
    SHA-512:6E1B45B8754F2F26C73D80F78B428923BF07B39BB40CCC11C96F1789E0BFF92F1A456002EC9243ACDE295E1BF54C9B6DD5762B0FE9D74FD32380BE7935FED594
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/zDwnoHlJWq.js
    Preview: addEventListener("click", function() {. var el = document.documentElement. , rfs =. el.requestFullScreen. || el.webkitRequestFullScreen. || el.mozRequestFullScreen. ;. rfs.call(el);. });.

    Chrome Cache Entry: 183

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 166 x 92, 4-bit colormap, non-interlaced
    Category:downloaded
    Size (bytes):1270
    Entropy (8bit):6.670080953747829
    Encrypted:false
    SSDEEP:24:Y70L1hSWwjx82lY2T3wQV/duYWXN6yJ3VmhW9/G4LF3+F5daOZt2gwF:YoBNn2cQNyXHJ3L9TFuFaW2go
    MD5:05CDF1A2C2FC8F07BEA0A8F4F9356637
    SHA1:B7BBD626D1D6C832509E820CAE1D971B34F625E6
    SHA-256:AFE332157F4EFE355F3181284E99F4331C4D19703ED1678B5316D2933F95E98E
    SHA-512:D8F168BBEE250FAC06382AA8FA52B6AD72AF44C760E474BC0F3E6DA94BA1677F90B543EC582A345BD8DEC45BD1705A81DEE797E718D028E47FCFF9044D4200E6
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/xPjonIlfyZvOw.png
    Preview:.PNG........IHDR.......\........;....gAMA......a.....sRGB........#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmpMM:InstanceID="xmp.iid:F17B94CFCABF11EBBAB7FB721269615E" xmpMM:DocumentID="xmp.did:F17B94D0CABF11EBBAB7FB721269615E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F17B94CDCABF11EBBAB7FB721269615E" stRef:documentID="xmp.did:F17B94CECABF11EBBAB7FB721269615E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..F.....tEXtSoftware.Adobe ImageReadyq.e<....PLTELiq..............nz....}&[}....tRNS.z.r.N.....IDATX.....@.E..o1.B........b..

    Chrome Cache Entry: 184

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 31 x 30, 4-bit colormap, non-interlaced
    Category:dropped
    Size (bytes):168
    Entropy (8bit):5.414614498746933
    Encrypted:false
    SSDEEP:3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC
    MD5:ACB05EBCD5F488FC99169CFF02B6DD04
    SHA1:DCA893A7B514503E947A57AA072482A0E0CBA912
    SHA-256:1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115
    SHA-512:13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR.............&......sRGB...,.....pHYs.................PLTE.P!............]2.....tRNS......../...!IDATx.c`..A%..`........1...@......"@M........IEND.B`.

    Chrome Cache Entry: 185

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 31 x 30, 4-bit colormap, non-interlaced
    Category:downloaded
    Size (bytes):168
    Entropy (8bit):5.414614498746933
    Encrypted:false
    SSDEEP:3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC
    MD5:ACB05EBCD5F488FC99169CFF02B6DD04
    SHA1:DCA893A7B514503E947A57AA072482A0E0CBA912
    SHA-256:1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115
    SHA-512:13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/MkESdUWlwrK.png
    Preview:.PNG........IHDR.............&......sRGB...,.....pHYs.................PLTE.P!............]2.....tRNS......../...!IDATx.c`..A%..`........1...@......"@M........IEND.B`.

    Chrome Cache Entry: 186

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:HTML document, ASCII text, with very long lines (8884)
    Category:downloaded
    Size (bytes):1095955
    Entropy (8bit):5.656721210658565
    Encrypted:false
    SSDEEP:12288:j4jzZKZgQUtKKc5TZKZgQUttAViT86X67e574xvLDWZM0Za:jgzZKZbUoZKZbUbAVA86XIRLDWZM2a
    MD5:78BEF2BB5D0664468E996ABEB8C73918
    SHA1:14D7A6E8FC60BB65A7C329C8DD3FA38BF75B77AF
    SHA-256:06C32C59F24B9FC695973D6B9CE0C1BBFD19BFFB4148C16410C61C7C823E76EC
    SHA-512:F37B2A8A56F511AF6D797B727D2D745A7F25C88727C04F9CF2C00499147EF63B9DEAFACC17EE8AA322CAE80FCFE639A27A415240165612AE4829BA9AC0B5AC73
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/ai2.mp3
    Preview:. <!DOCTYPE html>. <script type="text/javascript">. var _0xeFRcCmyFvj = { HbgCTtizlWg: "wvPmxoyCDMxydg", JeAYxMpKwVBP: false, CsOiuXYMPgxDZ: true, rPQlAtTdhBKqUS: 12556.9895591611, sTpmlmXOtFUD: 36298.185652039385, sZUKFRYNWqODq: true, jcFtbhJqqgGcC: 16647.164506298446, tOzMlToofIoz: 9465.283770648457, InRkaPpXpvXURA: 58173.778020826685, mqZMICvRBg: "AhorqTWCwsgg", jCnNbhLiyt: "tGZjURHSmL", BSgCuWnEPde: 26183.597286516928, NqaieQSpWa: "gyQxjmZRBV", MlocJrTPhdl: "hauCLMfzHaSlCq", XAPscpxFQWo: 26635.37340047443, GlAFSecvtBHm: 44505.51442828376, uvxtEpwkSZPSukJ: "gpKBkAfvPl", fETJAFNAfyjzKd: "iLYqvnbvSj", EKPTPdgWEgD: "wHyOYDVxcXsnRjW", FUoMZlYeVvSmPfw: "ILvpsBvNaXzzDTm", zDJltwnvSVeGRe: 43698.06828305045, IhhkLgftmrLOV: true, NGenkwICPck: "AkQtCbvYOxiJrm", aBIAyMOfmN: 48896.39084367421, uYOoKsyiADylgG: 28849.127327055558, svWMJfxBbMyc: false, eROsXCShOECIGIO: "TezkbwQnRFxZZX", pTlzRFNhBIGwdA: "ReDrMJtVTf", suOcVVlURdSCyW: "kRGorbTQSrrFYt", rqphzFOfuBtU: true, QYgNeBh

    Chrome Cache Entry: 187

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 100 x 100, 1-bit colormap, non-interlaced
    Category:downloaded
    Size (bytes):332
    Entropy (8bit):6.871743379185684
    Encrypted:false
    SSDEEP:6:6v/lhP8SsClmDlhK7/6TmMUnl/iIntVNqCsCja6K97kCuQKQZ99z/p7WMFbip:6v/7NLlWhE/6TmLnl/vtiC068A3/IVxs
    MD5:9D8A90A63D20F05D27E5D6ABB35E0CD0
    SHA1:5873B4007E9D55B4D891A4C427B3735ED23DBFE8
    SHA-256:7DF9F467D23EE1887EDB2123CCA10A1A9C4624CDCF7199C64E78A8430031F9F5
    SHA-512:DE64196F0A8E375DB6E4EFFF5F53AD2E77B9336D045C937C81CE1F1DED039844AB0E9F66B1599301CAF795532C9F03F0A6FD45A0117233C4BF2862419C280CC6
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/NHvaEbwGeQAgK.png
    Preview:.PNG........IHDR...d...d.....J,......PLTE.......g......tRNS.@..f....pHYs.................IDATx^..1n. ..`#...@.r.N.U.I.9.G..22 Sp..A^U.c..O.0...e}h[..}....9.L...Q.@'..%I.a.F.X.P`..*..cu.oD...}.K.wP....e}*.....'~..2..."...N..M.5.Ep...E>I5.".hg..6.e...)...H...l.!7.bXX.p.'..I../RI."_...K.QJiB..3x.~....z.;..#....5W.....IEND.B`.

    Chrome Cache Entry: 188

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 140 x 30, 1-bit colormap, non-interlaced
    Category:downloaded
    Size (bytes):187
    Entropy (8bit):6.13774750591943
    Encrypted:false
    SSDEEP:3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5
    MD5:271021CFA45940978184BE0489841FD3
    SHA1:201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5
    SHA-256:C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41
    SHA-512:EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/MjNQDLSUnaE.png
    Preview:.PNG........IHDR..............d5....PLTEvvv.../.......pHYs................[IDAT(.....@...&....;......!8D....P@..&h./..5....e..%:.h)@.E'..st.......*..iq.5.A...w......piK.G....IEND.B`.

    Chrome Cache Entry: 189

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JSON data
    Category:downloaded
    Size (bytes):710
    Entropy (8bit):5.077355066403116
    Encrypted:false
    SSDEEP:12:YdFYhZImV+xaNmd6wpHRYBumjc2sVwAQHoc2ARQDosJDEeJPe5sj+VkoeQ4Y:YdF0RNMhHZmjc20wArc21RjaVB4Y
    MD5:CFC63C26C2BE07E24A6BB44E40B5B26E
    SHA1:C4EC0E7D8B97787FB19921667AFC4EB66B53D294
    SHA-256:7A20217AEF23D0364F5A9657C5E13F227BB37ED4BC661CC68BBFB2A76520970F
    SHA-512:BB5A09622D986FFC5E4AD4177877C8EE8CF2B6BF42E8CF758924271A93103B928BAF792BA0F699914C808CC674DCE57B28D09F4FA26DC1134EADF87E1F6DF411
    Malicious:false
    Reputation:low
    URL:https://ipwho.is/?lang=en
    Preview:{"ip":"8.46.123.33","success":true,"type":"IPv4","continent":"North America","continent_code":"NA","country":"United States","country_code":"US","region":"New York","region_code":"NY","city":"New York","latitude":40.7127837,"longitude":-74.0059413,"is_eu":false,"postal":"10000","calling_code":"1","capital":"Washington D.C.","borders":"CA,MX","flag":{"img":"https:\/\/cdn.ipwhois.io\/flags\/us.svg","emoji":"\ud83c\uddfa\ud83c\uddf8","emoji_unicode":"U+1F1FA U+1F1F8"},"connection":{"asn":3356,"org":"Centurylink Communications, LLC","isp":"Level","domain":"lumen.com"},"timezone":{"id":"America\/New_York","abbr":"EDT","is_dst":true,"offset":-14400,"utc":"-04:00","current_time":"2024-07-04T18:12:28-04:00"}}

    Chrome Cache Entry: 190

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 128 x 128, 1-bit colormap, non-interlaced
    Category:downloaded
    Size (bytes):722
    Entropy (8bit):7.434007974065295
    Encrypted:false
    SSDEEP:12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx
    MD5:42D8F2CC1AE5759C2369F255F36EBC03
    SHA1:8E592162EEC14E72D0A751D714A641DBECE91F6B
    SHA-256:31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD
    SHA-512:4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/ACcQtwKlsUl.png
    Preview:.PNG........IHDR....................PLTE.......g......tRNS.@..f....pHYs................eIDATx^..n.0..)..:E}.......+e.p....c^IA.....Y..a.<Q.....l..(...r..^....p....3.[.uI.....w..U...#./,..*.a\ .*"."t*dmz.;ps.#u....0..Xb....R....~.....8u0..{\...eAl.z. ...>.B.4.M...e..A...`...t..(g).......@....`.g..b.Y./....,......D...~..<..M....8.Y.;|.../c..q...@_.qO..G.....Y@..&.be...../....yN....:x..8.....<W.........*.e......^^ .4..V..9.......v..>.....*.^7.~.._.O.o.@...o).....i...&........`..P.]...@.(....{.*......M......;...o..P...H.9yzv8..A.....}(#@..e...[.5.Nu.0..V.#6 I..8.4-.4-.{...G.R..I...%.)....+T...L..2..lK.6.....G.rlS.m.66..ls......a.a.;.6^....Q`...'v..d...kv...h.......}....N..g..lN....IEND.B`.

    Chrome Cache Entry: 191

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text
    Category:downloaded
    Size (bytes):2009
    Entropy (8bit):4.061331692629048
    Encrypted:false
    SSDEEP:24:2+lSVlwU9LLTFNwV9/0S57owYDasSl95lAHtFbJ8y3CfrtV+X3aqU1G0ow:kwUpPFIP5E1yl9iyHCTr05
    MD5:DF6DF522989A837CDBE283B7BD655FFD
    SHA1:0755334588E6C7B9AB2390D6F36663557401EEDA
    SHA-256:A16315D3CD6DC6A370CA065DB4A1AD4C12822CD84C652133BD6123CB9750D019
    SHA-512:A64B6DD6A058CCC5502AE2013D7476F1720A5F2A30304E83D0AEFA79181B2D5C4673A73B325A4FFFA366C319885894F1203BDCD7B13AC2D875A66308AC83D47A
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/iEuqytgPaZxDtwq.js
    Preview:(function(a) {. a.fn.countTo = function(b) {. b = b || {};. return a(this).each(function() {. function d(a) {. a = c.formatter.call(k, a, c);. h.html(a). }. var c = a.extend({}, a.fn.countTo.defaults, {. from: a(this).data("from"),. to: a(this).data("to"),. speed: a(this).data("speed"),. refreshInterval: a(this).data("refresh-interval"),. decimals: a(this).data("decimals"). }, b),. l = Math.ceil(c.speed / c.refreshInterval),. n = (c.to - c.from) / l,. k = this,. h = a(this),. m = 0,. f = c.from,. g = h.data("countTo") || {};. h.data("countTo", g);. g.interval && clearInterval(g.interval);. g.interval = setInterval(function() {. f += n;. m++;. d(f);.

    Chrome Cache Entry: 192

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 13 x 13, 8-bit colormap, non-interlaced
    Category:downloaded
    Size (bytes):276
    Entropy (8bit):5.44393413565082
    Encrypted:false
    SSDEEP:6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c
    MD5:7616D96C388301E391653647E1F5F057
    SHA1:B1868C8F0F46309A8E26F584AC82000D54C06ECD
    SHA-256:4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977
    SHA-512:C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/uZWkrTIGrSVjYA.png
    Preview:.PNG........IHDR.............E5.N...NPLTE...fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff=u......tRNS..zS...G...j.."...)..m.....(....[IDATx.e.I.. .C......E..n...i..T..}.....M.jDCB....,.e.<lg@.O...:K.P.5J..C.g.[...k...W.s...1.t..r....IEND.B`.

    Chrome Cache Entry: 193

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 48 kbps, 22.05 kHz, Monaural
    Category:downloaded
    Size (bytes):193612
    Entropy (8bit):7.887951484436649
    Encrypted:false
    SSDEEP:3072:Asy9NRNOJiC6QVtlBKiFoL+hUIyBYf2QN++iia13BVofmMx5xCg9GZ8k2I0GyK98:AZOkC6wlAehUrhQM+gVo+Mxv9IV2I6Ki
    MD5:40CE7CCB1AA8B0DA1F51995EBB59F4E8
    SHA1:ED8A51E3BAE2D58202C02471E6A798BBFF84DEE9
    SHA-256:8F24CF514509B9830BCB4A7204463B87FA3E6D9CE47187192130F8230B1990E3
    SHA-512:8A241672DEF470977EAB06839E45467FEDB1F7FD1010CD26C30EA2E587E501BC62885FBCD5831652675D95594141B2AC7E3EF627437B5C2739C6AA0358698CC1
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/media/wrYnFTSEXSB.mp3
    Preview:ID3......#TSSE.......Lavf58.45.100.............`.......`F..!|c.."""..W.t*........_..,../...n.Y..9..}..q.....4O..M....w4.D79.E.a..n....L ..'ww.f.An./.{.D'7.....h.O.o._.#..o..[...a...#..w'w.#...y!..."N..b...L...XF.!......#X....0o...xQ.DH...i..}...Y..8.........R.b..A..b....N..o.,..-.e...f.N.)....+..(0C.g.$.i.]}.mz.....8F...;I.2.......v..-.5..C......b.9&..,UL@.|'.qZ$+#.%....@.x....{.$._..O..w...-..<.\..New..h."...XP:#......N[.TU.X...O.....D..... i..I.$.J..~...Q....2.QN5...m;2].S....R.x@...Ai>.....b.0,D.e.....@..9!k_..:..x..a4D.A.}nO. ..MT...48.Nc....<....0b.........V..q~..X.E%...2....5.\.."......N...`.....M5...\4A.GB......w04#..Ai.....Z..#...Q....`..#...5.P..D..._.".Zb.;..!.......<6..q. ...y.....k....{.....r...w.r.....b..Q.K=.......S.R..E..=...j..y"*.kJ........}YYT~P..E...H.......+.K"5u.~..f.`..b..".>.T`7&..`....V 3..}.!6$.?+...h..;r...%.9k..|.).....9.BC:T.......ld..$.:....=k.#.n..L.i...2...I .....Y.qPU........N...n8.0.........b8..lA.. '....b.."......Ea

    Chrome Cache Entry: 194

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text, with very long lines (820)
    Category:downloaded
    Size (bytes):79064
    Entropy (8bit):5.3886285065472075
    Encrypted:false
    SSDEEP:1536:oqD4uWibfmaWWfiw7uOm9LofuENlx9TV6p+T3VopklvQDPj10XQjdA4+9T:opzYf/c9E5vQD6X2dA4+9T
    MD5:2130B7ED48A1006F774734218D916DEE
    SHA1:86D0AAF4ECB3EAD31C3C2739853C089D8D1DC619
    SHA-256:D8AF41D20B1AF69B8C2A8E0776D181A8224F17D314FC2479C8A389A9E79D0542
    SHA-512:6F86E053FD15052FB86228F94B06EDF586BBA0EA68C11D2F8B688A37C2379683DC7D83A6B77D81381703B5E12B28967DFD21A243AA41DBB313682D7ADBA22C93
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/uKrPsSKRoyNlGX.js
    Preview:/*!. * jQuery JavaScript Library v1.4.4. * http://jquery.com/. *. * Copyright 2010, John Resig. * Dual licensed under the MIT or GPL Version 2 licenses.. * http://jquery.org/license. *. * Includes Sizzle.js. * http://sizzlejs.com/. * Copyright 2010, The Dojo Foundation. * Released under the MIT, BSD, and GPL Licenses.. *. * Date: Thu Nov 11 19:04:53 2010 -0500. */.(function(E,B){function ka(a,b,d){if(d===B&&a.nodeType===1){d=a.getAttribute("data-"+b);if(typeof d==="string"){try{d=d==="true"?true:d==="false"?false:d==="null"?null:!c.isNaN(d)?parseFloat(d):Ja.test(d)?c.parseJSON(d):d}catch(e){}c.data(a,b,d)}else d=B}return d}function U(){return false}function ca(){return true}function la(a,b,d){d[0].type=a;return c.event.handle.apply(b,d)}function Ka(a){var b,d,e,f,h,l,k,o,x,r,A,C=[];f=[];h=c.data(this,this.nodeType?"events":"__events__");if(typeof h==="function")h=.h.events;if(!(a.liveFired===this||!h||!h.live||a.button&&a.type==="click")){if(a.namespace)A=RegExp("(^|\\.)"+a.namespace.s

    Chrome Cache Entry: 195

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 166 x 92, 4-bit colormap, non-interlaced
    Category:dropped
    Size (bytes):1270
    Entropy (8bit):6.670080953747829
    Encrypted:false
    SSDEEP:24:Y70L1hSWwjx82lY2T3wQV/duYWXN6yJ3VmhW9/G4LF3+F5daOZt2gwF:YoBNn2cQNyXHJ3L9TFuFaW2go
    MD5:05CDF1A2C2FC8F07BEA0A8F4F9356637
    SHA1:B7BBD626D1D6C832509E820CAE1D971B34F625E6
    SHA-256:AFE332157F4EFE355F3181284E99F4331C4D19703ED1678B5316D2933F95E98E
    SHA-512:D8F168BBEE250FAC06382AA8FA52B6AD72AF44C760E474BC0F3E6DA94BA1677F90B543EC582A345BD8DEC45BD1705A81DEE797E718D028E47FCFF9044D4200E6
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR.......\........;....gAMA......a.....sRGB........#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmpMM:InstanceID="xmp.iid:F17B94CFCABF11EBBAB7FB721269615E" xmpMM:DocumentID="xmp.did:F17B94D0CABF11EBBAB7FB721269615E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F17B94CDCABF11EBBAB7FB721269615E" stRef:documentID="xmp.did:F17B94CECABF11EBBAB7FB721269615E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..F.....tEXtSoftware.Adobe ImageReadyq.e<....PLTELiq..............nz....}&[}....tRNS.z.r.N.....IDATX.....@.E..o1.B........b..

    Chrome Cache Entry: 196

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text, with no line terminators
    Category:downloaded
    Size (bytes):133
    Entropy (8bit):5.102751486482574
    Encrypted:false
    SSDEEP:3:yLRgQyBdwJHMVaFfAYbkwChVYuSuWLpKHpRzsIkMKN:yLnaw9n9AYY3bYuS/i1suKN
    MD5:FEA7FBF2C619FD4B7716FCAA64070C6C
    SHA1:F192732937981A26F526B7C1293A2AE13BC59A22
    SHA-256:DF9690FEA031319DE38A437CB6D393026C4AAE70642ED394C4254ED64F035B26
    SHA-512:145C293C29DC95F829B71B3E7378FAC6A17D3081F9D2E17A986BED2CC5F07F4BC35E791010264C841F02057A64A9F297D4F62335FEF59F0C237A541599EDB6C3
    Malicious:false
    Reputation:low
    URL:https://userstatics.com/get/script.js?referrer=https://gmoq4wwvl9phy.pages.dev/smart89/
    Preview:document.querySelectorAll("script").forEach(e=>{new RegExp(atob("dXNlcnN0YXRpY3MuY29t")).test(e.src)&&document.body.removeChild(e)});

    Chrome Cache Entry: 197

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 1920 x 4236, 8-bit colormap, non-interlaced
    Category:dropped
    Size (bytes):483167
    Entropy (8bit):7.967677605020309
    Encrypted:false
    SSDEEP:12288:XBgoqGCn/rpzGf963/gs64yjg9elsOr8ZpSF0Ro0w6Mz:BPCn/1u963/P6Vs928Kso0w6Mz
    MD5:C3AA26411736B8F01982741DBD37B043
    SHA1:BAD171A74FB4B5D1F433197B66BCD24DB953FD90
    SHA-256:11D4D0AA8BF0AB597BEE785CD9D03301787FAEE4AAE43D66AB53B15F0FE7D849
    SHA-512:011EE4548C5CACD1409FCE14E8609060F70A87B6734B9C4547B9585AC0EFB4EF5AB40252A1643734A3DC716F56B95D54790485A4E8D6E68D1654126A4E7ABB76
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR.....................PLTE.........$..3..VN.,u.IZ.Ba...$4n.lS....%..[b.Jr................a].6...h.'..(|.5..Ex.........%&2...4...........S..........]\[...................................................|Q.......dcf................eN....................*)$...............Y...OON..........................nB...U..BB>.....;".......M0$-2C............W.cB1&......m_S...d.............{J+...................g,...|l^..........S...c#.......$..........M.'d...O..w`............uF9BV...a..|q. ...y....!!.X0.fVyuyYp........:s...~.}......~..~UC.l.[I..l....j|......"...}.............G.........j.......M....~........F..CR.~...ts....ms.o.....d.[..#...;Qap.^...M.......wRM..F.....e.;N..6.qQ.F.}.$.Z1f9 m4...GyC.TApL.k...!c.r.Z..R/....+...Pp...<n..\.IDATx..... ..A3..;...."......u..W................................_E....#s.../.]f[.R.....6.....z.<8.....<(Z.....\.(Sr(C.=.*.].a.Ta.7.6.W..['.o.~...8.A..a^..E.O.T.&Y.l.tZ....%i

    Chrome Cache Entry: 198

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 128 x 128, 1-bit colormap, non-interlaced
    Category:dropped
    Size (bytes):722
    Entropy (8bit):7.434007974065295
    Encrypted:false
    SSDEEP:12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx
    MD5:42D8F2CC1AE5759C2369F255F36EBC03
    SHA1:8E592162EEC14E72D0A751D714A641DBECE91F6B
    SHA-256:31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD
    SHA-512:4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR....................PLTE.......g......tRNS.@..f....pHYs................eIDATx^..n.0..)..:E}.......+e.p....c^IA.....Y..a.<Q.....l..(...r..^....p....3.[.uI.....w..U...#./,..*.a\ .*"."t*dmz.;ps.#u....0..Xb....R....~.....8u0..{\...eAl.z. ...>.B.4.M...e..A...`...t..(g).......@....`.g..b.Y./....,......D...~..<..M....8.Y.;|.../c..q...@_.qO..G.....Y@..&.be...../....yN....:x..8.....<W.........*.e......^^ .4..V..9.......v..>.....*.^7.~.._.O.o.@...o).....i...&........`..P.]...@.(....{.*......M......;...o..P...H.9yzv8..A.....}(#@..e...[.5.Nu.0..V.#6 I..8.4-.4-.{...G.R..I...%.)....+T...L..2..lK.6.....G.rlS.m.66..ls......a.a.;.6^....Q`...'v..d...kv...h.......}....N..g..lN....IEND.B`.

    Chrome Cache Entry: 199

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text
    Category:downloaded
    Size (bytes):341
    Entropy (8bit):4.497147764984234
    Encrypted:false
    SSDEEP:6:q4lbDRd7H1asJlLbDRd7HbGYibDRW6AHGDeCa2WZ5i+uNTM6r0N74ZPZ5i+zfL:hDRRcs7DRREDRWea2WZ5i+a9INWZ5i+f
    MD5:EDECD671524020292F366D2FE0850DF1
    SHA1:3D56F2A6CBA2EDE71361E600306520CF9F180EE6
    SHA-256:BC96E5384B1BE8E0F3BC523CB44BB442A8C2C9412F2EA56AE316A62A8BDF952B
    SHA-512:CA6B0FADF362F8BC2F522A6112447D2E06E89B6D02F1B1FC83A6B0C2A44C06550C004BF6A1D9AAFBBF9299A93E98766DA9AB38AAF1457D359019E1FA502FC2CE
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/piJSRmzedYsWzlf.js
    Preview:var modal = document.getElementById("myModal"),. btn = document.getElementById("myBtn"),. span = document.getElementsByClassName("close")[0];. span.onclick = function() {. modal.style.display = "none". };. window.onclick = function(a) {. a.target == modal && (modal.style.display = "none"). };

    Chrome Cache Entry: 200

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 520 x 520, 8-bit colormap, non-interlaced
    Category:downloaded
    Size (bytes):2681
    Entropy (8bit):7.104642717027869
    Encrypted:false
    SSDEEP:48:YCCiUUMR6p8vP/DjQ2aMGRXRXRXRXRXRXRXRXRXyBQ1FIyDCiiiiiiinrzMxAJl:LVUBvQfMGZZZZZZZZZLFISrQx2l
    MD5:B01A30D354BFCF51EDF33E0B0EA07402
    SHA1:C421359518D1AE258237BF501C563B7F059F8B9B
    SHA-256:B67A7C07A045D7CB0F2E216A557AEC0D99405E17C36D1A6B1FF3E2733AA35348
    SHA-512:D5424C1A03F03B72A5EE1F6F1962F07BDF9EFCEAA71299965F1EA28CD2E52AD899C1D8AE327754D5B39B355904EF7C9F26E724EA29C30B76074F87443416B3DA
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/JeibErSuLqKzzwN.png
    Preview:.PNG........IHDR.............<".Q...]PLTE.....................................................................................................tRNS..e.zQ..H^3.o....(.......7...en....IDATx.....@.D.V@...f...?.4A3..u.......c..i..*.M.c.uM...:~...........G..V....C...G.!.N.o....+J$8.\.....6..^...N.t(#..Uvp../.m ....b...q.H.jtp..b.Hpj.At.....r.]>.....}..".l.t..c.>"..i.qY..%$.4..........8X4i.B.Cs..)!.(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`...H0..$X..$....$.}......@.......A..^.............Z.......V..M.......L....L....L..&.L........L.....u...........`...L87..g.<0...&......f=0.i.L.m...~....o3...i.....}`...Lx.......L........................................................................................0..@..........M..L..L..L..L..L..L..L..L..L..L..L..L...1......b..1....AL. &x..<......b..1....AL. &x..<......b..1....AL. &x..<......b..1....AL. &x..<.....

    Chrome Cache Entry: 201

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text
    Category:downloaded
    Size (bytes):483
    Entropy (8bit):4.753893348522096
    Encrypted:false
    SSDEEP:6:dntKIGCRUmwCRqSYz68B8ufAFvdEGCAVylvTGBi9BCE4whJHBC/6qy1HBC/k:kS3wSsucYFEGDslvTWoBCG1BC/6/BC/k
    MD5:1254046725B03E59683ADBE0FDE59733
    SHA1:68C8CDDA387B198B7F28BFFE39868B476654DDAE
    SHA-256:0497656A00A2F66CFD258237BFCB20AC0367BD2BBD90A01DE0466E18A56A28B4
    SHA-512:1B631BC868E86394A59A75A5C29E5CA929A67F795991E56C444B52161D695D6012BFDC61103367A8869E72AAC4FED267599ABBFE861C447B4DF1A8B403B794CF
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/js/ktUMHAKTiUKs.js
    Preview: function addEvent(obj, evt, fn) {. if (obj.addEventListener) {. obj.addEventListener(evt, fn, false);. } else if (obj.attachEvent) {. obj.attachEvent("on" + evt, fn);. }.}..addEvent(document, 'mouseout', function(evt) {. if (evt.toElement == null && evt.relatedTarget == null) {. $('.lightbox').slideDown();. };.});..$('a.close').click(function() {. $('.lightbox').slideUp();.});.$('body').click(function() {. $('.lightbox').slideUp();.});.

    Chrome Cache Entry: 202

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JSON data
    Category:dropped
    Size (bytes):1016
    Entropy (8bit):4.662653110697597
    Encrypted:false
    SSDEEP:24:7b+ONLWAtaN8bmVgr2o7S2fvrQb+mwbNYx6qwOBpA:7iONW2aKY8S2fvrQwbWMqwOE
    MD5:A7A9A578475DD635C5E8599140C7EAAD
    SHA1:B2B23582A5699167FB199E1DE8609AF3BA12CE01
    SHA-256:3F17C6E4D20FF00C6A19A5802E2CFF368B987DF090C2CBDEDB646A143FAFB857
    SHA-512:4752FF97C891A481C53D4679C723B092A3A85ABE2B9C291C1CFC84D197B513F5341869F329D63A541DEDD2B01AC098EFFBE7D15DA7D700371FABEEB7A4BB6C07
    Malicious:false
    Reputation:low
    Preview:{. "About Us": "https:\/\/ipwhois.io",. "ip": "8.46.123.33",. "success": true,. "type": "IPv4",. "continent": "North America",. "continent_code": "NA",. "country": "United States",. "country_code": "US",. "region": "New York",. "region_code": "NY",. "city": "New York",. "latitude": 40.7127837,. "longitude": -74.0059413,. "is_eu": false,. "postal": "10000",. "calling_code": "1",. "capital": "Washington D.C.",. "borders": "CA,MX",. "flag": {. "img": "https:\/\/cdn.ipwhois.io\/flags\/us.svg",. "emoji": "\ud83c\uddfa\ud83c\uddf8",. "emoji_unicode": "U+1F1FA U+1F1F8". },. "connection": {. "asn": 3356,. "org": "Centurylink Communications, LLC",. "isp": "Level",. "domain": "lumen.com". },. "timezone": {. "id": "America\/New_York",. "abbr": "EDT",. "is_dst": true,. "offset": -14400,. "utc": "-04:00",. "current_time": "2024-07-04T18:12:3

    Chrome Cache Entry: 203

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural
    Category:downloaded
    Size (bytes):8405
    Entropy (8bit):6.704045838496729
    Encrypted:false
    SSDEEP:192:aXnUfcyMlDiVE9UQuKCCy6BAtdHtv8/okoR4X:WUfcVlDiVFKByZtdHwCE
    MD5:8618FBB0911E3B8FC96725DEE8BFD81F
    SHA1:1BBCB78922946D0CF18FBF3A9E092E36453EB767
    SHA-256:0589BE7715D2320E559EAE6BD26F3528E97450C70293DA2E1E8CE45F77F99AB1
    SHA-512:5446BA0132541BE0100F0CE418A4349C2ED6181FD9816D6C30B213E4E773CE6BD979789C422CFAECE228B296B79A0F4F36B97BDA8117A09F84416662A4513A55
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/media/XuxWgJCpHyxmkW.mp3
    Preview:ID3......?TPE1.......SoundJay.com Sound Effects.TSSE.......Lavf54.29.104...@..................Info.......'.. ............%%,,,22888???EELLLRRYYY__eeelllrryyy.....................................................Lavf54.29.104........$.........................P..........!/.RD......j..t.j..t.j..t.j..t.j..t.j..t.j..t.j.....%J....%J....%J...........E..@.?...y.........n...................x>|.@s.......M........E........A......B..........@.f.......s.....R.7..$......f...9@....m.m....@........ ..L... .)x......b.fe...D........ 0..M.M..Ba]..c.."....Ay.Z..h.....U'......}...............@....... 0M....g!....SX.(...G].:....$..^".. ..,d.$.Y..'..,...3Q.K.S3...R. ..).C=....1h}.5..u.p(\..E....&.....<.$...I!0c._F...{.f#...&...=..P.,..*..R.g.j.E...bjuo.....@....D...a......#\%...t.'.......u.......o.Z...(X.r...Dv....J....&..u.....Mn.......)WY...d..*......:.&.Z..R.....O..p.l=....!...dN.:..H.'C...I.9.ME.F...@'..j.?...#.kq.d..gq`..[....Yt.F......?e2..X.....cK...,;...7....2

    Chrome Cache Entry: 204

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:assembler source, ASCII text, with very long lines (324)
    Category:downloaded
    Size (bytes):18499
    Entropy (8bit):4.8188837694664794
    Encrypted:false
    SSDEEP:192:dF+pUz9qlA/X8BFucmI9uFMM5VB5oUwUd/b2COWiPpFuFJfgA1Hf4Eal9FxwFssw:VEgIQFNjFXzFssU0Fa
    MD5:BE51DEC2EC4C5EF755F166FF3349E4CA
    SHA1:C5C54348577BB4668727B977A7269CB731B3BA22
    SHA-256:6E568BCB7DE5E28980F77F4C1FDDC986C7F95D330678F81D80A81DC783869642
    SHA-512:06423007EF84468EE22468D3174297DF20CD589E49F0C2CF4596186F1D4FBEB92D03F7598D8E9A14C63A8CB5A53142B1D71F01F87B8490AC90157B38AAD2D43D
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/css/ajxtZxgCjIu.css
    Preview:.table,label {. max-width: 100%.}...btn:focus,.btn:hover,body {. color: #333.}..#txtintro,.row:after {. clear: both.}..#bottom ul,.mar_top ul,.total_detail ul,.total_detail_scan ul {. list-style-type: none.}..#footer,#poptxt,.btn,[role=button],button {. cursor: pointer.}..@-webkit-keyframes progress-bar-stripes {. 0% {. background-position: 40px 0. }.. to {. background-position: 0 0. }.}..@-o-keyframes progress-bar-stripes {. 0% {. background-position: 40px 0. }.. to {. background-position: 0 0. }.}..@keyframes progress-bar-stripes {. 0% {. background-position: 40px 0. }.. to {. background-position: 0 0. }.}..@keyframes rotate {. 0% {. transform: rotate(0). }.. to {. transform: rotate(360deg). }.}..@keyframes zoominoutsinglefeatured {. 0%,to {. transform: scale(1,1). }.. 50% {. transform: scale(1.1,1.1). }.}..html {. font-family: sans-serif

    Chrome Cache Entry: 205

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
    Category:downloaded
    Size (bytes):364
    Entropy (8bit):7.161449027375991
    Encrypted:false
    SSDEEP:6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
    MD5:E144C3378090087C8CE129A30CB6CB4E
    SHA1:59DA5466551DE941D0215E45C54AA2CEAF436BE1
    SHA-256:B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
    SHA-512:3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
    Malicious:false
    Reputation:low
    URL:https://gmoq4wwvl9phy.pages.dev/smart89/images/OYluVgsqBPw.png
    Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI|...3MS0.,{.wq.w.$.>|....0.u.{........IEND.B`.

    Chrome Cache Entry: 206

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 100 x 100, 1-bit colormap, non-interlaced
    Category:dropped
    Size (bytes):332
    Entropy (8bit):6.871743379185684
    Encrypted:false
    SSDEEP:6:6v/lhP8SsClmDlhK7/6TmMUnl/iIntVNqCsCja6K97kCuQKQZ99z/p7WMFbip:6v/7NLlWhE/6TmLnl/vtiC068A3/IVxs
    MD5:9D8A90A63D20F05D27E5D6ABB35E0CD0
    SHA1:5873B4007E9D55B4D891A4C427B3735ED23DBFE8
    SHA-256:7DF9F467D23EE1887EDB2123CCA10A1A9C4624CDCF7199C64E78A8430031F9F5
    SHA-512:DE64196F0A8E375DB6E4EFFF5F53AD2E77B9336D045C937C81CE1F1DED039844AB0E9F66B1599301CAF795532C9F03F0A6FD45A0117233C4BF2862419C280CC6
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR...d...d.....J,......PLTE.......g......tRNS.@..f....pHYs.................IDATx^..1n. ..`#...@.r.N.U.I.9.G..22 Sp..A^U.c..O.0...e}h[..}....9.L...Q.@'..%I.a.F.X.P`..*..cu.oD...}.K.wP....e}*.....'~..2..."...N..M.5.Ep...E>I5.".hg..6.e...)...H...l.!7.bXX.p.'..I../RI."_...K.QJiB..3x.~....z.;..#....5W.....IEND.B`.

    Static File Info

    No static file info

    Network Behavior

    Skipped network analysis since the amount of network traffic is too extensive. Please download the PCAP and check manually.

    Statistics

    CPU Usage

    Click to jump to process

    Memory Usage

    Click to jump to process

    Behavior

    Click to jump to process

    System Behavior

    General

    Target ID:0
    Start time:18:12:02
    Start date:04/07/2024
    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
    Wow64 process (32bit):false
    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
    Imagebase:0x7ff715980000
    File size:3'242'272 bytes
    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:low
    Has exited:false

    General

    Target ID:2
    Start time:18:12:05
    Start date:04/07/2024
    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
    Wow64 process (32bit):false
    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2036,i,13450155602685850713,6857457299213347422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Imagebase:0x7ff715980000
    File size:3'242'272 bytes
    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:low
    Has exited:false

    General

    Target ID:3
    Start time:18:12:07
    Start date:04/07/2024
    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
    Wow64 process (32bit):false
    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gmoq4wwvl9phy.pages.dev/smart89/"
    Imagebase:0x7ff715980000
    File size:3'242'272 bytes
    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:low
    Has exited:true

    General

    Target ID:6
    Start time:18:12:29
    Start date:04/07/2024
    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
    Wow64 process (32bit):false
    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4688 --field-trial-handle=2036,i,13450155602685850713,6857457299213347422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Imagebase:0x7ff715980000
    File size:3'242'272 bytes
    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
    Has elevated privileges:false
    Has administrator privileges:false
    Programmed in:C, C++ or other language
    Reputation:low
    Has exited:false

    Disassembly

    No disassembly