Edit tour

Windows Analysis Report
https://www.pelisplus3.design/srdgvbbe

Overview

General Information

Sample URL:https://www.pelisplus3.design/srdgvbbe
Analysis ID:1504577
Infos:

Detection

HTMLPhisher
Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected HtmlPhish44
Yara detected Phisher
Stores files to the Windows start menu directory

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 5552 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.pelisplus3.design/srdgvbbe MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6752 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 --field-trial-handle=1916,i,5728245142477243684,15968509628590943469,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
SourceRuleDescriptionAuthorStrings
dropped/chromecache_162JoeSecurity_Phisher_2Yara detected PhisherJoe Security
    SourceRuleDescriptionAuthorStrings
    2.11.id.script.csvJoeSecurity_HtmlPhish_44Yara detected HtmlPhish_44Joe Security
      2.5.id.script.csvJoeSecurity_HtmlPhish_44Yara detected HtmlPhish_44Joe Security
        2.0.pages.csvJoeSecurity_HtmlPhish_44Yara detected HtmlPhish_44Joe Security
          No Sigma rule has matched
          No Suricata rule has matched

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Source: https://www.pelisplus3.design/srdgvbbeAvira URL Cloud: detection malicious, Label: malware

          Phishing

          barindex
          Source: Yara matchFile source: 2.11.id.script.csv, type: HTML
          Source: Yara matchFile source: 2.5.id.script.csv, type: HTML
          Source: Yara matchFile source: 2.0.pages.csv, type: HTML
          Source: Yara matchFile source: dropped/chromecache_162, type: DROPPED
          Source: https://honafe.futureontechshop.com/gutu/karubume/buhipo/cu/index.php?rpclk=0veqE%2BtBiqbDn71QtxVzTZ63eD92YCWbS3kjLYrfJtTtHnThxC%2B4Ys7PZ3FZOPjVw5TiUVsslhesfOkDgfIq2aEAezSA6IIu%2FkCscMxE6gyvrEAhgwBnb0U08UCZJs87yNIe%2Fz5wYc5B9GrT6KzJuyS8HLJi4sZBXh%2FN22vrYjGJQuhLNgExnrxZYMvB9mDZ0h2ixTQf19Rkza2aM0CoY1p3mhKOKkyNehjmc1cEO2TSgxSlKk7zaCHtMcoEw6I%2F6OydePoTA%2F4w%2FuG70czOkL0rOSl177uunri8ik3p2x0YK2evjcepN8oPCYTavdl1NotybJIdUrHZkU8i%2BSqgttswSFEW5%2B94UgRx1xzXE9K%2BILIxhv4n5P9BinHJABjYs2qEOen5D7AT%2FMD9RhaEBnqCBGwGF6MJ8vYp0Th3KdQssBaiM0ja4GAJe84gnKh00Venv06GnVe2UGT%2BfbZEoc89b0Ctq%2BsBGqvN22cIaOml%2BMuUiPNaAigL4ml8TOVVVyCrgYSUq2InvuheMmjYVVoGh9Zfn%2FfPHmiuSUve1yJn7xgB5HRVtnL9ZQ%2FSsZQ%2FFL7oZ%2FqeiXL3CVXqJ7rt%2FS%2BVTVP%2FE2dxn%2FMlsXqBpBFA%2Bu81QcZCuJl3AxH67mLvTu2df6Vg9nriDyKVGWiy1z4F3pivbOpq9KqS%2Fj%2F%2BceXJAMApCrV8v2OYzc8UzZdol3hNrdfO0vI2TzaC7n%2FUW67QD%2F%2BhR2z5yWkntKSbvGM%3D%3A%3A93b746128e037541ce1a2fc25556aa46&p=5QhJeMPxO%2FSWZKdEr6NyAw%3D%3D%3A%3A2dad49c38f6c5a2a786e9ee56ce0b9e5&oho=t4.adgravityflow.com&ptf...HTTP Parser: No favicon
          Source: https://honafe.futureontechshop.com/gutu/karubume/buhipo/cu/index.php?rpclk=0veqE%2BtBiqbDn71QtxVzTZ63eD92YCWbS3kjLYrfJtTtHnThxC%2B4Ys7PZ3FZOPjVw5TiUVsslhesfOkDgfIq2aEAezSA6IIu%2FkCscMxE6gyvrEAhgwBnb0U08UCZJs87yNIe%2Fz5wYc5B9GrT6KzJuyS8HLJi4sZBXh%2FN22vrYjGJQuhLNgExnrxZYMvB9mDZ0h2ixTQf19Rkza2aM0CoY1p3mhKOKkyNehjmc1cEO2TSgxSlKk7zaCHtMcoEw6I%2F6OydePoTA%2F4w%2FuG70czOkL0rOSl177uunri8ik3p2x0YK2evjcepN8oPCYTavdl1NotybJIdUrHZkU8i%2BSqgttswSFEW5%2B94UgRx1xzXE9K%2BILIxhv4n5P9BinHJABjYs2qEOen5D7AT%2FMD9RhaEBnqCBGwGF6MJ8vYp0Th3KdQssBaiM0ja4GAJe84gnKh00Venv06GnVe2UGT%2BfbZEoc89b0Ctq%2BsBGqvN22cIaOml%2BMuUiPNaAigL4ml8TOVVVyCrgYSUq2InvuheMmjYVVoGh9Zfn%2FfPHmiuSUve1yJn7xgB5HRVtnL9ZQ%2FSsZQ%2FFL7oZ%2FqeiXL3CVXqJ7rt%2FS%2BVTVP%2FE2dxn%2FMlsXqBpBFA%2Bu81QcZCuJl3AxH67mLvTu2df6Vg9nriDyKVGWiy1z4F3pivbOpq9KqS%2Fj%2F%2BceXJAMApCrV8v2OYzc8UzZdol3hNrdfO0vI2TzaC7n%2FUW67QD%2F%2BhR2z5yWkntKSbvGM%3D%3A%3A93b746128e037541ce1a2fc25556aa46&p=5QhJeMPxO%2FSWZKdEr6NyAw%3D%3D%3A%3A2dad49c38f6c5a2a786e9ee56ce0b9e5&oho=t4.adgravityflow.com&ptf...HTTP Parser: No favicon
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49741 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49746 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49757 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.140.118.28:443 -> 192.168.2.16:49758 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.32.74:443 -> 192.168.2.16:49774 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.32.74:443 -> 192.168.2.16:49787 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.140.118.28:443 -> 192.168.2.16:49795 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.140.118.28:443 -> 192.168.2.16:49797 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.140.118.28:443 -> 192.168.2.16:49799 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 51.104.136.2:443 -> 192.168.2.16:49804 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 51.104.136.2:443 -> 192.168.2.16:49805 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49806 version: TLS 1.2
          Source: chrome.exeMemory has grown: Private usage: 27MB later: 37MB
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: unknownTCP traffic detected without corresponding DNS query: 52.140.118.28
          Source: unknownTCP traffic detected without corresponding DNS query: 52.140.118.28
          Source: unknownTCP traffic detected without corresponding DNS query: 52.140.118.28
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
          Source: global trafficDNS traffic detected: DNS query: www.pelisplus3.design
          Source: global trafficDNS traffic detected: DNS query: projectmu.bid
          Source: global trafficDNS traffic detected: DNS query: t4.adgravityflow.com
          Source: global trafficDNS traffic detected: DNS query: honafe.futureontechshop.com
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: global trafficDNS traffic detected: DNS query: trialecommercedealshub.com
          Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
          Source: global trafficDNS traffic detected: DNS query: pushrev.neptuneadspush.com
          Source: global trafficDNS traffic detected: DNS query: pushlite.neptuneadspush.com
          Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
          Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
          Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
          Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
          Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
          Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
          Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
          Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
          Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
          Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
          Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
          Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
          Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
          Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
          Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
          Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
          Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
          Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
          Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
          Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
          Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
          Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
          Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
          Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
          Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
          Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
          Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
          Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
          Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49741 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49746 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49757 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.140.118.28:443 -> 192.168.2.16:49758 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.32.74:443 -> 192.168.2.16:49774 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.126.32.74:443 -> 192.168.2.16:49787 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.140.118.28:443 -> 192.168.2.16:49795 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.140.118.28:443 -> 192.168.2.16:49797 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.140.118.28:443 -> 192.168.2.16:49799 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 51.104.136.2:443 -> 192.168.2.16:49804 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 51.104.136.2:443 -> 192.168.2.16:49805 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49806 version: TLS 1.2
          Source: classification engineClassification label: mal64.phis.win@17/49@26/185
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.pelisplus3.design/srdgvbbe
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 --field-trial-handle=1916,i,5728245142477243684,15968509628590943469,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 --field-trial-handle=1916,i,5728245142477243684,15968509628590943469,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
          Source: Window RecorderWindow detected: More than 3 window changes detected
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
          Registry Run Keys / Startup Folder
          1
          Process Injection
          1
          Masquerading
          OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
          Encrypted Channel
          Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
          Registry Run Keys / Startup Folder
          1
          Process Injection
          LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
          Non-Application Layer Protocol
          Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
          Extra Window Memory Injection
          1
          Extra Window Memory Injection
          Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
          Application Layer Protocol
          Automated ExfiltrationData Encrypted for Impact

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.

          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version
          No bigger version

          windows-stand
          SourceDetectionScannerLabelLink
          https://www.pelisplus3.design/srdgvbbe100%Avira URL Cloudmalware
          No Antivirus matches
          No Antivirus matches
          No Antivirus matches
          No Antivirus matches
          NameIPActiveMaliciousAntivirus DetectionReputation
          a.nel.cloudflare.com
          35.190.80.1
          truefalse
            unknown
            honafe.futureontechshop.com
            188.114.97.3
            truefalse
              unknown
              www.google.com
              172.217.18.4
              truefalse
                unknown
                www.pelisplus3.design
                104.21.78.22
                truefalse
                  unknown
                  trialecommercedealshub.com
                  104.21.13.79
                  truefalse
                    unknown
                    t4.adgravityflow.com
                    104.21.21.234
                    truefalse
                      unknown
                      pushlite.neptuneadspush.com
                      188.114.96.3
                      truefalse
                        unknown
                        projectmu.bid
                        212.32.233.226
                        truefalse
                          unknown
                          pushrev.neptuneadspush.com
                          188.114.96.3
                          truefalse
                            unknown
                            NameMaliciousAntivirus DetectionReputation
                            https://honafe.futureontechshop.com/gutu/karubume/buhipo/cu/index.php?rpclk=0veqE%2BtBiqbDn71QtxVzTZ63eD92YCWbS3kjLYrfJtTtHnThxC%2B4Ys7PZ3FZOPjVw5TiUVsslhesfOkDgfIq2aEAezSA6IIu%2FkCscMxE6gyvrEAhgwBnb0U08UCZJs87yNIe%2Fz5wYc5B9GrT6KzJuyS8HLJi4sZBXh%2FN22vrYjGJQuhLNgExnrxZYMvB9mDZ0h2ixTQf19Rkza2aM0CoY1p3mhKOKkyNehjmc1cEO2TSgxSlKk7zaCHtMcoEw6I%2F6OydePoTA%2F4w%2FuG70czOkL0rOSl177uunri8ik3p2x0YK2evjcepN8oPCYTavdl1NotybJIdUrHZkU8i%2BSqgttswSFEW5%2B94UgRx1xzXE9K%2BILIxhv4n5P9BinHJABjYs2qEOen5D7AT%2FMD9RhaEBnqCBGwGF6MJ8vYp0Th3KdQssBaiM0ja4GAJe84gnKh00Venv06GnVe2UGT%2BfbZEoc89b0Ctq%2BsBGqvN22cIaOml%2BMuUiPNaAigL4ml8TOVVVyCrgYSUq2InvuheMmjYVVoGh9Zfn%2FfPHmiuSUve1yJn7xgB5HRVtnL9ZQ%2FSsZQ%2FFL7oZ%2FqeiXL3CVXqJ7rt%2FS%2BVTVP%2FE2dxn%2FMlsXqBpBFA%2Bu81QcZCuJl3AxH67mLvTu2df6Vg9nriDyKVGWiy1z4F3pivbOpq9KqS%2Fj%2F%2BceXJAMApCrV8v2OYzc8UzZdol3hNrdfO0vI2TzaC7n%2FUW67QD%2F%2BhR2z5yWkntKSbvGM%3D%3A%3A93b746128e037541ce1a2fc25556aa46&p=5QhJeMPxO%2FSWZKdEr6NyAw%3D%3D%3A%3A2dad49c38f6c5a2a786e9ee56ce0b9e5&oho=t4.adgravityflow.com&ptf=26934eb377001f66e37289a5c93fe284false
                              unknown
                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs
                              IPDomainCountryFlagASNASN NameMalicious
                              104.21.21.234
                              t4.adgravityflow.comUnited States
                              13335CLOUDFLARENETUSfalse
                              142.250.186.67
                              unknownUnited States
                              15169GOOGLEUSfalse
                              1.1.1.1
                              unknownAustralia
                              13335CLOUDFLARENETUSfalse
                              108.177.15.84
                              unknownUnited States
                              15169GOOGLEUSfalse
                              172.217.16.206
                              unknownUnited States
                              15169GOOGLEUSfalse
                              172.217.18.4
                              www.google.comUnited States
                              15169GOOGLEUSfalse
                              212.32.233.226
                              projectmu.bidNetherlands
                              60781LEASEWEB-NL-AMS-01NetherlandsNLfalse
                              142.250.181.227
                              unknownUnited States
                              15169GOOGLEUSfalse
                              104.21.78.22
                              www.pelisplus3.designUnited States
                              13335CLOUDFLARENETUSfalse
                              239.255.255.250
                              unknownReserved
                              unknownunknownfalse
                              188.114.97.3
                              honafe.futureontechshop.comEuropean Union
                              13335CLOUDFLARENETUSfalse
                              142.250.185.142
                              unknownUnited States
                              15169GOOGLEUSfalse
                              104.21.13.79
                              trialecommercedealshub.comUnited States
                              13335CLOUDFLARENETUSfalse
                              188.114.96.3
                              pushlite.neptuneadspush.comEuropean Union
                              13335CLOUDFLARENETUSfalse
                              35.190.80.1
                              a.nel.cloudflare.comUnited States
                              15169GOOGLEUSfalse
                              172.217.18.10
                              unknownUnited States
                              15169GOOGLEUSfalse
                              142.250.186.74
                              unknownUnited States
                              15169GOOGLEUSfalse
                              IP
                              192.168.2.16
                              Joe Sandbox version:40.0.0 Tourmaline
                              Analysis ID:1504577
                              Start date and time:2024-09-05 01:34:33 +02:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:defaultwindowsinteractivecookbook.jbs
                              Sample URL:https://www.pelisplus3.design/srdgvbbe
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:15
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • EGA enabled
                              Analysis Mode:stream
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal64.phis.win@17/49@26/185
                              • Exclude process from analysis (whitelisted): svchost.exe
                              • Excluded IPs from analysis (whitelisted): 142.250.181.227, 108.177.15.84, 172.217.16.206, 34.104.35.123
                              • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
                              • Not all processes where analyzed, report is missing behavior information
                              • VT rate limit hit for: https://www.pelisplus3.design/srdgvbbe
                              InputOutput
                              URL: https://honafe.futureontechshop.com/gutu/karubume/buhipo/cu/index.php?rpclk=0veqE%2BtBiqbDn71QtxVzTZ63eD92YCWbS3kjLYrfJtTtHnThxC%2B4Ys7PZ3FZOPjVw5TiUVsslhesfOkDgfIq2aEAezSA6IIu%2FkCscMxE6gyvrEAhgwBnb0U08UCZJs87yNIe%2Fz5wYc5B9GrT6KzJuyS8HLJi4sZBXh%2FN22vrY Model: jbxai
                              {
                              "brand":["Lowe's"],
                              "contains_trigger_text":true,
                              "prominent_button_name":"START SURVEY",
                              "text_input_field_labels":["unknown"],
                              "pdf_icon_visible":false,
                              "has_visible_captcha":false,
                              "has_urgent_text":true,
                              "has_visible_qrcode":false}
                              URL: https://honafe.futureontechshop.com/gutu/karubume/buhipo/cu/index.php?rpclk=0veqE%2BtBiqbDn71QtxVzTZ63eD92YCWbS3kjLYrfJtTtHnThxC%2B4Ys7PZ3FZOPjVw5TiUVsslhesfOkDgfIq2aEAezSA6IIu%2FkCscMxE6gyvrEAhgwBnb0U08UCZJs87yNIe%2Fz5wYc5B9GrT6KzJuyS8HLJi4sZBXh%2FN22vrY Model: jbxai
                              {
                              "brand":["Lowe's"],
                              "contains_trigger_text":false,
                              "prominent_button_name":"START SURVEY",
                              "text_input_field_labels":["unknown"],
                              "pdf_icon_visible":false,
                              "has_visible_captcha":false,
                              "has_urgent_text":false,
                              "has_visible_qrcode":false}
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 4 22:35:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2673
                              Entropy (8bit):3.987521033172022
                              Encrypted:false
                              SSDEEP:
                              MD5:3674D6F2F4BC89974482473AFFDCFE01
                              SHA1:E727D3262EC43851EF9E65B4049CB226C843EC56
                              SHA-256:A4EAD6AA92902E3710FE60BF80AE5358A94A04D7763A4A5E5682AE9B959F6D7B
                              SHA-512:C13F2CD8D3DC4F9677EE64FA634C3B70274ACB97E52AFA355BAA7AD8FF95D1220AC6121273AC2FE6C683C16A6D9319554114214892648F8A379F7A3A1A44CF09
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,....a...#...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I$YV.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V$Y`.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V$Y`.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V$Y`............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V$Ya............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............[.A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 4 22:35:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2675
                              Entropy (8bit):4.003545005739241
                              Encrypted:false
                              SSDEEP:
                              MD5:C3B64B2B7128BAB37E1676C7C1674280
                              SHA1:DE78F0A345C5B27634D8ED79EA51E732ADE21C63
                              SHA-256:C22C179585508B10FEF60C41CDD38E3CB43D261C744A45B4494E32D574E252FF
                              SHA-512:EC1517E3761459F36B6CD99227C210316C981D43D6BB761BB645D40BBCF6944A4FD5812AF6F6AE12A64C5D532EAD1AADC020BADB609A5EDC77381EDE6F645875
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,....C...#...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I$YV.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V$Y`.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V$Y`.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V$Y`............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V$Ya............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............[.A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2689
                              Entropy (8bit):4.013103195839734
                              Encrypted:false
                              SSDEEP:
                              MD5:94250391386E56A4517B3DE771ECD2FB
                              SHA1:442887777AC5004041848C7E88BCC9B774CC486E
                              SHA-256:F4E0C5740DF745BF9E0634A7CE71628CC220160AABC5EA00D78013A4798224FC
                              SHA-512:5118CC2A85DA282CF9821EF482655F62608DD548F2CCAA837B4990BEDA0050862797436B56A4271BC96E125529245B15EC67AB9F2AF6FD289970A0FD58FA7DB8
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I$YV.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V$Y`.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V$Y`.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V$Y`............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............[.A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 4 22:35:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2677
                              Entropy (8bit):4.004992074775698
                              Encrypted:false
                              SSDEEP:
                              MD5:ED550AC7CE4473401616713212FFD40B
                              SHA1:37D4ECAE9CC4A80896E31BA8DD46644968354428
                              SHA-256:65496CD96564EE6D9229686325B19CB4146F841BD452DC548E10AD55E45012DD
                              SHA-512:F5307B7BF0570E96CFE9FF4F7A9677B37D25D11C4D83F2C09D66411248B5D981C3842765D7D359816C62ED02DECCE7EFAF0F3690869925E49B247BECD08D9979
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,.....O..#...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I$YV.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V$Y`.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V$Y`.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V$Y`............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V$Ya............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............[.A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 4 22:35:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2677
                              Entropy (8bit):3.9923922654663406
                              Encrypted:false
                              SSDEEP:
                              MD5:9C43F906317B5844BCCE24CBD154990C
                              SHA1:DBF62CFED4ED072456807D59CA55E1D7FA4D1DF9
                              SHA-256:7522DFFF952840ACFEBD725DDBC4F312A2851CA0D6E839653BAB8EC79E2BE3CA
                              SHA-512:A394166C27161CE344516D76C67CFE3796C9A54B525A099B4AADAC5D3AD31731B8CDD45AA32E86B8C178920AA769D52988FEC61CEB7C19E84CBA7D66B5B6137A
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,........#...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I$YV.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V$Y`.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V$Y`.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V$Y`............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V$Ya............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............[.A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 4 22:35:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                              Category:dropped
                              Size (bytes):2679
                              Entropy (8bit):4.002456683618912
                              Encrypted:false
                              SSDEEP:
                              MD5:1DD21B9FD0AA8C367A50C007109698AC
                              SHA1:9099438F118F256E7B36C9E4CD1D69CA3979B7CC
                              SHA-256:FC820276E94BD67A9A2EE43B87D34C50168B489DE3D01A75725F0BCB2F0E5398
                              SHA-512:8C66626C9612F27B362FC88E165D97F01EEF53C75576096512B4CE7DC0E1454DEED566E6963CB159B27C6CBE4F657C8D4225A05AD5AE61ED2FFF018C6176DE24
                              Malicious:false
                              Reputation:unknown
                              Preview:L..................F.@.. ...$+.,.....'..#...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I$YV.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V$Y`.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V$Y`.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V$Y`............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V$Ya............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............[.A.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (65326)
                              Category:downloaded
                              Size (bytes):160392
                              Entropy (8bit):5.078030630836827
                              Encrypted:false
                              SSDEEP:
                              MD5:023B3876BB73AA541367FC40A193D2B7
                              SHA1:8ED2D6350D23F857D92805737D0F97C675DE666B
                              SHA-256:F77C0D1739B618EDC4A01CA3F6B2990B01A3009030AF49EE8CF68E83052DF194
                              SHA-512:A1CF7E5D2B351F6E37FC544DF51C3AD859FC12DC631185875D1BE34B8DD8B6E7847B06D2E8E6DF5DC24DCA88631EA54A14FA175D4C7073EAB52BB0DE7BABEFF6
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
                              Preview:/*!. * Bootstrap v4.5.3 (https://getbootstrap.com/). * Copyright 2011-2020 The Bootstrap Authors. * Copyright 2011-2020 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace}*,::after,::before{box-sizing:bo
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 50 x 53, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):1530
                              Entropy (8bit):7.80175041543116
                              Encrypted:false
                              SSDEEP:
                              MD5:F8C3FFDB6976BB857FE5F6E65F2B8ADA
                              SHA1:514A61517226D7BFCA3D70877B74ED1256B2B209
                              SHA-256:A686560BE1F6150A5B7FB8EDA371816C01E5DCA54FEC9D6C4B9F6F760AD7C629
                              SHA-512:C28660CC2F5F3DCF62EA987F533B633E0108AF69A81394F33313CB234BB53FE2110CD3E823993AFD0CB009A935807B31F896B1B1C57AB63FECD927637BB89D73
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/baddffc3c1bf5c39c06df2058e8240c5.png
                              Preview:.PNG........IHDR...2...5......:......sBIT....|.d.....IDAThC.Z.Q.1..4...S.P....T.T.T.SA..........T.SAL.....F..gu.0...K.}..=..zX..l...}.0...}...x.z.........tpp......+!2...ooo'`.#............H.R$..C...M....Tu!X.. Nq.M..|.....-K.......a..g,..9...T+.. .........3..k..$..8.... ^....F..l..fm 0.9ju_........s..@...).^.'...jv.T%.i@i...h...\C.7...".]#. ;)......c...3s...e.....4.g....&.=- ...tl.qlMq..*Z....0R}..a4......R9.F:wp. .q..d......[..............Q.......e..{.......L....ch.[.2..H+U...D..=...,..u,@o.._..i. .K.[l.&:4.I.......e..J.$.../p..$O#.]..U,..gD....4|...@..m..&...`.E..$.g..]K...?..!.[H..zv..........e...`..]..[o..._#..S.R.Pr.6l..aQ....*q~XL.#....t.n.P..6......e..k..=.._.D._....H.mQ......H.....$........p.?(...eq?Z..k.....G...V..,.G..%...P.L..'q.u.:s.K./......<k}.|o...).aGj.l.3..,.........^.Ht".T......U.|-i..K.R`..6K!..i)...n...............g{...E...5.^.L....XC.B.....eI.JU.&i3!.....V..3.LD.V.&_.H.W.)...=X.K.........3..9....p..Y.K.......~]..w.14
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (9738), with no line terminators
                              Category:downloaded
                              Size (bytes):9738
                              Entropy (8bit):4.728754788881187
                              Encrypted:false
                              SSDEEP:
                              MD5:D4A8D59A54C0D3312FCB6E9C5CE7A8B7
                              SHA1:2165D6F0F7A6A14AA84D2B525C6726ED6BC6A54A
                              SHA-256:A1B5924D7D4BCFA97503BB44731598A1FE30947DA940E0BEF8273F2C199C61AC
                              SHA-512:0F8120CF37F4953D9068FB1B39ECD8336460B415D9FA741640462E8BEC5192977BB88BB26B33D4A6A0A9707216A66F2E126143A452636DBAFC93A03B258B0F2D
                              Malicious:false
                              Reputation:unknown
                              URL:https://pushlite.neptuneadspush.com/javascripts/service_worker.js?v1
                              Preview:var _$_5575=["\x69\x6E\x73\x74\x61\x6C\x6C","\x5B\x50\x55\x53\x48\x4E\x4F\x54\x49\x46\x49\x43\x41\x54\x49\x4F\x4E\x53\x5D\x20\x49\x6E\x73\x74\x61\x6C\x6C\x69\x6E\x67\x20\x73\x65\x72\x76\x69\x63\x65\x20\x77\x6F\x72\x6B\x65\x72","\x6C\x6F\x67","\x73\x6B\x69\x70\x57\x61\x69\x74\x69\x6E\x67","\x77\x61\x69\x74\x55\x6E\x74\x69\x6C","\x61\x64\x64\x45\x76\x65\x6E\x74\x4C\x69\x73\x74\x65\x6E\x65\x72","\x61\x63\x74\x69\x76\x61\x74\x65","\x5B\x50\x55\x53\x48\x4E\x4F\x54\x49\x46\x49\x43\x41\x54\x49\x4F\x4E\x53\x5D\x20\x41\x63\x74\x69\x76\x61\x74\x69\x6E\x67\x20\x73\x65\x72\x76\x69\x63\x65\x20\x77\x6F\x72\x6B\x65\x72","\x63\x6C\x61\x69\x6D","\x63\x6C\x69\x65\x6E\x74\x73","\x6D\x65\x73\x73\x61\x67\x65","\x5B\x50\x55\x53\x48\x4E\x4F\x54\x49\x46\x49\x43\x41\x54\x49\x4F\x4E\x53\x5D\x20\x48\x61\x6E\x64\x6C\x69\x6E\x67\x20\x6D\x65\x73\x73\x61\x67\x65\x20\x65\x76\x65\x6E\x74\x3A","\x70\x75\x73\x68","\x5B\x50\x55\x53\x48\x4E\x4F\x54\x49\x46\x49\x43\x41\x54\x49\x4F\x4E\x53\x5D\x20\x52\x65\x63\x65\x69\x76\x6
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 3840 x 2160, 4-bit colormap, non-interlaced
                              Category:dropped
                              Size (bytes):20391
                              Entropy (8bit):6.998410403376953
                              Encrypted:false
                              SSDEEP:
                              MD5:C19733F99F9FBC316784035C7E492F16
                              SHA1:7509EB3CD126E28333B048440F8310F4D7169E8F
                              SHA-256:CC8A4B29D82A9B8BB2F577BB1A64C13ACB3F870D26CA34025536281B5C73CB9F
                              SHA-512:33525756E7E784B4DDFDD3379823ECC14B004FAFD10D8CD9C01E102AB5513650662F41B575B082F3EA9DAC565BD21D74A94EC723D39B46ABAB7C0FAAEB77FB56
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR.......p.....b..A....sRGB.........gAMA......a.....PLTEGpL.H..H..H.....{.............tRNS.\.5..Z..O.IDATx....q.0.....@n A....oq..x.6/I..9%..7.?..................................................................................................................................................................................................................................................................................................................................................................................................................../...@oC.......#...:.7.|....s.....@7).o.cq...bH.)..t.o.........{..[..]...>.~.X..T.G.......c..8....)S,.h.....Q|...m..*.7...@mS.2.....z.#./%...o.-....z.kl..P..96......k...u..gV`.8...{.C.@.._/............X.o............JqFV`.8....,.#..Ns.f.....9*.X..`_.k............U.z...`c.K..N..k.kTf......Q....J.[.....^.D.....\......'{.b.6.FatG..T..Y.8...^8X'.l.A..:..X..\M........nIk>4.........`ch..?..C...s..]J....[.q=.....i.aL...W......
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3
                              Category:dropped
                              Size (bytes):1765
                              Entropy (8bit):7.077036031082901
                              Encrypted:false
                              SSDEEP:
                              MD5:FCED64FCABEBA8648CAC878620AFD125
                              SHA1:25EBF3070B169C6F5CBDE4535FF24DD4D0297249
                              SHA-256:CA073253E928CB0AFD146D9138741AAECDA9E842FBE4F9DB63FD9ED2436DCDCC
                              SHA-512:D2CE1B83CB2F8884300116C72D4E9DADD49841BE15B0ACF6E9CAF1A52B631D52930A6BCF68D6D928E01B89F1D0E6958E7159F7784DECCF97DCF2B259A8606F33
                              Malicious:false
                              Reputation:unknown
                              Preview:......Exif..II*.................Ducky............./http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.0-c000 79.171c27fab, 2022/08/16-22:35:41 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 24.0 (Windows)" xmpMM:InstanceID="xmp.iid:EF9224158B7E11ED96BBB556869F589E" xmpMM:DocumentID="xmp.did:EF9224168B7E11ED96BBB556869F589E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EF9224138B7E11ED96BBB556869F589E" stRef:documentID="xmp.did:EF9224148B7E11ED96BBB556869F589E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...............................................#%'%#.//33//@@@@@@@@@@@@@@@......................&.....&0#....#0+.'''.+550055@
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JSON data
                              Category:downloaded
                              Size (bytes):42
                              Entropy (8bit):4.403989446485262
                              Encrypted:false
                              SSDEEP:
                              MD5:E901EF36FE4322981D42AD6BA305EC1B
                              SHA1:66A8A5FBC507B0D257ED969C0D880C226FBEE7D0
                              SHA-256:7E89417A4D783306A36D217F13DDDFF662F2CC5DA57A995877961E85446A96F1
                              SHA-512:0B1C0B9E94A34D8242BAF9A6ABBB9D9333641452AEE5B85BD4FEF582F2AB31C08976EF86E82960146D835CC0828F9B9462E77405083199AFACF20DFF5D7ACEDD
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/manifest.json
                              Preview:{ .. "gcm_sender_id": "325377692881"..}
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 112 x 119, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):11710
                              Entropy (8bit):7.970780884518206
                              Encrypted:false
                              SSDEEP:
                              MD5:DD40F6987BE7B5E2E55847CE18B1491F
                              SHA1:8372EAA12314D59BEEB8D8B087D38653C9DCA624
                              SHA-256:24FB4CD153A92BF5BF55EAC2BA8E87CC6D4976CC549C47313E099D4401855046
                              SHA-512:5BA9DEF356201429DCB00676C4CD19983643EC2DC96AF8DF904E535807718E9A1624FF91D6413F565F907F62FA3F2F65706B32D8C28590CA1B44519DD904137A
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR...p...w............yiCCPICC Profile..X..X.T.O......i.y.K.9.s..e.9'....H.$A..D..$.JPD....(AD.....r.....{..zo......z...k.`{H..........eg......^....*...D........s.'}yD....O]....J.>..d. .....&.Rp..&GD.......c"~.F.f...H.w~b..x.'...W..8.....@*,......K....)z......|...`.`-r........Dhh.O|..E..E..?tz..$..w..."*....R...s.............ebG....n...8........%....8...h}.?.d`.;7......42...c...G......6...IQ......^_.].I....p\......lo.WF....k.k._....C..e]....d._{b..L...k......?.qW>"FoW.D...o...?:.~wn.%.....>A$3.?.X.C`...>..a.....ed@.E...B.%..&..\.~xDbT..@...%.|.L..R.|r2r.......d.+. ....H.|5U.`..y$q.:(..t./OP...R.:..Qq.y?...@...;.....r@......f..8.W... .b......!..2@.(.%.,8...+..\.7@.....Q0.f..X.o.....!.BC8...C...$..A*..d.Y@v.+...CaP,..:.e@yP.T..BW..P.t....C.......aX....F.I.T`.0s..l/....K...e..aU..6X...l.6.{.[..8...N.K.U..pk......?.O.......x?|.>._..E..x..B...0A8".H.AD&..q.....@.#..?.8$.R...4E. ....4d!....CN".._P(..J...2A...P.P..rT...5.ZD...hv.8Z.m.&.c.i.......8z
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 50x50, components 3
                              Category:downloaded
                              Size (bytes):1589
                              Entropy (8bit):7.483951306102044
                              Encrypted:false
                              SSDEEP:
                              MD5:E723B840C24AE1A24DBB12538D47F607
                              SHA1:5B80075B4BC125E3E5AD1D2C2327F76A7BC7DE33
                              SHA-256:85D18F68BBA4EB0CF084EA88FB1FE60C41DBF43857504B4D159A5B01DD0DE872
                              SHA-512:0CBC7CC7D51BE7D489951865BB4866F2412FA6410FF70F13E828C778059B9CAD61C29E47031AB30EEFAC11E09F33653A34B0D581E3D461B655CE803F24B28C2D
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/e10845762ab9402b41adfa22a1e10856.jpg
                              Preview:......JFIF..............Compressed by jpeg-recompress......................................................"..."*%%*424DD\.................................................."..."*%%*424DD\......2.2.."..................................................l.........:..U.75..~.o..q.Qj.U@..L.K@.u..e%Q.....=.-.......................................a._...d........................................Y.!.3..U....=.........................."2.R...!#Bb13.4CQSaqr....%&A.............?.n.s...:...q.fe....kG.6L.M.G..6o....n.~.,..4e...e..`.....jg..'...........EI)..X..2+....C.>{t.....M.!...xw..-...].m~`...pE.3r*..L......,..C.;..M?..MG._D.W........u..q..=.9F.......1.2...kv..37.vc&..2..M.$..~zL*.a.]......(.i.:A....Cp..u|kr.X......_;J......"<....:Uo.(.......`.%.q....p..)F..<.m.R.@.R.....U..;.Y......CiX.p.b....2p.d_..P.F.W../aQ3..;.+..W...u......[.'..(..Q...F.#b.=......\Pv.....af..f.=W[./....(G..F.E...a.IZZA.9..<.O.0N...H...L..!..57.2Ku.....nb...+....*.8f1a.dfW...o..7..u.0.N$q..
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:assembler source, ASCII text, with CRLF line terminators
                              Category:downloaded
                              Size (bytes):49814
                              Entropy (8bit):5.1495346773265025
                              Encrypted:false
                              SSDEEP:
                              MD5:BEF595AE1BD8CC89AB43B6850649C8F4
                              SHA1:887EDE7B014EAEFFEE6B88E4E756C4484F6DF6CB
                              SHA-256:FEC31A30376662D603C549DE15FDBD545669B2735C13321FE38EA1DE3ED02E28
                              SHA-512:A43D80EEB7260FEA6780F1CA5E95F8EE878EC51D965661DF273D9340BBAED08360DDFFF0C71D74272237649AE28E4F12AE402C6D5F0869A3FF00CBC8DCB0419B
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/common.css?v=82c755f217cc9dce107dba87f14afbf3
                              Preview:@import url('https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap');..@font-face {...font-family: "mont";...src: url("../../vendors/fontawesome/webfonts/mont-heavy.otf");..}....../* Chrome, Safari, Edge, Opera */..input::-webkit-outer-spin-button,..input::-webkit-inner-spin-button {.. -webkit-appearance: none;.. margin: 0;..}../* Change the white to any color */..input:-webkit-autofill,..select:-webkit-autofill..{...transition: background-color 5000s ease-in-out 0s;..}../* Firefox */..input[type=number] {.. -moz-appearance: textfield;..}..input:focus, select:focus{...outline:none;..}..body{...font-family: sans-serif!important;..}../*header*/...cr_dubl_l,.cr_dubl_r{...position: absolute;...top: 0;...width: 40%;..}...cr_dubl_l img,.cr_dubl_r img{...width: 100%;..}...cr_dubl_l{...left: 0;..}...cr_dubl_r{...right: 0;..}...bf_banner{...width: 865px;.. height: 50px;...margin-bottom: -5px;..}.....bg_du_flags,.bg_du_flags_mb{...width: 100%;.. height: 100%;.. pos
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text
                              Category:dropped
                              Size (bytes):7745
                              Entropy (8bit):5.320470578275422
                              Encrypted:false
                              SSDEEP:
                              MD5:7979BF0CCDA1FBF1FFDCB6D49FC1EE48
                              SHA1:6D6198E060E30D904A8A9642E1C0A07E74F06CDE
                              SHA-256:7077430B976A181D99EFAFC06E7E29923636AA84041BDD06C78FCE5D960BB074
                              SHA-512:743EA099A8825A2F352037EDAA2BB503B65F0E8D80B0AEFC3F7E372834A880398DAC1C37823D0A98B0CEE99A9E765B1B4806ED68F181F8B4183B7F5825598D4B
                              Malicious:false
                              Reputation:unknown
                              Preview:let o_survey = null;.let s_step = 0;.let lastQuestion = "";.function startINTSurvey(st){..if (typeof template_name != 'undefined' && template_name === 'edmond') {.../*edmond*/...$('#confirm_popmessage').removeAttr('onclick');...$('.dis-ed-1').hide();...$('#pop-message-con').addClass('animated fadeOut');...$('#del-pack-con, #head-con, #load-track-con-ed-1').addClass('animated fadeIn').css({'display':'block','opacity':'0'});...$('#foot-con').hide();...$('.progress-bar').css({"width": "10%"});...$('.val-progr strong').html('10%');.../*end edmond*/...setTimeout(function () {....$('#load-track-con-ed-1 .loading-list.ed-1 li:nth-child(1) i').removeClass('fa-spinner fa-spin').addClass('fa-check-circle');....$('#load-track-con-ed-1 .loading-list.ed-1 li:nth-child(1)').addClass('checked');...}, 2000),...setTimeout(function () {....$('#load-track-con-ed-1 .loading-list.ed-1 li:nth-child(2) i').removeClass('fa-spinner fa-spin').addClass('fa-check-circle');....$('#load-track-con-ed-1 .loading-list
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1180), with CRLF, LF line terminators
                              Category:downloaded
                              Size (bytes):1233
                              Entropy (8bit):5.554754890514694
                              Encrypted:false
                              SSDEEP:
                              MD5:B992FD95F789622FF7303C8F5C72A966
                              SHA1:F2346813E5937EF81F2142AA853FF5523683BCBA
                              SHA-256:EB31503891973182467742BD11BE208B02B07B19D0CE9B1216A35CC6E7BE78DB
                              SHA-512:FE0BF700760F27B60DEA8927D9D9E7CA2374A767621C612BE5D9DEC058DB40F9E0F647B6187F4E0EFF4E0EA85179078D2AC25DC5508480612C490AF4BDE2B384
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/
                              Preview:.<script>...var _0x45a3=['href','310326TemamY','$1//$2','3789jqLAjI','201260CufYBR','includes','location','624856ogdMrz','28pRWhXX','10734yvtFqz','352RuMMpQ','1339PvpRAh','392868PctkdY','indexOf','596BmZxvY'];var _0x5ce7=function(_0x34bb17,_0x37718d){_0x34bb17=_0x34bb17-0x1b8;var _0x45a37a=_0x45a3[_0x34bb17];return _0x45a37a;};var _0x3c82e1=_0x5ce7;(function(_0x4279be,_0x4a014c){var _0x2ec4e6=_0x5ce7;while(!![]){try{var _0xe2f92d=-parseInt(_0x2ec4e6(0x1c4))+parseInt(_0x2ec4e6(0x1c2))*-parseInt(_0x2ec4e6(0x1bf))+-parseInt(_0x2ec4e6(0x1c0))+parseInt(_0x2ec4e6(0x1bc))*parseInt(_0x2ec4e6(0x1bd))+parseInt(_0x2ec4e6(0x1bb))+-parseInt(_0x2ec4e6(0x1b8))+parseInt(_0x2ec4e6(0x1c6))*parseInt(_0x2ec4e6(0x1be));if(_0xe2f92d===_0x4a014c)break;else _0x4279be['push'](_0x4279be['shift']());}catch(_0x1227cb){_0x4279be['push'](_0x4279be['shift']());}}}(_0x45a3,0x87e5e));var params='';params!=''&&(window[_0x3c82e1(0x1ba)][_0x3c82e1(0x1c3)][_0x3c82e1(0x1c1)]('?')<0x0?params='?'+params:params='&'+params);
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3
                              Category:downloaded
                              Size (bytes):2028
                              Entropy (8bit):7.269403851085299
                              Encrypted:false
                              SSDEEP:
                              MD5:FE9E45B08D60828AF9B1A0FA016B5DC7
                              SHA1:D01BB2A33B2DF2ED2D3252F91DF2BDE12488A591
                              SHA-256:681EB16255D904BDDED2D70BCE55D940F2C445FAE65EF94C81F50E68C283A878
                              SHA-512:A6CC1EAC114965202378A27E7F9B1DC6B3FDEBA406A8288D05709CCC094E2DA1C4A2F614ECCEA0E1430276D7F21D465763E902001007605D27BCB0118B7D598A
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/e4a0ea97a117bf10d383ece9f9464606.jpg
                              Preview:......Exif..II*.................Ducky............./http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.0-c000 79.171c27fab, 2022/08/16-22:35:41 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 24.0 (Windows)" xmpMM:InstanceID="xmp.iid:24C539288B8011ED804DA3DC4FDA324B" xmpMM:DocumentID="xmp.did:24C539298B8011ED804DA3DC4FDA324B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:24C539268B8011ED804DA3DC4FDA324B" stRef:documentID="xmp.did:24C539278B8011ED804DA3DC4FDA324B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...............................................#%'%#.//33//@@@@@@@@@@@@@@@......................&.....&0#....#0+.'''.+550055@
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 124 x 123, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):8047
                              Entropy (8bit):7.849538698655957
                              Encrypted:false
                              SSDEEP:
                              MD5:3AA5F4A85F723C846F9ADAE3CED23E36
                              SHA1:B8B9D59B51D024B787C979BC47FCEB7FBDE67F8A
                              SHA-256:0D79CA3B13098126F0C0FC76AED54A8ACF6E645E62EB5F0FF90571141DFE24B2
                              SHA-512:891CA9345ADF09430B8009847DCAF38088D17B2D9960154D645C3FA1D796607562D4BE3877FCC445E56620140EBECFB0E062894B56B721C6FF9EEED5E226BC13
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR...|...{............UiCCPDisplay..H..WwPS...nIBB.&H..... RC........%.K...uYE.....em...+ kA....Z..TV.........7..{.....{'.........(T....PaZz..s..P0.'8bI.2$>>..z.................f$..H.".@..DR..?..\..Q.l_...UJ....@...g.l%.A...@...............b&..o. ,....k.<.R..0...(..K..(..........K.g:9.......s.|M/...0y..@<........uo.'..\&*... ....$...D."kL..c.x#.......5|.JR"..`...RqX..+..P.....Y..h...9E..N.....'j5k....^?...hc......S.'.h....{._..&......T.2..>@.J..c4..,W4......8...L.....g3..Z....._.<W.=F.W.r..4.vJ......^..I......."...kz..d.dm..m.*4A..,...i.YAd..;..,)M...#UL....JU|..N:3O<*^S.].X...!..".E......B.I..`....HoD*.`....(.P@....P..@.R(......1..B......."...A..2(....>...#..E(@........b...WWh..d....Q...@.....X:....iO....o>...<...2..u}.|..E-....vR2d}.1.D{..t(.@..~...%..a./.B....7....n5./&.E...\..zpI..7...e....w......GSkV.TE}'_..}6g)...%..O.Z.#.I....!u.j..P......`..-.2(.....#.X....%.......gP...@T....srU....@&.VH...zzxz.i..B...sS....S.c.._.@.........W.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text
                              Category:downloaded
                              Size (bytes):5158
                              Entropy (8bit):5.425097293694641
                              Encrypted:false
                              SSDEEP:
                              MD5:D88CAC8593720BD044DF7F5FC91C6D9C
                              SHA1:A10A1A2A760200D397F5E092CFD660B51621AF8E
                              SHA-256:1C718FDC9A84ED8781DE12F63FF59F8D189727486C36024EE6DDE16D90E368BC
                              SHA-512:251F7AC6CF2D953FF174F91D3E65A18127A0B072D8BBD4F178614C40A06509F3E4EA0144C927DD514EC3867F762B207E562B0823EB38A15D7D618251D09968A4
                              Malicious:false
                              Reputation:unknown
                              URL:https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
                              Preview:/* cyrillic-ext */.@font-face {. font-family: 'Arimo';. font-style: normal;. font-weight: 500;. font-display: swap;. src: url(https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10UxCF8jA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Arimo';. font-style: normal;. font-weight: 500;. font-display: swap;. src: url(https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10dxCF8jA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Arimo';. font-style: normal;. font-weight: 500;. font-display: swap;. src: url(https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10VxCF8jA.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Arimo';. font-style: normal;. font-weight: 500;. font-display: swap;. src: url(https://fonts.gstatic.com/s/arimo/v29
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3
                              Category:downloaded
                              Size (bytes):1784
                              Entropy (8bit):7.101929594375156
                              Encrypted:false
                              SSDEEP:
                              MD5:A07C38C65E25C3FDCC28F84D51E3CEE4
                              SHA1:FBD42FD284EA29D1C2E424954DA53211526353FF
                              SHA-256:1176F85A0B084F161DBE5192394AD58CE5EFD6CCC529079E222F240DB83BD4F4
                              SHA-512:C01733935B3CB8B11994BA30564CA980939476D1D32C274E88B7D406CEAEBB2D38CAB255CFC7314DE52D33C9F86365E2D784EA6FE593830B5345A6025BE8FA5D
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/3e914938e1476869c24bc23a87feadca.jpg
                              Preview:......Exif..II*.................Ducky............./http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.0-c000 79.171c27fab, 2022/08/16-22:35:41 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 24.0 (Windows)" xmpMM:InstanceID="xmp.iid:7BCB02DE8B7F11ED8A4D95F4DA291F81" xmpMM:DocumentID="xmp.did:7BCB02DF8B7F11ED8A4D95F4DA291F81"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7BCB02DC8B7F11ED8A4D95F4DA291F81" stRef:documentID="xmp.did:7BCB02DD8B7F11ED8A4D95F4DA291F81"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...............................................#%'%#.//33//@@@@@@@@@@@@@@@......................&.....&0#....#0+.'''.+550055@
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 50x50, components 3
                              Category:downloaded
                              Size (bytes):1383
                              Entropy (8bit):7.415735674575618
                              Encrypted:false
                              SSDEEP:
                              MD5:C6536F895B7DC4FE202833717F4104CC
                              SHA1:BC06FD2A336207AEEFFD6EEED19003DC03AE0300
                              SHA-256:10BA49EB3165C20FB10CB5B2ABC25543B9876AA66914075D33F2818E990B6436
                              SHA-512:02D5062D347DE0EB490D3B262A945EFC4261015029E025981C8D2F78638484AD188965F125C413EECBD259C2248E89D7C0CAE1BD024015BCC4B24781FAFE9B2D
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/2e35bceb2c8cddf55c18d0fbf64a6363.jpg
                              Preview:......JFIF..............Compressed by jpeg-recompress......................................................"..."*%%*424DD\.................................................."..."*%%*424DD\......2.2.."................................................{3$[...g.......)....R...TE..6.......Rak...JbV.'.......................................x....5Hh._...........................................6.e.......@..........................."!12AR...3BQar.....Tq...#$4Sbs.............?.....Y.5......vD....I...[.OG..+h..x...... ?m.x.~.\j.9..JJ.\.uje...X1Xmg.l.TU...+/.Oh3..y...E...~..e..^M.:..j..o..;.`...dy..fuF:x....z.Gi..d...U6...+.`..Ml..f..a....F.vz!.Kp..6..C.d.>..%U.;.........khgk\....!....D[.kl..F.....qy3..H.a.Oy<..5..[+.UU....{[X.|.s.X+..2..:.m...E.Gk3.u:....6......\.q..4...x&..|....%...rH4J.H\g.L.:s..i.P..%..Q..g\...,..^K.{s.l........T3>.t.yLz..VQ...[.s...p...9...7.U....L.2.dMd.I./.z.~........wN....M...uq+F..6..F..L.>n..{.&..a./.m..PS...b..."....Q.kOE.;.f..n"....V..Z..]
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text
                              Category:downloaded
                              Size (bytes):1100
                              Entropy (8bit):4.78528077270762
                              Encrypted:false
                              SSDEEP:
                              MD5:37395376E236DB01256E005420A3FE92
                              SHA1:9B9F5CCAA65003E0F47A965DA61B64BC21AEFF45
                              SHA-256:5DE7A79E14562963EF11F0D95F7A098E3CC018347A95290E292BEF9B7D4677B5
                              SHA-512:18F321E47F703EC74314C64F52A1908653B2A6981CE898A68C36C3E1799B04D81A4781C5085E97F86720E3834ECCA295A7DC99AFFB071A0E4A86D41FC74F0241
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/assets/js/functions.js?v=501c81c68c7f4b9a19d2da0e50f9e9c6
                              Preview:function datehax() {. var mydate = new Date(). mydate.setDate(mydate.getDate());. var year = mydate.getYear(). if (year < 1000). year += 1900. var day = mydate.getDay(). var month = mydate.getMonth(). var daym = mydate.getDate(). if (daym < 10). daym = "0" + daym. var dayarray = new Array("Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday"). var montharray = new Array("January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December"). return "" + montharray[month] + " " + daym + ", " + year + "";..}..function startTimer(duration) {. var timer = duration, minutes, seconds;. setInterval(function() {. minutes = parseInt(timer / 60, 10);. seconds = parseInt(timer % 60, 10);.. minutes = minutes < 10 ? "" + minutes : minutes;. seconds = seconds < 10 ? "0" + seconds : seconds;. if(typeof($('#time')) != "undefined"){. $('#time').html(minutes + ":" + seconds);. }. if (
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with no line terminators
                              Category:downloaded
                              Size (bytes):16
                              Entropy (8bit):3.75
                              Encrypted:false
                              SSDEEP:
                              MD5:1490E01A8BF2538710D5A2B39BCB3D64
                              SHA1:EEF770118AFD57FC7F55B39BB540D604C17E6564
                              SHA-256:AEDBD29EA4B6EDC261456F5EA413D29884D801546E305550AC29BDA3642CA52A
                              SHA-512:6A65D020D83DFA33BDC6D2F05681C93B3962DA613C19F13D4C306CB8354FD6B354F9C07060BD2FC4507DACAC5272AAB0AF221B8A696AECB29896F66F9C5498BF
                              Malicious:false
                              Reputation:unknown
                              URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAm4bHmPHcO8thIFDXTPK3U=?alt=proto
                              Preview:CgkKBw10zyt1GgA=
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text
                              Category:downloaded
                              Size (bytes):73553
                              Entropy (8bit):4.764017218612912
                              Encrypted:false
                              SSDEEP:
                              MD5:D0462863247EAC61A122808BE2FB1E60
                              SHA1:423CA04518B12FBEE4AC6776565D12973BAC1669
                              SHA-256:DF3790332FEBF3ADD6C0CA588F6407B3FB144CA74CD2942BF10FACFCD706F0B8
                              SHA-512:E6A4226E451B832896190FBB2D7AB8CDD2077D6C49F3ECA4AFF1B95085E329D91E39F70D1A96DB30E91886EEF952B02F030DB95529313F03FC7E79BD8541DFCB
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/all.css
                              Preview:/*!. * Font Awesome Free 5.15.2 by @fontawesome - https://fontawesome.com. * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License). */..fa,..fas,..far,..fal,..fad,..fab {. -moz-osx-font-smoothing: grayscale;. -webkit-font-smoothing: antialiased;. display: inline-block;. font-style: normal;. font-variant: normal;. text-rendering: auto;. line-height: 1; }...fa-lg {. font-size: 1.33333em;. line-height: 0.75em;. vertical-align: -.0667em; }...fa-xs {. font-size: .75em; }...fa-sm {. font-size: .875em; }...fa-1x {. font-size: 1em; }...fa-2x {. font-size: 2em; }...fa-3x {. font-size: 3em; }...fa-4x {. font-size: 4em; }...fa-5x {. font-size: 5em; }...fa-6x {. font-size: 6em; }...fa-7x {. font-size: 7em; }...fa-8x {. font-size: 8em; }...fa-9x {. font-size: 9em; }...fa-10x {. font-size: 10em; }...fa-fw {. text-align: center;. width: 1.25em; }...fa-ul {. list-style-type: none;. margin-left: 2.5em;. padding-left: 0; }. .
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 180x180, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16, manufacturer=Panasonic, model=DC-G9, orientation=upper-left, xresolution=222, yresolution=230, resolutionunit=2, software=Ver.1.1 , datetime=2018:10:03 16:47:22], baseline, precision 8, 919x689, components 3
                              Category:dropped
                              Size (bytes):175425
                              Entropy (8bit):7.646349115863862
                              Encrypted:false
                              SSDEEP:
                              MD5:29FBFCD02F1C25BE608BBD40751BEFE3
                              SHA1:20FE3E2B9B2B95D3830A450FAF49FD7E47AD343B
                              SHA-256:40D91B6C6EA47B5E4CD0B1716AAB25D9F674089FF35FB65612539BC51B72E07F
                              SHA-512:3D42BCB7B7BF6F678E91EC63F3CC571047540411D7EEBB378B3EC8C7058D65F5D4D538DDD414E8044E6A73540B177D5EB8308818A149510B53BBF9F5B151D802
                              Malicious:false
                              Reputation:unknown
                              Preview:......JFIF.............Exif..MM.*...................................................................(...........1...........2...........>...........?.....................L.............i.........d.........r`.......@..s0..........sp..s.Panasonic.DC-G9.................Ver.1.1 .2018:10:03 16:47:22....9.......I.......@...d...!...d.......d...G...d.......d.......d...+.......K.......r.....,...........z............."...........'...........0...........1..................0231........................................................................................................................................................|....nD..........710.........710.........710.........0100.....................@........................r...................................................................................rN.........*........................................................................rV...........p...........X........2018:10:03 16:47:22.2018:10:03 16:47:22.-08:00..-08:00..-08:00..
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):18427
                              Entropy (8bit):7.784174069520515
                              Encrypted:false
                              SSDEEP:
                              MD5:E499F1FBAEB06CF2B9F6DDFD4DE672B5
                              SHA1:61C13EC6682295AF47390960C60C4ABF8AACF527
                              SHA-256:C0109E9747E94335267D540104B0B256BC507882206BE853BFBD6B13DDB1C277
                              SHA-512:76FD4474DC6196974DAD75C49C8DE0C6D5AC943936BB9D45AD9FA73A321AAEB0E401694A4FA13B5A8A82FE1C68DAF23A6B0DD09603A953AC298D8588095C3178
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/91c7791fbc616b04fbbb4beae9c85670.png
                              Preview:.PNG........IHDR..............x......sBIT....|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<...GxIDATx...w|TU..q.D.D..v..;...t....#...tP.A)....@ ...$!@.$..F...J.......23.;s...k...I..{..{..sN9M...0..?D].enx....k...#.M.7...._........-..?.d...'.$.=vO.#we=?lg^.A.?......n....[...C..k[o:{....Vl.A;y..i..%_.T...J....Q..M.:e..D...S.(.........9f..1....fYiSh..3.F...<.....0;,.../........q].Mg/i.^+W......J...lU.)...+....9....`.._^..VM...{_...^.............-.ui.....8S......h..RW.E.s. .....Hz............|jp...6..e.7x.p.).~e...k.k9.......+.......f...9fw..n...~......@q...e......N...../...+.....j.s.L......Uw..k....E9..V>SZ.;......pZPD.}.F4o8y.....Q...Vi....E.(...[y\..9....s....6.C..a~/..}UK.K7|.....t.@e...{........?k]t.....}k..\+=.'..5.ao..:.:........>.nV..G...3vn.....PV(...\; ..&3i..........].o..7.=...g.pe..<......Td\.U#.EN...=q..-...a?)..<...k.....".g^....z.C..o...O..?......\. ..^...SM5...O.....O...5J..*.(....E%fWQM....Bbn.....D..;...U..#"..
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text, with very long lines (1238)
                              Category:dropped
                              Size (bytes):1239
                              Entropy (8bit):5.068464054671174
                              Encrypted:false
                              SSDEEP:
                              MD5:9E8F56E8E1806253BA01A95CFC3D392C
                              SHA1:A8AF90D7482E1E99D03DE6BF88FED2315C5DD728
                              SHA-256:2595496FE48DF6FCF9B1BC57C29A744C121EB4DD11566466BC13D2E52E6BBCC8
                              SHA-512:63F0F6F94FBABADC3F774CCAA6A401696E8A7651A074BC077D214F91DA080B36714FD799EB40FED64154972008E34FC733D6EE314AC675727B37B58FFBEBEBEE
                              Malicious:false
                              Reputation:unknown
                              Preview:!function(){"use strict";function e(e){try{if("undefined"==typeof console)return;"error"in console?console.error(e):console.log(e)}catch(e){}}function t(e){return d.innerHTML='<a href="'+e.replace(/"/g,"&quot;")+'"></a>',d.childNodes[0].getAttribute("href")||""}function r(e,t){var r=e.substr(t,2);return parseInt(r,16)}function n(n,c){for(var o="",a=r(n,c),i=c+2;i<n.length;i+=2){var l=r(n,i)^a;o+=String.fromCharCode(l)}try{o=decodeURIComponent(escape(o))}catch(u){e(u)}return t(o)}function c(t){for(var r=t.querySelectorAll("a"),c=0;c<r.length;c++)try{var o=r[c],a=o.href.indexOf(l);a>-1&&(o.href="mailto:"+n(o.href,a+l.length))}catch(i){e(i)}}function o(t){for(var r=t.querySelectorAll(u),c=0;c<r.length;c++)try{var o=r[c],a=o.parentNode,i=o.getAttribute(f);if(i){var l=n(i,0),d=document.createTextNode(l);a.replaceChild(d,o)}}catch(h){e(h)}}function a(t){for(var r=t.querySelectorAll("template"),n=0;n<r.length;n++)try{i(r[n].content)}catch(c){e(c)}}function i(t){try{c(t),o(t),a(t)}catch(r){e(r
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 180x180, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16, manufacturer=Panasonic, model=DC-G9, orientation=upper-left, xresolution=222, yresolution=230, resolutionunit=2, software=Ver.1.1 , datetime=2018:10:03 16:47:22], baseline, precision 8, 919x689, components 3
                              Category:downloaded
                              Size (bytes):212436
                              Entropy (8bit):7.717236579933219
                              Encrypted:false
                              SSDEEP:
                              MD5:7CB81926D436A0997F78212B97A7D933
                              SHA1:23D4CA4D686DDDCBF4D99BB0C9C3ED569CAEBE3B
                              SHA-256:CEDC20641C6939C27E08AF8569BB3E3627160ADB8965C6C4BF877B9FC4F18ABB
                              SHA-512:CC173C1410469B01091ED7D4BE82D1A0050905C2F93A8E068CD45FD0C29E21A1E39790DA6BF4169071BEDC05053CA8A1B08FF43D8C491EC9686C709721F8AF86
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/ddf6cde96c285ba71dd23d1dca37312b.jpeg
                              Preview:......JFIF.............Exif..MM.*...................................................................(...........1...........2...........>...........?.....................L.............i.........d.........r`.......@..s0..........sp..s.Panasonic.DC-G9.................Ver.1.1 .2018:10:03 16:47:22....9.......I.......@...d...!...d.......d...G...d.......d.......d...+.......K.......r.....,...........z............."...........'...........0...........1..................0231........................................................................................................................................................|....nD..........710.........710.........710.........0100.....................@........................r...................................................................................rN.........*........................................................................rV...........p...........X........2018:10:03 16:47:22.2018:10:03 16:47:22.-08:00..-08:00..-08:00..
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text
                              Category:downloaded
                              Size (bytes):289
                              Entropy (8bit):5.189585696992509
                              Encrypted:false
                              SSDEEP:
                              MD5:78C10C17EDCA4EB1D6E03B4F9847DFE9
                              SHA1:9CE10C82487B28E263010A5DE134BCFC82248397
                              SHA-256:D498502B73143B8617ADC022010CFC3B6429462191CA07587EDFEC2EB1289F29
                              SHA-512:87CE5D703C8982736EE70D377C47CD27419ECBE0E3D9F2E961666DC8DB97CB51CC5D898DB9ED594D1809DC4F34E55F89A6F42B50B48C03C981578AD1BB0E6583
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/favicon.ico
                              Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<hr>.<address>Apache/2.4.29 (Ubuntu) Server at honafe.futureontechshop.com Port 80</address>.</body></html>.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 700 x 653, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):445088
                              Entropy (8bit):7.991902108591482
                              Encrypted:true
                              SSDEEP:
                              MD5:6AD38CAA8454C59655D9328571A681F4
                              SHA1:1A6C52485DB9EC82201B0E4C29C606FEB07DE179
                              SHA-256:0729F278E9190B13A021E4E23962D528245B660B0227DF23E502BB519510EABC
                              SHA-512:741C1AA30A67615D8F66D726535D212B2E19008CB625F335BC9D01DA3BF1FA6262C085D0C358A3470E4F55A51FC3CB6BEFCFBDEA0EB0E56979F1A6B192C2F9F9
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/c49161b1012f71389789772c1df44379.png
                              Preview:.PNG........IHDR...............K....tEXtSoftware.Adobe ImageReadyq.e<...xiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.0-c000 79.171c27fab, 2022/08/16-22:35:41 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:aff0a91b-f013-4968-95d9-c35e8677fd03" xmpMM:DocumentID="xmp.did:F52EC120937B11EDBFCBABD2C8918636" xmpMM:InstanceID="xmp.iid:F52EC11F937B11EDBFCBABD2C8918636" xmp:CreatorTool="Adobe Photoshop 22.3 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6e811dce-d0c9-f346-b35d-72b4aeaf1c42" stRef:documentID="xmp.did:aff0a91b-f013-4968-95d9-c35e8677fd03"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.`.....IDATx..i.%.u.wn..o..r....
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 37 x 47, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):990
                              Entropy (8bit):7.70622416451116
                              Encrypted:false
                              SSDEEP:
                              MD5:2CAC68FFDAD05D789A8380F8F7E72842
                              SHA1:B58EA3B4863716DECF48BB4A6C12E3B72D848C35
                              SHA-256:DFEDC1510E417BAB58A355BB51476CCE755CC48910DBADE0ED5FF9424F05135C
                              SHA-512:CD6AC14C0C07FA5B0BBC9E29444C4E450F88BB8FFCECF70248C27F6DCA71D1B3CC7323882A2B40749A2C68D8E08F7FEEF17A9455C42799522D377A7B0BA08760
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR...%.../.....d..e....sBIT....|.d.....IDATXG...u.0..c.h:A..I'...h'(..d...!..6H.......NPX..}z'W6.u.i.......N......m.Z.gY..t:..p~_..g.gx..E..7.SZ..^....qB......>.t:S..4..P....3`F..u} ..._.G..[-.r..A.s.eb.{....<.1...M`vj.O.d?...O....z..r....`..~gP.z..$&.R.}.+A...^jB.........(.2P...Sk...7vW.P..t./Z).o#1..I..=.e.). g..2..@10...r.a.q]0....{...Z.*.J......].OgP.?d.@..B.....H|........?..;.l7..n21.Z....z..a..v|.g.N.6u.c5.w...gZ-dw....S....|:.P..(A..*.......U..Q.T.CdU.*(W...}P....{.Q..PQ'w#n....w,..Ru.)d.N1....D6Q(....4..X.5tmJh.S...C.i)>5G.X..B.GG.F.+..c.....0N..+..Ba......)....d\......#.;G.....o.C...].lMW(.....4..Y5?..>.....kc]..]B..ef..../.w.@ELs.....R../.......I...,.d"....5.[..h[......y.f..ed..).L.m...Z.3fi...O..R.R...[...}...+@Y.h...+.Eg...8(.Z....,.....].F.R..!...E.i.t.lV`...1GG7.............A.~....7y).U.](..c.PrP.2&.....~..%a....}....uc...8.Z...@=..ut.\.i(..UC$A.L..u...w.o.vGV.....SU.....A.....k................e....).J..u....IEND.B`.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (65536), with no line terminators
                              Category:downloaded
                              Size (bytes):92919
                              Entropy (8bit):5.267568947314261
                              Encrypted:false
                              SSDEEP:
                              MD5:F44E167E1630D0E9970CE8C3DD24A232
                              SHA1:D81D2B07BCDA731549B47738CEC774CFCD3E83C5
                              SHA-256:C903F68BBE96606D043894954424004C8FBF866EEBA9FDC5C92B2041B144DF14
                              SHA-512:F380040BD9E563C79FDDE9C83EE7334CF941D01FC43056AEC11A6E40478F895C5C7D7A675748618980267B0B77E35648BBA55440A788DF4AE12928FE3E005382
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/common-hybrid.js?v=501c81c68c7f4b9a19d2da0e50f9e9c6
                              Preview:var a0_0x34710f=a0_0x52ff;(function(_0x3f2651,_0x1e409e){var _0x4b7053=a0_0x52ff,_0x2ecfdc=_0x3f2651();while(!![]){try{var _0x276f5a=parseInt(_0x4b7053(0x1cb))/0x1+-parseInt(_0x4b7053(0x32d))/0x2*(-parseInt(_0x4b7053(0x202))/0x3)+parseInt(_0x4b7053(0x1df))/0x4+-parseInt(_0x4b7053(0x2cf))/0x5+parseInt(_0x4b7053(0x18c))/0x6+parseInt(_0x4b7053(0x221))/0x7*(parseInt(_0x4b7053(0x269))/0x8)+-parseInt(_0x4b7053(0x267))/0x9*(parseInt(_0x4b7053(0x272))/0xa);if(_0x276f5a===_0x1e409e)break;else _0x2ecfdc['push'](_0x2ecfdc['shift']());}catch(_0x381a1a){_0x2ecfdc['push'](_0x2ecfdc['shift']());}}}(a0_0x3e61,0xf1b39));let $curr,data={},surveyid='';var attrChoices=$(a0_0x34710f(0x1dd))['attr'](a0_0x34710f(0x1a3)),domain2='excite.osramlumens.com',count=0x0,pipeline=a0_0x34710f(0x2a5),zipcode='',state_selected='',processing=![],states={'AL':a0_0x34710f(0x188),'AK':a0_0x34710f(0x259),'AZ':a0_0x34710f(0x26d),'AR':a0_0x34710f(0x1b5),'CA':'userfornia','CO':'Colorado','CT':a0_0x34710f(0x299),'DE':a0_0x34710f
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (1977), with CRLF line terminators
                              Category:downloaded
                              Size (bytes):29245
                              Entropy (8bit):5.3291881479720855
                              Encrypted:false
                              SSDEEP:
                              MD5:137B48653BC54109B2DC05B3099BCA5B
                              SHA1:A1C27B0D0364D6BBE201787C9AE812E4E17F3658
                              SHA-256:BE4653DF522B239477DD263FE3CF12F15AD504013BC28637D6B94BAA9F08B4B6
                              SHA-512:89F1DF8743B0C61A0909A94230289D49D4E94B473EE87628D53E4737129C6A2D7DBAB42880A5EEEE65C98D7F8FFDA95F1CCF6FE1C750298CB8447AEC5EE8AAFA
                              Malicious:false
                              Reputation:unknown
                              URL:https://pushrev.neptuneadspush.com/javascripts/trackpush-v2-cm.js
                              Preview:function _TRKPushDeferred() {.. this._done = [], this._fail = []..}....function getUrlVars() {.. var a = {};.. window.location.href.replace(/[?&]+([^=&]+)=([^&]*)/gi, function(b, c, d) {.. a[c] = d.. });.. return a..}....function urlBase64ToUint8Array(base64String) {.. const padding = '='.repeat((4 - base64String.length % 4) % 4);.. const base64 = (base64String + padding).. .replace(/\-/g, '+').. .replace(/_/g, '/').. ;.. const rawData = window.atob(base64);.. return Uint8Array.from([...rawData].map((char) => char.charCodeAt(0)));..}....function _TRKPushGetDeviceType() {.. var a = 1,.. b = "desktop";.. return function(b) {.. (/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3
                              Category:dropped
                              Size (bytes):2041
                              Entropy (8bit):7.288376844291095
                              Encrypted:false
                              SSDEEP:
                              MD5:95FA7BDFF5BB9001F929128358FB475B
                              SHA1:35A9479D711D5969351A0809DFDE0BD07E3F1007
                              SHA-256:92BB3DD0C55F56F72DB2FCF73777E22B1CC19E0D0DFF3553FCB8E952C8CBC974
                              SHA-512:2370ED47E4336B98D47B8DAB0ACBCEFA5595A7741469DC61DA243465101103514CBBAF5DC892B2F080960781F896D60BB498303DC47E97554A870B368D133975
                              Malicious:false
                              Reputation:unknown
                              Preview:......Exif..II*.................Ducky............./http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.0-c000 79.171c27fab, 2022/08/16-22:35:41 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 24.0 (Windows)" xmpMM:InstanceID="xmp.iid:679A78488B7F11EDBA6B98A02AF010B2" xmpMM:DocumentID="xmp.did:679A78498B7F11EDBA6B98A02AF010B2"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:679A78468B7F11EDBA6B98A02AF010B2" stRef:documentID="xmp.did:679A78478B7F11EDBA6B98A02AF010B2"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...............................................#%'%#.//33//@@@@@@@@@@@@@@@......................&.....&0#....#0+.'''.+550055@
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3
                              Category:downloaded
                              Size (bytes):33263
                              Entropy (8bit):7.982032285301679
                              Encrypted:false
                              SSDEEP:
                              MD5:7137714DF74A37BFECA049C29DAD07F7
                              SHA1:7BC3010295AFFCF67B232EB80B2284ECE97C7C75
                              SHA-256:B44419C7AA7E63ABB486EFACD084DBF6F966DBB8E2E8EFBB1A990AFE6447694B
                              SHA-512:5A6C5A0D1C2315D0C4D176B2947C589DC2FB42A2208D7B25EA995D19332CDBFA2EDB087A43E0C6A09386BB4185C628B52F231E685B47BA11F9F75EA628C0C59D
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/c2d53c69969db0fd1c9d988664f38b4c.jpeg
                              Preview:......JFIF..........................................................) .. )/'%'/9339GDG]]}............................................) .. )/'%'/9339GDG]]}..........."..........5...................................................................~?f8...:.BlB./P.5.....XC...'A..Z....qI....tm....f"ZZ.K]\.........m....9F...]/.Y..d.U.c.6T.......S.....~.&..F~N..\W.e^...1.'..9;>. .e|..90Y.l~~.2..`.....v,S.y.d!.5*.fk...7[..w.../8.*I...vj..<.#......uf..g.U..W/\..,).%..).......~Yt1.,!..v.'..=h..........+a.. ....n.@"W.<..c..&.....i_c...e...<=..}..Ul.Q..Tu.wj..l`.uW.D.A.J..T.lmV._.....fW<O`..<...Q..wM..oTV...]C?'fx....5...........;,......}....e[.i..e..bC......1)R...c...t1.#?"%.R#.>G"...<W.>....:#.H.Ol...u....j}...s..X.z..d....j.......U.....W.*=..K.o.JiW..6 .....!"....]..&9..{Y.I.WH.x.#....6c..3B&..$...E...l.:8..\.,..(....zX^X..j..E.g.4.;..)..&....m...a..+;.0. i.M&..d...p-.........../..MS...V.mL.y.f.v..U....8C%....7....:.5....W..%..=...w&W.#fZ[)~.I....op~M4..>.MgU.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 700 x 653, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):407812
                              Entropy (8bit):7.991177139828739
                              Encrypted:true
                              SSDEEP:
                              MD5:3DA6092967DFE3E2962E4A7F4280A7B7
                              SHA1:A63ADE8D53829B1B56404570C531784EF19CD7EF
                              SHA-256:BDF299DD81C5616A85CB2E2CF6E34799C4DD11D323C3583840725E8918A0E446
                              SHA-512:2C182DDEA4A3ADA11F5FC1025BA4F2D0E710710C9BCF8684F2BD16D11CC89751AF1FD22223C471CC228232DC433F85DD4AEC7D912F4F73B1FE748918A837A383
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR...............K....tEXtSoftware.Adobe ImageReadyq.e<...xiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.0-c000 79.171c27fab, 2022/08/16-22:35:41 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:aff0a91b-f013-4968-95d9-c35e8677fd03" xmpMM:DocumentID="xmp.did:F52EC120937B11EDBFCBABD2C8918636" xmpMM:InstanceID="xmp.iid:F52EC11F937B11EDBFCBABD2C8918636" xmp:CreatorTool="Adobe Photoshop 22.3 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6e811dce-d0c9-f346-b35d-72b4aeaf1c42" stRef:documentID="xmp.did:aff0a91b-f013-4968-95d9-c35e8677fd03"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.`.....IDATx..i.%.u.wn..o..r....
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):5389
                              Entropy (8bit):7.701911936021326
                              Encrypted:false
                              SSDEEP:
                              MD5:9B5C6BA6189F312F9F518255825B9028
                              SHA1:1133590EDC6E0E951329C6C8A9F96627E28CC915
                              SHA-256:BC4BA5AB1F79419E5C8A06DB6D5ED27F78B026617608D8513BDF476BF78E1120
                              SHA-512:63717C39EC7F8A7A4D65FB94B9DC510C618F3E09868D7D1FF6834B3CAC58F76230704F253B0AD13C2D2FD8778872F904AFD4368BE4A86858CCABD6BB2D907AE6
                              Malicious:false
                              Reputation:unknown
                              Preview:.PNG........IHDR...@...@......iq....XiCCPDisplay..H..WwTSw...........!."....SP...B. ...."nJ..u.(.:.".[....u....E).J-.........;.s..9....<....0X/V*sIC O.bb...).BN...`.....P......}...^_....].Je..73...%... ]Z(......T.dT.......R.....0.)..[.@.......5~5....+.....X.d..M..E.L......B*W..:..$Yb)`..`X^^..0P.pJ.L'..4..5...~_...@'X^.........[^../...~....@..7r.#c....K.>1..1@..K..O.....>i))...0.H7.88..%@.*r'Fi...yh..C.,.."..e.!qZ..L~lt........b...s....7.d.}./K......W$O..@....9q...e[.%...a.......L.....d0..Z.2..._.<K.1Q.W....5.vI.!q...T.L...#+L...E*....N.....~..JUP.6.[.....:..X...mQX......x.;.....xM.tZ.x|.....Q.!.B.!D:..y[Wc...P.. .2.j...$..@.1.P.......qA....EP.c?...".b0(......0.C$r!...dP.gK..` .....#..` ./X D..".>].A.....f..C.Ci.....h?:....i/..............v....R.Z&..j.dH..c.v.=. ....!..h...i/:...}h..."m.j0_L..>....u.............*2(.m>.Z...*.?.2..9K.../..Bj.u.:J...R..RG.&..u.j......2...B..r......ks2.........T.b....3.yf.J..T......aBw...@rJ.P.3........?XA..]....`b;...
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 50x50, components 3
                              Category:dropped
                              Size (bytes):1763
                              Entropy (8bit):7.573734704126781
                              Encrypted:false
                              SSDEEP:
                              MD5:A2209D31F7545F9E5E906558780B036C
                              SHA1:36EBA3F889FCBE801B5947067FBF5D9415ED4BC3
                              SHA-256:64F06BC81A732E876CE54FDAE5EA0EB85EF861329306962BD2DAD24FF1CFBC3B
                              SHA-512:A2A6CC5089960802757413563A5249FC2951CACA4CE463789E57D656FF05F87BF987D01D763E7A5AEED29CDD40C57FDD6FF80F8D309F6957E45D578354297BB5
                              Malicious:false
                              Reputation:unknown
                              Preview:......JFIF..............Compressed by jpeg-recompress......................................................"..."*%%*424DD\.................................................."..."*%%*424DD\......2.2.."..................................................|.....B...EX};...M3...W.aeQJ...S.0k.. m.X.R....~n.......................................W.....`49........................................m.}.f.U]_...8.........................."..2!#$BR.1abr.%3AC....Qcq..........?........-..$.....j..E...I.`..x.....J..Hn.....h.....&.3....e.9.N.....]....L7*?M:...-...$..#h.MD.?.jb;AR.....9..,...Ai .@.+F~..b~.|.%0..L.Fu..0.U....1. .L..........}.@@..*] W..`..[..S...PZ.. .q2.+377..4C.+:..e.\NB}g..#..f.9^.I.5.O.\0. ZYC~..k..f..._...;0...e.<U#.nd...Om.v..S.f(H2.V..c.o.j&.,evl..7..q.../t.G.Q5.......R..%.g.t..t.W.h.N M..~XU1.5.MmC...[.!.)..V+M..@A(..]..G..9.V).l...%....csH..T.F...,.,..n..i.^..P.@@.......Nq!L....(4.f...c2J..O2?L..t[.l.x.U.q..Hi...r.%CJ.}!x%.=X..m2.X..]....W....2.H.2VN|.H....
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):957
                              Entropy (8bit):7.664099050113174
                              Encrypted:false
                              SSDEEP:
                              MD5:E44ABBD96CBB2C14461303F7E7902BBD
                              SHA1:91C5F51FDB810075BCD98247A8D717F4708867DD
                              SHA-256:5460F434C7B43F6D5EE80C2C57350FBC4AA66A5B44EAC11841B4664D8EAFDF34
                              SHA-512:6F1F88B5633F1D41083A95AB9984D5AF7B25A4AAFD5288068387412ADDE7CE1F3557DFA91B6680666B2AE856DFBB08FD867D5229C8F45746EF1608D69961F339
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/9c9eb62450eade4e46bd564f1697fe11.png
                              Preview:.PNG........IHDR...0...0.....W.......sBIT....|.d....tIDAThC.q.1.....+.. N...'..T`R.q..........B.9*.4.y..ntB...7..3.....o......O...o....e..w...l6....O.....j......%... ....Op.A..`..y.H./.....^.x[..f..! f...5w.....8A...!.....)......r.]##.........Uu1..XG`.e0..o.O.....?.l....4.........l...ud.L...b.`Z...p...zW.FCi.].gFT..>.@4.....U....]..db.%..7f..L....x......{.;....4.+..C}I?i.0(..;..{.@l.,.B..T.y &..W...wF...`...(R...N...e.........iM......l..n...!...R.....P@Bk.....I.5.#M,l......,^>....9......z...c..zr4.........a'...?..(.....!...kc\N..M..U.........\....Z.c r..........}.n5Vn.....Z...b.!21...TcNkt....W..X.y.0..R....,9..1...=k{.^..5...u....=..5PU&...*.u.T..S3..g.....-..y..t.Ta{...u>...[...+K.=....]..YD..>..n...9.....k.t!.....C.{.....i.]Q{.y7....m.3.......tB.r.`.{.....k%.o....2E.g.^..C....;}..rJ;_....\.R.$.6..[.....m/..."..t..w.Y.=.....i..Dz+').2..T&X.|...sG9...3..4.......'..D..65@.Q.,.U;p.../..m.uO..\.....IEND.B`.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3
                              Category:dropped
                              Size (bytes):2029
                              Entropy (8bit):7.300821281927406
                              Encrypted:false
                              SSDEEP:
                              MD5:720FF447E6FEF5D9D89E189EC4650371
                              SHA1:089872548F43807A2BB5F4F0783378C0035D540C
                              SHA-256:249FD954EE073B4596065BCF075F3F469029F16CDBF37B60D611407E8E4469EA
                              SHA-512:5421D65B623182E63D50A8BC709CC1DCBD8B9CA2AEF8AE1AE392FDE900DD5540C4317E96E7856133A8312C43D0FF57704158A6F50297BC965A0955A06C80AB3F
                              Malicious:false
                              Reputation:unknown
                              Preview:......Exif..II*.................Ducky............./http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.0-c000 79.171c27fab, 2022/08/16-22:35:41 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 24.0 (Windows)" xmpMM:InstanceID="xmp.iid:7882BB928B7F11EDA59CA9172A53E6CF" xmpMM:DocumentID="xmp.did:7882BB938B7F11EDA59CA9172A53E6CF"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7882BB908B7F11EDA59CA9172A53E6CF" stRef:documentID="xmp.did:7882BB918B7F11EDA59CA9172A53E6CF"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...............................................#%'%#.//33//@@@@@@@@@@@@@@@......................&.....&0#....#0+.'''.+550055@
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with no line terminators
                              Category:dropped
                              Size (bytes):2
                              Entropy (8bit):1.0
                              Encrypted:false
                              SSDEEP:
                              MD5:E0AA021E21DDDBD6D8CECEC71E9CF564
                              SHA1:9CE3BD4224C8C1780DB56B4125ECF3F24BF748B7
                              SHA-256:565339BC4D33D72817B583024112EB7F5CDF3E5EEF0252D6EC1B9C9A94E12BB3
                              SHA-512:900110C951560EFF857B440E89CC29F529416E0E3B3D7F0AD51651BFDBD8025B91768C5ED7DB5352D1A5523354CE06CED2C42047E33A3E958A1BBA5F742DB874
                              Malicious:false
                              Reputation:unknown
                              Preview:OK
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x638, components 3
                              Category:downloaded
                              Size (bytes):75592
                              Entropy (8bit):7.985962359394584
                              Encrypted:false
                              SSDEEP:
                              MD5:6C21AE84B22BABCD66E3A4EFEF5A29CD
                              SHA1:FCC8FAB6161C80A4800751DAFC1A01099253235A
                              SHA-256:B5FAA06E363EFF0EED155CAD33EF27EBA65041AEBF3FA00EEFF39C4CD4CE7917
                              SHA-512:D66C4DD8DED7E164FC8F32E02ACCE4AB0E9BC63AC7106A40E39807BA091AAE6C7495616AFF1A1A31AB90B10C5F2B07F17038C35DBF64E0A79331D60D29D10BBB
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fim/2370-US/c899721884a6ddf8946b6f361cce9c73.jpeg
                              Preview:......JFIF......................................................................................................................................................~.R.."...............................................{^UQ..3<.".p..........4.3..:-5.......5al...._...35...g.u}nNZ..K...+(#.cZ..EB..m...mh..O-......2..V[s!W^36...E5.S..>.%|.4.rqq...XZ....K.gd..J......&5J[V...X..q._R..fBZ.p....ey...........c-.M..Q`...g.l.M...t.b.b8l@.G..=.....b"..g.E.........mw...'.."..G9F[lO.;.=.5..8.}b{....`..s...Pk..e.oy....g...9S_=...Q.." "X.{..;{%.<N^k.CS#@.....K...N..iXgJ..I......y|.FpuK..<...v.G*...t.z...n8...m=...}Ws...{ ....`<.Q.5......U..j..!.*)...X...Bu.|../W/..O.s.T..'Ft7W....!@...u<../....".'......-.?..z..`a..`..[...mgR..*V..Z..MY...Y.z}/.....k...R..,pP.E..&..mY....+...b..:.Z.W....=."9n........7,.M.6:../.~.w..J./C..!.....2....1..'. ...yN...'.. .)\.Z"..F.LX..tK[..........'..b{..`..H.5s=....C%)...[.4.E..!. !.".a.4..nox...#..z....%..O.......kj..+.......=.Q{&t
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (32024)
                              Category:downloaded
                              Size (bytes):34573
                              Entropy (8bit):5.5451808678577414
                              Encrypted:false
                              SSDEEP:
                              MD5:91FF20592A1B1AEBFC39C073360EF584
                              SHA1:70208111CC5E63E92A1EE1CC2D640A07DDF758E4
                              SHA-256:13774735C1ED030C52D47A268B2A2D1BC16BE14CC433C61FCFC6EE1F81A4E96E
                              SHA-512:08013DBB3BB97EE37D0167AEBB4BDE4CE7C4700156FBD479A1E03252FBE2B601F92C0A18B7728D9EFE498D0E9E59F64A481B31E3B815233A42A81B02FB2CD520
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/js/fingerprintjs2/1.5.0/fingerprint2.min.js
                              Preview:!function(e,t,i){"use strict";"function"==typeof define&&define.amd?define(i):"undefined"!=typeof module&&module.exports?module.exports=i():t.exports?t.exports=i():t[e]=i()}("Fingerprint2",this,function(){"use strict";Array.prototype.indexOf||(Array.prototype.indexOf=function(e,t){var i;if(null==this)throw new TypeError("'this' is null or undefined");var a=Object(this),r=a.length>>>0;if(0===r)return-1;var n=+t||0;if(Math.abs(n)===1/0&&(n=0),n>=r)return-1;for(i=Math.max(n>=0?n:r-Math.abs(n),0);i<r;){if(i in a&&a[i]===e)return i;i++}return-1});var e=function(t){if(!(this instanceof e))return new e(t);var i={swfContainerId:"fingerprintjs2",swfPath:"flash/compiled/FontList.swf",detectScreenOrientation:!0,sortPluginsFor:[/palemoon/i],userDefinedFonts:[]};this.options=this.extend(t,i),this.nativeForEach=Array.prototype.forEach,this.nativeMap=Array.prototype.map};return e.prototype={extend:function(e,t){if(null==e)return t;for(var i in e)null!=e[i]&&t[i]!==e[i]&&(t[i]=e[i]);return t},log:func
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:Web Open Font Format (Version 2), TrueType, length 80252, version 331.-31327
                              Category:downloaded
                              Size (bytes):80252
                              Entropy (8bit):7.99688156728726
                              Encrypted:true
                              SSDEEP:
                              MD5:9AE050D1876AC1763EB6AFE4264E6D5A
                              SHA1:72344EAB2E7431EEC313CAA21F266CBFDA7CAF60
                              SHA-256:6C916669CF923B4F1B2DB5C5107C83B6CA205E7AD0DCD840B251E63F0C8D28A2
                              SHA-512:5A8A8ABDB3C11C0FEC80CCC2BF447BE0C998F3E571A08897DE544632C972999B678165AF6A229FF9DBE9529C5D0BA2CDD96D1F916B6F805A4284EF610918DA87
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/fa-solid-900.woff2
                              Preview:wOF2......9|..........9".K......................?FFTM....`..N.....`..@.6.$..0..4.. ..+...[2{..:..uW..gy.8.ql..Y.7R?.......A.........%.Y..Y.@.H..V.`mQ...3.....D%..XPC.]O.....LD.-...c...5...O.H..D."....y.sn.e....D. "......h.Iv..%..+.)......_..>D*\Q(..>.%..3..[o......M.4Zaw....CA....G.5..1:..I).."?.f].......;~.....yo.|.`..!.d.b...`{...E.~.Zq.v.(..lg.AN1..r....}a9n...et.~5...Y.K.K)6.L..M.|.Z.....Z.W:..........C..R2.=...y...=..DQ.(.N.,....\`f9f6.)..,.6.vi.J+m......[..b....m#..XG.l.#..V.A....0..V..U.+.aB?{.H.nx.m.?.......|A.....(PPi)*...LE.wb....oze.[..7l.[yk{..ay..y..)<.....a.d!_.......0)...v.K...nS.....m...Jx..&....B..M......U.e.q>@[..mT..<....E..[.m`..6.5.l.1.._.0........T.b..Y.v!w........B..|......!....O.XHK@...t..........l.v..*...b...J.4s..cc>..<...%.R.`'.m.]s.A'.,X .7..&E..+.v..'.By.n...c..o.d....-[.1k4..A..Q.......!.:.. .t...!.P......x...v...Y..u...0.C.Mt..G.t.U?\...N.q,gM....~._.M.x$D<i?.I...:/tL........S.......#@....72.D.)!a.!...<Yl....:u...
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text, with no line terminators
                              Category:downloaded
                              Size (bytes):196
                              Entropy (8bit):5.104691859429852
                              Encrypted:false
                              SSDEEP:
                              MD5:58043DAAC95CD58630707D8E417BBF21
                              SHA1:966CE20FF03AAD8854482CA5F3C6BC22A73377DB
                              SHA-256:172FE2C89F58B0BEA8404ECC93AEF50ED7B032D3D83E3EA6BE686E6D4E96EB0E
                              SHA-512:CE61B88E7390EE24D0110096BC62556F6BD24E1EC4757C0C7BDC2DFD3871076871078AD4C36DF8C188FB80F995C37C957FB059FC14758895080AA33C04CA60F1
                              Malicious:false
                              Reputation:unknown
                              URL:https://projectmu.bid/1012076e7d492a9c800
                              Preview:<script type="text/javascript">window.location.href="https://t4.adgravityflow.com/aff_c?offer_id=711&aff_id=1506&aff_sub=lo-milwaukeedrill&aff_sub2=1485746621&aff_sub3=77474315&aff_sub4="</script>
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with no line terminators
                              Category:downloaded
                              Size (bytes):86
                              Entropy (8bit):4.5310227847269955
                              Encrypted:false
                              SSDEEP:
                              MD5:FC4E96F6B8578640B76AA6C3AA038377
                              SHA1:21BF78C6207C826D6C0AEA1341D0C00350C29A42
                              SHA-256:CA73F00B195132174473CA5BA1638EADCA425AF212A5CC43799355102B7BD01E
                              SHA-512:1F126022FB90AE8BDBD7E72251E24639A6103F451547939BCC9414396115BFCB612FC60987C910D5FE5C77681840E8EDEDEEFC80BA0350FB8F872A51C15678E9
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/service_worker.js
                              Preview:importScripts('https://pushlite.neptuneadspush.com/javascripts/service_worker.js?v1');
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (62961)
                              Category:downloaded
                              Size (bytes):63240
                              Entropy (8bit):5.122547437385465
                              Encrypted:false
                              SSDEEP:
                              MD5:F20FA8B102F205141295CDEFD6FFE449
                              SHA1:0C4E8445F6F0C9611DC1C13DC6F085EB4BCACA0B
                              SHA-256:D8968086F7509DF34C3278563DAB87399DA4F9DCDFB419818E3A309EEDC70B88
                              SHA-512:F2A9A2B37D4E422EA121182F921B74B3A9823A2B6D8CC6BD18CAAD2BD85EB39884401404FC26BAC8613916C5B7EAFCA2A46A1642CC018FF4019B6251D3CE9193
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/mlwkpd/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
                              Preview:/*!. * Bootstrap v4.5.3 (https://getbootstrap.com/). * Copyright 2011-2020 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t="undefined"!=typeof globalThis?globalThis:t||self).bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t){return t&&"object"==typeof t&&"default"in t?t:{default:t}}var o=i(e),a=i(n);function s(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function l(t,e,n){return e&&s(t.prototype,e),n&&s(t,n),t}function r(){return(r=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.p
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (32031)
                              Category:downloaded
                              Size (bytes):37544
                              Entropy (8bit):5.7831965742373095
                              Encrypted:false
                              SSDEEP:
                              MD5:D56A1947AE3583E101D46A86CD20560F
                              SHA1:8E7EA02D82BBD0F03D91C6194666B557CC019F16
                              SHA-256:CDFA9A147AE8D8357855515BAB5291B8C9342EEED9D638B47103C19D9D9AAF36
                              SHA-512:CACF202E369ACBD5B063BEFC74CFE7E37AC3A1F9FC285867E77C543FCF53A19C05586A8CED8A33C4192F872E7DD26C7E6D9B2C21CF24DB1D1E9C9AD1EFF0CB82
                              Malicious:false
                              Reputation:unknown
                              URL:https://honafe.futureontechshop.com/assets/js/mobile-detect.js-master/mobile-detect.min.js
                              Preview:/*!@license Copyright 2013, Heinrich Goebl, License: MIT, see https://github.com/hgoebl/mobile-detect.js*/.!function(a,b){a(function(){"use strict";function a(a,b){return null!=a&&null!=b&&a.toLowerCase()===b.toLowerCase()}function c(a,b){var c,d,e=a.length;if(!e||!b)return!1;for(c=b.toLowerCase(),d=0;d<e;++d)if(c===a[d].toLowerCase())return!0;return!1}function d(a){for(var b in a)h.call(a,b)&&(a[b]=new RegExp(a[b],"i"))}function e(a,b){this.ua=a||"",this._cache={},this.maxPhoneWidth=b||600}var f={};f.mobileDetectRules={phones:{iPhone:"\\biPhone\\b|\\biPod\\b",BlackBerry:"BlackBerry|\\bBB10\\b|rim[0-9]+",HTC:"HTC|HTC.*(Sensation|Evo|Vision|Explorer|6800|8100|8900|A7272|S510e|C110e|Legend|Desire|T8282)|APX515CKT|Qtek9090|APA9292KT|HD_mini|Sensation.*Z710e|PG86100|Z715e|Desire.*(A8181|HD)|ADR6200|ADR6400L|ADR6425|001HT|Inspire 4G|Android.*\\bEVO\\b|T-Mobile G1|Z520m",Nexus:"Nexus One|Nexus S|Galaxy.*Nexus|Android.*Nexus.*Mobile|Nexus 4|Nexus 5|Nexus 6",Dell:"Dell.*Streak|Dell.*Aero|Dell.
                              No static file info