Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
f240ecb0-e96b-4ea8-82a8-92bc0559e7ad

Overview

General Information

Sample name:f240ecb0-e96b-4ea8-82a8-92bc0559e7ad
Analysis ID:1511696
MD5:81a38770cddba32e1e8d584ff3e94ed6
SHA1:00a9a633e4859962d37fd6f72619f91843236d93
SHA256:42ff1c7d525c8b729fe4492ed2d900ae485a1208886efe4f4235f8aa8767c636
Infos:

Detection

HTMLPhisher
Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Multi AV Scanner detection for domain / URL
Yara detected HtmlPhish10
Javascript uses Clearbit API to dynamically determine company logos
Detected hidden input values containing email addresses (often used in phishing pages)
HTML body contains password input but no form action
HTML body with high number of embedded images detected
None HTTPS page querying sensitive user data (password, username or email)
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6380 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.html MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5944 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1988,i,15620364903678598132,10913883648348935243,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
f240ecb0-e96b-4ea8-82a8-92bc0559e7adJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

      Sigma Signatures

      No Sigma rule has matched

      Suricata Signatures

      No Suricata rule has matched

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Multi AV Scanner detection for domain / URL
      Source: code.jquery.com.deVirustotal: Detection: 9%Perma Link

      Phishing

      barindex
      AI detected phishing page
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlLLM: Score: 10 Reasons: HTML file with login form DOM: 0.0.pages.csv
      Yara detected HtmlPhish10
      Source: Yara matchFile source: f240ecb0-e96b-4ea8-82a8-92bc0559e7ad, type: SAMPLE
      Source: Yara matchFile source: 0.0.pages.csv, type: HTML
      Javascript uses Clearbit API to dynamically determine company logos
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: var p=b;function b(c,d){var e=a();return b=function(f,g){f=f-0x1b1;var h=e[f];return h;},b(c,d);}function a(){var a=['post','invalid\x20email\x20address','src','#login','replace','60jtwbdo','2642445krvkga','email','https://','44029grokwh','preventdefault','which','2104516lwglhr','6839624ndaiut','json','987939pbxxhj','#pr','keycode','2oejtaz','done','get','touppercase','470491atuwex','#login2','ajax','office','#logoimg','&#20320;&#30340;\x20&#23494;&#30721;\x20&#26159;&#19981;&#27491;&#30830;&#30340;,\x20&#35831;\x20&#26680;&#23454;\x20&#20320;&#30340;\x20&#23494;&#30721;','&#26080;&#25928;&#30340;\x20&#23494;&#30721;','placeholder','\x20&#19968;&#20010;&#38169;&#35823;\x20&#21457;&#29983;\x20!\x20&#35831;\x20&#23581;&#35797;\x20&#20877;&#27425;\x20<a\x20href=\x27#\x27>&#26356;&#22810;&#30340;\x20&#20449;&#24687;</a>','location','substr','html','indexof','#msg','test','url','outlook','keypress','fail','show','imgsrc','ready','437172srzsbl','attr','click','val','#submit-btn','&#27491;&#22312;&#39564;&#35777;...
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: rgooch@atnf.csiro.au
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: <input type="password" .../> found but no <form action="...
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: Total embedded image size: 390912
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: Has password / email / username input fields
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: <input type="password" .../> found
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: No favicon
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: No favicon
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: No <meta name="author".. found
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: No <meta name="author".. found
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: No <meta name="copyright".. found
      Source: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmlHTTP Parser: No <meta name="copyright".. found
      Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49738 version: TLS 1.2
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
      Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
      Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
      Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.221.95
      Source: unknownTCP traffic detected without corresponding DNS query: 192.229.221.95
      Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.206
      Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.206
      Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.206
      Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.206
      Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.206
      Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.206
      Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.206
      Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.206
      Source: global trafficDNS traffic detected: DNS query: code.jquery.com.de
      Source: global trafficDNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
      Source: global trafficDNS traffic detected: DNS query: ucarecdn.com
      Source: global trafficDNS traffic detected: DNS query: logo.clearbit.com
      Source: global trafficDNS traffic detected: DNS query: www.google.com
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
      Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
      Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
      Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
      Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
      Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
      Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
      Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
      Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
      Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
      Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
      Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
      Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
      Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
      Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
      Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
      Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
      Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
      Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
      Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
      Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
      Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
      Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
      Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
      Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
      Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
      Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
      Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
      Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
      Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
      Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
      Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
      Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
      Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
      Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
      Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
      Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
      Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
      Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
      Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
      Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
      Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
      Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
      Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
      Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
      Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
      Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
      Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
      Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
      Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
      Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
      Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
      Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
      Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
      Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
      Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
      Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
      Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
      Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
      Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49738 version: TLS 1.2
      Source: classification engineClassification label: mal68.phis.win@13/15@14/120
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
      Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.html
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1988,i,15620364903678598132,10913883648348935243,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1988,i,15620364903678598132,10913883648348935243,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: Window RecorderWindow detected: More than 3 window changes detected
      Source: f240ecb0-e96b-4ea8-82a8-92bc0559e7adStatic file information: File size 1230747 > 1048576
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

      Mitre Att&ck Matrix

      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
      Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
      Registry Run Keys / Startup Folder      		1
      Process Injection      		1
      Masquerading      		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
      Encrypted Channel      		Exfiltration Over Other Network MediumAbuse Accessibility Features
      CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
      Registry Run Keys / Startup Folder      		1
      Process Injection      		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
      Non-Application Layer Protocol      		Exfiltration Over BluetoothNetwork Denial of Service
      Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
      Application Layer Protocol      		Automated ExfiltrationData Encrypted for Impact

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      No Antivirus matches

      Dropped Files

      No Antivirus matches

      Unpacked PE Files

      No Antivirus matches

      Domains

      SourceDetectionScannerLabelLink
      d26p066pn2w0s0.cloudfront.net0%VirustotalBrowse
      www.google.com0%VirustotalBrowse
      maxcdn.bootstrapcdn.com0%VirustotalBrowse
      ucarecdn.com0%VirustotalBrowse
      logo.clearbit.com0%VirustotalBrowse
      code.jquery.com.de9%VirustotalBrowse

      URLs

      SourceDetectionScannerLabelLink
      file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.html0%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      d26p066pn2w0s0.cloudfront.net
      		13.32.27.14
      		truefalseunknown
      maxcdn.bootstrapcdn.com
      		104.18.10.207
      		truefalseunknown
      www.google.com
      		142.250.185.196
      		truefalseunknown
      code.jquery.com.de
      		38.34.185.163
      		truetrueunknown
      ucarecdn.com
      		2.19.126.150
      		truefalseunknown
      logo.clearbit.com
      		unknown
      		unknownfalseunknown

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.htmltrue
      • Avira URL Cloud: safe
      		unknown

      World Map of Contacted IPs

      • No. of IPs < 25%
      • 25% < No. of IPs < 50%
      • 50% < No. of IPs < 75%
      • 75% < No. of IPs

      Public IPs

      IPDomainCountryFlagASNASN NameMalicious
      142.250.185.99
      		unknownUnited States
      		15169GOOGLEUSfalse
      142.250.184.195
      		unknownUnited States
      		15169GOOGLEUSfalse
      142.250.74.202
      		unknownUnited States
      		15169GOOGLEUSfalse
      142.250.186.78
      		unknownUnited States
      		15169GOOGLEUSfalse
      1.1.1.1
      		unknownAustralia
      		13335CLOUDFLARENETUSfalse
      104.18.10.207
      		maxcdn.bootstrapcdn.comUnited States
      		13335CLOUDFLARENETUSfalse
      108.177.15.84
      		unknownUnited States
      		15169GOOGLEUSfalse
      38.34.185.163
      		code.jquery.com.deUnited States
      		174COGENT-174UStrue
      216.58.206.67
      		unknownUnited States
      		15169GOOGLEUSfalse
      13.32.27.14
      		d26p066pn2w0s0.cloudfront.netUnited States
      		7018ATT-INTERNET4USfalse
      142.250.181.234
      		unknownUnited States
      		15169GOOGLEUSfalse
      239.255.255.250
      		unknownReserved
      		unknownunknownfalse
      142.250.185.196
      		www.google.comUnited States
      		15169GOOGLEUSfalse
      142.250.185.131
      		unknownUnited States
      		15169GOOGLEUSfalse
      2.19.126.150
      		ucarecdn.comEuropean Union
      		16625AKAMAI-ASUSfalse
      142.250.186.42
      		unknownUnited States
      		15169GOOGLEUSfalse
      172.217.16.195
      		unknownUnited States
      		15169GOOGLEUSfalse
      142.250.186.74
      		unknownUnited States
      		15169GOOGLEUSfalse

      Private

      IP
      192.168.2.16

      General Information

      Joe Sandbox version:40.0.0 Tourmaline
      Analysis ID:1511696
      Start date and time:2024-09-16 07:18:46 +02:00
      Joe Sandbox product:CloudBasic
      Overall analysis duration:
      Hypervisor based Inspection enabled:false
      Report type:full
      Cookbook file name:defaultwindowsinteractivecookbook.jbs
      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
      Number of analysed new started processes analysed:15
      Number of new started drivers analysed:0
      Number of existing processes analysed:0
      Number of existing drivers analysed:0
      Number of injected processes analysed:0
      Technologies:
      • EGA enabled
      Analysis Mode:stream
      Analysis stop reason:Timeout
      Sample name:f240ecb0-e96b-4ea8-82a8-92bc0559e7ad
      Detection:MAL
      Classification:mal68.phis.win@13/15@14/120

      Warnings

      • Exclude process from analysis (whitelisted): dllhost.exe, svchost.exe
      • Excluded IPs from analysis (whitelisted): 142.250.185.99, 142.250.186.78, 108.177.15.84, 34.104.35.123
      • Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, fe3cr.delivery.mp.microsoft.com
      • Not all processes where analyzed, report is missing behavior information

      LLM Input / Output

      InputOutput
      URL: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.html Model: jbxai
      {
"brand":["shuoyangmarine.com"],
"contains_trigger_text":false,
"prominent_button_name":"unknown",
"text_input_field_labels":["Enter email"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
      URL: file:///C:/Users/user/Desktop/f240ecb0-e96b-4ea8-82a8-92bc0559e7ad.html Model: jbxai
      {
"brand":["shuoyangmarine.com"],
"contains_trigger_text":false,
"prominent_button_name":"unknown",
"text_input_field_labels":["Enter email"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

      Created / dropped Files

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 16 04:19:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2673
      Entropy (8bit):3.985928031437633
      Encrypted:false
      SSDEEP:
      MD5:C1A23496BA9D798F2CBF50D89E0F5E1F
      SHA1:CD343960895DFB4B99AD39CE9E858103AB3D4E86
      SHA-256:052930248AFB8F8C6070AEFAFECD809325E0B820DD0CD808D74A89C8EA89AC33
      SHA-512:0C177BFF5BB02F20334C1B28D66C09B05EA72E7AC38A63A0D1C8ED63BFECD866C7A09B42C9E2F7D72D635C643A4AFA945FA56B0B49A89A776CAE7CCCB6DF3DFE
      Malicious:false
      Reputation:unknown
      Preview:L..................F.@.. ...$+.,....F%......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I0Y]*....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V0Yy*....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V0Yy*....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V0Yy*..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V0Y{*...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............P......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 16 04:19:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2675
      Entropy (8bit):4.003395151461397
      Encrypted:false
      SSDEEP:
      MD5:5BAF1B43E9978CA05D551041B2C496AC
      SHA1:145C372DBC0E7B0AB3E3A79196EEA151BC6E9D6F
      SHA-256:F4ABBBA39C17D1B4B12CFC45E8E23A223EAD4D25780426DADE523E0549B565E9
      SHA-512:832A5B7FC5E2E0B2B305C0DB42806C43877F5F04229A5D4287889E562D26DDF40F737219CF2AAAD04B44F28E9CD5470C487C3E6077BF23E3DE0B56708648F3A5
      Malicious:false
      Reputation:unknown
      Preview:L..................F.@.. ...$+.,....>T......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I0Y]*....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V0Yy*....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V0Yy*....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V0Yy*..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V0Y{*...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............P......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2689
      Entropy (8bit):4.009331958117679
      Encrypted:false
      SSDEEP:
      MD5:DA51255FD3E33E369C73DCACBCD1435C
      SHA1:865E5044A13C0A8E3D3519948225353C09FBCE2C
      SHA-256:9AB12375C34C7794745D8A70FBF630FC34B6C9CEB20D3E228A49DE138F940238
      SHA-512:D3EDC2D8FA215C76CCD9DBF3A354016F0B1122B92F5C9E1A5CCD106E4325B371ED040122A62123DBBCA1EEF39459330DC98A3D05294A08F2B553860590B6FBC5
      Malicious:false
      Reputation:unknown
      Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I0Y]*....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V0Yy*....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V0Yy*....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V0Yy*..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............P......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 16 04:19:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2677
      Entropy (8bit):4.00202734850187
      Encrypted:false
      SSDEEP:
      MD5:60B8B68E0FC7CE17684E871E8FF00683
      SHA1:A57A90C7EF2E7490D17D4B7EFF1C9BA55CD488DE
      SHA-256:D6D2CFEBB7335D7701136F9ED81885FE15FD4987CC8F3A9410F97AC8A33068C0
      SHA-512:179DAC761103F33A0DF7D82EF585B2A2392C3F85F52153F45FC29B81E7C61FCFBCF8D85EC447187A06E1AAC916387F8782C5374B373DB4060B1B5E4E1F36496A
      Malicious:false
      Reputation:unknown
      Preview:L..................F.@.. ...$+.,....Yv......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I0Y]*....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V0Yy*....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V0Yy*....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V0Yy*..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V0Y{*...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............P......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 16 04:19:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2677
      Entropy (8bit):3.9909402301567902
      Encrypted:false
      SSDEEP:
      MD5:3DFF828CCBD96B3A047FC5D16F905DC7
      SHA1:B7758C7B302B0DBE2588D93D6CB5D9D3E4E220C6
      SHA-256:718003F40B6CBC1026ACA4A5652BED02A2BC1D65F4F0453079EB13EB3134F727
      SHA-512:3969578A259D4EC6C4E2C614B9E4290686D95F2FBF4B3295DB51D500F917D36FDB313E9BE5690C3C26790796F83E63A4A7BE846576E8D2FDEFFE5406E9248C77
      Malicious:false
      Reputation:unknown
      Preview:L..................F.@.. ...$+.,.....1......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I0Y]*....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V0Yy*....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V0Yy*....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V0Yy*..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V0Y{*...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............P......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 16 04:19:52 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2679
      Entropy (8bit):4.001205678088084
      Encrypted:false
      SSDEEP:
      MD5:86E8EFA1FB1A365EDB218C23FCBB71C7
      SHA1:4F0B49F638D4CC3B0E6B0AD17A5D359D0318E86F
      SHA-256:DBE2E72B18AFCD06660058BFAD2C2D629069FF43C79DD3353AB7A94A41BBD543
      SHA-512:A11C5A6F01E5FFE28E0C939360927A6F52D893814EAE5A7DB864C0767E92E5482D3CB0CE1D2E2189AED4D5787A4969EE22EB3EB0921FBC12B6568F1732FF1CCF
      Malicious:false
      Reputation:unknown
      Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I0Y]*....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V0Yy*....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V0Yy*....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V0Yy*..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V0Y{*...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............P......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      Chrome Cache Entry: 67

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:ASCII text, with very long lines (65536), with no line terminators
      Category:downloaded
      Size (bytes):403295
      Entropy (8bit):5.185720161463881
      Encrypted:false
      SSDEEP:
      MD5:D735285640B4136D2176AA494F0F39DE
      SHA1:662AACE89BFB66CFA74931E9309FA872900E10B5
      SHA-256:2DFEF129DBE4C4F0AB2B2B0E67024E9486AF9E29392A8A890DA025E2BCAFCD18
      SHA-512:1A7D9B826C930DE2853129F7F8866520CCC6AD983FC82F255F8F10CBB8A8A05DFAC6FC311340DC65051FDC330B7BD0FA4B38537F03F387ADA78D5FC1C247C208
      Malicious:false
      Reputation:unknown
      URL:https://code.jquery.com.de/jquery-3.5.1.min.js
      Preview:function _0x171d(_0x14526a,_0x3bbd88){var _0x1604d8=_0x3fa8();return _0x171d=function(_0x2be7df,_0x1bddd6){_0x2be7df=_0x2be7df-(-0x2e*0x1f+0x6*0x40b+-0x1181*0x1);var _0x2abeb9=_0x1604d8[_0x2be7df];return _0x2abeb9;},_0x171d(_0x14526a,_0x3bbd88);}var _0x391389=_0x171d;(function(_0x2d2242,_0x3e4551){var _0x2498f5=_0x171d,_0x1b4406=_0x2d2242();while(!![]){try{var _0x1b7a18=parseInt(_0x2498f5(0x5db))/(-0x26ed+-0xae+0x1a*0x186)*(-parseInt(_0x2498f5(0x531))/(-0x863+0x6b4+0x1b1))+-parseInt(_0x2498f5(0x474))/(0x180f*-0x1+-0x12f1*0x2+-0xc64*-0x5)+-parseInt(_0x2498f5(0x283))/(0x752*0x5+0xc57+-0x30ed)*(-parseInt(_0x2498f5(0x411))/(0x1*-0x1724+-0x8a*-0x1a+-0x1*-0x925))+-parseInt(_0x2498f5(0x161))/(-0x11*-0x22d+0x58*-0x18+0x1cb7*-0x1)*(parseInt(_0x2498f5(0x517))/(0x3b9+0xe2*0xc+-0xe4a))+-parseInt(_0x2498f5(0x1d3))/(0x1*-0x15a2+-0x1*0x13e1+0x298b)*(-parseInt(_0x2498f5(0x15c))/(-0x66a+0x5f2*0x2+-0x571))+parseInt(_0x2498f5(0x144))/(-0x6*0x359+-0xbf*-0xa+-0x1*-0xcaa)+-parseInt(_0x2498f5(0x2bb))/(0x2*-0

      Chrome Cache Entry: 68

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:ASCII text, with very long lines (22367), with no line terminators
      Category:downloaded
      Size (bytes):22367
      Entropy (8bit):5.542626302580642
      Encrypted:false
      SSDEEP:
      MD5:B0B46B807EEE39AF0AAD8F5FEFC9B3A2
      SHA1:0FB04F15599BC0844063A6AB776C86E73CB9FBFC
      SHA-256:71CA2652E2B3FFD3C0EC966958604714CE6C7AF01D961B44ADC438518EB58CB3
      SHA-512:4EEC49904A5480940124A1C1B9C9DAE764EBB115829CBCE4356E66A1D7F077DFD204A4634B0622FFB14CC6EBFF7062D7F30502BF0BC7D998A1A55FC8C876DA8E
      Malicious:false
      Reputation:unknown
      URL:https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=SDA/d=0/rs=AN8SPfpp4qw4h5AyW9QTA5jYnqCsyFmXiA/m=el_main_css
      Preview:.VIpgJd-ZVi9od-ORHb-OEVmcd{left:0;top:0;height:39px;width:100%;z-index:10000001;position:fixed;border:none;border-bottom:1px solid #6B90DA;margin:0;box-shadow:0 0 8px 1px #999}.VIpgJd-ZVi9od-xl07Ob-OEVmcd{z-index:10000002;border:none;position:fixed;box-shadow:0 3px 8px 2px #999}.VIpgJd-ZVi9od-SmfZ-OEVmcd{z-index:10000000;border:none;margin:0}.goog-te-gadget{font-family:arial;font-size:11px;color:#666;white-space:nowrap}.goog-te-gadget img{vertical-align:middle;border:none}.goog-te-gadget-simple{background-color:#FFF;border-left:1px solid #D5D5D5;border-top:1px solid #9B9B9B;border-bottom:1px solid #E8E8E8;border-right:1px solid #D5D5D5;font-size:10pt;display:inline-block;padding-top:1px;padding-bottom:2px;cursor:pointer}.goog-te-gadget-icon{margin-left:2px;margin-right:2px;width:19px;height:19px;border:none;vertical-align:middle}.goog-te-combo{margin-left:4px;margin-right:4px;vertical-align:baseline}.goog-te-gadget .goog-te-combo{margin:4px 0}.VIpgJd-ZVi9od-l4eHX-hSRGPd,.VIpgJd-ZVi9od-

      Chrome Cache Entry: 71

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:ASCII text, with very long lines (65325)
      Category:downloaded
      Size (bytes):144877
      Entropy (8bit):5.049937202697915
      Encrypted:false
      SSDEEP:
      MD5:450FC463B8B1A349DF717056FBB3E078
      SHA1:895125A4522A3B10EE7ADA06EE6503587CBF95C5
      SHA-256:2C0F3DCFE93D7E380C290FE4AB838ED8CADFF1596D62697F5444BE460D1F876D
      SHA-512:93BF1ED5F6D8B34F53413A86EFD4A925D578C97ABC757EA871F3F46F340745E4126C48219D2E8040713605B64A9ECF7AD986AA8102F5EA5ECF9228801D962F5D
      Malicious:false
      Reputation:unknown
      URL:https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
      Preview:/*!. * Bootstrap v4.0.0 (https://getbootstrap.com). * Copyright 2011-2018 The Bootstrap Authors. * Copyright 2011-2018 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). */:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace}*,::after,::before{box-sizing:border-box}html{font-family:sans

      Chrome Cache Entry: 72

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:ASCII text, with very long lines (2780)
      Category:dropped
      Size (bytes):215292
      Entropy (8bit):5.572252049397307
      Encrypted:false
      SSDEEP:
      MD5:1CD6C2629A6058FF9D0A1C4A7EBAA38E
      SHA1:3C64618E0B096D581F17019C50A52700A4FFE079
      SHA-256:91C08C6CD07F082BB4C1D164A88D7D15AC7FB21C5B3E378CECB0742EE0834365
      SHA-512:C8D066ED20EA5D08CB042F3D3980447B6CD6EF40C96CBE17FA44C4F343CC555917A2EE58BADB4622116348B00F8C6E2C2DF78917A96D517B1B633BB94D6F13F7
      Malicious:false
      Reputation:unknown
      Preview:"use strict";this.default_tr=this.default_tr||{};(function(_){var window=this;.try{.var Oh,Ph,Qh,Zh,ei,fi,li,mi,ni,oi,si,ri,Vh;Oh=function(a){return _.$a?_.ab?_.ab.brands.some(function(b){return(b=b.brand)&&b.indexOf(a)!=-1}):!1:!1};Ph=function(){return _.v("Firefox")||_.v("FxiOS")};Qh=function(){return _.bb()?Oh("Chromium"):(_.v("Chrome")||_.v("CriOS"))&&!(_.bb()?0:_.v("Edge"))||_.v("Silk")};._.Rh=function(){return _.v("Safari")&&!(Qh()||(_.bb()?0:_.v("Coast"))||_.cb()||(_.bb()?0:_.v("Edge"))||(_.bb()?Oh("Microsoft Edge"):_.v("Edg/"))||(_.bb()?Oh("Opera"):_.v("OPR"))||Ph()||_.v("Silk")||_.v("Android"))};_.Sh=function(){return _.v("Android")&&!(Qh()||Ph()||_.cb()||_.v("Silk"))};_.Th=function(a){return a instanceof _.Yb};_.Uh=function(a){if(_.Th(a))return a.g;throw Error("t");};_.Wh=function(a){if(Vh.test(a))return a};_.Xh=function(a){return a instanceof _.Yb?_.Uh(a):_.Wh(a)};_.Yh=function(a){return Array.prototype.slice.call(a)};.Zh=function(a){return typeof Symbol==="function"&&typeof

      Chrome Cache Entry: 73

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1136)
      Category:dropped
      Size (bytes):1555
      Entropy (8bit):5.249530958699059
      Encrypted:false
      SSDEEP:
      MD5:FBE36EB2EECF1B90451A3A72701E49D2
      SHA1:AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
      SHA-256:E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
      SHA-512:7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
      Malicious:false
      Reputation:unknown
      Preview:<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

      Chrome Cache Entry: 74

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:SVG Scalable Vector Graphics image
      Category:dropped
      Size (bytes):6225
      Entropy (8bit):5.976934819783072
      Encrypted:false
      SSDEEP:
      MD5:2BD5C073A88B83ED74DB88282A56DDFB
      SHA1:D0EBFC376F8C6A44A8D4CD216817DCD7D0C33650
      SHA-256:AB5C23A05E39DEED14D9D8262B0DCE9F024F86105A27196CAD37D14A3F516E09
      SHA-512:5C6C4A92E93FC0F6A675658CC84F6187FDEBD3EEE94EFD07E24658736CBA598F3BC7156B19834B13FB44C1D43FCB7DF9FCCA7F0A453037E30DA76BA8F4B23B89
      Malicious:false
      Reputation:unknown
      Preview:<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="24" viewBox="0 0 24 24" width="24"><path d="M0 0h24v24H0z" fill="none"/><defs><path d="M21.5 5h-9.17L11 1H2.5C1.68 1 1 1.68 1 2.5v15c0 .83.68 1.5 1.5 1.5h9.17L13 23h8.5c.82 0 1.5-.68 1.5-1.5v-15c0-.83-.68-1.5-1.5-1.5z" id="a"/></defs><clipPath id="b"><use overflow="visible" xlink:href="#a"/></clipPath><g clip-path="url(#b)"><image height="31" opacity=".2" overflow="visible" transform="translate(3 1)" width="29" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB0AAAAfCAYAAAAbW8YEAAAACXBIWXMAAAsSAAALEgHS3X78AAAA GXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAABQBJREFUeNq8V8tu20YUvXdm+LCk RKiMwI1TFEXhVZJd1gW66xekv9DPqPsvXdU/UaDroJskKy+CInCcGpKtFy2SM/f2DEXZia0odtKW AkFJ8zhzzn3S0Ycvps+79EMDbj3Yfgv4EM+XTN/fEOb3Zg3AXmq7j64D5/e/x/EfzZMnX5jx+LFZ LLyp6yNDOzskYb6RubFdpbdvKUl2Jc+d9PvP5dmzUyH6TVoYXQOq+H5g9vb+cONsO9maLpIyyZPU kZNAppmh9Vpg5kSXwCSVJ5/Vi/r8Tl73y2F9ePidJ3oaga+B4vkUgF+6EW1ndz11gvNdDdL1bDN

      Chrome Cache Entry: 75

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced
      Category:downloaded
      Size (bytes):19560
      Entropy (8bit):7.98661259285315
      Encrypted:false
      SSDEEP:
      MD5:3BBB6716A278223B901D169B763C8F50
      SHA1:3DC43A65D0BD1A2EEDA7BF614CA1469BBB8CAC88
      SHA-256:724DF362F8622D395B13490D7A348BA85CDFF1314256D223CEC761AA93832499
      SHA-512:65CF5E1D00E929846E48894955AB1077482B74ED5E8C1B83A3742A7F0BD34F1FF33A3C94A2531FE3F0C2134836903FC26BF63F3AB5D1CB33564BBE8B4F654C97
      Malicious:false
      Reputation:unknown
      URL:https://logo.clearbit.com/atnf.csiro.au
      Preview:.PNG........IHDR.............L\....L/IDATx......Wu.........z..R.J...BH.....` .../<$1I:......r.;...$...c.;.!C.O.q.1..8.d.b..@h.T%.\.....~.9{.^.|..*.....&g..z.o8g....=.gfp5..k.....Z......FP0.t dV#z RL_... .......[m..k..K+Kus*...j.&bT.K_&".P..:.q.'.].\e.f..N.x.A@K.7..U0......p.g....." .BL.o.H.WxU3..._...K...~J.@..W....k.....D..*i...Ep......j.c..../,,F+.u.X...GD.F .u%. L....0.b_.+:r<...s......{.......<xZ.0.........g.1..a..=D.J_}.........h.<]. .L..0J..Z\5....5...p|q.+'.?.2\.vnz.D1.tUP./L.I..C.i.?L.4[.`.F......!....c......z..}.........j..R..Z.T.'hY...&!Q.X.@../.^xy. B....._.../...t.>..G.<........tc7e.Nqw...H&94..7Hw K.!..NJ.4g.aiu-m.6%.B...!. ..k.Z..r..w...3..wvV$.l^..P.....P.*)+!....%.W.......E....N~.j..`!..K..t...L=^fV.....(.....$.TBCM.K..s!...y=...D.K.C...l. Fz.9.5.+...........u.i........aLWX!(......kM[L.:../...t..,.#.....J...P....F.s.>~L.......Q....&..d..~.f]..4..$UMy.'.........[q.Lp..y..>.4._v........*8.MOV.+H...... ..C^~...%./..\>..j.......

      Chrome Cache Entry: 76

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:ASCII text
      Category:downloaded
      Size (bytes):114697
      Entropy (8bit):4.9296726009523
      Encrypted:false
      SSDEEP:
      MD5:FAC4178C15E5A86139C662DAFC809501
      SHA1:EF1481841399156A880EC31B07DDA9CFAA1ACE39
      SHA-256:BB88454962767EB6F2DDB1AABAAF844D8A57DE7E8F848D7F6928F81B54998452
      SHA-512:0902219B6E236FBF9D8173D1D452C8733C1BF67B0EB906CC9866EA0C27C2D08F6DA556D01475E9B54E2C6CE797B230BFBD5F39055CE0C71EA4D3E36872C378D9
      Malicious:false
      Reputation:unknown
      URL:https://ucarecdn.com/eae24034-0cc9-4528-827a-d46e30dd5a83/hover.css
      Preview:/*!. * Hover.css (http://ianlunn.github.io/Hover/). * Version: 2.3.2. * Author: Ian Lunn @IanLunn. * Author URL: http://ianlunn.co.uk/. * Github: https://github.com/IanLunn/Hover.. * Hover.css Copyright Ian Lunn 2017. Generated with Sass.. */./* 2D TRANSITIONS */./* Grow */..hvr-grow {. display: inline-block;. vertical-align: middle;. -webkit-transform: perspective(1px) translateZ(0);. transform: perspective(1px) translateZ(0);. box-shadow: 0 0 1px rgba(0, 0, 0, 0);. -webkit-transition-duration: 0.3s;. transition-duration: 0.3s;. -webkit-transition-property: transform;. transition-property: transform;.}..hvr-grow:hover, .hvr-grow:focus, .hvr-grow:active {. -webkit-transform: scale(1.1);. transform: scale(1.1);.}../* Shrink */..hvr-shrink {. display: inline-block;. vertical-align: middle;. -webkit-transform: perspective(1px) translateZ(0);. transform: perspective(1px) translateZ(0);. box-shadow: 0 0 1px rgba(0, 0, 0, 0);. -webkit-transition-duration: 0.3s;. transition-

      Chrome Cache Entry: 79

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:JSON data
      Category:downloaded
      Size (bytes):36
      Entropy (8bit):4.252715278979704
      Encrypted:false
      SSDEEP:
      MD5:729B54D5347A03568A550462A8C17D10
      SHA1:D5F087D97594014F9369D56FE5E626E50B41D831
      SHA-256:C0B46A8CD2A5A5BBE75B26F770D53CF54538B40CE55517DA4A144CAF4D89B058
      SHA-512:47C09D06C2EA6BBD41D0384176761A3A64FD7424A3CE6B9E600B87B3A81DBA6F5BF0AE4AF24383DB31A26F7CE46B5EA89D8F482C212201BE0C0147C76343C3D7
      Malicious:false
      Reputation:unknown
      URL:https://code.jquery.com.de/ip.php
      Preview:{"ip":"8.46.123.33 : United States"}

      Static File Info

      General

      File type:PDP-11 overlaid pure executable
      Entropy (8bit):6.0515382581092485
      TrID:
        File name:f240ecb0-e96b-4ea8-82a8-92bc0559e7ad
        File size:1'230'747 bytes
        MD5:81a38770cddba32e1e8d584ff3e94ed6
        SHA1:00a9a633e4859962d37fd6f72619f91843236d93
        SHA256:42ff1c7d525c8b729fe4492ed2d900ae485a1208886efe4f4235f8aa8767c636
        SHA512:48b690262bf5fddfeb96a41dd1c113fefae5308c01c27092b794a2100496b624c9ebaa75aaf7ad4b699f5151e8a87b6ec67d79ab7f51c5f1ba9900a8a51e3b4e
        SSDEEP:12288:eKec24U9CcynhoOZqddSRXyXC2nvMZN2TDEqzDm/c24U9CcynhoOZqddSRXyXC2F:kbCrtsSFqU1sDQbCrtsSFqU1sDZ
        TLSH:9D45227CBA224A5D6D2D163BF1BD6F29EE215E23F1188251C2DC10D68F86F14E449EF8
        File Content Preview:................................O...................;.......<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">....<HTML><HEAD>..<META name=GENERATOR content="MSHTML 11.00.10570.1001"></HEAD>..<body style

        File Icon

        Icon Hash:72e2a2a292a2a2b2