Edit tour

Windows Analysis Report
https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff

Overview

General Information

Sample URL:	https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff
Analysis ID:	1545039

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 1156 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5744 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1924,i,3256230810512495210,3740655543335334204,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff	HTTP Parser: No favicon
Source: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff	HTTP Parser: No favicon
Source: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff	HTTP Parser: No favicon
Source: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff	HTTP Parser: No favicon
Source: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff	HTTP Parser: No favicon
Source: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49903 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	DNS traffic detected: DNS query: www.aia.com.au
Source: global traffic	DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: s7ap1.scene7.com
Source: global traffic	DNS traffic detected: DNS query: au-ax.lemnisk.co
Source: global traffic	DNS traffic detected: DNS query: aiagroup.demdex.net
Source: global traffic	DNS traffic detected: DNS query: d.turn.com
Source: global traffic	DNS traffic detected: DNS query: americaninternationa.tt.omtrdc.net
Source: global traffic	DNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: sync.crwdcntrl.net
Source: global traffic	DNS traffic detected: DNS query: cdn25.lemnisk.co
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: aia-fw.convincely.io
Source: global traffic	DNS traffic detected: DNS query: www.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: analytics.tiktok.com
Source: global traffic	DNS traffic detected: DNS query: adobedc.demdex.net
Source: global traffic	DNS traffic detected: DNS query: cdn12.lemnisk.co
Source: global traffic	DNS traffic detected: DNS query: s.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: au-pl.lemnisk.co
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: cdn8.lemnisk.co
Source: global traffic	DNS traffic detected: DNS query: www.youtube.com
Source: global traffic	DNS traffic detected: DNS query: c.clarity.ms

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49903 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@19/73@104/541

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1924,i,3256230810512495210,3740655543335334204,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1924,i,3256230810512495210,3740655543335334204,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff	0%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
www.aia.com.au	0%	Virustotal	Browse
assets.adobedtm.com	0%	Virustotal	Browse
adobetarget.data.adobedc.net	0%	Virustotal	Browse
scontent.xx.fbcdn.net	0%	Virustotal	Browse

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
star-mini.c10r.facebook.com	157.240.251.35	true	false		unknown
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true	false		unknown
d-ams1.turn.com	46.228.164.13	true	false		unknown
ax-0001.ax-msedge.net	150.171.27.10	true	false		unknown
adobetarget.data.adobedc.net	66.235.152.225	true	false	0%, Virustotal, Browse	unknown
scontent.xx.fbcdn.net	157.240.0.6	true	false	0%, Virustotal, Browse	unknown
youtube-ui.l.google.com	142.250.185.142	true	false		unknown
sync.crwdcntrl.net	79.125.104.96	true	false		unknown
cm.g.doubleclick.net	142.250.186.98	true	false		unknown
www.google.com	172.217.18.4	true	false		unknown
demdex.net.ssl.sc.omtrdc.net	63.140.62.17	true	false		unknown
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	34.241.251.121	true	false		unknown
aia-fw.convincely.io	76.76.21.61	true	false		unknown
s-part-0032.t-0009.t-msedge.net	13.107.246.60	true	false		unknown
s7ap1.scene7.com	unknown	unknown	false		unknown
www.facebook.com	unknown	unknown	false		unknown
assets.adobedtm.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
www.clarity.ms	unknown	unknown	false		unknown
www.aia.com.au	unknown	unknown	false	0%, Virustotal, Browse	unknown
aiagroup.demdex.net	unknown	unknown	false		unknown
cdn25.lemnisk.co	unknown	unknown	false		unknown
connect.facebook.net	unknown	unknown	false		unknown
americaninternationa.tt.omtrdc.net	unknown	unknown	false		unknown
au-pl.lemnisk.co	unknown	unknown	false		unknown
cdn8.lemnisk.co	unknown	unknown	false		unknown
d.turn.com	unknown	unknown	false		unknown
s.clarity.ms	unknown	unknown	false		unknown
cdn12.lemnisk.co	unknown	unknown	false		unknown
au-ax.lemnisk.co	unknown	unknown	false		unknown
analytics.tiktok.com	unknown	unknown	false		unknown
adobedc.demdex.net	unknown	unknown	false		unknown
www.youtube.com	unknown	unknown	false		unknown
c.clarity.ms	unknown	unknown	false		unknown
dpm.demdex.net	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
2.18.64.26	unknown	European Union	6057	AdministracionNacionaldeTelecomunicacionesUY	false
13.107.246.45	s-part-0017.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
66.235.152.225	adobetarget.data.adobedc.net	United States	15224	OMNITUREUS	false
63.140.62.222	unknown	United States	15224	OMNITUREUS	false
142.250.185.142	youtube-ui.l.google.com	United States	15169	GOOGLEUS	false
76.76.21.61	aia-fw.convincely.io	United States	16509	AMAZON-02US	false
204.79.197.237	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.184.195	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
2.18.64.15	unknown	European Union	6057	AdministracionNacionaldeTelecomunicacionesUY	false
172.217.18.4	www.google.com	United States	15169	GOOGLEUS	false
74.125.71.84	unknown	United States	15169	GOOGLEUS	false
172.217.18.3	unknown	United States	15169	GOOGLEUS	false
104.102.61.242	unknown	United States	16625	AKAMAI-ASUS	false
63.140.62.17	demdex.net.ssl.sc.omtrdc.net	United States	15224	OMNITUREUS	false
79.125.104.96	sync.crwdcntrl.net	Ireland	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
66.235.152.156	unknown	United States	15224	OMNITUREUS	false
142.250.185.195	unknown	United States	15169	GOOGLEUS	false
172.217.16.196	unknown	United States	15169	GOOGLEUS	false
172.217.16.195	unknown	United States	15169	GOOGLEUS	false
142.250.186.46	unknown	United States	15169	GOOGLEUS	false
172.217.18.14	unknown	United States	15169	GOOGLEUS	false
184.28.89.29	unknown	United States	16625	AKAMAI-ASUS	false
34.241.251.121	dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
13.107.246.60	s-part-0032.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
216.58.206.36	unknown	United States	15169	GOOGLEUS	false
157.240.0.6	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
216.58.206.35	unknown	United States	15169	GOOGLEUS	false
46.228.164.13	d-ams1.turn.com	United Kingdom	56396	TURNGB	false
142.250.185.164	unknown	United States	15169	GOOGLEUS	false
150.171.28.10	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.74.129.1	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
34.249.23.253	unknown	United States	16509	AMAZON-02US	false
142.250.184.206	unknown	United States	15169	GOOGLEUS	false
104.102.61.94	unknown	United States	16625	AKAMAI-ASUS	false
142.250.74.195	unknown	United States	15169	GOOGLEUS	false
142.250.186.98	cm.g.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.186.138	unknown	United States	15169	GOOGLEUS	false
172.217.16.202	unknown	United States	15169	GOOGLEUS	false
23.96.124.68	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
76.76.21.123	unknown	United States	16509	AMAZON-02US	false
52.49.181.118	unknown	United States	16509	AMAZON-02US	false
150.171.27.10	ax-0001.ax-msedge.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
54.216.198.28	unknown	United States	16509	AMAZON-02US	false
2.16.241.14	unknown	European Union	20940	AKAMAI-ASN1EU	false
2.16.168.7	unknown	European Union	20940	AKAMAI-ASN1EU	false
157.240.251.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1545039
Start date and time:	2024-10-30 02:14:30 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@19/73@104/541

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.195, 142.250.184.206, 74.125.71.84, 104.102.61.242, 34.104.35.123, 184.28.89.29
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, e7808.dscg.akamaiedge.net, cn-assets.adobedtm.com.edgekey.net, clientservices.googleapis.com, clients.l.google.com, e17447.x.akamaiedge.net, aia.com.au.edgekey.net
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: adobedc.demdex.net
VT rate limit hit for: aia-fw.convincely.io
VT rate limit hit for: aiagroup.demdex.net
VT rate limit hit for: americaninternationa.tt.omtrdc.net
VT rate limit hit for: analytics.tiktok.com
VT rate limit hit for: au-ax.lemnisk.co
VT rate limit hit for: ax-0001.ax-msedge.net
VT rate limit hit for: cdn12.lemnisk.co
VT rate limit hit for: cdn25.lemnisk.co
VT rate limit hit for: cm.g.doubleclick.net
VT rate limit hit for: connect.facebook.net
VT rate limit hit for: d-ams1.turn.com
VT rate limit hit for: d.turn.com
VT rate limit hit for: dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
VT rate limit hit for: demdex.net.ssl.sc.omtrdc.net
VT rate limit hit for: dpm.demdex.net
VT rate limit hit for: s-part-0017.t-0009.t-msedge.net
VT rate limit hit for: s-part-0032.t-0009.t-msedge.net
VT rate limit hit for: s7ap1.scene7.com
VT rate limit hit for: sync.crwdcntrl.net
VT rate limit hit for: www.clarity.ms
VT rate limit hit for: www.google.com

LLM Input / Output

Input	Output
URL: Model: claude-3-5-sonnet-latest	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: URL: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff
URL: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Book an initial chat", "text_input_field_labels": [ "Salutation:", "First name:", "Last name:" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff Model: claude-3-haiku-20240307	```json { "brands": [ "AIA Financial Wellbeing", "Australian Finance Group" ] }

URL: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff Model: claude-3-haiku-20240307	```json { "contains_trigger_text": true, "trigger_text": "Book an initial chat", "prominent_button_name": "Book an initial chat", "text_input_field_labels": [ "Salutation:", "First name:", "Last name:" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Book an initial chat", "text_input_field_labels": [ "Salutation:", "First name:", "Last name:" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff Model: claude-3-haiku-20240307	```json { "brands": [ "AIA Financial Wellbeing", "Australian Finance Group" ] }

URL: https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff Model: claude-3-haiku-20240307	```json { "brands": [ "AIA Financial Wellbeing", "Australian Finance Group" ] }

URL: Model: claude-3-5-sonnet-latest	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: URL: https://aia.com.au

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 00:15:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9832695391695965
Encrypted:	false
SSDEEP:
MD5:	0124BF6521F9218870B2D4E11D83F0FA
SHA1:	A5DD3B29E49ECFC48EC8A533A7F809498D9292AC
SHA-256:	A82CA40BD2BF7D258DEDD8DBBEDD5D1A5915E52C7CE33EF9E549156F13CB791D
SHA-512:	6A2885CB16B46F548E274CACE69282F607550FF04E5CD3DD34943D704ADAB809FB8645A6C05865F0536C1BBD144A42D2AEC500998F83A56E4E9FCFFB5059A806
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......_%i..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........{.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 00:15:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.000742148727905
Encrypted:	false
SSDEEP:
MD5:	627BEA76A9181FFB99DCC7332F01E708
SHA1:	EA436AA66AD5D6B1AB403E7C5E99889AC055C57F
SHA-256:	5D53EEE404C8DB884089B693F38688B3EB55923A7CB31FD539E73BB40BCD9810
SHA-512:	0E5BCBA1CB0F9B9522F232CCDE31E22CE35D244B4EA696CAC9686B99DDA78EC97CC1DA38D60A910BDBE1911A74CE9C610C356D121420BF89423288AF608D0A23
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......T%i..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........{.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.009255736826988
Encrypted:	false
SSDEEP:
MD5:	FB6F4C8580C55F3A846B2302576100DD
SHA1:	01562F349B6123C4B99BE9CB5931BF40C6D83250
SHA-256:	24D573E7CDD3C474A70A4EB251E0F9601E57ED46D077E64A3F49DF4E539C9F63
SHA-512:	EA82C84106DB12A18D1777E2E6FC75D0B74E3BD6306B9B5901C14251D4BC63BE29B1EEC314A0067EDCCF4D0E530776DD95AC21E8F606BD324E980C5F16A9DD1E
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........{.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 00:15:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9971023096807023
Encrypted:	false
SSDEEP:
MD5:	533B1DC7DD8658EDE5A85B25CF0EA3D9
SHA1:	74BCAC9919B54DA26E165AF2EFD8A39E27475B91
SHA-256:	ED77F5566B6BA0A83F1F17CC5A0130A2B67D6929E6ACB6AF54D894D5D2A4E87D
SHA-512:	53E7572B642C4546655394F027E38ABB1C640BE329F2BA56B7BC2D7D67D902D969BEA57E56CD8E7B2C428B786AF41857D6F58A8F1F94510BEA20766ED126F8BA
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....MO%i..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........{.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 00:15:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.98733272755742
Encrypted:	false
SSDEEP:
MD5:	91DA6DB3D3E7B2086445124F266B013A
SHA1:	FCD34044FBA9327781067E5FB56034354A9BEC17
SHA-256:	A4D0FC766B72C297B0BADA639446F21C00325B53544AF284ACD11B7DB5A5C304
SHA-512:	5C4AACE2E4EBBE5732190460BE2568C1E74A18202D0924DA88698F82D6E048A23D24AAD20D84060CC32BC4DBED8ECE1934A22D307CCEBE73DB93C679DCC30BF5
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....."Z%i..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........{.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 00:15:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9936988107000624
Encrypted:	false
SSDEEP:
MD5:	774AB0C18AA4F54A9A062336A99C7C45
SHA1:	AADB45EDBFF0CC451E448B277734008EB102406E
SHA-256:	DA6266C787AE1B42A9817540D56F8EE4499DB9256925696923EE1A894B328F3E
SHA-512:	0204A5B7C8A96C79A3CDF9716B088EB5009F3C1699A56C13C0F8068A7E5D266CA8F03C366EF725682640BAFB92CB821BFAD8D45A47C990B3987BA997B1C46063
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....)^G%i..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I^Y......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V^Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V^Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V^Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V^Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........{.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	527
Entropy (8bit):	4.780410596243118
Encrypted:	false
SSDEEP:
MD5:	E1E6718E1E924178F1054DE336855A6E
SHA1:	F29602239607E8D909E7743D01AA33FEBD30E387
SHA-256:	0D53C3433DDAAA2626DDC12799BEA41F080DAE3932E21F774F709EE68100AEA9
SHA-512:	42F3361B880DE002C992A363628A505F8AD80FDDABA3E81C093E8CA13CA09F3C530D225173A7537CA170C730C65E46F156FD6811FD920199CBED96B811F51161
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/au-wise/clientlibs/clientlib-base.min.e1e6718e1e924178f1054de336855a6e.css
Preview:	.cmp-accordion__header{margin:0}..cmp-accordion__button{display:block;width:100%;text-align:left}..cmp-accordion__panel--hidden{display:none}..cmp-accordion__panel--expanded{display:block}..cmp-tabs__tablist{display:flex;flex-wrap:wrap;padding-left:0;list-style:none}..cmp-tabs__tab{box-sizing:border-box;border-bottom:1px solid transparent;padding:.5rem 1rem;cursor:pointer}..cmp-tabs__tab--active{border-color:inherit}..cmp-tabs__tabpanel{display:none}..cmp-tabs__tabpanel--active{display:block}..cmp-image__image{width:100%}

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (351), with CRLF line terminators
Category:	dropped
Size (bytes):	13657
Entropy (8bit):	4.7099798813980405
Encrypted:	false
SSDEEP:
MD5:	6F4AC2FB70EFC8B9CB4C03649D61678A
SHA1:	5CE1EC1CC78E4274A8B6CC5A002ADDE9C5FACCDB
SHA-256:	9248B0EBE36E26ACD0D9C0B2CB5532F6A63DC17B44B1962D0D67158DE818AFA9
SHA-512:	7D41A57D2AEF0E7F9790EE89A1136D1D0887738A2ADD036B1EB9C596FC289B5D4B2BF69687C00978BAD63DAE222E6F358F3CD8952F55C595DE5A7D5D700D8CF8
Malicious:	false
Reputation:	unknown
Preview:	(function() {.. try {.. var a = document.createElement("script");.. a.type = "text/javascript";.. a.async = !0;.. a.src = "//cdn12.lemnisk.co/smt/smthandler.php?account_id=100001";.. var c = document.createElement("script");.. c.type = "text/javascript";.. c.async = !0;.. if(document.URL.indexOf("wwwstg.aia.com.au") !== -1) {.. c.src = "//cdn25.lemnisk.co/ssp/AU_AIA_Prod/sw/sw_registration_UAT.js";.. } else {.. c.src = "//cdn25.lemnisk.co/ssp/AU_AIA_Prod/sw/sw_registration.js";.. }.. var d = document.createElement("script");.. d.type = "text/javascript";.. d.async = !0;.. d.src = "//cdn25.lemnisk.co/ssp/banners/images/common/images/bfsi/ads/ads.js";.. var e = document.createElement("link");.. e.rel = "preconnect";.. e.crossOrigin = !0;.. e.href = "//au-ax.lemnisk.co/";.. var f = document.createElement("link");.. f.rel = "dn

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	685
Entropy (8bit):	7.621260036100221
Encrypted:	false
SSDEEP:
MD5:	8B40579EF3565FA25DA727C7152AA22A
SHA1:	503203168055EFC80C32E3213E976743E1FD1D85
SHA-256:	915ECC25B8DB6F3735BBD1E6199E5C01AE5454E1C1BD33A447E1A5E621565FE0
SHA-512:	C90E030A2FDCD521FC0DAD574535B9A63612658FD86BFBB38E0C3FDF45C5AA80F7BD04AD32D1A7A54771518CF8AA11D3750D1034CCF61846A54BD59125B48573
Malicious:	false
Reputation:	unknown
URL:	https://s7ap1.scene7.com/is/image/aiastage/icon-instagram-white?ts=1675928096086&$TransparentResponsive$&dpr=off
Preview:	.PNG........IHDR...(...(........m....pHYs................_IDATX..1o.1....XPU..HW)..P...d.:.O......4.S?.I........T.1T...z.}...g..wjR)..e??.m...9k".2....TaE.)V...a..x...:........~..k.&"../"...$.3...]7.(.....\8T....:P..#m_..3.+p.}>l......x.}...M.+....H.r-..#"S..{.U.2u2kH..........j9.%..'..OmdN.H....Zt..<..Z.P..!....d....c...sC..A..m.M.z..v "CsZ...C_.^7......).....6..j..8......i..>...a.d<?..j.Lw..OKt.1.......X.....0.`l...\..c7Q.;..b.>...k5o.....[.8......_BIY..V.l'Zo..<v#..s..0S.#6.LK.7.3..AY...\|..Mn>...s........l.S7u.k.Swi.]..f..p....s..;...:...M.....2V..t..I[..O...kQ.m..E.zS..G...V.m?...{...;^...,...r.E.._.1.a>u...........6.\...6.?@d.=..D:....IEND.B`.

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (561)
Category:	dropped
Size (bytes):	30878
Entropy (8bit):	5.395737396054499
Encrypted:	false
SSDEEP:
MD5:	E733D2CAC0566337507A0508043E9406
SHA1:	5F3952DC9DCE1342BF44CF510A85B43356E2E5BB
SHA-256:	635B2814DBECB78302D05C529BF175EF815EF51E7C344769247896504843B731
SHA-512:	053E72F1F32AA06D56E727525CF33358A97C0FE2EB6EC6886D44BCFFCE728CA18E89453F1173946F70EAE1758C9C76CB47BB2EF4734E450FD3BD611F72944632
Malicious:	false
Reputation:	unknown
Preview:	(function(){'use strict';var q;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}.var r=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};.function da(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}.var t=da(this);function u(a,b){if(b)a:{var c=t;a=a.split(".");for(var d=0;d<a.length-1;d++){var g=a[d];if(!(g in c))break a;c=c[g]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&r(c,a,{configurable:!0,writable:!0,value:b})}}.u("Symbol",function(a){function b(k){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(k\|\|"")+"_"+g++,k)}.function c(k,e){this.g=k;r(this,"description",{configurable:!0,writable:!0,value:e

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	360
Entropy (8bit):	7.094332102480022
Encrypted:	false
SSDEEP:
MD5:	ADBFAE39EC7966EFD7B50C2CAD080BD9
SHA1:	5564CCCF87F407FD915D6F4A6814139218CC9B21
SHA-256:	E3E5EB4E3661A75FB3D5C78C37D0AA8F6595B59ADF11B78FF30E41EBD6FC8E8B
SHA-512:	B03CB3B9BEBC088B17DD506FB6A15152DA6FC68A5C6DE9D5CDE4A6BF59E9620504720999D497D172519CD9EDD180FF472026CE40189DC54528F003F3F7A71AFC
Malicious:	false
Reputation:	unknown
Preview:	RIFF`...WEBPVP8X........'..'..ALPH........m$5.\|.....`..g..1..+^?8.$..f...M....@k...W I2.2.....^X..b..Y. ...f...T9'.N@v......&.9>....D... .....A..#.h...h..@+.:..s.L..+......@.$....v..J...EL..{..,...6D...pSp.zC..B.-).O........[....$.........Km~...\...r{...uc....y...C......^....{.c.../..^............VP8 ...0....(.(.>.J.L%.#"#.....i.....>..........

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18298)
Category:	dropped
Size (bytes):	18916
Entropy (8bit):	5.6453273959723
Encrypted:	false
SSDEEP:
MD5:	87F3F1784464A56B80F04D1C64FAC841
SHA1:	66ED80D249257F5352375A3F12103538963D7CFD
SHA-256:	A7EED1CAFB8953D9B44109950C9C7C48BF6DE295975693894A9D36F7AC9D266A
SHA-512:	6156B8B9CA66D7E360AC2E6201AA78F89D0CDBD1D473EFC6BFF7C6EE8C36C15944FDF60C62DB6FE9099830350F929ED0AEDB225A9082E5F91C4ABB052AFFA344
Malicious:	false
Reputation:	unknown
Preview:	/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t / (function(){var z=this\|\|self,L=function(f,b){if(f=(b=null,z).trustedTypes,!f\|\|!f.createPolicy)return b;try{b=f.createPolicy("bg",{createHTML:T,createScript:T,createScriptURL:T})}catch(d){z.console&&z.console.error(d.message)}return b},T=function(f){return f};(0,eval)(function(f,b){return(b=L())&&f.eval(b.createScript("1"))===1?function(d){return b.createScript(d)}:function(d){return""+d}}(z)(Array(Math.random()7824\|0).join("\n")+['(function(){/',.'',.' Copyright Google LLC',.' SPDX-License-Identifier: Apache-2.0',.'/',.'var W=this\|\|self,f4=function(f,b,d,T){for(d=(T=B(f),0);b>0;b--)d=d<<8\|g(f);h(T,f,d)},g=function(f){return f.G?bK(f.Y,f):e(8,f,true)},B=function(f,b){if(f.G)return bK(f.Y,f);return b=e(8,f,true),b&128&&(b^=128,f=e(2,f,true),b=(b<<2)+(f\|0)),b},TL=function(f,b,d){if(d=typeof f,d=="object")if(f){if(f instanceof Array)return"array";if(f instanceof Object)return d;if((b=Object.prototy

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5552)
Category:	downloaded
Size (bytes):	73467
Entropy (8bit):	5.402818364923
Encrypted:	false
SSDEEP:
MD5:	9FAFD004EADAD5607461F02FC68FB044
SHA1:	655417B9D0FED6FEC5DB77F362EC1CCFD02B4CED
SHA-256:	F6CD92C9DC28252298EF65008568C2208778EBC226668E6110FB1542F1EC3E36
SHA-512:	8F03E0F7212D7087070289D0B23AE6E4170E55657F7AE013A949C67B2AEB0CDA485B072FEC7E50120E3740A01BA911BC4C6F15F24D97FD23F173413A943B079E
Malicious:	false
Reputation:	unknown
URL:	https://connect.facebook.net/signals/config/566920884015489?v=2.9.174&r=stable&domain=www.aia.com.au&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright \251 2011, Google Corporation.Open Sans SemiBoldRegular1.10;1ASC;OpenSa
Category:	downloaded
Size (bytes):	100820
Entropy (8bit):	6.706374012467607
Encrypted:	false
SSDEEP:
MD5:	BA5CDE21EEEA0D57AB7EFEFC99596CCE
SHA1:	E256F8391718EF61F253DFB4E95BBEB3C5857AFC
SHA-256:	5E8D9E1A89083CD1B0849993FE2F3ACC9AA33B7F439F7E8616872F6897F30684
SHA-512:	E04E5B59D9D60DD8312C5E770E458A064AF9930E03F9711957C542E5823516EF4B7ABA10B3B79337371BF84E18BEE758705CC7F9E3240106C84F1399D01064BA
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/fonts/OpenSans-SemiBold.ttf
Preview:	............GDEF.\|..........GPOS............GSUB.).........OS/2......V@...`cmap......V.....cvt ...4..b.....fpgm~a....Z(....gasp............glyfw.........>.head...M..GH...6hhea......V....$hmtx.. e..G.....loca..HV..?....Vmaxp.8....?.... name`..J..c.....post...o..g.....prepx..n..a.....................@............../2/3...99.3.310.!.!7!.!..I..h.y.....Jh..................)@................QY...?+..?.9/...9.33.310.#.!.4632....#"&.s.4....NHGLMFGO......JMPGGSP................@...............?3.2...99.3.310..#.!.#..m).).s).)............../............@J.......................................!....... !..........................?3?3.99//.333.33.333.33...99..3..99.3...9...9.3...922.3...910..!.!.#.#.#.#5!.!5!.3.3.3.3..3.#..7....P.P.P.L...9...%P.P.P.P....9..f...^...^.........Z...Z.........o...'... .&.-.g@9....%....!.'......./....@..H..@..$...%...OY..+.....OY../+..3.3./3+..3..9..3....+......9.3.3.3..910.....#5&'5....'&&546753....&'.....4&'.6........'....V.[T.....I..L...Q_..'G]PT.......H.9.

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	95
Entropy (8bit):	4.86340156687353
Encrypted:	false
SSDEEP:
MD5:	4EA7D81248E47C552F7CC53E86B8A032
SHA1:	E3606065B78C082F971166E3A778DD66ECF385C4
SHA-256:	242B0C71EEE0F826751364A39A9B1564C6F5422F115B840E40BF080AECBAAD22
SHA-512:	F7FFB3B845E6F4CFC6317216B8D6CF612D0D14AB96F51DA423DE01FF542B930CFE0F319153825D51FFEDD9B33D03AD44CE91AFB1AE247012E0304E637A2AFE09
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/content/dam/au-wise/lemniskSDKWorker.js
Preview:	var version = 'v72';..importScripts('//cdn25.lemnisk.co/ssp/AU_AIA_Prod/sw/service-worker.js');

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	176
Entropy (8bit):	5.192466738127964
Encrypted:	false
SSDEEP:
MD5:	A389CBEF2F21BF21F9776B4609D67DE2
SHA1:	D6DB8311D0B5D48BE6BC2CAFCFD7ED0212B5D5BB
SHA-256:	7F22D41C2D3D4E8FD460F36AD04643830931B2F9FF85AEC34BCCB9BD15653853
SHA-512:	15E6D7EC2C236519639BCFAE079C99B7919EF75847D2B37B0888BF847EF4E05D7F8DAB0F8EC200F5CF728C77AD3F471BB9461D5CD1C45EDA205A41108FED4C27
Malicious:	false
Reputation:	unknown
Preview:	var d = new Date();.d.setTime(d.getTime() + (2365246060*1000));.var exp = d.toUTCString();.document.cookie = '_vz=viz_672188a494d2a;path=/;domain=aia.com.au;expires='+exp;.

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1572)
Category:	downloaded
Size (bytes):	72342
Entropy (8bit):	5.346173603925771
Encrypted:	false
SSDEEP:
MD5:	BA940DD03FE3D55E627DFCA5A3956F81
SHA1:	B8CFD09A2B1160836B8B8BC589C2C342BADA9D99
SHA-256:	2713772BDE2D14F97852ECFF46ADDB9AACDD7F30583134FF44B12CB64B5BA301
SHA-512:	921C7F8DB4FF2C06AE1EF02EAFF265BC15B29D5395504F6B7A3335FF0C1139BD561C378AF3C536AAE08ACDABFA6C27570FB3801E50544A3AFEF13F36882FC037
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	112
Entropy (8bit):	4.721010245374815
Encrypted:	false
SSDEEP:
MD5:	D528345335119C2B79A25A268BA84AFB
SHA1:	E68AF6C67F355CE33216C3235254270132CE6BC0
SHA-256:	8E6F84BB6D8F45ADAF1E9A17E0FE2FB0C81A0914333262BB0CB77F85F2785878
SHA-512:	B781A757956880481BAFF9C0422DF6EE26D1F3661E425A171B41C1F5D68613E002D21C014C56543B45BAE2171F49BA55AA919E5DBB50BE498491EB739D15116F
Malicious:	false
Reputation:	unknown
URL:	https://cdn25.lemnisk.co/ssp/banners/images/common/images/bfsi/ads/ads.js
Preview:	var e=document.createElement('div'); e.id='tSrngBEkWlDy'; e.style.display='none'; document.body.appendChild(e);.

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	downloaded
Size (bytes):	1150
Entropy (8bit):	3.189110012212069
Encrypted:	false
SSDEEP:
MD5:	B426692B62D3BF29C24EF7B09B7CA342
SHA1:	72832B181C77BF1F6D52A8389C2D1C2A242CF904
SHA-256:	09F97B254BDE132EB62F4EA499EDC24DEC2B69EB2D424089AEBBDDE40DE6B56C
SHA-512:	DEE5337D67207C15A2CB40CAE2B180579C4BF25ACF1C75A083D0C640EC1AA62B7C97B13A32F750D611BEA781F790263285C9A97A485F9CA68F2C2A709ECA832C
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/favicon.ico
Preview:	............ .h.......(....... ..... .............................................................................................................4..`4..`4..04...4.. 4...................................4.. 4...4...4...4..@4...4..@4...4.. 4...4...................4..`4...4...4...4...4..@4...4..`4...4...4...4...................4...4...4...4...4...4..@4...4...4...4...4...4..@................4...4..04..@4...4...4.. 4..`4..`4...4.......4...................4...4...4..P....4.. 4...4...4..p4...4..P4...4...4..P........4.. 4...4...4...4..P....4...4...4..p4..P4...4...4...4...........4..@4...4..`4...4..P....4..p4.......4...4...4...4...4...........4.. 4...4...4..`4...4...4...4...4..`4...4...4..P4..04...............4...............4..`4...4.. 4...4...4..0....4...4..P............4...4...............4..04...4...4.......4..04.......................4...4..p........................4..04...4..0....................4...4...4...4..`4.. 4...4..@4...4...4..P................................4..P4...4...4...4...4.

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	320
Entropy (8bit):	4.886720328902344
Encrypted:	false
SSDEEP:
MD5:	1790911BAB8DE7FFA6F38B270DC94DD6
SHA1:	521A82C1D0088BFC6B27F88BACAAA8FFB7BC4DD0
SHA-256:	086185D729EC473AF1343EC38955D9EE8C9AC1043FAF86E24F98A13525B1CA0D
SHA-512:	8584D77D494B20FA2488A7399DE0D6A3736A88C94B7A6878039250F0A632E46DFD2C1578BECE32E93CEB6BD1C82A7A713B1E7761D2D300FB8AFDCE85C0BEA7FC
Malicious:	false
Reputation:	unknown
Preview:	<svg width="24" height="24" xmlns="http://www.w3.org/2000/svg">.. <path d="M17.868 8.548A1.016 1.016 0 0 0 16.977 8H7.023c-.37 0-.71.21-.891.548-.181.338-.175.752.015 1.085l4.977 7.448c.186.322.518.519.876.519s.69-.197.875-.519l4.977-7.448c.191-.332.197-.747.016-1.085z" fill="#5B636B" fill-rule="evenodd"/>..</svg>..

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	602992
Entropy (8bit):	4.9333890028270835
Encrypted:	false
SSDEEP:
MD5:	7C005E1D0F54D2AC6234871F88847EC7
SHA1:	C04E3DC02EED67E605C205F8D2E95B95B224C86D
SHA-256:	E3A28CE590CE3FCDA3CB4521143DD91EFFD0AD22A3A18350B87B2FEAAFECBA68
SHA-512:	F7A9EECD9BFB7167D2C9AA2C12B09D99BD2F57546B6B849F2EB96808C8551227956FD738EFEC13B37CB57A7EDE6C7A12157DBD10049DA9C07F4040DFDD8CB00B
Malicious:	false
Reputation:	unknown
Preview:	window.ContextHubKernelConfig = {. "debug": true,. "initializationTimeout": 2000,. "stores": {"personalisation": {. "type": "contexthub.tagcloud",. "required": true. }}. };./!. jQuery JavaScript Library v3.5.1. * https://jquery.com/. . Includes Sizzle.js. * https://sizzlejs.com/. . Copyright JS Foundation and other contributors. * Released under the MIT license. * https://jquery.org/license. . Date: 2020-05-04T22:49Z. */.( function( global, factory ) {..."use strict";...if ( typeof module === "object" && typeof module.exports === "object" ) {....// For CommonJS and CommonJS-like environments where a proper `window`...// is present, execute the factory and get jQuery....// For environments that do not have a `window` with a `document`...// (such as Node.js), expose a factory as module.exports....// This accentuates the need for the creation of a real `window`....// e.g. var jQuery = require("jquery")(window);...// See ticket #14549 for more i

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 322x544, components 3
Category:	dropped
Size (bytes):	163099
Entropy (8bit):	7.978471221208821
Encrypted:	false
SSDEEP:
MD5:	89359BB7C0E381B9E9E9E4A5D441BA3D
SHA1:	5544E2273BA86E58D4C5D2A12B0DB721B028F1BE
SHA-256:	67428C96C08CBF40B6E80997B57F5DC612FC19AE15F5E3A7F514693DC0D0BC6C
SHA-512:	8EBD0B2EFF00DC035205031BA4AE7029C71866DE6B66F35DD781FF784F27ABDE60B167BD6059A6781A09A1E008534E4438BA36BEB338F15FF5DE9CAB320E9547
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.............C....................................................................C....................................................................... .B..............................................O.............................!."..1.#2A..UW..$35BQ..4Rs..%&8Taqx..Crb.'DS......................................a.....................!....1.."A2Qa..q.#B....RSV........$3b..%47C..&5Ursw...DET.6u.....Fcde.................?....M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G..=4..M4zi..M..h..G....8\|..5.-.o..[<N....FI&..0&..V...D..."<........c..d.Qe.*."...7.....E..)...w.m..Y.O68...".......4.P........u...o..o.q,.mb.5......$h...Q".Q.E..eL..?e.............9T.%....&m.Uk......Q...8.9.U.F..w....^..F.G..........Z..<5.G..7Kc

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Category:	downloaded
Size (bytes):	2179443
Entropy (8bit):	4.846952126791415
Encrypted:	false
SSDEEP:
MD5:	2220F5D23D142493C6AB8AFD0FB66385
SHA1:	FC9513471B2E79DE3C753A28606824BFCB78F82B
SHA-256:	53D14E1BC85FBCE5710473ADD96F2DA397E579119D53E3D2E911D52BD3DDFB30
SHA-512:	C118EB9D245ED92E9975DF87F0F0A17BFEBF1412F1F42925F42AD0AA6D57E023482D9AA90EA7A1ACDD18FC878CECCD081AE82517C48D34F7AD6E1751F246CAC3
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-site.min.2220f5d23d142493c6ab8afd0fb66385.css
Preview:	@charset "utf-8";@font-face{font-family:AIAEverest;src:url(../../../etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/fonts/AIAEverest-Regular.woff2);font-style:normal;font-weight:300;unicode-range:U+000-5ff,U+02c6-0323;font-display:swap}@font-face{font-family:AIAEverest;src:url(../../../etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/fonts/AIAEverest-Medium.woff2);font-style:normal;font-weight:500;unicode-range:U+000-5ff,U+02c6-0323;font-display:swap}@font-face{font-family:OpenSans;src:url(../../../etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/fonts/OpenSans-Light.ttf);font-style:normal;font-weight:300;unicode-range:U+000-5ff,U+02c6-0323;font-display:swap}@font-face{font-family:OpenSans;src:url(../../../etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/fonts/OpenSans-Regular.ttf);font-style:normal;font-weight:400;unicode-range:U+000-5ff,U+02c6-0323;font-display:swap}@font-face{font-family:OpenSans;src:url(../../../etc.clientlibs/aia-wise/c

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	119724
Entropy (8bit):	5.8000262720318245
Encrypted:	false
SSDEEP:
MD5:	F7408982B734C1C12F830461214BAFD8
SHA1:	BFBD463ABBC220B09288685EB3609CEA057AA697
SHA-256:	29CC63A646F8100729B4EC360C7B0C7C500B98502CA4BB6326CC27B0A8EA7C1A
SHA-512:	877C20A306868E3EECDFF96E8A85CC872FA1166CC5D081F55018430C5549433CA3CC5855E49392D58B0C2B6580704F839041DCBA3673C7EBBBE4D25704162CE5
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/content/dam/au-wise/en/images/logos/AIAFW-logo.svg
Preview:	<svg width="139" height="72" viewBox="0 0 139 72" fill="none" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">.<rect width="138.048" height="72" fill="url(#pattern0)"/>.<defs>.<pattern id="pattern0" patternContentUnits="objectBoundingBox" width="1" height="1">.<use xlink:href="#image0_1200_240773" transform="scale(0.000347705 0.000666667)"/>.</pattern>.<image id="image0_1200_240773" width="2876" height="1500" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACzwAAAXcCAYAAABdoWoTAAAACXBIWXMAAC4jAAAuIwF4pT92AAAgAElEQVR4nOzd0U0c6ZrH4e+s9h5UCUAALUEGcFW3JgOTwZLBcCJYTgY4A3zbV5ABSBUAJNCCCHxUZ78e1TK2x5hu+l9VzyOVmmmPZuD9UPXNr17/49u3bwUAAAAAAAAAAAAAINF/ORUAAAAAAAAAAAAAIJXgGQAAAAAAAAAAAACIJXgGAAAAAAAAAAAAAGIJngEAAAAAAAAAAACAWIJnAAAAAAAAAAAAACCW4BkAAAAAAAAAAAAAiCV4BgAAAAAAAAAAAABiCZ4BAAAAAAAAAAAAgFiCZwAAAAAAAAAAAAAgluAZAAAAAAAAAAAAAIgleAYAAAAAAAAAAAAAYgmeAQAAAAAAAAAAAIBYgmcAAAAAAAAAAAAAIJbgGQAAAAAAAAAAAACIJXgGAAAAAAAAAAAAAGIJngEAAAAAAAAAAACAWIJnAAAAAAAAAAAAACC

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	480
Entropy (8bit):	4.662411528544004
Encrypted:	false
SSDEEP:
MD5:	139010C559470F9BD2E89A8923807C03
SHA1:	3E590418ECF7CDB42B4863F7D8FCD68B9CD19913
SHA-256:	DD886420CC94BC3C3BC148CFE7A31BA602F6E9B1C1612F7B32C2D6DBBCAD0FF9
SHA-512:	839235F2CB8F5CD899777D6EECA06894067A5F8E1C5EFDB3BCE764B2DBF755506094B642E9EC711E6AF78FCD3E321FC919F24B0FCDB5B8E07ACA632003CA1FE2
Malicious:	false
Reputation:	unknown
Preview:	<svg width="20" height="20" viewBox="0 0 20 20" xmlns="http://www.w3.org/2000/svg">.. <path d="M10 3.335c.499 0 .961.249 1.23.644l6.541 10.81A1.494 1.494 0 0 1 16.594 17l-.13.007H3.536a1.494 1.494 0 0 1-1.359-2.112l.06-.122L8.693 4.107A1.494 1.494 0 0 1 10 3.335zm0 9.998a.625.625 0 1 0 0 1.25.625.625 0 0 0 0-1.25zm0-6.357a.5.5 0 0 0-.493.42l-.007.08v4.475l.003.05a.5.5 0 0 0 .99.03l.007-.08V7.476l-.003-.05a.5.5 0 0 0-.497-.45z" fill="#BA0361" fill-rule="evenodd"/>..</svg>..

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	448
Entropy (8bit):	4.707316418658874
Encrypted:	false
SSDEEP:
MD5:	55C2ED3FC0E3BBE89D3AC730966513A9
SHA1:	A069B20ABA202356E15E2AA1E51E8C28C7E2262F
SHA-256:	553E653B3687FAEB034F91890C084251F54137600C3EA5C2CCBA31CE9BD7B5D4
SHA-512:	980B50485675D6943BE8102C5607D3E44193E673182EED0C199BD9219EF95D2905356D4F3501FA239AB0FFE4D20906CBFA309ACD9F994FC44016AB3AE2036D28
Malicious:	false
Reputation:	unknown
Preview:	<svg width="24" height="24" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">.. <path d="M13.362 12.106a.148.148 0 0 1 0-.21l6.378-6.377a.89.89 0 0 0-1.259-1.257l-6.377 6.375a.148.148 0 0 1-.21 0L5.518 4.262A.889.889 0 1 0 4.26 5.519l6.377 6.377a.148.148 0 0 1 0 .21L4.26 18.483a.889.889 0 1 0 1.257 1.257l6.378-6.378a.148.148 0 0 1 .21 0l6.376 6.378a.889.889 0 0 0 1.258-1.257l-6.377-6.377z" fill="#5B636B" fill-rule="evenodd"/>..</svg>..

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	149805
Entropy (8bit):	5.6004134683803555
Encrypted:	false
SSDEEP:
MD5:	5693E74A87CDFE0DD8CF9E97ABC2EC67
SHA1:	0912A92CEBFC4248B4D561F57B32D18135F9AD59
SHA-256:	79951B5BD4D729A2B2F4D380819F2C14BBCF26F21DB56A520189633467766CF4
SHA-512:	B0954FF6229C037AAEC67F6CC91889D3AD1C0D38AC3E53E61F3A98D49379FA43C1FF709C7017459B9BD416BCEB2236D90B24C17E072882C122360069DCD9E0E0
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";function t(){t=function(){return e};var e={},d=Object.prototype,n=d.hasOwnProperty,r="function"==typeof Symbol?Symbol:{},o=r.iterator\|\|"@@iterator",i=r.asyncIterator\|\|"@@asyncIterator",a=r.toStringTag\|\|"@@toStringTag";function $(t,e,d){return Object.defineProperty(t,e,{value:d,enumerable:!0,configurable:!0,writable:!0}),t[e]}try{$({},"")}catch(t){$=function(t,e,d){return t[e]=d}}function u(t,e,d,n){var r=e&&e.prototype instanceof s?e:s,o=Object.create(r.prototype),i=new w(n\|\|[]);return o._invoke=function(t,e,d){var n="suspendedStart";return function(r,o){if("executing"===n)throw new Error("Generator is already running");if("completed"===n){if("throw"===r)throw o;return E()}for(d.method=r,d.arg=o;;){var i=d.delegate;if(i){var a=_(i,d);if(a){if(a===c)continue;return a}}if("next"===d.method)d.sent=d._sent=d.arg;else if("throw"===d.method){if("suspendedStart"===n)throw n="completed",d.arg;d.dispatchException(d.arg)}else"return"===d.method&&d.abrupt("return",d.arg);

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65441), with CRLF line terminators
Category:	downloaded
Size (bytes):	65959
Entropy (8bit):	5.353413306184177
Encrypted:	false
SSDEEP:
MD5:	E4B2C9B152E972CACB77265A161CD311
SHA1:	EDD9F41FFFB57C51B7C2B50D4732A61039FF308E
SHA-256:	09FA04E84D7038CC32F19BEDCBA454B9E637A35F4DE496E8EC9148C47550F0FC
SHA-512:	4263D9EFE7D369A364F785E11BFFBFEA139A1B5CBD129A84E745AAB8F8A1D254EC204963E09CA18365AD851F7491C1F7A61EE28CEB24E7CFF87E4358B8F15069
Malicious:	false
Reputation:	unknown
URL:	https://www.clarity.ms/s/0.7.49/clarity.js
Preview:	/* clarity-js v0.7.49: https://github.com/microsoft/clarity (License: MIT) */..!function(){"use strict";var t=Object.freeze({__proto__:null,get queue(){return sr},get start(){return cr},get stop(){return lr},get track(){return ar}}),e=Object.freeze({__proto__:null,get clone(){return Cr},get compute(){return Dr},get data(){return Er},get keys(){return Or},get reset(){return Ar},get start(){return _r},get stop(){return Rr},get trigger(){return Ir},get update(){return jr}}),n=Object.freeze({__proto__:null,get check(){return Xr},get compute(){return qr},get data(){return Sr},get start(){return Wr},get stop(){return Ur},get trigger(){return Yr}}),a=Object.freeze({__proto__:null,get compute(){return Kr},get data(){return Fr},get log(){return Gr},get reset(){return Zr},get start(){return Br},get stop(){return Jr},get updates(){return Vr}}),r=Object.freeze({__proto__:null,get callbacks(){return $r},get clear(){return ui},get consent(){return oi},get data(){return Qr},get electron(){return ti},

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	4723
Entropy (8bit):	3.9381406013849958
Encrypted:	false
SSDEEP:
MD5:	B73CE2E986BAA7D51D14AD9042F95F39
SHA1:	DE126D4B7CCBE00A3BC517CD814FDF90587E5E1D
SHA-256:	17EC5FC239F51E4D21A817A320793EC68DFE6B571E7758E3C66850FA2A5977BF
SHA-512:	7C97432C21F6FAF6D625AFC6E579E8EF4838CDF93067ABE08F031F99240C9CEB1A6C1097679C7C04F45666D7A993028DB176D7E8A05847164C1994C8F9D032DD
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="65" height="65" viewBox="0 0 65 65">.. <g fill="none" fill-rule="evenodd">.. <g fill="#D31145">.. <g>.. <g>.. <path d="M50.354 31.138c-1.705.36-2.23-1.118-3.648-2.054-1.423-.937-2.728-1.296-4.045-2.604-.529-.528-.664-1.429-1.19-1.98-.701-.746-1.128-.95-2.08-1.321-1.67-.648-3.103-1.128-4.491-2.27-.235-.19-.786-.444-1.301-.54-.22-.047-.319-.012-.393.072-.207.266-.396.587-.58.889-.051.083-.222.325-.36.456-.269.24-.604.552-.86.695-1.397.853-3.237 1.574-4.031 3.003-.147.262-1.67.972-2.022 1.246-.553.456-1.096.901-1.665 1.321-.532.397-1.269 1.009-1.824 1.417-.293-.107-.593-.203-.87-.25-.654-.134-1.204-.638-1.766-.973-.721-.457-.667-.504-.895-.638-.199-.107-.297-.179-.374-.214-.536-.314-.568 0-1.329.467-.634.385-1.365 1.032-1.91 1.548-.435.409-.878.841-1.332 1.285.651-9.82 8.958-17.573 19.114-17.573 10.054 0 18.294 7.61 19.089 17.284-.31.409-.75.627-1.237.734zM32.49 10.833c-11.212 0-20.301 9.

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Category:	downloaded
Size (bytes):	15344
Entropy (8bit):	7.984625225844861
Encrypted:	false
SSDEEP:
MD5:	5D4AEB4E5F5EF754E307D7FFAEF688BD
SHA1:	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
SHA-256:	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
SHA-512:	7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Preview:	wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h\|.l....A....b6........(......@e.]...:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P\|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].\|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)\|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed..'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (6899), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	594116
Entropy (8bit):	5.275866044635346
Encrypted:	false
SSDEEP:
MD5:	7CE76390E1299C236E21749E5E9DFBD3
SHA1:	BBFBB6A18E6BC17606004D62DB9A40213B9DD03C
SHA-256:	2A38F35972394A3DA97D0F7F3FAC7CD5676F1C28075E2ED8AA81875E8EEAAB97
SHA-512:	B875336C421B3EED73EF6C44CA8B51EA1E86B6AA0A6A6BFAB76106A3EDFAC4E395CC6BC3418971E691D586B016F340D68348B0520E129A445E80C51E1619C33E
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff
Preview:	<!DOCTYPE HTML>.<html lang="en">. <head>. <meta charset="UTF-8"/>. <title>. Book an initial chat. . . \| AIA Australia. .</title>. . . <meta name="template" content="fw-homepage"/>. <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"/>. . .. .<script type="text/javascript">. (function() {. window.ContextHub = window.ContextHub \|\| {};.. /* setting paths /. ContextHub.Paths = ContextHub.Paths \|\| {};. ContextHub.Paths.CONTEXTHUB_PATH = "/conf/group-wise/settings/cloudsettings/default/contexthub";. ContextHub.Paths.RESOURCE_PATH = "\/content\/au\u002Dwise\/en\/financial\u002Dwellbeing\/get\u002Din\u002Dtouch\/initial\u002Dchat\/_jcr_content\/contexthub";. ContextHub.Paths.SEGMENTATION_PATH = "\/etc\/segmentation\/contexthub";. ContextHub.Paths.CQ_CONTEXT_PATH = "";.. / setting initial const

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (64006)
Category:	dropped
Size (bytes):	1902975
Entropy (8bit):	5.32631125970134
Encrypted:	false
SSDEEP:
MD5:	4B4005C8EA0293AD18EC674F5E18C648
SHA1:	38D5F6C274A6A4E25E08581A362C530DE01FB6F4
SHA-256:	38A0C7A5E00763C64CA44BA37B3E2F24B97F7937C4583F2C9206BDE7A58E4467
SHA-512:	E50D4862A122E320A3E7B2CDE999E8BF3A9DDEEE9B67E2B490DC837460F676F48A487B4A5771CC4A4B252EF4C3C8E0BCDE11840F4D7AD3BB62B1DF8677CCB397
Malicious:	false
Reputation:	unknown
Preview:	!function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var i in e)n.d(r,i,function(t){return e[t]}.bind(null,i));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=146)}([function(e,t,n){"use strict";e.exports=n(96)},function(e,t,n){(function(e,r){var i;./*

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1468), with no line terminators
Category:	dropped
Size (bytes):	1468
Entropy (8bit):	5.808266870706884
Encrypted:	false
SSDEEP:
MD5:	159FB4D695985263B7661F511294C6C3
SHA1:	1990C15F6C36DC50D167E943AC2DFF4017A04F80
SHA-256:	BED6310AA2E5127F8D3EF6B98B3D2D47509439091C2CE34ED804A5744B45D3A6
SHA-512:	31A008467885622C952C96A0FD5ACDC0CB6904A5F6CE020913150AEC629C83F8B534266F508B533B16BA92543BE364A2956110B8524F87CEC976DCB202DF42D6
Malicious:	false
Reputation:	unknown
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('6LdPLSUjAAAAAJGJ8eJjdBMY1s2GIFuppIp7Lbqa');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32731)
Category:	dropped
Size (bytes):	524397
Entropy (8bit):	5.379558706305179
Encrypted:	false
SSDEEP:
MD5:	277643CC4D3B4A2EB5B3754986215E33
SHA1:	92DD485CF64539E276A2FB573586C16C79D47EB3
SHA-256:	23E6F03774758502A4CE7B5A6DA419C6D5A5E58FD808C63900DACF0BFC38BB1E
SHA-512:	552B5E6D49797C5DF7E0B170815DAAEF573C10286C540646E937E4018E08BA0B7D0CD584E14D52DD77C8D794CC9CABB07C767119D54CE57701D3F40471B0E5F4
Malicious:	false
Reputation:	unknown
Preview:	// For license information, see `https://assets.adobedtm.com/e17df9099c11/58f0e6eb881b/launch-cfd3aa55f792.js`..window._satellite=window._satellite\|\|{},window._satellite.container={buildInfo:{minified:!0,buildDate:"2024-10-18T04:01:19Z",turbineBuildDate:"2024-08-22T17:32:44Z",turbineVersion:"28.0.0"},environment:{id:"EN5b2033bbdbc647f5823ce519b2d0aadd",stage:"production"},dataElements:{articleCategory:{storageDuration:"pageview",modulePath:"core/src/lib/dataElements/javascriptVariable.js",settings:{path:"aiaDatalayer.contentCategory"}},"dataLayer object":{modulePath:"adobegoogledatalayer/src/lib/dataElements/gtmDlPropertyKey.js",settings:{value:"",isReturnOnlyEventProps:!1}},"VBS Output":{modulePath:"core/src/lib/dataElements/customCode.js",settings:{source:function(){benefit=[];for(let e=0;e<document.querySelectorAll("li.reward-review-item").length;e++)benefit+=JSON.stringify(document.querySelectorAll("li.reward-review-item")[e].innerText.split("\n"));return benefit}}},"XDM - banner_c

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	4101
Entropy (8bit):	4.689694116913172
Encrypted:	false
SSDEEP:
MD5:	9B8D5C13B909560429F40EA797398718
SHA1:	AC59205C2988FABCBD66BD728474B1DFC87A36E2
SHA-256:	F5F7BF1EE320BF6398F33B1FC835822D47934DD829B8A4AB0D9DBFD107CC930C
SHA-512:	BC6D263C9CC47BF4720EAD7D9B20E3DF090B5686794E91104C1BD0C20360BE84201E99BD4A1C341C5896C9AD585B63DD863C3DA141957806C03D5F0B4F885DEF
Malicious:	false
Reputation:	unknown
URL:	https://bat.bing.com/p/action/211021110.js
Preview:	(function(w,d,c,k,a,b,t,e) {.. var cs = d.currentScript;.. if (cs) {.. var uo = cs.getAttribute('data-ueto');.. if (uo && w[uo] && typeof w[uo].setUserSignals === 'function') {.. w[uo].setUserSignals({'co': c, 'kc': k, 'at': a, 'bi': b, 'dt': t, 'ec': e});.. }.. }..})(window, document, 'us', true, false, false, false, false);..(function(w,d,s,i) {.. var c=d.currentScript;.. if (c) {.. var uo = c.getAttribute('data-ueto');.. if (uo && w[uo] && w[uo].uetConfig && w[uo].uetConfig.deBlock === true).. return;.. }.. var f,j; f=d.getElementsByTagName(s)[0]; j=d.createElement(s); j.async=true;.. j.src='https://www.clarity.ms/tag/uet/'+i+'';.. j.onload = function () {.. if (!c) return;.. var co = function(u) { return u && typeof u === 'object' && !(u instanceof Array) && u.beaconParams && u.beaconParams.mid && w.clarity; };.. var r = 40;.. var cl = function() {.. if (r-- <

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11524), with no line terminators
Category:	dropped
Size (bytes):	11524
Entropy (8bit):	5.452199113673286
Encrypted:	false
SSDEEP:
MD5:	B0894736B83C993E314B056D909D7D2D
SHA1:	AA0A71D013D3259B8C020CE159AEA242559143A2
SHA-256:	469A7D1DC25EE8FB2548EC2CCBAB5A04EA591B4C6F2EF5D21173A957BDF37933
SHA-512:	00F63CE1E9D2C00CECAF91A02D8F245FD051CF9A60BF0B29086DBF6D6A1E596089627EEAAA7BCC31D9A871BB801874831E870444706C3D983599473908939AFA
Malicious:	false
Reputation:	unknown
Preview:	!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e=e\|\|self).uuidv4=t()}(this,function(){"use strict";var e="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto)\|\|"undefined"!=typeof msCrypto&&"function"==typeof msCrypto.getRandomValues&&msCrypto.getRandomValues.bind(msCrypto),t=new Uint8Array(16);function n(){if(!e)throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return e(t)}for(var o=[],i=0;i<256;++i)o.push((i+256).toString(16).substr(1));return function(e,t,i){"string"==typeof e&&(t="binary"===e?new Uint8Array(16):null,e=null);var a=(e=e\|\|{}).random\|\|(e.rng\|\|n)();if(a[6]=15&a[6]\|64,a[8]=63&a[8]\|128,t){for(var r=i\|\|0,l=0;l<16;++l)t[r+l]=a[l];return t}return function(e,t){var n=o;return(n[e[0]]+n[e[1]]+n[e[2]]+n[e[3]]+"-"+n[e[4]]+n[e[5]]+"-"+n[e[6]]+n[e[7]]+"-"+n[e[8]]+n[e[9]]+"-"+n[e[10]]+n[e

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	103933
Entropy (8bit):	4.706494399279048
Encrypted:	false
SSDEEP:
MD5:	FDA3953E87F68AF282A3769734F32336
SHA1:	1C649050CEDF4CE633C6605B5D4E313753B4F764
SHA-256:	2940FA4EF89C6B9B09E76A618F73E7CE7697F970F99499D7461733C09455C164
SHA-512:	E7A1502796C5791CD123E5D8AB7975E4A8E94BA1C6BD81AF54818CCABE7B749E3289BE5B9C7D5F1FBF853E2669332D5AFC1CFC641FF4F4D356EB3E968F2502DC
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-base.min.fda3953e87f68af282a3769734f32336.css
Preview:	.cmp-accordion__header{margin:0}..cmp-accordion__button{display:block;width:100%;text-align:left}..cmp-accordion__panel--hidden{display:none}..cmp-accordion__panel--expanded{display:block}..cmp-tabs__tablist{display:flex;flex-wrap:wrap;padding-left:0;list-style:none}..cmp-tabs__tab{box-sizing:border-box;border-bottom:1px solid transparent;padding:.5rem 1rem;cursor:pointer}..cmp-tabs__tab--active{border-color:inherit}..cmp-tabs__tabpanel{display:none}..cmp-tabs__tabpanel--active{display:block}..cmp-image__image{width:100%}..aem-Grid{display:block;width:100%}..aem-Grid::before,.aem-Grid::after{display:table;content:" "}..aem-Grid::after{clear:both}..aem-Grid-newComponent{clear:both;margin:0}..aem-GridColumn{box-sizing:border-box;clear:both}..aem-GridShowHidden>.aem-Grid>.aem-GridColumn{display:block !important}..aem-Grid.aem-Grid--1>.aem-GridColumn.aem-GridColumn--default--1{float:left;clear:none;width:100%}..aem-Grid.aem-Grid--1>.aem-GridColumn.aem-GridColumn--offset--default--0{margin-

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7134)
Category:	downloaded
Size (bytes):	49488
Entropy (8bit):	5.441865936800393
Encrypted:	false
SSDEEP:
MD5:	8D65A8078245F9FCCEDF80B45D07CC29
SHA1:	1D3E621A9BDA97021D8EA6D1437E77FC68007B12
SHA-256:	44F1F3580BC0FC2CF6452856139E7E53B01F968135ADECFB7236400B55A1C953
SHA-512:	B7803E7E850E70BDC58A6D1C2AF202DD36DE7880E5D49A31F5AC5D51D54C004C56A25A0AB945E7DFFAC8060315BDBFCE957F4FFAF5E1DCBDA7092E6F027184C9
Malicious:	false
Reputation:	unknown
URL:	https://connect.facebook.net/signals/config/360312315933674?v=2.9.174&r=stable&domain=www.aia.com.au&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C195%2C197%2C122%2C145%2C151%2C129%2C232%2C116%2C127%2C146%2C173%2C159%2C118%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (347)
Category:	downloaded
Size (bytes):	7219
Entropy (8bit):	4.732992267992588
Encrypted:	false
SSDEEP:
MD5:	4B07E0A5112C27D81D496AE830C5A0A3
SHA1:	9F8C561A597D9F66EDB74B9BFE1A8DBACD60A752
SHA-256:	856830166997D402B24E618C68E1F52C02DB3F2A4F2811EFA5286536310F136D
SHA-512:	3BEE77609153589903F0A2DB4356A9F3B80E9318628E0D16352C8205A15C890D2B6AD33E69BC91827B85ADC919BFBADA90472E53913F4CFFF1F0BFBF26951A21
Malicious:	false
Reputation:	unknown
URL:	https://cdn25.lemnisk.co/ssp/AU_AIA_Prod/sw/service-worker.js
Preview:	var type = "LIVE";.var version = "v71";.var status = {};.var advid = 'VIZVRM100001';.var target = "au-pl.lemnisk.co";.var ctaUrls = ['lp1', 'lp2'];.self.addEventListener('install', function (event) {. self.skipWaiting().catch(function (err) {. logError(err);. });.});.self.addEventListener('activate', function (event) { });.self.addEventListener('push', function (event) {. try {. var data = event.data ? event.data.text() : '{}';. data = JSON.parse(data);. var showAd = true;. if (!(data.hasOwnProperty('imprid') && data.hasOwnProperty('engid') && data.hasOwnProperty('title') && data.hasOwnProperty('body') && data.hasOwnProperty('icon') && data.hasOwnProperty('lp'))) {. showAd = false;. }. var uuid = data.imprid;. status[uuid] = 1;. var payload = {. body: data.body,. icon: data.icon,. tag: data.tag,. requireInteraction: true,. data: {. url: data.lp,. ts: epoch,. engid: data.engid,. uuid: uuid,. c

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	88
Entropy (8bit):	4.062073019178423
Encrypted:	false
SSDEEP:
MD5:	941FC471BB86F44884D46F0E062C2380
SHA1:	9CEB475ED43256D054304C1FCA418FBDF09708CC
SHA-256:	A98DC59BF3976CB9B47F0EE459390252B472C28AF8C67CACC7492014D8229BFC
SHA-512:	796A5A27949B06376E4509D9141F73FA39DB61577ADD292C90D54B9F0EBA8146345D1B091099F0452129BE51BDE24E1F415359E89F763EB175619975FB4944C2
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISOgkBR3ZLevqL5RIFDb2Fgw8SBQ29hYMPEgUNvYWDDxIFDb2Fgw8SBQ29hYMPEgUNvYWDDxIFDVNaR8U=?alt=proto
Preview:	Cj8KBw29hYMPGgAKBw29hYMPGgAKBw29hYMPGgAKBw29hYMPGgAKBw29hYMPGgAKBw29hYMPGgAKBw1TWkfFGgA=

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3420
Entropy (8bit):	7.920285135661222
Encrypted:	false
SSDEEP:
MD5:	736919B7CF30E18F9139D3AFA41BF8F9
SHA1:	12CE7EFFBC790F581FEBCF96582E2DA9619ED746
SHA-256:	5F2C07943F27993EE43DAB17D4E0E369862CB24761D265008400E15BFB424534
SHA-512:	986933419A94767BECF2B5BD9464D6983627AE787796606B256E4DCF03016AE474AE45B8EB384A1216ECB6C53BAE16672D48CE266071764E6ACD755AE96FB374
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...D...D.....8.......sRGB.........IDATx..I.....s```X......f0 @...g.f..-KF....%$l_\|A...d...... n.\|...,7l..2..u...}........n.....!......3"2r...a.&n..5.E....&..1X......X.S.<...B........H...'.....$............I..S...5.@...P../N..J..l.B0:UJ.........d.....@..Qgi...CW.^..)S.L.5jT.a....0`Dmmm..@..:;;_).\|......_.w.^.s.N.[..N.z.W..Fy.!..T...Y1........(5(.SjV..d...8p...w.\|..mG....:..:.;n..h....^.)kG.....,.AJ#...&)}.a...q.?]]]..0.... z..E.......>...g.S....i...6i.......+....x.....8=.#.7o.p...mhh...$..W.\{{.O555Nf...>}.W^.....L.'.uuu>..8........-[.n.r..}}..B.......n.K..jY.4\....\|.._....#.Q..{_...y3z..Q.....r.w..o....d........o....]i......=f".m..m.}......YL...^..Y.+.D..M.!0../.......U.....jd.Rn...?:{...PHz.f.>\|....QU..M..E.!....c.+<._......6`4.;w....1.....~t...H~.{.J[.I...7x..gx.<......1.aO1.....n..=y..>....!..x....PR..>d$.9a.9P........b..k.)..2 .2![Ed....n..C3..].v..W>6(.......s.S...... ..,2S...Ubh..:P..t.&P.Wx..B..wd.eA&d+j

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	61
Entropy (8bit):	4.464738616821566
Encrypted:	false
SSDEEP:
MD5:	701D0A1486F03255B35067AE73EB9986
SHA1:	ED957F0662A30575622BFEC8CB4817AF1C7F0646
SHA-256:	2C2B22EC39798D1C703734453BEF9237A1124C37A5D731E8206C1AF0C2FC03DF
SHA-512:	6EBFB2873F1ABC97EB338EA11676D702EF180E486D25994792BA30484FF33B93CE225E2A563FC9CDB05C8D214D5733B4979176BB431418FE88CBCF6B2D0B0617
Malicious:	false
Reputation:	unknown
Preview:	A server error has occurred..EDGE_FUNCTION_INVOCATION_FAILED.

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2228
Entropy (8bit):	7.82817506159911
Encrypted:	false
SSDEEP:
MD5:	EF9941290C50CD3866E2BA6B793F010D
SHA1:	4736508C795667DCEA21F8D864233031223B7832
SHA-256:	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
SHA-512:	A0C69C70117C5713CAF8B12F3B6E8BBB9CDAF72768E5DB9DB5831A3C37541B87613C6B020DD2F9B8760064A8C7337F175E7234BFE776EEE5E3588DC5662419D9
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...0...0.....W.......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.......C......pHYs.................IDATh...P....=..8.....Nx. ..PlP8..;.C.1iL#6....Z..!......3.po .o.L.i.I..1fl..4..ujL&6$...............w...........,Z..z. ~.....\.._.C.eK...g..%..P..L7...96..q....L.....k6.....,xz.._......B."#...L(n..f..Yb....8.;....K)N...H).%.F"Ic.LB.........jG.uD..B....Tm....T..).A.}D.f..3.V.....O.....t_..].x.{o..........x?!W...j..@..G=Ed.XF.........J..E?../]..?p..W..H..d5% WA+.....)2r..+..'qk8.../HS.[...u..z.P.....-.A.}.......I .P.....S....\|...)..KS4....I.....W...@....S.s..s..$`.X9.....E.x.=.u.iJ...........k......'...!.a....*+.....(...S..\h....@............I.$..%.2....l......a.\|.....U....y.....t..8....TF.o.p.+.@<.g........-.M.....:.@..(.......@......>..=.ofm.WM{...e..,..D.r.......w....T.L.os..T@Rv..;.....9....56<.x...........2.k.1....dd.V.....m..y5../4\|...G.p.V.......6...}.....B........5...&..v..yTd.6...../m.K...(.

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	102
Entropy (8bit):	4.997660514702103
Encrypted:	false
SSDEEP:
MD5:	9AFB0D35BB088B3036561313BF7CE1F4
SHA1:	C7F3FDE34C537242969FBBD736B5B129611F1694
SHA-256:	6E4501CE6F65A1B8671A9D31A8F5AB56DFA4E30AA7A4A971DAA1544AB2EB53C1
SHA-512:	C08FAB7DD122743F8F942AC5F0F1A05A2A44BEFD7DA677074CC3D2D464A106CE88047C1396F4C99DABBF99541230CA37B05158F448E7014B36E1E9FE38C572AF
Malicious:	false
Reputation:	unknown
Preview:	importScripts('https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js');

Chrome Cache Entry: 185

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (31685), with no line terminators
Category:	dropped
Size (bytes):	31685
Entropy (8bit):	5.232406287193597
Encrypted:	false
SSDEEP:
MD5:	2D15113DB3E97FBC03ACAF4615D0CEF8
SHA1:	D77E319FB6E532250BF3DD44F8F282511F9C6D18
SHA-256:	D1268E25D95401080F999200A77A8BDFDA99333AEA85BF0F07C6C2F4BE9BCBFF
SHA-512:	FC13EDE10DC5A7D13A231A5F347C163F8413F6861C179E3FB9578A47725D0969D4000E5ABD3F501620D139ABA2036D3D00FCD2B34874788AFC222C0AB95E9A51
Malicious:	false
Reputation:	unknown
Preview:	var VizuryNotificationObject=VizuryNotificationObject\|\|{NotificationOpen:"true",IframeEle:null,IframeBottom:null,ContainerHtmlId:"vizury-notification-container",cookie:null,advid:null,ImpressionLogUrl:"https://us-ax.lemnisk.co/Impression?",TemplateId:null,flag:!0,OnsiteBlurHtmlId:"vizury-notification-blur",OnsiteBlurEnabled:!1,OriginalDimension:{},topPositions:[0,1,8],bottomPositions:[2,3,6],edgePositions:[5,6,7,8],responsiveConfig:{maxIfameWidth:.8,maxIfameHeight:.8,minimizedImageMaxWidth:.4,minimizedImageMaxHeight:.4,additionalIframeSizeForIcons:.06,minimizedImageStaticStyle:"min-width:unset;min-height:unset;max-width:unset;max-height:unset;"},reset:function(){VizuryNotificationObject.NotificationOpen="true"},createDivElementLocal:function(t){VizuryNotificationObject.reset(),VizuryNotificationObject.SetDivContent(t)},createDivElement:function(){var t=document.createElement("div");t.id=VizuryNotificationObject.ContainerHtmlId,document.body.appendChild(t),VizuryNotificationObject.makeA

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (14372), with no line terminators
Category:	dropped
Size (bytes):	14372
Entropy (8bit):	5.25235435937752
Encrypted:	false
SSDEEP:
MD5:	E31E4ACB22FEE236E968D8B9112B5C67
SHA1:	472BDFD534531A00689C6DCEFA488477AF0A98C8
SHA-256:	3D7CD74308488330DED0CD6658826CCF9EDF8DEB74811A09277C7BB7224661C2
SHA-512:	31E1C6ED3F0A80B216E253A805FA60CC126486367BB93A071F4DC6E7A4DCB103FE070A8B097F2D6C00BEB4F73A55C33BFDEB5A695C4F9E79E44CDD38268C024E
Malicious:	false
Reputation:	unknown
Preview:	!function(){var a=void 0,b=function(a,b){function c(a){return a?d(a):void 0}function d(a){for(var b in c.prototype)a[b]=c.prototype[b];return a}return a.exports=b,a.exports=c,c.prototype.on=function(a,b){return this._callbacks=this._callbacks\|\|{},(this._callbacks[a]=this._callbacks[a]\|\|[]).push(b),this},c.prototype.once=function(a,b){function c(){d.off(a,c),b.apply(this,arguments)}var d=this;return this._callbacks=this._callbacks\|\|{},b._off=c,this.on(a,c),this},c.prototype.off=c.prototype.removeListener=c.prototype.removeAllListeners=function(a,b){if(this._callbacks=this._callbacks\|\|{},0==arguments.length)return this._callbacks={},this;var c=this._callbacks[a];if(!c)return this;if(1==arguments.length)return delete this._callbacks[a],this;var d=index(c,b._off\|\|b);return~d&&c.splice(d,1),this},c.prototype.emit=function(a){this._callbacks=this._callbacks\|\|{};var b=[].slice.call(arguments,1),c=this._callbacks[a];if(c){c=c.slice(0);for(var d=0,e=c.length;e>d;++d)c[d].apply(this,b)}return th

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	656
Entropy (8bit):	4.601504794639384
Encrypted:	false
SSDEEP:
MD5:	2024F24CBC6B763014A176A4C239B60F
SHA1:	0D5F3751B7A6BC8609E8345E92D20F93302A74A7
SHA-256:	A3FAEC0B36DF58C99CC1A3B432FA8638059710A5DE5728CDC40E170F2ED86ADA
SHA-512:	24B885C4C7BA6DBD0296E3CF2335E1F007AAF75DE2EE1E990B864A12C42E0F715E5DD1D090F8752DE4B5F8AF41C0EBCC090FC039128F4AF4C65ED16E2D3BB82E
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/images/icons/icon-toggler.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24">.. <g fill="none" fill-rule="evenodd">.. <g fill="#5B636B">.. <g>.. <g>.. <path d="M20.1 17c.497 0 .9.403.9.9s-.403.9-.9.9H3.9c-.497 0-.9-.403-.9-.9s.403-.9.9-.9h16.2zm0-6c.497 0 .9.403.9.9s-.403.9-.9.9H3.9c-.497 0-.9-.403-.9-.9s.403-.9.9-.9h16.2zm0-6c.497 0 .9.403.9.9s-.403.9-.9.9H3.9c-.497 0-.9-.403-.9-.9s.403-.9.9-.9h16.2z" transform="translate(-376.000000, -678.000000) translate(56.000000, 658.000000) translate(320.000000, 20.000000)"/>.. </g>.. </g>.. </g>.. </g>..</svg>..

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	488
Entropy (8bit):	5.044628322938247
Encrypted:	false
SSDEEP:
MD5:	E2CB71346C4A8D4B2778E0696D48A730
SHA1:	71707D4F5DE8A49EE8FB1ACF21103E6491B49F80
SHA-256:	AC46334064A1B04BF82707DA1F5A887B1369452276742632DD35FF234925D88B
SHA-512:	B8A901213043E40FC02FC8C8371DE697DB0A31D558C71187BA52D2FA4D0BD4CB5BBBB181F9CE7F59911C71455E6D3A0EA3B1163B08D90D05AA1767BE88EDEFDA
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><defs><style>.cls-1{fill:#3da758;fill-rule:evenodd;}</style></defs><g id="Layer_2" data-name="Layer 2"><g id="Layer_1-2" data-name="Layer 1"><path class="cls-1" d="M12,0A12,12,0,1,1,0,12,12,12,0,0,1,12,0Zm6.35,7.31a.78.78,0,0,0-1.09.12l0,.05-7.53,8H9.64L6.7,12.14,6.59,12a.77.77,0,0,0-1,.1.88.88,0,0,0,0,1.19l2.94,3.3.13.13a1.59,1.59,0,0,0,1.14.37,1.65,1.65,0,0,0,1.2-.68l7.53-8,.07-.12A.88.88,0,0,0,18.35,7.31Z"/></g></g></svg>

Chrome Cache Entry: 192

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	204
Entropy (8bit):	5.051995734121317
Encrypted:	false
SSDEEP:
MD5:	EB23A25E6E6B7DE20BE4333877D434F3
SHA1:	1FA957AC6C408DAECE4156E390F92D7DF9931B55
SHA-256:	D9F8C6D46E4EBA2E3ED595F803C271902DB0B07679F73BE198C70FB44166B6FD
SHA-512:	526E805F65D95226BCD2AC3C4C43C5B4CA2419AB960EE3397A1584932706A63AABC46F330BC5438BD6D86B6CEEB1570D1CD3BB752E3E8D3951955834F0213446
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISSAn8ErUNR4ptmhIFDQXL3EsSBQ0qOGj_EgUNfDt_kRIFDfhm7DYSBQ1MYJrOEgUNVbv1bxIFDfownyUSBQ3Ok83wEgUNMT2UMBIzCUSU0g3Doy3TEgUNvYWDDxIFDb2Fgw8SBQ29hYMPEgUNvYWDDxIFDb2Fgw8SBQ29hYMP?alt=proto
Preview:	Cl0KBw0Fy9xLGgAKBw0qOGj/GgAKBw18O3+RGgAKBw34Zuw2GgAKBw1MYJrOGgAKCw1Vu/VvGgQIIhgBCgsN+jCfJRoECAcYAQoLDc6TzfAaBAgJGAEKBw0xPZQwGgAKNgoHDb2Fgw8aAAoHDb2Fgw8aAAoHDb2Fgw8aAAoHDb2Fgw8aAAoHDb2Fgw8aAAoHDb2Fgw8aAA==

Chrome Cache Entry: 193

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	436
Entropy (8bit):	4.523936238414312
Encrypted:	false
SSDEEP:
MD5:	1935F04C339DA070CC1B86362DD195D0
SHA1:	0B596C423703BC3C44E7D10202BDC2EC2CCE1714
SHA-256:	49AB194A4B0D6E98AC0ED1F0BA0684858C8AB91E79A9976A1332A186D63A4D9E
SHA-512:	AA13CC80C511BC18D35A364C876F2F7956E54C86E51FE0A2489E2F36C332A0B166491655C0103F29A7A1BFEE439A041B889E564F2BEDA5F4A71093DACF22B805
Malicious:	false
Reputation:	unknown
Preview:	<svg width="24" height="24" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">.. <path d="m20.682 19.152-3.205-3.207A8.065 8.065 0 0 0 16.363 4.99a8.06 8.06 0 0 0-11.002.372 8.065 8.065 0 0 0-.372 11.005 8.06 8.06 0 0 0 10.953 1.113l3.205 3.208a1.099 1.099 0 0 0 1.535 0 1.087 1.087 0 0 0 0-1.536zM4.5 11.102a6.5 6.5 0 1 1 13 0 6.5 6.5 0 0 1-6.5 6.501 6.509 6.509 0 0 1-6.5-6.501z" fill="#5B636B" fill-rule="evenodd"/>..</svg>..

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (52360)
Category:	dropped
Size (bytes):	344002
Entropy (8bit):	5.417034116140363
Encrypted:	false
SSDEEP:
MD5:	9E849DC9566F5E58E5725108FA04C8A1
SHA1:	F0B8C295D42DD19442D29F1A4BA564B37D38025B
SHA-256:	8838B00C4D65FB353A4FC115FB3D5EC4AC665DDDD47131DBCB41799E5CE6B25A
SHA-512:	0C8A6932163D1B9933FF5ED9D087CBA0B2E367DEF33AF3E0D15408A10DF8F448C1C9F038E28369A174330B4047640286DD330F5A8FA8B8AA1DD09BDEA69F45D6
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";function t(){t=function(){return e};var e={},r=Object.prototype,n=r.hasOwnProperty,o="function"==typeof Symbol?Symbol:{},i=o.iterator\|\|"@@iterator",a=o.asyncIterator\|\|"@@asyncIterator",c=o.toStringTag\|\|"@@toStringTag";function u(t,e,r){return Object.defineProperty(t,e,{value:r,enumerable:!0,configurable:!0,writable:!0}),t[e]}try{u({},"")}catch(t){u=function(t,e,r){return t[e]=r}}function l(t,e,r,n){var o=e&&e.prototype instanceof p?e:p,i=Object.create(o.prototype),a=new I(n\|\|[]);return i._invoke=function(t,e,r){var n="suspendedStart";return function(o,i){if("executing"===n)throw new Error("Generator is already running");if("completed"===n){if("throw"===o)throw i;return T()}for(r.method=o,r.arg=i;;){var a=r.delegate;if(a){var c=g(a,r);if(c){if(c===s)continue;return c}}if("next"===r.method)r.sent=r._sent=r.arg;else if("throw"===r.method){if("suspendedStart"===n)throw n="completed",r.arg;r.dispatchException(r.arg)}else"return"===r.method&&r.abrupt("return",r.arg);

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	499
Entropy (8bit):	4.630443917701152
Encrypted:	false
SSDEEP:
MD5:	FD785140E222C588445DD6E6A7B7A277
SHA1:	6C442AC3E9BF4724A9B693DD3E37BA639D5D5F08
SHA-256:	6C098FBE7744917920E271DDA750616276225B5F03730662E1A9446B993CB8E5
SHA-512:	B93C59218BEBF9479C494DC217D21FBA6FA4034CEF29861DBAD47B6989278CD82896314BBC5BFC68756AA7750A5FF506D8E48A03A1BA6DC2C09A6771B227D3F1
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/images/icons/icon-error-alert.svg
Preview:	<svg width="32" height="32" viewBox="0 0 32 32" xmlns="http://www.w3.org/2000/svg">.. <path d="M16 5.337c.798 0 1.538.397 1.968 1.03l10.466 17.296A2.39 2.39 0 0 1 26.55 27.2l-.21.01H5.659A2.39 2.39 0 0 1 3.6 26.032a2.393 2.393 0 0 1-.115-2.203l.097-.195L13.907 6.572A2.39 2.39 0 0 1 16 5.337zm0 15.996a1 1 0 1 0 0 2 1 1 0 0 0 0-2zm0-10.17a.8.8 0 0 0-.79.67l-.01.13v7.158l.004.082a.8.8 0 0 0 1.586.048l.01-.13v-7.159l-.004-.082a.8.8 0 0 0-.796-.718z" fill="#BA0361" fill-rule="evenodd"/>..</svg>..

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (649)
Category:	dropped
Size (bytes):	24423
Entropy (8bit):	5.369584273944388
Encrypted:	false
SSDEEP:
MD5:	7071653D2C5CEBA6B7AE6E807017A614
SHA1:	5CF87FF315E817D6AAE3F487D10166E38ABBDF47
SHA-256:	CF50F6724180E3D443CDFA9100A7DD1796DF172964E3A402E87032901136F452
SHA-512:	A5DECAF3F6C34E7E96A63EFE0CCCD559BD27742C11A2B043DB2BA852324E4A0AD353B1716582A39FC09AEEE57877F6C750D450F37CC94740142C76F763867D6B
Malicious:	false
Reputation:	unknown
Preview:	Element.prototype.matches\|\|(Element.prototype.matches=Element.prototype.msMatchesSelector\|\|Element.prototype.webkitMatchesSelector);Element.prototype.closest\|\|(Element.prototype.closest=function(y){var g=this;if(!document.documentElement.contains(g))return null;do{if(g.matches(y))return g;g=g.parentElement\|\|g.parentNode}while(null!==g&&1===g.nodeType);return null});.(function(){function y(t){function F(d){l._config=d;d.element.removeAttribute("data-cmp-is");b(d.options);E(d.element);l._elements.item&&(l._elements.item=Array.isArray(l._elements.item)?l._elements.item:[l._elements.item],l._elements.button=Array.isArray(l._elements.button)?l._elements.button:[l._elements.button],l._elements.panel=Array.isArray(l._elements.panel)?l._elements.panel:[l._elements.panel],l._properties.singleExpansion&&(d=w(),1<d.length&&p(d.length-1)),k(),u(),H());window.Granite&&window.Granite.author&&.window.Granite.author.MessageChannel&&(window.CQ.CoreComponents.MESSAGE_CHANNEL=window.CQ.CoreComponents.MES

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansBold1.10;1ASC;OpenSans-Bold
Category:	downloaded
Size (bytes):	104120
Entropy (8bit):	6.639448944054016
Encrypted:	false
SSDEEP:
MD5:	1025A6E0FB0FA86F17F57CC82A6B9756
SHA1:	1E3704EE48B5FF7E582488EAD87B05249F14DC1C
SHA-256:	F7916A37377E38527D4306303CFE89B653B49B0A6B0B05C6B7593F7AB0248DA8
SHA-512:	CF6D6ED4007492A24AB6040ADBEF2525CDC499650A8590B0692E8655810744AF9F2D7BC694BA48A550B1A3E668885C0DC5300D198E550E69C23689909ABC515F
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/fonts/OpenSans-Bold.ttf
Preview:	............GDEF.\|..........GPOS............GSUB.).........OS/2.m....cP...`cmap......c.....cvt .-....p.....fpgm.s.u..g8....gasp.......\|....glyf..........K.head.%I...TX...6hhea.).R..c,...$hmtx$.....T.....loca..`+..M....Vmaxp.5....L.... nameXb}-..p.....post...o..tx....prep...k..o.....................@............../2/3...99.3.310.!.!7!.!..I..h.y.....Jh......u...........&@.............TY.....??+..3...9.33.310.#.!.4632....#"&...3.Z..ZVS[\RT\......TVXRO[Y........B........@.............?3.2..3.3.210..#.!.#...).)..).)..............-...........}@D......................................... !..........................?3?3.99//.333.33.333.33....9.3...9.3...9.3...9.3...910..!.!.#.#.#.#5!7#5!.3.3.3.3..37#../....M.N.L.J.../..!M.M.N.N..../..L...j...j........i...i.......X...D... .&.,..@E$.......*!).'.'..#.!!....-..'...$.!.'+.'!.%.....OY....PY........-...?.99//.3..+..3+....9.3..993..99...99.33..9922..99.9.3333.33310.....#5&'.....'&&546753....&'....4&'.6....5..D....W.`C....^...M..DD..n=D........

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R
Category:	downloaded
Size (bytes):	96932
Entropy (8bit):	6.707256846057859
Encrypted:	false
SSDEEP:
MD5:	3ED9575DCC488C3E3A5BD66620BDF5A4
SHA1:	BABE8DCE93A3E48B6C3C79720A0C048E88DD1FE7
SHA-256:	037236ED4BF58A85F67074C165D308260FD6BE01C86D7DF4E79EA16EB273F8C5
SHA-512:	7BA57687079A7E1D2AC2A64D210753B6014877EEADB6CC4DD86B836F46F7A3B8D34E4350D264F4D7361B1BD4488A1169F0F3CB49A7DCFEC0ADE9701F4E468416
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/fonts/OpenSans-Regular.ttf
Preview:	............GDEF.\|....wt....GPOS......w.....GSUB.)...w.....OS/2.6....G@...`cmap......G.....cvt .M....S.....fpgm~a....K(....gasp...#..wd....glyft8.K....../.head..cp..8H...6hhea...s..G....$hmtx.5<...8.....loca).....0....Vmaxp.C....0.... name[.....T.....post...o..X`....prepC.....R.............................../2/3./3/310.!.!7!.!..I..h.y.....Jh.................+@...............OY.....??+...9./...9.33.310.#.3.432....#"&.Fi3..x:?@94D...#...FB@G?.................@...............?3.2...99.3.310..#.!.#..?(i).+)h)..............3............@U.......................................!....... !.....NY........NY...O..O............./3?3.99//]].33+..33.33+..33...99..3..99.3...9...9.3...922.3...910..!.!.#.!.#.!5!.!5!.3.!.3.!..!.!..B....T.T..R.P....D...+R.R.1T.T...../B........R...R....T....L...L....T........... .&.-.f@5'.%.......!......../%...MY..$..LY.+...MY..........//.99//.92+..3.3+..3.3+..3....9.3.3333.333.310.....#5"&'5..3.&&546753....&'....4&'.6...........p.CS.Y.....4....J.Y....Zocf.......

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (51384), with no line terminators
Category:	dropped
Size (bytes):	51385
Entropy (8bit):	5.293328685395304
Encrypted:	false
SSDEEP:
MD5:	6626C1362840EBFC8F48294E8F023E18
SHA1:	4EC0DFB37C3E536C1B5EC04B68C9846FDBAF9EEF
SHA-256:	AABC88A6DB8B22022F96CA88E4F0A7BE426ABEF2B35169A71515A2D55246402A
SHA-512:	B037A19B52C1047198EC7F19E99066054E454964380E2354239834260D11248E617D6759B944DDF39A25B883C8F430603D8E13097396E2DEDA9BB6905C1CD42A
Malicious:	false
Reputation:	unknown
Preview:	function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"\|\|o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0,enforced:!1};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.uetConfig.cusig={hasLoaded:!1,timeoutId:null,blob:{}};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	129692
Entropy (8bit):	4.819213175203566
Encrypted:	false
SSDEEP:
MD5:	2E98AEA6224E52B8C61F213D9BAA8F6B
SHA1:	37D11C58983BC11C1D9D1D85C2E8F33ECF390BCD
SHA-256:	E553B6F7806D2439FE1AEDD34434CF3B4C024D7359F8BBBF164732D99A57C711
SHA-512:	0FF7650621A4DC669D576707C24C9A7F7DDEE02335FF63E0293683E65260B9C7A5632B951550A4F28237BAD910EB1ACE4CC6690FD23D433A0C4DBC98B44A5C14
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-base.min.2e98aea6224e52b8c61f213d9baa8f6b.js
Preview:	/******************************************************************************. Copyright 2020 Adobe. . Licensed under the Apache License, Version 2.0 (the "License");. * you may not use this file except in compliance with the License.. * You may obtain a copy of the License at. . http://www.apache.org/licenses/LICENSE-2.0. . Unless required by applicable law or agreed to in writing, software. * distributed under the License is distributed on an "AS IS" BASIS,. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.. * See the License for the specific language governing permissions and. * limitations under the License.. ******************************************************************************/.(function() {. "use strict";.. window.CQ = window.CQ \|\| {};. window.CQ.CoreComponents = window.CQ.CoreComponents \|\| {};. window.CQ.CoreComponents.container = window.CQ.CoreComponents.container \|\| {};. window.CQ.CoreComponents.container.utils

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (665)
Category:	downloaded
Size (bytes):	154826
Entropy (8bit):	5.588915977836026
Encrypted:	false
SSDEEP:
MD5:	A8B770A5C26F00E747CD6C9182EA26C3
SHA1:	ABE00BBBF79B47C084C72DF25A5BEE655C26014A
SHA-256:	FA19BE87F8C5ECD1E0B063C169A7EDAA27A737E881F8021993C8FA72B8E8193A
SHA-512:	C5C17085BC0B9C7B04AFDC3645926BE4365FB46EAD588CC1E902520542EE962B9DB9F455B78FB6219D2627CD570B5485F2FD08BD93C21937ADB4A8901302FBE2
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-headlibs.min.a8b770a5c26f00e747cd6c9182ea26c3.js
Preview:	/. jQuery JavaScript Library v1.12.4-aem. http://jquery.com/.. Includes Sizzle.js. http://sizzlejs.com/.. Copyright jQuery Foundation and other contributors. Released under the MIT license. http://jquery.org/license.. Date: 2016-05-20T17:17Z. Sizzle CSS Selector Engine v2.2.1. http://sizzlejs.com/.. Copyright jQuery Foundation and other contributors. Released under the MIT license. http://jquery.org/license.. Date: 2015-10-17./.(function(l,u){"object"===typeof module&&"object"===typeof module.exports?module.exports=l.document?u(l,!0):function(h){if(!h.document)throw Error("jQuery requires a window with a document");return u(h)}:u(l)})("undefined"!==typeof window?window:this,function(l,u){function h(a){var b=!!a&&"length"in a&&a.length,c=d.type(a);return"function"===c\|\|d.isWindow(a)?!1:"array"===c\|\|0===b\|\|"number"===typeof b&&0<b&&b-1 in a}function n(a,b,c){if(d.isFunction(b))return d.grep(a,function(e,f){return!!b.call(e,.f,e)!==c});if(b.nodeType)return d.grep(a,function(e){return e=

Chrome Cache Entry: 211

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (501)
Category:	downloaded
Size (bytes):	993
Entropy (8bit):	5.299606871339416
Encrypted:	false
SSDEEP:
MD5:	CD5337E3EE99DA05D2473E26631A9809
SHA1:	23A25A1D002E035725FA0CF061520E8B69B3827D
SHA-256:	62537C22A68AFD8F5A3C2CC01C47F17AA579F4E8C89236870450209A7B316AD9
SHA-512:	27E35B1FF074C5FACF795AB0D806728FEA923E43707C5ED5987CEC76212A90F6CC0839EF1D63F619DD8755990CC5819F0F10473BEF8BFD3466BBDE90775BEF0F
Malicious:	false
Reputation:	unknown
URL:	https://www.youtube.com/iframe_api
Preview:	var scriptUrl = 'https:\/\/www.youtube.com\/s\/player\/76c7a082\/www-widgetapi.vflset\/www-widgetapi.js';try{var ttPolicy=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(x){return x}});scriptUrl=ttPolicy.createScriptURL(scriptUrl)}catch(e){}var YT;if(!window["YT"])YT={loading:0,loaded:0};var YTConfig;if(!window["YTConfig"])YTConfig={"host":"https://www.youtube.com"};.if(!YT.loading){YT.loading=1;(function(){var l=[];YT.ready=function(f){if(YT.loaded)f();else l.push(f)};window.onYTReady=function(){YT.loaded=1;var i=0;for(;i<l.length;i++)try{l[i]()}catch(e){}};YT.setConfig=function(c){var k;for(k in c)if(c.hasOwnProperty(k))YTConfig[k]=c[k]};var a=document.createElement("script");a.type="text/javascript";a.id="www-widgetapi-script";a.src=scriptUrl;a.async=true;var c=document.currentScript;if(c){var n=c.nonce\|\|c.getAttribute("nonce");if(n)a.setAttribute("nonce",.n)}var b=document.getElementsByTagName("script")[0];b.parentNode.insertBefore(a,b)})()};.

Chrome Cache Entry: 216

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65278)
Category:	downloaded
Size (bytes):	357388
Entropy (8bit):	5.336917345835183
Encrypted:	false
SSDEEP:
MD5:	D0ECAEA99F12C840ADA39DEDC1212EC9
SHA1:	74E131C7D0BB8DB0A8AFE91504133F4D40FA6E45
SHA-256:	96E34C2A3F9CEDEBF5D776007C183F5FEF071FE12023154F88C604C0D60BECB8
SHA-512:	C0497F5219110F629F89EDFA159C59CF70BEEA90052C254E0DCC4BE732D889F1E8FB260D53CF9C47569E0F27E0F195D200829117790A17CD1DA99A3FE18A343A
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/au-wise/clientlibs/clientlib-site.min.d0ecaea99f12c840ada39dedc1212ec9.js
Preview:	/! For license information please see site.js.LICENSE.txt /.!function(){var e={980:function(e){e.exports=null},168:function(e,t,n){"use strict";var r,i,s,a="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},o="object"===("undefined"==typeof window?"undefined":a(window));i=[n(980)],r=function(e){var t,n="slider",r="bootstrapSlider";return o&&!window.console&&(window.console={}),o&&!window.console.log&&(window.console.log=function(){}),o&&!window.console.warn&&(window.console.warn=function(){}),function(e){var t=Array.prototype.slice;function n(){}function r(e){if(e){var r="undefined"==typeof console?n:function(e){console.error(e)};return e.bridget=function(e,t){i(t),s(e,t)},e.bridget}function i(t){t.prototype.option\|\|(t.prototype.option=function(t){e.isPlainObject(t)&&(this.options=e.extend(!0,this.options,t))})}function s(n,i){e.fn[n]=

Chrome Cache Entry: 219

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Category:	downloaded
Size (bytes):	15552
Entropy (8bit):	7.983966851275127
Encrypted:	false
SSDEEP:
MD5:	285467176F7FE6BB6A9C6873B3DAD2CC
SHA1:	EA04E4FF5142DDD69307C183DEF721A160E0A64E
SHA-256:	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
SHA-512:	5F9BB763406EA8CE978EC675BD51A0263E9547021EA71188DBD62F0212EB00C1421B750D3B94550B50425BEBFF5F881C41299F6A33BBFA12FB1FF18C12BC7FF1
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Preview:	wOF2......<...........<Z.........................d..z..J.`..L.\..<.....<.....^...x.6.$..6. .... ..S..}%.......\|....x..[j.E...d..-A...]=sjf$X.o.5......V....i?}.\...;...V......5..mO=,[.B..d'..=..M...q...8..U'..N..G...[..8....Jp..xP...'.?....}.-.1F.C.....%z..#...Q...~.~..3.............r.Xk..v..7t.+bw...f..b...q.W..'E.....O..a..HI.....Y.B..i.K.0.:.d.E.Lw....Q..~.6.}B...bT.F.,<./....Qu....\|...H....Fk.-..H..p4.$......{.2.....".T'..........Va.6+.9uv....RW..U$8...p...........H5...B..N..V...{.1....5}p.q6..T...U.P.N...U...!.w..?..mI..8q.}.... >.Z.K.....tq..}.><Ok..w.. ..v....W...{....o...."+#+,..vdt...p.WKK:.p1...3`. 3.......Q.].V.$}.......:.S..bb!I...c.of.2uq.n.MaJ..Cf.......w.$.9C...sj.=...=.Z7...h.w M.D..A.t.....]..GVpL...U(.+.)m..e)..H.}i.o.L...S.r..m..Ko....i..M..J..84.=............S..@......Z.V.E..b...0.....@h>...."$.?....../..?.....?.J.a,..\|..d...\|`.m5..b..LWc...L...?.G.].i...Q..1.:..LJV.J...bU.2.:\.kt.......t.....k....B..i.z+...........A.....

Chrome Cache Entry: 222

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (701)
Category:	downloaded
Size (bytes):	558800
Entropy (8bit):	5.6661858145390775
Encrypted:	false
SSDEEP:
MD5:	88A5FED5C87B1D3704AB225CFBE7A130
SHA1:	D64243C18FBAA356E4ABAE8414CCC4772D64060B
SHA-256:	F8E5F5CE9FF44073CFF24BCD3D2B8AA4E67B67891B14FF929FE4743880FDF82E
SHA-512:	8B8D1C9F4C36FD2383C96D0D484A6692F70422934BCCD3DB1F0787E1B753F7D5A8F0C91934805C4D865AED3D4673FF478F0AE23746D0C0E005E60848543B3D33
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var k=function(){return[function(n,S,D,d,Z,l,h,R,O){return(((n^53)&19)==((n&((((R=[34,2,46],n\|72)==n&&(O=St(function(G,A,L){return L=(A=(G=function(f,H){return(f[(H=["replace","indexOf","trim"],H)[1]](d)!=-1&&(f=f.slice(f[H[1]](d))),f)[H[0]](/\s+/g,S)[H[0]](/\n/g,Z)[H[2]]()},G(Z+l)),G(Z+h)),A==L},D)),n)\|56)==n&&(h=["https","",0],D==""?O="":(d=g[R[2]](24,!0,h[1],new OI(D)),l=N[30](58,d,h[1]),Z=N[36](25,h[1],g[40](40,l,h[1]),v[21](R[1],1,S,D)),Z.D!=S\|\|(Z.A==h[0]?E[30](90,h[R[1]],443,Z):Z.A=="http"&&.E[30](96,h[R[1]],80,Z)),O=Z.toString())),11))==n&&b.call(this,S),1)&&(O=x[42](16,C[42](44,v[R[0]](23,12),S),[u[20](3

Chrome Cache Entry: 226

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1074
Entropy (8bit):	4.954392887618798
Encrypted:	false
SSDEEP:
MD5:	A78AFF59A249FB08271DD47F8B06261F
SHA1:	7599C107075DD2CCABA178700697D93A7EB0C55D
SHA-256:	82321001518D1E6615619A4D80B5D3972999A16360D6675CB00B76649B6C4E7E
SHA-512:	D0559B691B51ABCEFED4FEA3F46ADF2F3A9E7A60E0635681245B41133F6EFADD795D50E3CE82F355D15DAB2B1B5D5C1E5470157A9A7B38B1EB18CF012FE5D6B2
Malicious:	false
Reputation:	unknown
Preview:	<svg width="445" height="508" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">.. <defs>.. <path id="a" d="M0 0h443v397H0z"/>.. </defs>.. <g fill="none" fill-rule="evenodd">.. <path d="M5.569 240.165 391 124.722 368.82 5.138c-.9-4.845-4.995-6.574-9.102-3.84L4.44 237.77c-3.345 2.227-4.299 6.017-2.65 9.23-1.419-2.875-.026-5.694 3.779-6.835" fill="#F6CFDA"/>.. <g transform="translate(2 111)">.. <mask id="b" fill="#fff">.. <use xlink:href="#a"/>.. </mask>.. <path d="M270.002 393.747c-2.924 3.966-8.17 4.362-11.657.878L2.075 138.515c-3.486-3.485-2.475-7.494 2.248-8.91L435.397.364c4.723-1.416 8.115 1.43 7.54 6.324l-20.319 172.589c-.575 4.894-3.44 12.144-6.364 16.111L270.002 393.747z" fill="#E4708F" mask="url(#b)"/>.. </g>.. <path d="M5.914 240.732 251 167.092 94.14 46.644c-3.916-3.006-8.758-1.772-10.762 2.743L.966 235.103C-.917 239.347.043 245.387 3.06 249c-2.74-3.325-1.573

Chrome Cache Entry: 227

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	15527
Entropy (8bit):	4.964968709102865
Encrypted:	false
SSDEEP:
MD5:	AD0BB21E78F0646E33656B67EB01A594
SHA1:	6A55BEE7CD7A149619346237453C827403E2AB24
SHA-256:	00F1E56B5A452C5F90C507AAC36E073D700A03E0B2F811FE1BF610AFAC45E47F
SHA-512:	AC7A28DF18AB1F69E250325C17F0624474D9B7870E0DED0BA2BEFDF69DFA716BE810654D6D003361AE057D1E9911292CC7AC8416A9D12AF0B10C4E1FA4A303BE
Malicious:	false
Reputation:	unknown
URL:	https://cdn25.lemnisk.co/ssp/AU_AIA_Prod/sw/sw_registration.js
Preview:	var notData = {};..var wlcmEnabled = 0;..var macros = {"sw":"/content/dam/au-wise/lemniskSDKWorker.js","customOptinStatus":null,"migdomain":"/lemnisk/","hasMigration":true};..var __vizpush = __vizpush \|\| {.. IframeEle: null,.. ContainerHtmlId: 'viz-push-container',.. version: '1',.. advid: 'VIZVRM100001',.. target: 'au-pl.lemnisk.co',.. domain: macros.domain,.. migDomain: macros.migdomain,.. hasMigration: macros.hasMigration,.. isCOActive: macros.customOptinStatus,.. dailyCookie: '_vwpnsent',.. stateCookie: '_vwpnstate',.. fcmMigCookie: '_vwpnfcm',.. pushSuppCookie: '_vwpnsupp',.. fpc: '_vz',.. prevState: '',.. fcmMigState: '',.. vapidPublicKey: 'BKKGEyWpHNlJEiq0hkIrVUQtde2Ag5mAvaQsMYqxUFhm6pPIYhT4fbQwxI39ybbBRhTMwgBjzcxACRTWAEYooeI',.. swLoc: macros && macros.sw ? macros.sw : '/content/dam/au/lemniskSDKWorker.js',.. mobileOnly: macros.mobileOnly ? macros.mobileOnly : 0,.. timeout: macros.timeout ? macros.timeout : 120000,.. first: false,.. ctaUrls: ['lp1', 'lp2']

Chrome Cache Entry: 228

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 29288, version 1.0
Category:	downloaded
Size (bytes):	29288
Entropy (8bit):	7.991125995035454
Encrypted:	true
SSDEEP:
MD5:	E5EE5B541A3F3472E918B091C4F56BD2
SHA1:	D683E90395A9BB8894740DDE7B754670D5FC023B
SHA-256:	BE89B643D65473F9A33D32ECE3DA2527F83D34C28430978FF0345ACE94E764CE
SHA-512:	796511A50C81B2DADE57C205EEA4F4D993B4253E7E96044A97088E536CE6132BB21AD2015AE2EC93149D91FF85B9A390C505D9DAEAD24D0A3ED0A9E1DD112C87
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/aia-wise/clientlibs/clientlib-site/resources/fonts/AIAEverest-Medium.woff2
Preview:	wOF2......rh......W@..q.........................?FFTM.......>..d.`..&.....m.....t.....R..6.$.. . ..q..:..#[L7.B..v.N...j'@.o[...Kds...nA,Q$]...N..............+..l%.qi..+.&.T_.._Q1.R."..UjR..'W..6;]E...TuoBJ....:........L<...5I1Y.....z./<..N...........3_..VEDD..H.n.........w...L5M..$$...}..QEDD...$$!Y..?.>..y.%333.4A..pd...5i.5..w..p.%.#.O.o.....r@MM..s..a.z...U.....l.......\|W..S.lf..R.B..1....0EF......P......jQ!.n.eG1D!.....YN.UV5I...}..Z.T.C.wu.P.....<.........1..h...K..6H-5(5E4P3..CM.@...W..W.l9.C..P../...+.Q}.y.{.o>by..=Ds..D..6....$...Sw.`......E.X.H...-!. .(F..U}s.'x....{.............D...:.v..M.w.u..FMc$$...:..I("}.bD..gMH..&.w~N{..>L...HJ.L)m.`yA.).g....?.'.e...dB....-.m.0.....5#.5.!.7.mJ.Pz....0...I....q.%r.............[x.K.Nh.PU..s..?......+VX.....9<O..vO.........$.?:}.\.z* ..$0`\jJ.....v..<...m....K.R....., 8.c.5.$1)g..v$k1..:*....:..5J...1.(.......&3..L&I.$I..`...]^.k.l...0'5#B...GUUU..R.2..a.}!..s..&.E].(.J....u..rxY..!A.jr.O....EQ..

Chrome Cache Entry: 229

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9217)
Category:	dropped
Size (bytes):	234260
Entropy (8bit):	5.456621895233652
Encrypted:	false
SSDEEP:
MD5:	C04BB3EDB0F1A33B985B3285055FE1FA
SHA1:	0AE234EBC67E016B8A3B5603885A67160493227C
SHA-256:	668C6828672FA8600B7A0632CB328EE63A31361BE6734987B04985FCD9D08D4F
SHA-512:	8E154181A67EF7706AB11421D2A91270F9620895CA54EDA89E73E60533FB2F72CF7E3323F4F56EB08C177F69E4CFC36117E011B3DD2479B07267C7E1F74C8B5D
Malicious:	false
Reputation:	unknown
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 230

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (26205)
Category:	downloaded
Size (bytes):	203288
Entropy (8bit):	5.359379951594305
Encrypted:	false
SSDEEP:
MD5:	75DE79AB28AF502B3E697F98AE9F5BE7
SHA1:	14E39F4ED470073CCB16E4BBE4D8F246605A5B27
SHA-256:	D21F3DB9D870A92916CCBF2B499B55CF4DFABB4D28F2EEA9D1DEE0D1B4496CA0
SHA-512:	B6EAFDF3662F9E1AA0089DF1581528250A43054081CA0034F0E015B3BAA1A420AD39F0518C912B785B305A8DE1203DD1C9A7888E36970F1305CCAB11C63F34A6
Malicious:	false
Reputation:	unknown
URL:	https://aia-fw.convincely.io/entry/core.js
Preview:	(function(){"use strict";const ts=window;Promise.resolve();var es=typeof globalThis<"u"?globalThis:typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{};function rs(t){return t&&t.__esModule&&Object.prototype.hasOwnProperty.call(t,"default")?t.default:t}new Map(new URLSearchParams(window.location.search));/! ****************************************************************************. Copyright (c) Microsoft Corporation... Permission to use, copy, modify, and/or distribute this software for any. purpose with or without fee is hereby granted... THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH. REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY. AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,. INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM. LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR. OTHER TORTIOUS ACTION, ARISIN

Chrome Cache Entry: 231

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	280
Entropy (8bit):	4.908703985276112
Encrypted:	false
SSDEEP:
MD5:	B12774C369E0BA2E27F9F0C17E64E919
SHA1:	37C7FE22B0D321CA61CD05E9B2BE94890DC8E47B
SHA-256:	AB2EBAE7ED24BCFE72C22E5D3FBCB87145B18524C49059FFD9E1FDAD5E3AD21A
SHA-512:	FF497BFF20BFB105494D3901387CB37A4CE27486E6684C48B4BC9D449B4908B1E85897022B8121BBCD8936A3AE03E2C34B9B8F78277BE54A1BC0212C010093F9
Malicious:	false
Reputation:	unknown
Preview:	<svg width="24" height="24" xmlns="http://www.w3.org/2000/svg">.. <path d="M14.537 3.245 6 12l8.537 8.755a.81.81 0 0 0 1.208-1.077l-.046-.053L8.259 12l7.44-7.625a.81.81 0 0 0 .032-1.095l-.048-.05a.81.81 0 0 0-1.095-.033l-.05.048z" fill="#5B636B" fill-rule="evenodd"/>..</svg>..

Chrome Cache Entry: 234

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12276), with no line terminators
Category:	downloaded
Size (bytes):	12276
Entropy (8bit):	5.246374190951036
Encrypted:	false
SSDEEP:
MD5:	6C81CF36198C3CE1E0701CAB5B290B9D
SHA1:	BD6A109201EDD0637B97EF4931CD61219A8CE805
SHA-256:	48101CFB984D721165B56E4B44C6832C435EAD01F14B8D5A15769B21F320EFBF
SHA-512:	5BF4D4C8CFE15E3045FB8F76B6C845EC6AC7C8015034655DAB8BA8A15E894CBED47D2829E69DB0A43BC334F1265A4564D89C0D573A6AB62EA447249B20DCAE5F
Malicious:	false
Reputation:	unknown
URL:	https://cdn8.lemnisk.co/ssp/static/js/image-only-RP_v1.min.js
Preview:	var cssString="@import url('https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap');";if(cssString+="*{outline:0}a{text-decoration:none}.notification-container{width:auto!important;height:auto!important;box-sizing:border-box!important}.banner-container{position:relative;box-sizing:border-box;width:100%;height:auto}.container-0{margin:6vmin 6vmin 0 0!important}.container-1{margin:6vmin 6vmin 0 0!important}.container-4{margin:6vmin 6vmin 0 0!important}.container-2{margin:0 6vmin 6vmin 0!important}.container-3{margin:0 6vmin 6vmin 0!important}.min,.div-close-icon{width:7vmin!important;font-size:6vmin!important;height:7vmin!important;padding:0!important}.min{line-height:0!important}.div-close-icon{line-height:6vmin!important}.div-close-icon-0{top:2vmin!important;border-radius:7vmin!important;right:2vmin!important}.div-minimize-icon-0{top:2vmin!important;border-radius:7vmin!important}.div-close-icon-

Chrome Cache Entry: 235

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	296
Entropy (8bit):	4.898106606440729
Encrypted:	false
SSDEEP:
MD5:	D2BCDFC73A5F39852D624ABDAE229694
SHA1:	3F9F82DA82CB2615028B7EE5BE526183D3D7BD54
SHA-256:	517FB06052E948C5A298BD5A9AB563F686B850584D239C1CEECCE090653C9EDB
SHA-512:	E65D1B2D630731B8723ABD6529F5C2A1CC0FC8486EA75F25559E237A17590DBC094CE1B8929D15C68AAFE3EF3CF20DB4F1DE1494F8849B67AAB5F0230E0DE8E3
Malicious:	false
Reputation:	unknown
Preview:	<svg width="16" height="16" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg">.. <path d="M6.26 2.164 11.952 8 6.26 13.836a.54.54 0 0 1-.805-.718l.031-.034L10.446 8l-4.96-5.084a.54.54 0 0 1-.021-.73l.032-.033a.54.54 0 0 1 .73-.021l.033.032z" fill="#5B636B" fill-rule="evenodd"/>..</svg>..

Chrome Cache Entry: 236

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	78685
Entropy (8bit):	6.020288496082252
Encrypted:	false
SSDEEP:
MD5:	47BEA70318B724B1A99A1D571FF58807
SHA1:	B66FFE704AD2FE84DA8211D6351727568FD68B78
SHA-256:	11A188A204934185AB5649A1F838FE771C3D84C928BC8286EF999FB5B8DEDA69
SHA-512:	7995460AB00A68E3433EA72F19FCB1BCD8485BF4CAF978FF5C47193F110899AA824AC4A697285E908A5F66C693604A0227E60B3D3D948115C4C3490022B82E3D
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/styles__ltr.css
Preview:	.goog-inline-block{position:relative;display:-moz-inline-box;display:inline-block}* html .goog-inline-block{display:inline}*:first-child+html .goog-inline-block{display:inline}.recaptcha-checkbox{border:none;font-size:1px;height:28px;margin:4px;width:28px;overflow:visible;outline:0;vertical-align:text-bottom}.recaptcha-checkbox-border{-webkit-border-radius:2px;-moz-border-radius:2px;border-radius:2px;background-color:#fff;border:2px solid #c1c1c1;font-size:1px;height:24px;position:absolute;width:24px;z-index:1}.recaptcha-checkbox-borderAnimation{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAANICAYAAABZl8i8AAAAIGNIUk0AAHomAACAhAAA+gAAAIDoAAB1MAAA6mAAADqYAAAXcJy6UTwAAAAGYktHRAD/AP8A/6C9p5MAAHq9SURBVHja7Z15fFTl9f/fd9ZM9n1PgCyEXSSRNYKCgAuiIipuVSuudavV1tq6W/WrtnWrrZbWDZUqUqUoCoIEQhBI2JesELKvM9mTWe7c3x83d5xAlkky8fv92ft5vfKC19znOWfuZ571POc5B1SoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKFChQoVKlSoUKHifwGCRqsTNFrdj6VPq9XqtNofT9+wvutQyEyad8t9IaPPntFUd

Chrome Cache Entry: 237

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1482
Entropy (8bit):	4.883958081641945
Encrypted:	false
SSDEEP:
MD5:	386390C7C46F7120238C11C2175BA73A
SHA1:	5685DE8B62E844A8FCE8766C15EB66C4F1A9B326
SHA-256:	64FA901D2F6F0B4D3570AE7187030AFE2722F0D68EBC87A248AC4BBE3A668929
SHA-512:	B1DEDC060B48A057F5A6E8C6FA209F66957A445523FA454670B22DF70CC7CA3F85E50FA50FE57E213BC9F3F42909F1772C03003623653D39F3E16D773C9F94CA
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/content/dam/au-wise/en/images/icons/General%20User@2x.svg
Preview:	<?xml version="1.0" encoding="UTF-8"?>.<svg width="24px" height="24px" viewBox="0 0 24 24" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">. <title>01 Visual Language/02 Icons/01 System/Login/General User@2x</title>. <g id="01-Visual-Language/02-Icons/01-System/Login/General-User" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <path d="M12,12.875 C16.0689929,12.875 19.625,16.8666913 19.625,21 C19.625,21.345178 19.345178,21.625 19,21.625 L19,21.625 L5,21.625 C4.65482203,21.625 4.375,21.345178 4.375,21 C4.375,16.8666913 7.93100713,12.875 12,12.875 Z M12,14.125 C8.86908592,14.125 6.01316534,17.1064989 5.66133583,20.3366793 L5.66133583,20.3366793 L5.657,20.375 L18.342,20.375 L18.3092677,20.1061572 C17.8612118,17.0391678 15.1851324,14.2574545 12.2130191,14.129588 L12.2130191,14.129588 Z M11.9139073,2.5 C14.5802356,2.5 16.7417219,4.66148621 16.7417219,7.32781457 C16.7417219,9.99414293 14.5802356,12.1556291 11.9139073,

Chrome Cache Entry: 238

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (26244), with no line terminators
Category:	downloaded
Size (bytes):	26244
Entropy (8bit):	5.035878130404809
Encrypted:	false
SSDEEP:
MD5:	1F05C5630A0F690A8C5402C4F0FA3EA7
SHA1:	DBF4A7576172263C90CC86A3E97E71F4B8D8A723
SHA-256:	0EDEF5CD59D6FA2AD931E12286C8A10FCC2DFED5C41C2DEE24DD550A3C276A2A
SHA-512:	AFADC2702844502F0A2EB7E9B87161AA81E0A4B7EDD2E8C0F6B4863026C3F366DF918FD058A65B3C9130932621CB8AF4578D3B0D72AC9D252E1AA3D0BABB3EB9
Malicious:	false
Reputation:	unknown
URL:	https://www.aia.com.au/etc.clientlibs/au-wise/clientlibs/clientlib-site.min.1f05c5630a0f690a8c5402c4f0fa3ea7.css
Preview:	#align-text-center *{text-align:center}#h2-style{color:#333d47;font-size:28px;font-weight:500;letter-spacing:-.5px;line-height:36px}@media(min-width:992px){#h2-style{font-size:40px;line-height:3pc}}#p-style{color:#333d47;font-size:1pc;font-weight:400;letter-spacing:.1px;line-height:24px}@media(min-width:992px){#fw-hero-banner{margin-top:-5pc;position:relative;z-index:-1}}.cmp-leadsgenerationform__item--hide{display:none}.cmp-leadsgenerationform__item--show{display:block}.cmp-leadsgenerationform__tooltip-container{display:-webkit-box;display:-ms-flexbox;display:flex}.cmp-leadsgenerationform__tooltip-container>label.tooltip-label{width:-webkit-fit-content!important;width:-moz-fit-content!important;width:fit-content!important}.cmp-leadsgenerationform__tooltip-text{background-color:#e0e0e0;width:25rem}.cmp-leadsgenerationform__item--fullwidth>input.full-width,.cmp-leadsgenerationform__item--fullwidth>label.full-width{width:100%!important}.cmp-leadsgenerationform__item--fullwidth .cmp-leads

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 140

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 155

Chrome Cache Entry: 157

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 168

Chrome Cache Entry: 169

Chrome Cache Entry: 170

Chrome Cache Entry: 173

Chrome Cache Entry: 175

Chrome Cache Entry: 176

Chrome Cache Entry: 177

Windows Analysis Report
https://www.aia.com.au/en/financial-wellbeing/get-in-touch/initial-chat?id=afgstaff