Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://headshots.studio/automation-anywhere-headshots?signature=eyJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX2lkIjoiNjczZDFjY2FkNjU2NDEwMDAxZmQzOGY0IiwiZW1haWwiOiJkaGFybWVzaC51ZGFuaUBhdXRvbWF0aW9uYW55d2hlcmUuY29tIiwiaXNzIjoiaHR0cHM6Ly9oZWFkc2hvdHMuc25hcGJhci5jb20iLCJpYXQiOjE3MzIwNTgzMTQsInR5cGUiOiJpbnZpdGUifQ

Overview

General Information

Sample URL:https://headshots.studio/automation-anywhere-headshots?signature=eyJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX2lkIjoiNjczZDFjY2FkNjU2NDEwMDAxZmQzOGY0IiwiZW1haWwiOiJkaGFybWVzaC51ZGFuaUBhdXRvbWF0aW9uYW55d2hlcmUuY2
Analysis ID:1559088

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Stores files to the Windows start menu directory

Classification

  • System is w10x64_ra
  • chrome.exe (PID: 3612 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6900 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1764,i,18354893194568221351,12368751495277755633,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6580 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://headshots.studio/automation-anywhere-headshots?signature=eyJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX2lkIjoiNjczZDFjY2FkNjU2NDEwMDAxZmQzOGY0IiwiZW1haWwiOiJkaGFybWVzaC51ZGFuaUBhdXRvbWF0aW9uYW55d2hlcmUuY29tIiwiaXNzIjoiaHR0cHM6Ly9oZWFkc2hvdHMuc25hcGJhci5jb20iLCJpYXQiOjE3MzIwNTgzMTQsInR5cGUiOiJpbnZpdGUifQ.LMV2zjksOeeXgn6GiYek73UbYTnc2-WaVCcbwJV-9J8" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 1MB later: 31MB
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
Source: global trafficDNS traffic detected: DNS query: headshots.studio
Source: global trafficDNS traffic detected: DNS query: fonts.cdnfonts.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: rum.browser-intake-datadoghq.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: classification engineClassification label: clean0.win@17/14@10/143
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1764,i,18354893194568221351,12368751495277755633,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://headshots.studio/automation-anywhere-headshots?signature=eyJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX2lkIjoiNjczZDFjY2FkNjU2NDEwMDAxZmQzOGY0IiwiZW1haWwiOiJkaGFybWVzaC51ZGFuaUBhdXRvbWF0aW9uYW55d2hlcmUuY29tIiwiaXNzIjoiaHR0cHM6Ly9oZWFkc2hvdHMuc25hcGJhci5jb20iLCJpYXQiOjE3MzIwNTgzMTQsInR5cGUiOiJpbnZpdGUifQ.LMV2zjksOeeXgn6GiYek73UbYTnc2-WaVCcbwJV-9J8"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1764,i,18354893194568221351,12368751495277755633,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder
1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection
1
Extra Window Memory Injection
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://headshots.studio/automation-anywhere-headshots?signature=eyJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX2lkIjoiNjczZDFjY2FkNjU2NDEwMDAxZmQzOGY0IiwiZW1haWwiOiJkaGFybWVzaC51ZGFuaUBhdXRvbWF0aW9uYW55d2hlcmUuY29tIiwiaXNzIjoiaHR0cHM6Ly9oZWFkc2hvdHMuc25hcGJhci5jb20iLCJpYXQiOjE3MzIwNTgzMTQsInR5cGUiOiJpbnZpdGUifQ.LMV2zjksOeeXgn6GiYek73UbYTnc2-WaVCcbwJV-9J80%Avira URL Cloudsafe
https://headshots.studio/automation-anywhere-headshots?signature=eyJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX2lkIjoiNjczZDFjY2FkNjU2NDEwMDAxZmQzOGY0IiwiZW1haWwiOiJkaGFybWVzaC51ZGFuaUBhdXRvbWF0aW9uYW55d2hlcmUuY29tIiwiaXNzIjoiaHR0cHM6Ly9oZWFkc2hvdHMuc25hcGJhci5jb20iLCJpYXQiOjE3MzIwNTgzMTQsInR5cGUiOiJpbnZpdGUifQ.LMV2zjksOeeXgn6GiYek73UbYTnc2-WaVCcbwJV-9J80%VirustotalBrowse
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
rum.browser-intake-datadoghq.com0%VirustotalBrowse
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
fonts.cdnfonts.com
104.21.72.124
truefalse
    high
    www.google.com
    142.250.185.68
    truefalse
      high
      headshots.studio
      34.107.221.46
      truefalse
        high
        l4-logs-http-rum-pub-s0-7d264be627ade923.elb.us-east-1.amazonaws.com
        3.233.158.30
        truefalse
          unknown
          rum.browser-intake-datadoghq.com
          unknown
          unknownfalseunknown
          NameMaliciousAntivirus DetectionReputation
          https://headshots.studio/automation-anywhere-headshots?signature=eyJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX2lkIjoiNjczZDFjY2FkNjU2NDEwMDAxZmQzOGY0IiwiZW1haWwiOiJkaGFybWVzaC51ZGFuaUBhdXRvbWF0aW9uYW55d2hlcmUuY29tIiwiaXNzIjoiaHR0cHM6Ly9oZWFkc2hvdHMuc25hcGJhci5jb20iLCJpYXQiOjE3MzIwNTgzMTQsInR5cGUiOiJpbnZpdGUifQ.LMV2zjksOeeXgn6GiYek73UbYTnc2-WaVCcbwJV-9J8false
            unknown
            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs
            IPDomainCountryFlagASNASN NameMalicious
            142.250.185.99
            unknownUnited States
            15169GOOGLEUSfalse
            142.250.185.68
            www.google.comUnited States
            15169GOOGLEUSfalse
            1.1.1.1
            unknownAustralia
            13335CLOUDFLARENETUSfalse
            216.58.206.40
            unknownUnited States
            15169GOOGLEUSfalse
            104.21.72.124
            fonts.cdnfonts.comUnited States
            13335CLOUDFLARENETUSfalse
            172.217.18.14
            unknownUnited States
            15169GOOGLEUSfalse
            216.58.206.67
            unknownUnited States
            15169GOOGLEUSfalse
            142.250.185.232
            unknownUnited States
            15169GOOGLEUSfalse
            239.255.255.250
            unknownReserved
            unknownunknownfalse
            142.250.185.174
            unknownUnited States
            15169GOOGLEUSfalse
            34.107.221.46
            headshots.studioUnited States
            15169GOOGLEUSfalse
            3.233.158.30
            l4-logs-http-rum-pub-s0-7d264be627ade923.elb.us-east-1.amazonaws.comUnited States
            14618AMAZON-AESUSfalse
            66.102.1.84
            unknownUnited States
            15169GOOGLEUSfalse
            IP
            192.168.2.16
            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1559088
            Start date and time:2024-11-20 07:40:40 +01:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:defaultwindowsinteractivecookbook.jbs
            Sample URL:https://headshots.studio/automation-anywhere-headshots?signature=eyJhbGciOiJIUzI1NiJ9.eyJzZXNzaW9uX2lkIjoiNjczZDFjY2FkNjU2NDEwMDAxZmQzOGY0IiwiZW1haWwiOiJkaGFybWVzaC51ZGFuaUBhdXRvbWF0aW9uYW55d2hlcmUuY29tIiwiaXNzIjoiaHR0cHM6Ly9oZWFkc2hvdHMuc25hcGJhci5jb20iLCJpYXQiOjE3MzIwNTgzMTQsInR5cGUiOiJpbnZpdGUifQ.LMV2zjksOeeXgn6GiYek73UbYTnc2-WaVCcbwJV-9J8
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:13
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • EGA enabled
            Analysis Mode:stream
            Analysis stop reason:Timeout
            Detection:CLEAN
            Classification:clean0.win@17/14@10/143
            • Exclude process from analysis (whitelisted): SgrmBroker.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.185.174, 66.102.1.84, 34.104.35.123, 216.58.206.40, 142.250.185.232, 172.217.18.14
            • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, www.googletagmanager.com, clientservices.googleapis.com, clients.l.google.com, www.google-analytics.com
            • Not all processes where analyzed, report is missing behavior information
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 05:41:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2673
            Entropy (8bit):3.981742998317321
            Encrypted:false
            SSDEEP:
            MD5:07FEF0354053F71FF6C5D81C4D354782
            SHA1:03EE03FB80BE58533AD0BC0C3FD0EB3278F59533
            SHA-256:06AA7980BE65FCC61AA5C21B25EAD359F2A66B77A956A786113FE82C4DF43296
            SHA-512:D7E8B39C9E8675B361D8161471664BA72C8CFD74CEEA87F7C2B25896A4DDAB68A4A9385A8A9234CB1435460F9FCDC388DF6C159740AFEFBEFC921AF40F93311C
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,.....*.2.;..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ItY.5....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtY&5....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VtY&5....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VtY&5..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VtY(5...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........UO.2.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 05:41:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2675
            Entropy (8bit):3.9955030574485506
            Encrypted:false
            SSDEEP:
            MD5:DD5761B21220E0269CE41A8C80D078C5
            SHA1:6A1939E92254D6CBEDDF79E673F14E22CE84317B
            SHA-256:AE856B4649A91552C448D36451A058089FF198950AE86D7593D357FF877266F6
            SHA-512:3A604942D26F9DA31739E12213F05B3E2179B5CAFB61178AA8474EECE09468738DA0B56305A54471752A2EBF030DDD948593DA9492736AD2319C0311C9B54723
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,..... .1.;..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ItY.5....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtY&5....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VtY&5....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VtY&5..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VtY(5...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........UO.2.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2689
            Entropy (8bit):4.004504876126531
            Encrypted:false
            SSDEEP:
            MD5:9C91203387CE6EE1A28C9CDA29DAE9A9
            SHA1:3A11D1634FA7167F5A926DDD9F78566A71CC3345
            SHA-256:B0E92748A66D1779C1A86770B2C1064D774EDED1886295396DA0E7FD9936CC12
            SHA-512:72E8FBEF873BF867757481005B6122BDAF92AA7900E4D81408E48C7230C887281CE9BC3740C8C813F7227217501BDBC169CD9D87570BC2D3F52F9CB08FE7FB80
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ItY.5....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtY&5....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VtY&5....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VtY&5..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........UO.2.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 05:41:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.992234952464803
            Encrypted:false
            SSDEEP:
            MD5:9CD782A35D8945589C655FD42C138A45
            SHA1:D74F2999CE0AA32A11AB59807380D324CEB35E04
            SHA-256:70EE364A4D4CF0AE2EE4E6D3D382FBBBE50B9495F2AB56E7C59D27AB9821FAFD
            SHA-512:E9CAD802F716F0855CE2783ACD058A8DA390B1BC2B448AB49144599DC42A167E907A6E3620BDCDD9AD2C27BD6FBB4C34D6A748F0F767FDD3C0EF731D60BFF53E
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,.....j.1.;..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ItY.5....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtY&5....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VtY&5....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VtY&5..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VtY(5...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........UO.2.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 05:41:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.9825178581738565
            Encrypted:false
            SSDEEP:
            MD5:F3A38095E651F4756687FE1CFB9F225A
            SHA1:16D2F6EBF736471AD794CBDBFEC84F247B5B367B
            SHA-256:5A3BD1E4C95440FEBA76BF913F79EDB0ED73C603FD4939A52EB70A9993878C83
            SHA-512:099886389D80879F588EE974A1FBF1ADB118626D647DEBDD841B2FE3050442F4FE570CCDB523CC965D997F7828DC07785903A4AAEFE0223ADC796133625C62C5
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,.....%.2.;..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ItY.5....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtY&5....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VtY&5....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VtY&5..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VtY(5...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........UO.2.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 05:41:14 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):3.993034849507001
            Encrypted:false
            SSDEEP:
            MD5:BC712906AACFA4BB5EF1FEDD51E29D39
            SHA1:64FC0FA6F62574F14EDD67FF14E49162768F834F
            SHA-256:E5782D2C07EBE15A1F7D104236341278B9C1D7BC4B63379689D0952EED8A7717
            SHA-512:8E4F0F3A166C4A3B849274A3FCF6C83BD156AD84EED5C3C74F8C585CC5E73F4088ADD3230A47A773241C01CE9C58BB62D12567172D1BB050017D4CA0FDD6729D
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,....v..1.;..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ItY.5....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VtY&5....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VtY&5....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VtY&5..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VtY(5...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........UO.2.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (53696)
            Category:dropped
            Size (bytes):116413
            Entropy (8bit):5.375536632408626
            Encrypted:false
            SSDEEP:
            MD5:C6F666FDA1FE60AE1E6353F0F95E2464
            SHA1:A689DD6954A18F13334927AB9F26FE80E5CA822F
            SHA-256:3AEFBBCC9B7C866BA65B53483BB7D8FB258BE9479D720A44A4D33329C6B52208
            SHA-512:70327D0C2D57BDC4E9C1B29FB51CD82D6E66E675569D40267366F02A5013A6833ACB1D69338D147FE1F8D6EB1BD602DC1BEF347DE705666BDD00491E3F4FA5E8
            Malicious:false
            Reputation:unknown
            Preview:var fr=Object.defineProperty,hr=Object.defineProperties;var gr=Object.getOwnPropertyDescriptors;var Nt=Object.getOwnPropertySymbols;var Er=Object.prototype.hasOwnProperty,vr=Object.prototype.propertyIsEnumerable;var Lt=(e,t,r)=>t in e?fr(e,t,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[t]=r,H=(e,t)=>{for(var r in t||(t={}))Er.call(t,r)&&Lt(e,r,t[r]);if(Nt)for(var r of Nt(t))vr.call(t,r)&&Lt(e,r,t[r]);return e},ae=(e,t)=>hr(e,gr(t));var br=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports);import{R as n,c as V,r as i,a as yr,u as re,b as S,d as B,e as Sr,f as we,F as Cr,M as wr,S as _r,g as xr,h as Tr,T as Pr,i as Ir,j as Ar,k as kr,l as Nr,m as Lr,n as $t,o as $r,p as Or,q as Rr,A as Ue,s as je,t as Ot,C as Fr,v as Rt,w as Dr,x as Br,y as Mr,z as Ur,B as jr,D as Hr,E as Gr,G as Vr,H as Wr,I as zr,J as Yr,K as Xr,L as at,N as qr,O as Jr,P as Kr,Q as Zr,U as Qr,V as ea,W as ta,X as na}from"./vendor.ca048291.js";var uu=br((ie,ce)=>{const ra=function(){const t=document.creat
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (3835)
            Category:downloaded
            Size (bytes):303600
            Entropy (8bit):5.57747913321395
            Encrypted:false
            SSDEEP:
            MD5:A9EBA6D24F4F668C1184BB64F458793A
            SHA1:B77D0A090D988C61E684C3E8796B1050A5D229C7
            SHA-256:232F45053C484C4A524FB2D512FAFC0CB13EE3C816D1AB83520A299247823799
            SHA-512:053DE8E2E3BBCFAF5C3FD50F0037883584F74F948D9F962312144058A820807A81B71716C8D8397386D33E7D0C58595A26B260405360D3496E4C147203EF83C3
            Malicious:false
            Reputation:unknown
            URL:https://www.googletagmanager.com/gtag/js?id=G-42EK8LJX0X
            Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_ip_mark","priority":10,"vtp_instanceOrder":0,"vtp_paramValue":"internal","vtp_ruleResult":["macro",1],"tag_id":6},{"function":"__ogt_1p_data_v2","priority":10,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vt
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (50845)
            Category:downloaded
            Size (bytes):50846
            Entropy (8bit):5.190949246493802
            Encrypted:false
            SSDEEP:
            MD5:78E079E9FD39FE9E7A7064000FF15B37
            SHA1:1C4EC7AEF367FD961FF8C74F0B86EC201E7F6BD6
            SHA-256:30D6A58DF9A8322D4A0B653C67FF3AA8A0CBE432E65AC4C8636CA370573580BC
            SHA-512:233E650600350FBDD13798910BB8BBC93F38A63E4AF8F0E9ADEC95CBB51799FE5DDBC7153BB6945E8C49A25AA245694760FBD76678BE4EB4401998AE88829A31
            Malicious:false
            Reputation:unknown
            URL:https://headshots.studio/assets/index.0d9fca5e.css
            Preview:*{box-sizing:border-box}:root{--mt-font-size:calc(0.875*clamp(2rem, 1.1rem + 4vw, 2.75rem));--focus-outline: .25rem solid blue;--focus-outline-offset: 3px;--focus-box-shadow: 0 0 0 .25rem hsl(0, 0%, 100%)}html{font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji",Segoe UI Symbol;background-color:#fff;user-select:none;-webkit-user-select:none}html,body{overflow:hidden}body{margin:0}html,body,#root{height:100%}button{appearance:none;background:transparent;border:none;padding:0}button:focus-visible{outline:var(--focus-outline);outline-offset:var(--focus-outline-offset);box-shadow:var(--focus-box-shadow)}.color-primary{color:var(--color-primary)}.overflow-wrap-anywhere{overflow-wrap:anywhere}.Button{border:0;background:transparent;font-size:1rem;font-weight:600;padding:10px;color:var(--color-secondary);text-decoration:none;cursor:pointer;text-align:center;display:flex;align-items:center;justify-content:center;line-heigh
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (24270)
            Category:downloaded
            Size (bytes):926297
            Entropy (8bit):5.4879304499046215
            Encrypted:false
            SSDEEP:
            MD5:9CD7AAD3EF289ADD12BC2CF595CACC61
            SHA1:73B4AE3805515BF7C014CB0BDD8EA936EBB3D212
            SHA-256:C3E8291392F7098C140C888411919EBF4C4E4A7527E077EB537989B99316C99B
            SHA-512:EAADA360076DE2B25295F40AF93141B53148F0A47529C96C320746004D29D2DE47320E8E8D06CEC577EE07B934F67EE3F1F5ECE921011B8AB79E2BA514FED513
            Malicious:false
            Reputation:unknown
            URL:https://headshots.studio/assets/vendor.ca048291.js
            Preview:function yV(e,t){return t.forEach(function(r){r&&typeof r!="string"&&!Array.isArray(r)&&Object.keys(r).forEach(function(i){if(i!=="default"&&!(i in e)){var a=Object.getOwnPropertyDescriptor(r,i);Object.defineProperty(e,i,a.get?a:{enumerable:!0,get:function(){return r[i]}})}})}),Object.freeze(e)}var Dn=typeof globalThis!="undefined"?globalThis:typeof window!="undefined"?window:typeof global!="undefined"?global:typeof self!="undefined"?self:{};function EO(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}function bV(e){if(e.__esModule)return e;var t=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach(function(r){var i=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(t,r,i.get?i:{enumerable:!0,get:function(){return e[r]}})}),t}var k={exports:{}},Lt={};/*.object-assign.(c) Sindre Sorhus.@license MIT.*/var CO=Object.getOwnPropertySymbols,wV=Object.prototype.hasOwnProperty,SV=Object.prototype.propertyIsEnumerable;fu
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:JSON data
            Category:downloaded
            Size (bytes):3135
            Entropy (8bit):5.2238445829335864
            Encrypted:false
            SSDEEP:
            MD5:B96B8135D12043084E5A46CD2C7DF718
            SHA1:A7BFFE097910C8047796922D1A09BE5A57D8DB87
            SHA-256:2694B109E1891A7E85186DE21D32B8EFF00C970799000D48C2E97CA0CDD7AB8D
            SHA-512:CA37EC871EC4D9C7EB403C530A62436A78653674A6C8A3527823C2F268D2827A125E7A77E6A9E7F5D4CBDAED3500A34523CB7A163A5BE5F27AD64E048A09C42C
            Malicious:false
            Reputation:unknown
            URL:https://headshots.studio/api/studio?handle=automation-anywhere-headshots
            Preview:{"studio":{"__typename":"Studio","id":"gid://holar/Studio/67351bc4ceca260001989a48","handle":"automation-anywhere-headshots","account":{"__typename":"Account","id":"gid://holar/Account/670848b9f55f670001e4ffb8"},"name":"Automation Anywhere Studio","status":"OPEN","requireSubmissionReview":true,"galleryEnabled":true,"sharingStatus":"PRIVATE","aiEnhancementEnabled":true,"suggestMobileDevice":true,"disclaimer":{"__typename":"Disclaimer","enabled":false,"content":"<body><p>By clicking <span class=\"bold\">\"I agree\"</span>, I acknowledge that any photos submitted will be viewable by a restricted group of colleagues.</p><p>Any questions? Contact us.</p></body>"},"branding":{"__typename":"Branding","primaryColor":"#16DBAC","secondaryColor":"#000000","tertiaryColor":"#FFFFFF","background":null,"logo":null},"startDate":"2024-11-13T21:35:01Z","endDate":null,"formFields":[{"__typename":"FormField","label":"First name","required":true,"kind":"text","choices":[],"contactAttribute":{"__typename":"
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:JSON data
            Category:dropped
            Size (bytes):376
            Entropy (8bit):4.898861711776528
            Encrypted:false
            SSDEEP:
            MD5:0B5C925350662A4D8644A7CD3164A63D
            SHA1:840718701D9EDD0B800A61251BC8FBC80D689B7D
            SHA-256:8236905AB6D35A4822A83310A2968EB4509778F2927AEC63FE8F241C7E95C3C8
            SHA-512:62FAEBBAF73F383615E0B1D3989DA88838BAA8D8D2990C134B7BC635E85CB3C9FB0F3F5CD201B9AA094C43C4844446685DA6E9409B4BF325629B30E770D28EB6
            Malicious:false
            Reputation:unknown
            Preview:{"session":{"__typename":"NullableStudioSession","id":"gid://holar/StudioSession/673d1ccad656410001fd38f4","email":"dharmesh.udani@automationanywhere.com","closedAt":null,"invitedAt":"2024-11-19T23:18:34Z","contact":{"__typename":"Contact","firstName":null,"lastName":null,"email":"dharmesh.udani@automationanywhere.com","phone":null,"customAttributes":{}},"submission":null}}
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (3835)
            Category:dropped
            Size (bytes):303600
            Entropy (8bit):5.577497644120451
            Encrypted:false
            SSDEEP:
            MD5:8CE5025D440AE2B7B4EF9CAE3B474243
            SHA1:9DD6C7FBC2B9ABA94C235837E74C0EE803699DFE
            SHA-256:8BF6CAB97E58E332F90C4551662C276D4B6570C86F222D8111698EEB3727029E
            SHA-512:A81DDA7743B0247DCDAE8A981BD6EB89EB5CEB087F92DB93B9AD9B126507A0F43B118CBD63D1624958292FBD8B0A95B7FBBE7A8C317A2E08017FAF98C40E663C
            Malicious:false
            Reputation:unknown
            Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_ip_mark","priority":10,"vtp_instanceOrder":0,"vtp_paramValue":"internal","vtp_ruleResult":["macro",1],"tag_id":6},{"function":"__ogt_1p_data_v2","priority":10,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vt
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:downloaded
            Size (bytes):1553
            Entropy (8bit):5.037320267870693
            Encrypted:false
            SSDEEP:
            MD5:2CEEEAE3345DD8E59F4AF9D16460E7F3
            SHA1:EAA8A7FD8BBDA8EE05253DD5A3ED79050897FE61
            SHA-256:39CEB1595D03C6A5A3514F850D92F45D0842D9AA65F74ED8692230C9C5D9C56E
            SHA-512:DB233E7E423962E31CECFC93F2C817B6749199C841FEE6784549DEAC163127F6D26D51773564B0EF63A9F16D876EF4BC1E8F464B02439099D88C92760115757A
            Malicious:false
            Reputation:unknown
            URL:https://fonts.cdnfonts.com/css/mark-pro
            Preview:@font-face {. font-family: 'Mark Pro';. font-style: normal;. font-weight: 400;. src: local('Mark Pro'), url('https://fonts.cdnfonts.com/s/45235/MARKPRO.woff') format('woff');.}.@font-face {. font-family: 'Mark Pro';. font-style: normal;. font-weight: 300;. src: local('Mark Pro'), url('https://fonts.cdnfonts.com/s/45235/MARKPROEXTRALIGHT.woff') format('woff');.}.@font-face {. font-family: 'Mark Pro';. font-style: normal;. font-weight: 350;. src: local('Mark Pro'), url('https://fonts.cdnfonts.com/s/45235/MARKPROLIGHT.woff') format('woff');.}.@font-face {. font-family: 'Mark Pro';. font-style: normal;. font-weight: 450;. src: local('Mark Pro'), url('https://fonts.cdnfonts.com/s/45235/MARKPROBOOK.woff') format('woff');.}.@font-face {. font-family: 'Mark Pro';. font-style: normal;. font-weight: 500;. src: local('Mark Pro'), url('https://fonts.cdnfonts.com/s/45235/MARKPROMEDIUM.woff') format('woff');.}.@font-face {. font-family:
            No static file info