Edit tour

Windows Analysis Report
SERVED SUMMON LETTER 01-30-2025.pdf

Overview

General Information

Sample name:	SERVED SUMMON LETTER 01-30-2025.pdf
Analysis ID:	1602758
MD5:	42aa31c5a1e2ecc84c5de1297f691800
SHA1:	d4b6bc45b26d22fd899279e147e530e271cae227
SHA256:	724ea08f15b106cfc83fe28e610b951952630408abdd7cd3baf0c55dc9898a68

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Yara detected HtmlPhish20

AI detected landing page (webpage, office document or email)

Performs DNS queries to domains with low reputation

HTML body contains low number of good links

HTML title does not match URL

None HTTPS page querying sensitive user data (password, username or email)

PDF has an OpenAction (likely to launch a dropper script)

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

Acrobat.exe (PID: 6280 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\SERVED SUMMON LETTER 01-30-2025.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)

AcroCEF.exe (PID: 6904 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)

AcroCEF.exe (PID: 7096 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2268 --field-trial-handle=1572,i,16893341197003674598,12566078436157743317,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)

chrome.exe (PID: 6832 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://events.trustifi.com/api/o/v1/click/6798ba21480f4b920c4a4d91/fff2ae/32031d/689608/be39bc/511f4b/13c264/f090ce/c4e91a/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/83dc7a/9167d6/d693a7/bcaa02/7615c4/9589ad/f11e51/ac5d11/398bbc/f68414/4e8e79/33def8/9fb6f1/c5459a/8c2607/894f65/98603e/7c5744/fc6254/657f1f/395878/653f1b/fadf5a/87bfec/06fdb5/6522c3/927e5e/b18c1a/eadbbf/3b0bc1/c37f7c/c40876/2e2fc4/5b465c/fb0ea9/cb2e2a/e99a67/6d1392/da46d9/43aaf8/e483c4/0303d7/06fe70/88a658/c6686c/aa731e/587f2f/abc801/56d268/105313/029d8a/d1ec73/7b06e6/e4ebbc/7df314/4bda33/f4dc4b/2122ba/850d92/d9cb7a/0c1f0e/a4a215/41ba34/a9b4f0/b2cb4f/d873a3/780df4/e54988/debcca/4b76d3/5fe1fb/7ffc39/f498c2/1f2641/196d51/591987 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7288 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1884,i,15308417436208486687,7369484124322678024,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
2.3.pages.csv	JoeSecurity_HtmlPhish_20	Yara detected HtmlPhish_20	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

• Phishing
• Compliance
• Networking
• System Summary
• Data Obfuscation
• Boot Survival
• Hooking and other Techniques for Hiding and Protection
• Malware Analysis System Evasion

Click to jump to signature section

Show All Signature Results

Phishing

AI detected phishing page

Source: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html

Joe Sandbox AI: Score: 10 Reasons: HTML file with login form DOM: 2.3.pages.csv

Yara detected HtmlPhish20

Source: Yara match

File source: 2.3.pages.csv, type: HTML

AI detected landing page (webpage, office document or email)

Source: PDF document

Joe Sandbox AI: PDF document contains prominent button: 'view your served notice letter here'

Source: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html

HTTP Parser: Number of links: 0

Source: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html

HTTP Parser: Title: office 365 does not match URL

Source: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html

HTTP Parser: Has password / email / username input fields

Source: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html

HTTP Parser: <input type="password" .../> found

Source: https://www.sugarsync.com/pf/D4981104_043_6546057047

HTTP Parser: No favicon

Source: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html

HTTP Parser: No <meta name="author".. found

Source: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html

HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49924 version: TLS 1.2

Networking

Performs DNS queries to domains with low reputation

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: api.staticforms.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: api.staticforms.xyz

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 172.67.72.31
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 104.77.220.172
Source: unknown	TCP traffic detected without corresponding DNS query: 104.77.220.172
Source: unknown	TCP traffic detected without corresponding DNS query: 104.77.220.172

Source: global traffic

HTTP traffic detected: GET / HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Microsoft-CryptoAPI/10.0Host: x1.i.lencr.org

Source: global traffic	DNS traffic detected: DNS query: www.sugarsync.com
Source: global traffic	DNS traffic detected: DNS query: x1.i.lencr.org
Source: global traffic	DNS traffic detected: DNS query: dev.visualwebsiteoptimizer.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: script.crazyegg.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: a.quora.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: i.ibb.co
Source: global traffic	DNS traffic detected: DNS query: secure.quantserve.com
Source: global traffic	DNS traffic detected: DNS query: rules.quantcount.com
Source: global traffic	DNS traffic detected: DNS query: pixel.quantserve.com
Source: global traffic	DNS traffic detected: DNS query: api.staticforms.xyz
Source: global traffic	DNS traffic detected: DNS query: 8fb8895e6829.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: events.api.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: csp.secureserver.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49924 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.troj.winPDF@38/156@77/515

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-01-30 01-37-21-738.log

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA

Source: unknown	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\SERVED SUMMON LETTER 01-30-2025.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2268 --field-trial-handle=1572,i,16893341197003674598,12566078436157743317,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknown	Process created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exe	Process created: C:\Windows\System32\msiexec.exe C:\Windows\System32\MsiExec.exe -Embedding 9DE9CEE3F4D1C31ACDAEFCD50F54DA82
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://events.trustifi.com/api/o/v1/click/6798ba21480f4b920c4a4d91/fff2ae/32031d/689608/be39bc/511f4b/13c264/f090ce/c4e91a/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/83dc7a/9167d6/d693a7/bcaa02/7615c4/9589ad/f11e51/ac5d11/398bbc/f68414/4e8e79/33def8/9fb6f1/c5459a/8c2607/894f65/98603e/7c5744/fc6254/657f1f/395878/653f1b/fadf5a/87bfec/06fdb5/6522c3/927e5e/b18c1a/eadbbf/3b0bc1/c37f7c/c40876/2e2fc4/5b465c/fb0ea9/cb2e2a/e99a67/6d1392/da46d9/43aaf8/e483c4/0303d7/06fe70/88a658/c6686c/aa731e/587f2f/abc801/56d268/105313/029d8a/d1ec73/7b06e6/e4ebbc/7df314/4bda33/f4dc4b/2122ba/850d92/d9cb7a/0c1f0e/a4a215/41ba34/a9b4f0/b2cb4f/d873a3/780df4/e54988/debcca/4b76d3/5fe1fb/7ffc39/f498c2/1f2641/196d51/591987
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1884,i,15308417436208486687,7369484124322678024,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2268 --field-trial-handle=1572,i,16893341197003674598,12566078436157743317,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://events.trustifi.com/api/o/v1/click/6798ba21480f4b920c4a4d91/fff2ae/32031d/689608/be39bc/511f4b/13c264/f090ce/c4e91a/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/83dc7a/9167d6/d693a7/bcaa02/7615c4/9589ad/f11e51/ac5d11/398bbc/f68414/4e8e79/33def8/9fb6f1/c5459a/8c2607/894f65/98603e/7c5744/fc6254/657f1f/395878/653f1b/fadf5a/87bfec/06fdb5/6522c3/927e5e/b18c1a/eadbbf/3b0bc1/c37f7c/c40876/2e2fc4/5b465c/fb0ea9/cb2e2a/e99a67/6d1392/da46d9/43aaf8/e483c4/0303d7/06fe70/88a658/c6686c/aa731e/587f2f/abc801/56d268/105313/029d8a/d1ec73/7b06e6/e4ebbc/7df314/4bda33/f4dc4b/2122ba/850d92/d9cb7a/0c1f0e/a4a215/41ba34/a9b4f0/b2cb4f/d873a3/780df4/e54988/debcca/4b76d3/5fe1fb/7ffc39/f498c2/1f2641/196d51/591987
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1884,i,15308417436208486687,7369484124322678024,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: SERVED SUMMON LETTER 01-30-2025.pdf	Initial sample: PDF keyword /JS count = 0
Source: SERVED SUMMON LETTER 01-30-2025.pdf	Initial sample: PDF keyword /JavaScript count = 0

Source: SERVED SUMMON LETTER 01-30-2025.pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Source: SERVED SUMMON LETTER 01-30-2025.pdf

Initial sample: PDF keyword /OpenAction

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe

Process information queried: ProcessInformation

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	3 Masquerading	OS Credential Dumping	1 Process Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	1 System Information Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
star-mini.c10r.facebook.com	157.240.0.35	true	false	high
stackpath.bootstrapcdn.com	104.18.10.207	true	false	high
e8843.dsca.akamaiedge.net	104.102.33.222	true	false	high
e40258.g.akamaiedge.net	23.38.98.78	true	false	high
e8652.dscx.akamaiedge.net	2.23.197.184	true	false	high
d2fashanjl7d9f.cloudfront.net	18.66.102.66	true	false	high
global.px.quantserve.com	91.228.74.166	true	false	high
dev.visualwebsiteoptimizer.com	34.107.218.251	true	false	high
a.quora.com.cdn.cloudflare.net	162.159.152.17	true	false	high
ax-0001.ax-msedge.net	150.171.27.10	true	false	high
8fb8895e6829.godaddysites.com	13.248.243.5	true	false	unknown
isteam.wsimg.com	3.64.75.199	true	false	high
stats.g.doubleclick.net	74.125.71.156	true	false	high
i.ibb.co	91.134.10.182	true	false	high
script.crazyegg.com.cdn.cloudflare.net	104.19.147.8	true	false	unknown
scontent.xx.fbcdn.net	157.240.251.9	true	false	high
analytics-alv.google.com	216.239.32.181	true	false	high
googleads.g.doubleclick.net	142.250.185.98	true	false	high
www.sugarsync.com.cdn.cloudflare.net	104.18.33.207	true	false	unknown
www.google.com	172.217.16.132	true	false	high
td.doubleclick.net	142.250.186.34	true	false	high
e64861.dsca.akamaiedge.net	2.18.64.8	true	false	high
api.staticforms.xyz	104.21.16.1	true	true	unknown
img1.wsimg.com	unknown	unknown	false	high
www.facebook.com	unknown	unknown	false	high
a.quora.com	unknown	unknown	false	high
events.api.secureserver.net	unknown	unknown	false	high
x1.i.lencr.org	unknown	unknown	false	high
secure.quantserve.com	unknown	unknown	false	high
pixel.quantserve.com	unknown	unknown	false	high
connect.facebook.net	unknown	unknown	false	high
rules.quantcount.com	unknown	unknown	false	high
script.crazyegg.com	unknown	unknown	false	high
csp.secureserver.net	unknown	unknown	false	high
analytics.google.com	unknown	unknown	false	high
www.sugarsync.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.sugarsync.com/pf/D4981104_043_6546057047	false		unknown
file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html	true	Avira URL Cloud: safe	unknown
https://8fb8895e6829.godaddysites.com/	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.68	unknown	United States	15169	GOOGLEUS	false
142.250.185.99	unknown	United States	15169	GOOGLEUS	false
104.102.33.222	e8843.dsca.akamaiedge.net	United States	16625	AKAMAI-ASUS	false
91.228.74.166	global.px.quantserve.com	United Kingdom	27281	QUANTCASTUS	false
216.58.212.142	unknown	United States	15169	GOOGLEUS	false
91.228.74.244	unknown	United Kingdom	27281	QUANTCASTUS	false
91.228.74.200	unknown	United Kingdom	27281	QUANTCASTUS	false
184.28.88.176	unknown	United States	16625	AKAMAI-ASUS	false
50.16.47.176	unknown	United States	14618	AMAZON-AESUS	false
142.251.168.84	unknown	United States	15169	GOOGLEUS	false
91.134.9.159	unknown	France	16276	OVHFR	false
34.107.218.251	dev.visualwebsiteoptimizer.com	United States	15169	GOOGLEUS	false
172.67.72.31	unknown	United States	13335	CLOUDFLARENETUS	false
199.232.210.172	unknown	United States	54113	FASTLYUS	false
3.64.75.199	isteam.wsimg.com	United States	16509	AMAZON-02US	false
142.250.184.195	unknown	United States	15169	GOOGLEUS	false
142.250.186.34	td.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.185.67	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
2.18.64.8	e64861.dsca.akamaiedge.net	European Union	6057	AdministracionNacionaldeTelecomunicacionesUY	false
13.248.243.5	8fb8895e6829.godaddysites.com	United States	16509	AMAZON-02US	false
216.239.32.181	analytics-alv.google.com	United States	15169	GOOGLEUS	false
91.134.10.182	i.ibb.co	France	16276	OVHFR	false
23.38.98.115	unknown	United States	16625	AKAMAI-ASUS	false
157.240.0.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
216.58.206.42	unknown	United States	15169	GOOGLEUS	false
142.250.185.232	unknown	United States	15169	GOOGLEUS	false
2.23.197.184	e8652.dscx.akamaiedge.net	European Union	1273	CWVodafoneGroupPLCEU	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.18.33.207	www.sugarsync.com.cdn.cloudflare.net	United States	13335	CLOUDFLARENETUS	false
91.228.74.159	unknown	United Kingdom	27281	QUANTCASTUS	false
142.250.185.72	unknown	United States	15169	GOOGLEUS	false
142.250.184.234	unknown	United States	15169	GOOGLEUS	false
142.250.185.78	unknown	United States	15169	GOOGLEUS	false
64.233.167.156	unknown	United States	15169	GOOGLEUS	false
104.18.10.207	stackpath.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
172.217.18.14	unknown	United States	15169	GOOGLEUS	false
142.250.186.174	unknown	United States	15169	GOOGLEUS	false
74.125.71.156	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
157.240.0.6	unknown	United States	32934	FACEBOOKUS	false
142.250.185.162	unknown	United States	15169	GOOGLEUS	false
142.250.186.132	unknown	United States	15169	GOOGLEUS	false
23.38.98.78	e40258.g.akamaiedge.net	United States	16625	AKAMAI-ASUS	false
162.159.152.17	a.quora.com.cdn.cloudflare.net	United States	13335	CLOUDFLARENETUS	false
172.64.41.3	unknown	United States	13335	CLOUDFLARENETUS	false
18.66.102.66	d2fashanjl7d9f.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
172.217.16.202	unknown	United States	15169	GOOGLEUS	false
104.21.16.1	api.staticforms.xyz	United States	13335	CLOUDFLARENETUS	true
104.19.147.8	script.crazyegg.com.cdn.cloudflare.net	United States	13335	CLOUDFLARENETUS	false
157.240.251.9	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
150.171.27.10	ax-0001.ax-msedge.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.170	unknown	United States	15169	GOOGLEUS	false
104.77.220.172	unknown	United States	16625	AKAMAI-ASUS	false
172.217.16.132	www.google.com	United States	15169	GOOGLEUS	false
142.250.185.98	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1602758
Start date and time:	2025-01-30 07:36:50 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	18
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Sample name:	SERVED SUMMON LETTER 01-30-2025.pdf
Detection:	MAL
Classification:	mal64.phis.troj.winPDF@38/156@77/515
Cookbook Comments:	Found application associated with file extension: .pdf

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 184.28.88.176, 50.16.47.176, 34.237.241.83, 18.213.11.84, 54.224.241.105, 172.64.41.3, 162.159.61.3
Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, ssl-delivery.adobe.com.edgekey.net, ctldl.windowsupdate.com, p13n.adobe.io, geo2.adobe.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: script.crazyegg.com.cdn.cloudflare.net

LLM Input / Output

Input	Output
URL: email Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": [ "No headers provided to analyze", "Cannot make security assessment without header information", "Default to low risk score due to lack of evidence" ] }
Date: unknown
URL: PDF document Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "A default judgment will be rendered against you if a notice of intention to defend or counterclaim is not duly lodged with the court registrar.", "prominent_button_name": "View Your Served Notice Letter Here", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "unknown" }

URL: PDF document Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://www.sugarsync.com/pf/D4981104_043_65460570... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The script sets a cookie with the name 'returnUser' and a long expiration time, which could be used for tracking user behavior. However, it does not appear to be sending any data to external domains or performing any other high-risk actions, so it is assessed as a medium risk." }
!function(){var d="returnUser",e="/",a=new Date,c=a.getTime(),b=31536E6;var f=c;a.setTime(c+b);b=a.toUTCString();/(^\|;)\s*returnUser=/.test(document.cookie)\|\|(document.cookie=d+"\x3d"+f+"; expires\x3d"+b+"; domain\x3d.sugarsync.com; path\x3d"+e)}();
URL: https://www.sugarsync.com/pf/D4981104_043_65460570... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a typical analytics/tracking script. It loads an external script from a known domain (quantserve.com) and pushes data to the analytics platform. While the use of the legacy `XDomainRequest` API is a minor concern, the overall behavior is consistent with legitimate analytics functionality and does not demonstrate any high-risk indicators." }
var ezt=ezt\|\|[];(function(){var a=document.createElement("script");a.src=("https:"==document.location.protocol?"https://secure":"http://pixel")+".quantserve.com/aquant.js?a\x3dp-0dpsUgIU6xoGw";a.async=!0;a.type="text/javascript";var b=document.getElementsByTagName("script")[0];b.parentNode.insertBefore(a,b)})();ezt.push({qacct:"p-0dpsUgIU6xoGw",orderid:"",revenue:""});
URL: https://www.sugarsync.com/resources/js/iris/google... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "This script is loading web fonts from the Google Fonts API, which is a common and legitimate practice. It does not exhibit any high-risk behaviors like dynamic code execution, data exfiltration, or obfuscation. The script is simply loading external resources asynchronously, which is a standard web development technique. Overall, this script poses a low risk and is likely part of a legitimate web application." }
WebFontConfig = { google: { families: [ 'Lato:400,700:latin', 'Montserrat:400,700:latin', 'Roboto+Slab:400,700:latin' ] } }; (function() { var wf = document.createElement('script'); wf.src = 'https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js'; wf.type = 'text/javascript'; wf.async = 'true'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(wf, s); })();
URL: https://www.sugarsync.com/resources/js/i18n/messag... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided JavaScript snippet appears to be a louserzation file containing various string variables for different user interface elements. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code. The script is likely used for displaying louserzed text in a web application and does not pose a significant security risk." }
//louserzed images links var louserzed_images_links = "/images"; var msg_contacts_firstName = "First Name"; var msg_contacts_lastName = "Last Name"; var msg_contacts_emailAddress = "Email Address"; var msg_contacts_phone = "Phone Number"; var msg_contacts_unblock = "Unblock"; var msg_contacts_edit = "Edit"; var msg_contacts_removeEmail = "Are you sure you want to remove #email from the share list?"; var msg_contacts_listNameisTaken = "Sorry that list name is already taken."; var msg_contacts_listNameHavaOneChar = "Sorry, the list name must have at least one character."; var msg_contacts_pickContactToEdit = "Please pick a contact to edit."; var msg_contacts_pickContactToUnblock = "Please pick a contact to unblock."; var msg_contacts_pickContactToDelete = "Please pick a contact to delete."; var msg_contacts_editContact = "Edit Contact"; var msg_contacts_editContacts = "Edit Contacts"; var msg_contacts_updating = "Updating..."; var msg_contacts_loading = "Loading..."; var msg_contacts_addingGroup = "Adding Group..."; var msg_contacts_addingContact = "Adding contact..."; var msg_contacts_confirmDeleteGroup = "Are you sure to delete this group? Contacts in this group will not be deleted. This action cannot be undone."; var msg_contacts_deleteThisContact = "Delete this contact?"; var msg_contacts_deleteContacts = "Delete #length contacts?"; var msg_contacts_unblock1Contact = "Unblock 1 contact?"; var msg_contacts_unblockContacts = "Unblock #length contacts?"; var msg_contacts_special_folder = "Contacts"; //Added for MyGroupAccount var msg_groupaccount_removeMember = "Are you sure you want to remove this user?"; var msg_groupaccount_reactivateMember = "Are you sure you want to reactivate this account (#email)? We will email the user that the account is reactivated."; var msg_groupaccount_loginAsMember = "We will log you in to #email account. Do you want to proceed?"; //Added for ScHome.js var msg_home_question1 = "How do I delete a computer from SugarSync?"; var msg_home_question2 = "What are the Top Feature Requests for SugarSync?"; var msg_home_newsTitle = "Popular Tutorials"; var msg_home_seeMore = "See More"; var msg_home_albumAdded = 'Album added:<br>'; //added for scImageview.js //var msg_imageview_captionId = "captionText"; var msg_imageview_myEmptyCaption = "Click to add a caption"; var msg_imageview_savingCaptionMessage = "Saving..."; var msg_imageview_captionUpdateFailed = "Sorry, the update failed."; var msg_imageview_postingCommentMessage = "Posting comment..."; var msg_imageview_commentLimitMessage = "Your comment should be 3000 characters or less."; var msg_imageview_captionLimitMessage = "Your caption should be 3000 characters or less."; var msg_imageview_couldntFindPhoto = "We couldn't find the photo you were looking for."; var msg_imageview_thumbnailTooltip = "View Photo"; var msg_imageview_save = "Save"; var msg_imageview_cancel= "Cancel"; // added for ScSendFile.js var msg_sendFile_selectFilesToCopy = "Please select some files to copy."; var msg_sendFile_copyToWebArchive= "Copying to Web Archive/Received Files ..."; var msg_sendFile_exceedQuota= 'Copying these files to your account will exceed your storage limit. <a href="/account/upgrade">Upgrade</a> now to copy.'; var msg_sendFile_copyingtoMagicBirefcase = "Copying to Magic Briefcase/Received Files ..."; var msg_sendFile_copyingtoMySugarSync = "Copying to My SugarSync/Received Files ..."; // added for ScFolderProperties.js var msg_folderProperties_confirmUnshare = 'Are you sure you want to unshare this folder?'; var msg_folderProperties_leaveShare = 'Are you sure you want to leave this shared folder?'; var msg_folderProperties_removeMember = 'Are you sure you want to remove this member?'; var msg_folderProperties_resendInvite = "Your invitation to this folder has been resent."; var msg_folderProperties_resendInvitation = 'We\'ll resend the invitation email to join this folder to #email'; var msg_folderProperties_resendto = 'Resend to #name'; var msg_folderPro
URL: https://www.sugarsync.com/pf/D4981104_043_65460570... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The script appears to be a legitimate file download functionality with some standard practices, such as using a CSRF token and generating a random query parameter. While it sends some user data to the server, it does not exhibit any high-risk behaviors like dynamic code execution or data exfiltration. The script is primarily focused on providing a file download feature, which is a common and expected functionality. Overall, the script poses a low risk, with some minor concerns around the use of legacy APIs and lack of transparency around the data being sent to the server." }
function getFile(uri, newWindow) { var someData = $j('#someValuesId').val(); modUri = uri + "?_=" + Math.random() + "&token=" + $j("#CSRFToken").val() + "&customData=" + someData; if (newWindow) { window.open(modUri); } else { location.replace(modUri); } publicLinkPage.newCSRFToken({ callback: function (obj) { if (obj.error) { console.log("Error on callGetPageId(): " + obj.error); } else { if (obj.data) { var json = JSON.parse(obj.data); $j("#CSRFToken").val(json.token); } } } }); } $j(document).ready(function () { var url = window.location.href; $j('.pf-container-landing').show(); $j('.gsLoadingContainer').css("visibility", 'visible'); $j("#retry_error").text(""); $j('.pf-container-error').hide(); $j('.pf-container-error-no-public').hide(); $j(".pf-container-image").hide() //$j('.pf-container-retry').hide(); var data = $j('#someValuesId').val(); publicLinkPage.landingPagePublicLink(url, data, { callback: function (obj) { if (obj.error) { var json = JSON.parse(obj.data); $j('.gsLoadingContainer').hide(); $j('.pf-container-landing').hide(); if (json.error_msg != undefined && json.error_msg.length > 0) { $j('.pf-container-error').show(); console.log("Error on callGetPageId(): " + json.error_msg); } if (json.error_no_public != undefined && json.error_no_public.length > 0) { $j('.pf-container-error-no-public').show(); console.log("Error on callGetPageId(): " + json.error_no_public); } } else { if (obj.data) { var json = JSON.parse(obj.data); if (json.someValues != undefined && json.someValues.length > 0) { $j('#someValuesId').val(json.someValues); } $j("#CSRFToken").val(json.token); var someData = $j('#someValuesId').val(); $j('.gsLoadingContainer').hide(); $j('.pf-container-second').show(); $j("#download-action").click(function (event) { getFile(json.directDownloadPublicFileUrlLink, false); return false; }); $j("#download-action-1").click(function (event) { getFile(json.directDownloadPublicFileUrlLink, false); return false; }); $j(".displayFileName").text(json.publicFileName); $j(".pf-down-file-size").text("(" + json.publicFileSize + ")"); if (json.iFrameSource != undefined && json.iFrameSource.length > 0) { $j('.pf-container-iframe').show(); $j("#iFrameSource").val(json.iFrameSource); } if (json.officeFile != undefined && json.officeFile.length > 0) { $j('.pf-container-ioffice').show(); $j("#officeFile").attr('src', json.officeFile);
URL: https://www.sugarsync.com/public/js/min/gettext.js... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a part of a gettext library implementation, which is a common internationalization and louserzation tool. While the code contains some behaviors that could be considered risky, such as dynamic code execution and data transmission, the overall context suggests this is likely a legitimate implementation rather than a malicious script. The code does not exhibit clear signs of malicious intent, and the behaviors are consistent with the expected functionality of a gettext library. Therefore, the risk score is assessed as low, with a score of 3." }
Gettext=function(t){this.domain="messages",this.locale_data=void 0;var e=["domain","locale_data"];if(this.isValidObject(t))for(var a in t)for(var r=0;r<e.length;r++)a==e[r]&&this.isValidObject(t[a])&&(this[a]=t[a]);return this.try_load_lang(),this},Gettext.context_glue="",Gettext._locale_data={},Gettext.prototype.try_load_lang=function(){if(void 0!==this.locale_data){var t=this.locale_data;if(this.locale_data=void 0,this.parse_locale_data(t),void 0===Gettext._locale_data[this.domain])throw new Error("Error: Gettext 'locale_data' does not contain the domain '"+this.domain+"'")}var e=this.get_lang_refs();if("object"==typeof e&&0<e.length)for(var a=0;a<e.length;a++){var r=e[a];if("application/json"==r.type){if(!this.try_load_lang_json(r.href))throw new Error("Error: Gettext 'try_load_lang_json' failed. Unable to exec xmlhttprequest for link ["+r.href+"]")}else{if("application/x-po"!=r.type)throw new Error("TODO: link type ["+r.type+"] found, and support is planned, but not implemented at this time.");if(!this.try_load_lang_po(r.href))throw new Error("Error: Gettext 'try_load_lang_po' failed. Unable to exec xmlhttprequest for link ["+r.href+"]")}}},Gettext.prototype.parse_locale_data=function(t){for(var e in void 0===Gettext._locale_data&&(Gettext._locale_data={}),t)if(t.hasOwnProperty(e)&&this.isValidObject(t[e])){var a=!1;for(var r in t[e]){a=!0;break}if(a){var o=t[e];for(var i in""==e&&(e="messages"),this.isValidObject(Gettext._locale_data[e])\|\|(Gettext._locale_data[e]={}),this.isValidObject(Gettext._locale_data[e].head)\|\|(Gettext._locale_data[e].head={}),this.isValidObject(Gettext._locale_data[e].msgs)\|\|(Gettext._locale_data[e].msgs={}),o)if(""==i){var s=o[i];for(var n in s){var l=n.toLowerCase();Gettext._locale_data[e].head[l]=s[n]}}else Gettext._locale_data[e].msgs[i]=o[i]}}for(var e in Gettext._locale_data)if(this.isValidObject(Gettext._locale_data[e].head["plural-forms"])&&void 0===Gettext._locale_data[e].head.plural_func){var p=Gettext._locale_data[e].head["plural-forms"];if(!new RegExp("^(\\snplurals\\s=\\s[0-9]+\\s;\\splural\\s=\\s(?:\\s\|[-\\?\\\|&=!<>+/%:;a-zA-Z0-9_()])+)","m").test(p))throw new Error("Syntax error in language file. Plural-Forms header is invalid ["+p+"]");var d=Gettext._locale_data[e].head["plural-forms"];/;\s$/.test(d)\|\|(d=d.concat(";"));var u="var plural; var nplurals; "+d+' return { "nplural" : nplurals, "plural" : (plural === true ? 1 : plural ? plural : 0) };';Gettext._locale_data[e].head.plural_func=new Function("n",u)}else void 0===Gettext._locale_data[e].head.plural_func&&(Gettext._locale_data[e].head.plural_func=function(t){return{nplural:2,plural:1!=t?1:0}})},Gettext.prototype.try_load_lang_po=function(t){var e=this.sjax(t);if(e){var a=this.uri_basename(t),r=this.parse_po(e),o={};return r&&(r[""]\|\|(r[""]={}),r[""].domain\|\|(r[""].domain=a),o[a=r[""].domain]=r,this.parse_locale_data(o)),1}},Gettext.prototype.uri_basename=function(t){var e,a;return(e=t.match(/^(.\/)?(.)/))?(a=e[2].match(/^(.)\..+$/))?a[1]:e[2]:""},Gettext.prototype.parse_po=function(t){for(var e={},a={},r="",o=[],i=t.split("\n"),s=0;s<i.length;s++){if(i[s]=i[s].replace(/(\n\|\r)+$/,""),/^$/.test(i[s])){if(void 0!==a.msgid){var n=void 0!==a.msgctxt&&a.msgctxt.length?a.msgctxt+Gettext.context_glue+a.msgid:a.msgid,l=void 0!==a.msgid_plural&&a.msgid_plural.length?a.msgid_plural:null,p=[];for(var d in a){(u=d.match(/^msgstr_(\d+)/))&&(p[parseInt(u[1])]=a[d])}p.unshift(l),1<p.length&&(e[n]=p),a={},r=""}}else{if(/^#/.test(i[s]))continue;(u=i[s].match(/^msgctxt\s+(.)/))?a[r="msgctxt"]=this.parse_po_dequote(u[1]):(u=i[s].match(/^msgid\s+(.)/))?a[r="msgid"]=this.parse_po_dequote(u[1]):(u=i[s].match(/^msgid_plural\s+(.)/))?a[r="msgid_plural"]=this.parse_po_dequote(u[1]):(u=i[s].match(/^msgstr\s+(.)/))?a[r="msgstr_0"]=this.parse_po_dequote(u[1]):(u=i[s].match(/^msgstr\[0\]\s+(.)/))?a[r="msgstr_0"]=this.parse_po_dequote(u[1]):(u=i[s].match(/^msgstr\[(\d+)\]\s+(.)/))?a[r="msgstr_"+u[1]]=this.parse_po_dequote(u[2]):/^"/.test(i[s]
URL: https://www.sugarsync.com/public/js/min/vwo.js... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "This script exhibits several moderate-risk behaviors, including external data transmission, fallback domains, and aggressive DOM manipulation. While it appears to be related to website optimization, the use of obfuscated URLs and the potential for data exfiltration raise some concerns. Further review may be necessary to determine the legitimacy of the script's purpose and the trustworthiness of the domains it interacts with." }
var _vwo_code=function(){var t=!1,n=document;return{use_existing_jquery:function(){return!1},library_tolerance:function(){return 2500},finish:function(){if(!t){t=!0;var e=n.getElementById("_vis_opt_path_hides");e&&e.parentNode.removeChild(e)}},finished:function(){return t},load:function(e){var t=n.createElement("script");t.src=e,t.type="text/javascript",t.innerText,t.onerror=function(){_vwo_code.finish()},n.getElementsByTagName("head")[0].appendChild(t)},init:function(){settings_timer=setTimeout("_vwo_code.finish()",2e3);var e=n.createElement("style"),t="body{opacity:0 !important;filter:alpha(opacity=0) !important;background:none !important;}",i=n.getElementsByTagName("head")[0];return e.setAttribute("id","_vis_opt_path_hides"),e.setAttribute("type","text/css"),e.styleSheet?e.styleSheet.cssText=t:e.appendChild(n.createTextNode(t)),i.appendChild(e),this.load("//dev.visualwebsiteoptimizer.com/j.php?a=268746&u="+encodeURIComponent(n.URL)+"&r="+Math.random()),settings_timer}}}();_vwo_settings_timer=_vwo_code.init();
URL: https://www.sugarsync.com/pf/D4981104_043_65460570... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a Quora Pixel integration, which is a common analytics and tracking tool used by websites. While it includes some behaviors that could be considered moderate-risk, such as external data transmission, the overall context suggests a legitimate use case for analytics and tracking purposes. The script does not exhibit any high-risk indicators like dynamic code execution or data exfiltration. With the adjustments for the trusted Quora domain and the analytics/telemetry purpose, the final risk score is assessed as low." }
!function(d,e,f,a,b,c){d.qp\|\|(a=d.qp=function(){a.qp?a.qp.apply(a,arguments):a.queue.push(arguments)},a.queue=[],b=document.createElement(e),b.async=!0,b.src=f,c=document.getElementsByTagName(e)[0],c.parentNode.insertBefore(b,c))}(window,"script","https://a.quora.com/qevents.js");qp("init","8169462505f24446829ee4787201fed7");qp("track","ViewContent");
URL: https://www.sugarsync.com/resources/js/cookieBanne... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript code appears to be primarily focused on managing cookie consent and displaying a cookie banner. It does not contain any high-risk indicators like dynamic code execution, data exfiltration, or obfuscated code. The code uses standard DOM manipulation and cookie handling functions, which are common practices. While it includes some external data transmission to load the cookie banner, this is done in a transparent manner and is likely for a legitimate purpose. Overall, the code demonstrates low-risk behaviors with some moderate-risk indicators, but the context suggests it is likely a benign script used for cookie consent management." }
function isLogin() { return document.getElementById('account-info') !== null; } function getDomain() { var arr = window.location.hostname.match(/([a-z0-9-]?)\.[a-z]{2,}$/); if (arr !== null && arr.length > 0) { return "." + arr[0]; } return ".sugarsync.com"; } function getCookie(name) { var re = new RegExp(name + "=([^;]+)"); var value = re.exec(document.cookie); return (value != null && value.length == 2) ? unescape(value[1]) : null; } //displays the cookie banner function showCookieBanner(){ //if jQuery is available, use it if(typeof($j) !== 'undefined' && typeof($j('#agreementBar').slideToggle) === "function"){ $j('#agreementBar').slideToggle(); } else if(typeof($) !== 'undefined' && typeof($('#agreementBar').slideToggle) === "function"){ $('#agreementBar').slideToggle(); } else { document.getElementById("agreementBar").style.display = 'block'; } } //verify if exists the cookie for cookie acceptance function checkForCookie() { var cookieAgree = getCookie('cookieAgree'); var expValue = isLogin() ? 2 : 1; if(cookieAgree == null \|\| cookieAgree < expValue){ var cookieBanner = document.getElementById("agreementBar"); if(typeof(cookieBanner) !== 'undefined'){ showCookieBanner(); } else if(confirm(msg_cookie_agreement_confirm)){ //in case the cookie banner could not be loaded, show a JS confirm and create the cookies on OK createCookieAgree(); } } } //hides the cookie banner function hideCookieBanner(){ document.getElementById("agreementBar").style.display = 'none'; } //create the cookie to remember cookie acceptance function createCookieAgree(){ var expValue = isLogin() ? 2 : 1; var expiry = new Date(); expiry.setTime(expiry.getTime()+(3600 1000 * 24 * 365 * 10)); //10 years document.cookie = "cookieAgree=" + expValue + ";domain=" + getDomain() + ";expires=" + expiry.toGMTString() + ";path=/"; } //handles the Accept button function acceptCookies(){ createCookieAgree(); hideCookieBanner(); } if (typeof($j) !== 'undefined' && typeof($j.ready) === "function") { $j(document).ready(function () { checkForCookie() }); } else if (typeof($) !== 'undefined' && typeof($.ready) === "function") { $(document).ready(function () { checkForCookie() }); } else { //cookie acceptance window.setTimeout(function(){ checkForCookie(); },1000); } resizeFooterIframe = function () { var iframe = document.getElementById('footer_include'); if (iframe && (iframe.contentDocument \|\| iframe.contentWindow)){ var innerDoc = iframe.contentDocument \|\| iframe.contentWindow.document; iframe.style.height = innerDoc.body.clientHeight + 'px'; } } window.onresize = function (event) { resizeFooterIframe(); };
URL: https://www.sugarsync.com/public/js/min/sugarsync-... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The provided JavaScript snippet appears to be a utility library for form validation and tooltip handling. While it does not contain any obvious high-risk indicators, it exhibits some moderate-risk behaviors that warrant further review. The script uses external data transmission to send user data to third-party domains, and it also performs aggressive DOM manipulation by repeatedly altering the page content. Additionally, the use of legacy APIs like `XDomainRequest` is a minor concern. However, the script's overall purpose seems to be legitimate, and it does not demonstrate any clear malicious intent. Therefore, a medium-risk score of 4 is assigned, indicating the need for further investigation and potential improvements to the implementation." }
!function(){"use strict";window.SS=window.SS\|\|{};var l=function(e,o){return e};try{var t=new Gettext({domain:"sstranslate"});l=function(e,o){return o?e:t.gettext(e)}}catch(e){}SS._=l,SS.initTooltips=function(){SS.emptyFieldRegex="^(?=.\\S).+$",SS.firstLastNameRegex="(^((\\w\|\\W){0,50})((\\s)((\\w\|\\W){1,50}){0,1}){0,1}$)",SS.passValidatorsRegex=[{regex:{pattern:"(.+){8,}",flag:"g",containPattern:!0},message:l("Password must be at least 8 characters long.")},{regex:{pattern:"[a-zA-Z]",flag:"g",containPattern:!0},message:l("Please include at least one letter.")},{regex:{pattern:"[0-9]",flag:"g",containPattern:!0},message:l("Please include at least one number.")},{regex:{pattern:"(.)\\1{2,}",flag:"g",containPattern:!1},message:l("Please do not repeat characters more than twice.")}],SS.emailInvalidCharsRegex="^[@\\-_+.&0-9a-zA-Z]+$",SS.emailValidationRegex="^([0-9a-zA-Z]+[-_+.&0-9a-zA-Z])?[-_+0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$",SS.fieldTest=function(e,o,t,n){return!!new RegExp(o,"i").test(e.val())\|\|(null!=n&&n(e,t),!1)},SS.validateNameAndEmail=function(e,o,t,n,i){var a=[];if(null!==e){e.val(e.val().trim());var r=SS.fieldTest(e,SS.emptyFieldRegex,l("Name is required.",i),t);r=r&&SS.fieldTest(e,SS.firstLastNameRegex,l("Name is required.",i),t),a.push(r)}return n\|\|o.val(o.val().trim()),a.push(SS.fieldTest(o,SS.emptyFieldRegex,l("Email is required.",i),t)),!0===a[a.length-1]&&(a.push(SS.fieldTest(o,SS.emailInvalidCharsRegex,l("Email must not contain special characters.",i),t)),!0===a[a.length-1]&&a.push(SS.fieldTest(o,SS.emailValidationRegex,l("Please enter a valid Email.",i),t))),!(-1<a.indexOf(!1))},SS.leftTooltipPositionL={my:"right, top",at:"left-12 top+5",collision:"none"},SS.leftTooltipPositionS={my:"right, top",at:"left-12 top-4",collision:"none"},SS.bottomTooltipPosition={my:"left, top",at:"left+8 bottom+10",collision:"none"},SS.pwdCorrectFormat=!1,SS.popUpErrorText=[],SS.currPwdToolTip={},SS.currCustomToolTip={},SS.variableTooltip=function(){return 1180<=$(window).width()?{position:SS.leftTooltipPositionL,tooltipClass:"left"}:{position:SS.bottomTooltipPosition,tooltipClass:"bottom"}},SS.bottomTooltip=function(){return{position:SS.bottomTooltipPosition,tooltipClass:"bottomShort"}},SS.addErrorToPwdPopup=function(e){SS.pwdCorrectFormat=!1,SS.popUpErrorText.push("<li>"+e+"</li>")},SS.setSuccessInPwdPopup=function(){SS.pwdCorrectFormat=!0,SS.popUpErrorText.push('<li class="green">  '+l("Password requirements met.")+"</li>")},SS.showPwdToolTip=function(e,o){e.attr("title",""),SS.currPwdToolTip["#"+e[0].id].tooltip("option","content","<ul>"+o.join("")+"</ul>"),SS.currPwdToolTip["#"+e[0].id].tooltip("open")},SS.hidePwdPopupError=function(e){SS.currPwdToolTip["#"+e[0].id].tooltip("option","content",""),SS.currPwdToolTip["#"+e[0].id].tooltip("close"),e.removeAttr("title")},SS.showCustomToolTip=function(e,o){e.attr("title",""),SS.currCustomToolTip["#"+e[0].id].tooltip("option","content","<ul><li>"+o+"</li></ul>"),SS.currCustomToolTip["#"+e[0].id].tooltip("open")},SS.showCustomToolTipNoDot=function(e,o){e.attr("title",""),SS.currCustomToolTip["#"+e[0].id].tooltip("option","content",'<ul class="empty"><li class="empty">'+o+"</li></ul>"),SS.currCustomToolTip["#"+e[0].id].tooltip("open")},SS.hideCustomPopupError=function(e){SS.currCustomToolTip["#"+e[0].id].tooltip("option","content",""),SS.currCustomToolTip["#"+e[0].id].tooltip("close"),e.removeAttr("title")},SS.pwdTestResults=function(e){return 0<SS.popUpErrorText.length?(SS.showPwdToolTip(e,SS.popUpErrorText),!1):(!1===SS.pwdCorrectFormat&&(SS.setSuccessInPwdPopup(),SS.showPwdToolTip(e,SS.popUpErrorText),setTimeout(function(){SS.hidePwdPopupError(e)},3e3)),!0)},SS.testPassword=function(e,o){SS.popUpErrorText=[],o&&o(e);for(var t=0;t<SS.passValidatorsRegex.length;t++){new RegExp(SS.passValidatorsRegex[t].regex.pattern,SS.passValidatorsRegex[t].regex.flag).test(e.val())!==SS.passValidatorsRegex[t].regex.containPattern&&SS.addErrorToPwdPopup(SS.passValidatorsRegex[t].mess
URL: https://www.sugarsync.com Model: Joe Sandbox AI	```json{ "brand": "SugarSync", "brand_classification": "known", "legit_url": "https://www.sugarsync.com", "similarity": 10, "spoofed": 0, "reasoning": "The URL 'https://www.sugarsync.com' is the legitimate domain for the SugarSync service, a known brand providing cloud storage solutions. There are no character substitutions, visual similarities to other brands, or structural changes that suggest typosquatting. The domain is correctly spelled and uses the appropriate '.com' extension, which is typical for commercial entities. There is no indication of user confusion or deceptive intent in this URL."}
URL: https://www.sugarsync.com
URL: https://www.sugarsync.com/pf/D4981104_043_6546057047 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Notice Summon File.Doc (1) (1).html (45 KB)", "prominent_button_name": "Download", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "file hosting" }

URL: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Sign in using your existing email credentials to open this secure file", "prominent_button_name": "Sign in", "text_input_field_labels": [ "Email Address", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "file hosting" }

URL: https://www.sugarsync.com/pf/D4981104_043_6546057047 Model: Joe Sandbox AI	{ "brands": [ "SugarSync" ] }
	{ "brands": [ "SugarSync" ] }
URL: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Sign in using your existing email credentials to open this secure file", "prominent_button_name": "Sign in", "text_input_field_labels": [ "Email Address", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "file hosting" }

URL: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: file:///C:/Users/user/Downloads/Notice%20Summon%20File.Doc%20(1)%20(1).html Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://8fb8895e6829.godaddysites.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Authentication failed, please verify your email and password", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "unknown" }

URL: https://8fb8895e6829.godaddysites.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Authentication failed, please verify your email and password", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false, "page_classification": "unknown" }

URL: https://8fb8895e6829.godaddysites.com Model: Joe Sandbox AI	```json{ "brand": "GoDaddy", "brand_classification": "known", "legit_url": "https://www.godaddy.com", "similarity": 3, "spoofed": 2, "reasoning": "The URL uses 'godaddysites.com', which is a legitimate subdomain service provided by GoDaddy for users to create their own websites. The subdomain '8fb8895e6829' appears to be a randomly generated identifier, which is common for user-generated content platforms. There are no visual character substitutions or structural changes that suggest typosquatting. The use of 'godaddysites.com' is consistent with GoDaddy's legitimate services, and the URL does not closely resemble the main GoDaddy website URL. Therefore, the likelihood of this being a typosquatting attempt is low."}
URL: https://8fb8895e6829.godaddysites.com
URL: https://8fb8895e6829.godaddysites.com/ Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://8fb8895e6829.godaddysites.com/ Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://godaddysites.com Model: Joe Sandbox AI	```json{ "brand": "GoDaddy", "brand_classification": "wellknown", "legit_url": "https://www.godaddy.com", "similarity": 5, "spoofed": 3, "reasoning": "The URL 'godaddysites.com' includes the brand name 'GoDaddy', which is a well-known domain registrar and web hosting company. The legitimate URL for GoDaddy is 'https://www.godaddy.com'. The analyzed URL uses the brand name as part of its domain, which could suggest an association with GoDaddy. However, the use of 'sites' as a suffix could indicate a legitimate service or product offering related to website creation or hosting, which is within the scope of GoDaddy's business. The similarity score is moderate due to the inclusion of the brand name, but the likelihood of typosquatting is low because the domain could be a legitimate service provided by or associated with GoDaddy, rather than an attempt to deceive users."}
URL: https://godaddysites.com

Created / dropped Files

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	290
Entropy (8bit):	5.147854546435844
Encrypted:	false
SSDEEP:
MD5:	181EDED2CED4CF86E52E3045F21D12CA
SHA1:	B7690D5641ACE65303059E7619EF2CC6C45B5887
SHA-256:	345C0E67332DD5F7B56EFA0DF9596E740F0B7B666F9F6A3C092830D644AD50AB
SHA-512:	E158002A493AE7D012C08400BFEDD95E77761BF91C1FE6292440F829B4166E4F331C19874A8EFF876912E5E0018267DA4BCA61A902E23DC3CE08DF388C19B1BC
Malicious:	false
Reputation:	unknown
Preview:	2025/01/30-01:37:20.288 1a6c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2025/01/30-01:37:20.290 1a6c Recovering log #3.2025/01/30-01:37:20.290 1a6c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	334
Entropy (8bit):	5.109824829337254
Encrypted:	false
SSDEEP:
MD5:	D48DBDE1E167A5BB9E32E2926EC285A6
SHA1:	B4E5639A69D3E3B34CABF8E7C26BA4CB6CC3978C
SHA-256:	281BDC4B361692A77478AB4A47C20EEEC677202F6C63E8B721185A7AC382E6F1
SHA-512:	188A547212EEE459FDCF2ABFE3CB7AF666D71CEA273B79081A27C2F28C0A690330C7287903A9839A7933CFDF15F2B68C31935E4B2B392D1ED81F773E5C40B3FE
Malicious:	false
Reputation:	unknown
Preview:	2025/01/30-01:37:20.204 1be8 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2025/01/30-01:37:20.208 1be8 Recovering log #3.2025/01/30-01:37:20.208 1be8 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\83f0a96a-1e2b-4b8d-b33c-b698c873c087.tmp

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	JSON data
Category:	modified
Size (bytes):	403
Entropy (8bit):	4.953858338552356
Encrypted:	false
SSDEEP:
MD5:	4C313FE514B5F4E7E89329630909F8DC
SHA1:	916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56
SHA-256:	1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873
SHA-512:	1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205
Malicious:	false
Reputation:	unknown
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341145152835463","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":144284},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\9505ae17-638d-43f1-a17c-06a7bf67ad4e.tmp

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	403
Entropy (8bit):	4.98907081643162
Encrypted:	false
SSDEEP:
MD5:	8315E72A7B8BD75458CC60BC98DC633C
SHA1:	E69166CFBCE8DF93113E675CA97E4687C106C44D
SHA-256:	2F009B7D98A15C02AD7AF1A132BE8603DB9F948F31F52EA453F68156F1DE70EF
SHA-512:	0FFB324E9EA496CDD27A033F087D57FA03F63AEC6D284C1E01DEBA9ACC2783EBEE9202CC4B578924999DDB8E035530FE522E0E36837803E4A5CDD0919EC1F4D6
Malicious:	false
Reputation:	unknown
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13382779052186627","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":133776},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	4C313FE514B5F4E7E89329630909F8DC
SHA1:	916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56
SHA-256:	1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873
SHA-512:	1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205
Malicious:	false
Reputation:	unknown
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341145152835463","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":144284},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF4fa7c8.TMP (copy)

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	4C313FE514B5F4E7E89329630909F8DC
SHA1:	916EED77EC8C9DC90C64FF1E5CC9D04D4674EE56
SHA-256:	1EE7C151EF264F91FCDCCB6644F62DC33E27A4E829DAAB748DA1DE4426400873
SHA-512:	1726CAFCBA0121691DFA87A7298E6610BC4C7FD900867FD1B1710811E764918585E56788E08B7CA2CEE001F5DFD110E1BE6F6BBD7C2A7B7E2FC87D3DED210205
Malicious:	false
Reputation:	unknown
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13341145152835463","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":144284},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.16","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	4099
Entropy (8bit):	5.230259673957858
Encrypted:	false
SSDEEP:
MD5:	0AC126646AFD48D0B6E13145E39215EC
SHA1:	FF349C1C4F4F12A0CACE8A69ED98D5E612BEBC73
SHA-256:	74AC690B3DAC14229C0CA7CCF491799B3107E5880574C7B4FA427CE26A0DCE3E
SHA-512:	1568500767ABCB3A9E84B95EDA7E2A2E6F0AB7B05364E25671DFB8A84341B9B3D9A21CF0CB8D28B919F51654BB945CFCB7358050C069CA2B51645BBA43316520
Malicious:	false
Reputation:	unknown
Preview:	*...#................version.1..namespace-e...o................next-map-id.1.Pnamespace-1d95df23_a38f_44a8_b732_4e62dd896a16-https://rna-resource.acrobat.com/.0y.S_r................next-map-id.2.Snamespace-2a884c18_b39c_4e3d_942f_252e530ca4bd-https://rna-v2-resource.acrobat.com/.16.X:r................next-map-id.3.Snamespace-2e78bfda_7188_4688_a4aa_1ff81b6e5eaa-https://rna-v2-resource.acrobat.com/.2.P.@o................next-map-id.4.Pnamespace-09c119c2_97bc_4467_8f67_f92472c9e5dc-https://rna-resource.acrobat.com/.346.+^...............Pnamespace-1d95df23_a38f_44a8_b732_4e62dd896a16-https://rna-resource.acrobat.com/....^...............Pnamespace-09c119c2_97bc_4467_8f67_f92472c9e5dc-https://rna-resource.acrobat.com/..?&a...............Snamespace-2a884c18_b39c_4e3d_942f_252e530ca4bd-https://rna-v2-resource.acrobat.com/_...a...............Snamespace-2e78bfda_7188_4688_a4aa_1ff81b6e5eaa-https://rna-v2-resource.acrobat.com/...o................next-map-id.5.Pnamespace-07af9ee9_2076_4f12_94b5_

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	322
Entropy (8bit):	5.134501369895943
Encrypted:	false
SSDEEP:
MD5:	809442279EF6B1AA7AEF99D3CD4B6816
SHA1:	47B1B7AC20865938F3EFB696DA1F56A3B0EC9D5E
SHA-256:	7EA7B41F035309AA7E5AFE511C2F93A1E3B4725B9148E91C99EEF9FDAE04AC42
SHA-512:	BC6FF9E5150ADD2AB579456A9273E970478C7CD4606A9CB9CB3A5ABCB3FE4982FBF4A9A28702AE9F69BFD27648091403291D2F497A6B46F084439F98AF77AE44
Malicious:	false
Reputation:	unknown
Preview:	2025/01/30-01:37:20.323 1be8 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2025/01/30-01:37:20.324 1be8 Recovering log #3.2025/01/30-01:37:20.327 1be8 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-250130063723Z-170.bmp

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
Category:	dropped
Size (bytes):	65110
Entropy (8bit):	1.407968006336211
Encrypted:	false
SSDEEP:
MD5:	C2E5737A689B59510412D3788B3432BE
SHA1:	255AF68817A113F41391402DE40E8EC834C5FC0C
SHA-256:	A95998C59B958A757CD39BD328BD74162A2894047CF6DCCBCB4C747DEBFBA85E
SHA-512:	E4B9484DC64FCE52A421A55AEB39C1BDADEE09FE9A594550851C20C9A3210EBF0DAB18ADE5BF0CEABDF7DFD7860F7683B214C49E559B676B96DF621AC6CAB47C
Malicious:	false
Reputation:	unknown
Preview:	BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	SQLite 3.x database, last written using SQLite version 3040000, file counter 2, database pages 14, cookie 0x5, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	57344
Entropy (8bit):	3.291927920232006
Encrypted:	false
SSDEEP:
MD5:	A4D5FECEFE05F21D6F81ACF4D9A788CF
SHA1:	1A9AC236C80F2A2809F7DE374072E2FCCA5A775C
SHA-256:	83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2
SHA-512:	FF106C6B9E1EA4B1F3E3AB01FAEA21BA24A885E63DDF0C36EB0A8C3C89A9430FE676039C076C50D7C46DC4E809F6A7E35A4BFED64D9033FEBD6121AC547AA5E9
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	SQLite Rollback Journal
Category:	dropped
Size (bytes):	16928
Entropy (8bit):	1.213952966883216
Encrypted:	false
SSDEEP:
MD5:	89546E024CB40E7B4E5C30B41B38A39E
SHA1:	AFBEAB70B416F76543ABB5EEC4E155973A98479D
SHA-256:	B208564D807D49CF2A21E09BFADD0D931267FAC6E7EAAB98823C1CE1DF7836C8
SHA-512:	A1DA37C794937FBBF234037432A97D70576E8E6377EAD1BF815481F4D6B08E1BFA0C3694B79B27A7E9FAAE8769347AF942F4C30BC0A34840246C2B143C203A7D
Malicious:	false
Reputation:	unknown
Preview:	.... .c.....B..x........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	Certificate, Version=3
Category:	dropped
Size (bytes):	1391
Entropy (8bit):	7.705940075877404
Encrypted:	false
SSDEEP:
MD5:	0CD2F9E0DA1773E9ED864DA5E370E74E
SHA1:	CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA-256:	96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
SHA-512:	3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
Malicious:	false
Reputation:	unknown
Preview:	0..k0..S............@.YDc.c...0....H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0....H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.\|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I......A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.\|C.t..t.....0.[q6....00\H..;..}`...).........A.......\|.;F.H..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..\|o..;.....'...}~.."......

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
Category:	dropped
Size (bytes):	71954
Entropy (8bit):	7.996617769952133
Encrypted:	true
SSDEEP:
MD5:	49AEBF8CBD62D92AC215B2923FB1B9F5
SHA1:	1723BE06719828DDA65AD804298D0431F6AFF976
SHA-256:	B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
SHA-512:	BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
Malicious:	false
Reputation:	unknown
Preview:	MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..\|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........\|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.\|.c.&>?..^t. ..;..X.d.E.0G....[Q.,......#.Dp..L.o\|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	192
Entropy (8bit):	2.7386214950254373
Encrypted:	false
SSDEEP:
MD5:	CF37D5F1DCE3B23532B18C50910E9711
SHA1:	5C50DFE478111FB0C27C403EA25E922433F4B28E
SHA-256:	1A150CECBE1632EFF234C1A8989FCEA6CA6089306163E3E68EF45F4E41CF5529
SHA-512:	42E333ACD320DE036461DA67DA53B4C0180F109D5F66814628B1AB0E2BBDBDDD42B05D39FDE77E3CEB039D7CEB359ECC94B82ADE8B15333FB28E5B3062AB6492
Malicious:	false
Reputation:	unknown
Preview:	p...... .........8.p.r..(....................................................... ..........W.....N..............o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	data
Category:	modified
Size (bytes):	328
Entropy (8bit):	3.2342081569012398
Encrypted:	false
SSDEEP:
MD5:	73024BED374DD609F6C1BE22DD1D069E
SHA1:	5486AF6921852F824C8667D3CEADD2CDB65057F9
SHA-256:	4F2A5003FEE9E2D2D7750ABDD078A0C1C1124671C841B043F6C70184F2BAD14B
SHA-512:	9B9F950EEFFEBC02A8D27F67ECBAEA8B3F0A22C0F46353CCE2B13C36324F159A041F1E77C6D60FF6FC0140C30B9FB09A1A1EB9175F66BF8532ABD625BE9A8A63
Malicious:	false
Reputation:	unknown
Preview:	p...... ........wj...r..(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt23.lst (copy)

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	PostScript document text
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	8BA9D8BEBA42C23A5DB405994B54903F
SHA1:	FC1B1646EC8A7015F492AA17ADF9712B54858361
SHA-256:	862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
SHA-512:	26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A
Malicious:	false
Reputation:	unknown
Preview:	%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.1276

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	PostScript document text
Category:	dropped
Size (bytes):	1233
Entropy (8bit):	5.233980037532449
Encrypted:	false
SSDEEP:
MD5:	8BA9D8BEBA42C23A5DB405994B54903F
SHA1:	FC1B1646EC8A7015F492AA17ADF9712B54858361
SHA-256:	862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
SHA-512:	26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A
Malicious:	false
Reputation:	unknown
Preview:	%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	PostScript document text
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	8BA9D8BEBA42C23A5DB405994B54903F
SHA1:	FC1B1646EC8A7015F492AA17ADF9712B54858361
SHA-256:	862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
SHA-512:	26AD41BB89AF6198515674F21B4F0F561DC9BDC91D5300C154065C57D49CCA61B4BA60E5F93FD17869BDA1123617F26CDA0EF39935A9C2805F930A3DB1956D5A
Malicious:	false
Reputation:	unknown
Preview:	%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt23.lst (copy)

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	PostScript document text
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	B60EE534029885BD6DECA42D1263BDC0
SHA1:	4E801BA6CA503BDAE7E54B7DB65BE641F7C23375
SHA-256:	B5F094EFF25215E6C35C46253BA4BB375BC29D055A3E90E08F66A6FDA1C35856
SHA-512:	52221F919AEA648B57E567947806F71922B604F90AC6C8805E5889AECB131343D905D94703EA2B4CEC9B0C1813DDA6EAE2677403F58D3B340099461BBCD355AE
Malicious:	false
Reputation:	unknown
Preview:	%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt23.lst.1276

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	PostScript document text
Category:	dropped
Size (bytes):	10880
Entropy (8bit):	5.214360287289079
Encrypted:	false
SSDEEP:
MD5:	B60EE534029885BD6DECA42D1263BDC0
SHA1:	4E801BA6CA503BDAE7E54B7DB65BE641F7C23375
SHA-256:	B5F094EFF25215E6C35C46253BA4BB375BC29D055A3E90E08F66A6FDA1C35856
SHA-512:	52221F919AEA648B57E567947806F71922B604F90AC6C8805E5889AECB131343D905D94703EA2B4CEC9B0C1813DDA6EAE2677403F58D3B340099461BBCD355AE
Malicious:	false
Reputation:	unknown
Preview:	%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-H.Registry:Adobe.Ordering:Identity.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-H.FileLength:8228.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:Identity-V.Registry:Adobe.Ordering:Identity.UseCMap:Identity-H.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\Identity-V.FileLength:2761.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UCS2-GBK-EUC.Registry:Adobe.Ordering:UCS2_GBK_EUC.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UCS2-GBK-EUC.FileLength:243835.FileModTime:1612212568.%EndFont..%BeginFont.Handler:DirectoryHandler.FontType:CMap.CMapName:UniKS-UTF16-H.Registry:Adobe.Ordering:Korea1.OutlineFileName:C:\Program Files\Adobe\Acrobat DC\Resource\CMap\UniKS-UTF16-H.FileLength:131902.FileModTime:1612212568.%EndFont..%BeginFont.Handler:D

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	295
Entropy (8bit):	5.376817434770942
Encrypted:	false
SSDEEP:
MD5:	4CB59DF9CB1F52638A6E1BF825A71758
SHA1:	5E0C080DC3611D3BBC1B03EEE621E6A42C1DE687
SHA-256:	0AAFEDC201BFA693DABA615F0CEF95306F6E916EFF0A4685BE23F48D1C0BA2EB
SHA-512:	0D91765E76D35BF20CF58F02D3A18E15412C029FE97AA9F2299982C5F32E95AA6DC5CF415EDBC9D1C9CE98CFCBF879ACE6A7871CDCADFB991556B5DB936AE5A5
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	294
Entropy (8bit):	5.32397624505428
Encrypted:	false
SSDEEP:
MD5:	3D450B7DAE674896E42AB644B56BF720
SHA1:	FC6E087F2493821350E9A625D248D050C983F24A
SHA-256:	788D12ED791403132D8F5314C26E00ABA827143ACC7D16A345DEDE9066B0CC89
SHA-512:	92622343C14AB30E0773D3607DCDD7B8FF45A943B578C61CC1090E6D7D2D3DA77E086DA8E5474AF561E95FF0DA218A23D8E4D7E418EBC5AC0EAB49347CF0DAAC
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	294
Entropy (8bit):	5.302387918319141
Encrypted:	false
SSDEEP:
MD5:	B8A2E4F2DEEA8A4673F53617D8671EE1
SHA1:	7F09767CE92414FB4FBF300EBFA02E822EAD3FEA
SHA-256:	75BE542BD36A2CEBAF11B564BA9E57778337F70E7A72D704696B80F51947E31A
SHA-512:	8C4387FBAF6411F3EEA4CD621C797764B0EF4455D1E80E80AB3DAF9BDF917EBFCA9A1E3843B4455F0C293D577D49396FE4A68E0EE79C9CF5D54666CA37D6BB7E
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	285
Entropy (8bit):	5.365669695387507
Encrypted:	false
SSDEEP:
MD5:	D62EBCB6FAEDA1841DC546EAF0C71C22
SHA1:	0476DD062D97E982233CBE63E18476DEDFD7DAAD
SHA-256:	5199AC00810FC7924E811256B440CF2962662B26C8769BF9381A776E29FB5114
SHA-512:	B21673C66818A3FE1FB2FCDC9B5AF3A12D15E7211E69DE7235859C6EE1598B521CB17935945E52D4109846262109C2E5B8D306CD447333B3632E8523432BC73C
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1123
Entropy (8bit):	5.686005356528191
Encrypted:	false
SSDEEP:
MD5:	AEED2F6D6D02A98BB9AFB63BB1B7D485
SHA1:	27179B6AC003F3B5528A2AA2704F49C276C6A046
SHA-256:	7E5D6FFA8F88B19B38BFE59D67DABF11B03BA263281D9E8080F32F356BF5D6E7
SHA-512:	164492B0A018D625551AD7634ED1EEA6BC2CB9BF6911EAFD8970AF1B31118C39F2A3EA2E6255BD176E3BF7B8A779E6B024DD19234B96377F58CF8F87EDA1CA40
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_1","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"d5bba1ae-6009-4d23-8886-fd4a474b8ac9","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IkNvbnZlcnRQREZSZHJSSFBBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkV4cG9ydCBQREZzIHRvIE1pY3Jvc29mdCBXb3JkIGFuZCBFeGNlbC4ifSwidGNh

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	289
Entropy (8bit):	5.310713269780558
Encrypted:	false
SSDEEP:
MD5:	151DEA56339235DD7F0364A702DC5277
SHA1:	A4CAEC4BE7BE75159EAC368F4876CB0A921AC3A4
SHA-256:	786F8B832F867D22C7666C9107E2B3ADAB8BD9956F93758E30D26A1AD9E5EACE
SHA-512:	0C56EE152E72E025EE8BA83DFA975EF2DB06FB72BCE99657CD0388B1126AEA01F35CB849DE5E37D160C090C9771786789190ACFB9535AE516CE14FBB6150F124
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	292
Entropy (8bit):	5.312671829973091
Encrypted:	false
SSDEEP:
MD5:	BB1AC31E244FDA3B24FDB6E524816CEF
SHA1:	DAB8F9D630E4A4AE50CC8ACF9C79D41228EBFD15
SHA-256:	FB7C8263EC3C47C1742ABF3189303A638262DC3CCA7393549E4C2266356D6FF4
SHA-512:	E3E45CEC26B2545BDEEEB85A5E432CC45F2A6289A6A61856FF41F25E9F4EA18611319F61BF2105EDCB912EFDA1DDCDD212B63EFB107CA22C96D4042DDD6F8E12
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	289
Entropy (8bit):	5.31963490202939
Encrypted:	false
SSDEEP:
MD5:	3806F87206D34E25CC5B88C8DB05D952
SHA1:	7CAA8451CFA85E0828FA00BBC45126726D9F53AA
SHA-256:	DA36BFEC931739E6A71BE768C48D321DB54593AE3B1991E24F88F4DC009F0B26
SHA-512:	ADC7D331D45B6705B5C9D75E50EA1130E388F093734D02F118D22C58C75EADC6FCA1746A83EB49E7DC3FA4E83A5F6BDEFB64AE44FB295F893DF71FC746BDC9A0
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	295
Entropy (8bit):	5.336475727353362
Encrypted:	false
SSDEEP:
MD5:	8B21351D4D153C8EF9E97023B1374960
SHA1:	DFB5C6E0379232C0576FC0082785A729C60D7220
SHA-256:	A0C4B4BAF7A7E62F8559D10ED05D49558BD967890EBACB80609DC3783FE2CCA6
SHA-512:	8032F27D9A89731C326ADA0FEFFBFA32010C313E449CF6B070C1577705CD9A2D86F5C72E1E1F2A1006BFF95EBCB1828AAAF0A5C58E2DD7B1D3245A55B2836C3B
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	289
Entropy (8bit):	5.317180920698532
Encrypted:	false
SSDEEP:
MD5:	966A20B3DB9B47D31E92916444731F63
SHA1:	6EA9DA34207846E0562425F6ACC6A35EB95C6896
SHA-256:	A7FB25B13D0951D1C64A9D0D6E5A4A5091951736D86A760F6BE7CD524865BEF2
SHA-512:	B37A276F375549D5E723FFB22E7F3365B6A6262801284D2A7E8B7242657E3ACE41858AABB1941B249FF74A7AE66897316943E619BE350226F80CD4282390235E
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	284
Entropy (8bit):	5.304115128140079
Encrypted:	false
SSDEEP:
MD5:	0EEB42E307E354639511DC9D2A109F3A
SHA1:	07BDB15099C1C8B64B1938BADDC32683005E8EE2
SHA-256:	203022AC5F07A55AA38CEC23FC227251D216EF1F0F7B6DC377CD41BFF536DAB2
SHA-512:	62C3450ED76A911B7E840A1BFCBD4FE44890E4E551918FC03634C8D42F214F786FFAFD80515A6DF6C7FC10A291855B4DD91FAD879651C3243045905C4146E4A6
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	291
Entropy (8bit):	5.3006099364431964
Encrypted:	false
SSDEEP:
MD5:	09F332A9EC3A0EDC1E86A4AD721CD703
SHA1:	29515E266B8697590C8B5C681D4C671C7AFDA7CD
SHA-256:	ED2502692452478708AEB3399D96BDC67EA0B9BDC14CC687F2D24A1D30D9F50D
SHA-512:	F8220AFCDBB21D06D70D8FFFF2A880228125C10BDA24060A2FD39534A97F11E7A3EABD1A6FEF48440A6155920E5C1C821FC40BD266D32A1E9534459A70214E2B
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	287
Entropy (8bit):	5.3039146857452515
Encrypted:	false
SSDEEP:
MD5:	EFDD3C82AB58C1E693C1366247C37441
SHA1:	9A8AFEDD50EC134BE5F8EB2ADFB1C4E7DCE56880
SHA-256:	3AFD64B6C5D6EBE78927BF817CA9D29E2DC8DF25BD5C438263B955FD63F2A3C7
SHA-512:	3052D53AFBC0532C8B7B406E1D46B41FE70D6B7B4B1274FFBF13EDD9901963393F464AA0287226AFF51D97F6B37A62CD0ABC02FC642F92779A35BB092279D3D8
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1090
Entropy (8bit):	5.663537927202977
Encrypted:	false
SSDEEP:
MD5:	EA80A7ED00EE55BE57A5DB1C1F0BC486
SHA1:	101C8819B5FE153239F43E2C243AF901C00C5A00
SHA-256:	D19924F51442C6D044B088B37C418BF9D03556D32D6BB4F1C759D9105B418B32
SHA-512:	58EAD1EC90828694EC8CFBBD334BCD4D9566505906DC4FBEC683537D438C5418705633AC1CB9C801B406C1B5E837E2C119E71F994F92DCE23F7B861708139E63
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_0","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"266234d2-130d-426e-8466-c7a061db101f","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IlVwZ3JhZGVSSFBSZHJBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkVhc2lseSBmaWxsIGFuZCBzaWduIFBERnMuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"app

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	286
Entropy (8bit):	5.27936218366771
Encrypted:	false
SSDEEP:
MD5:	FE7D4EC6965E8A174F8563113B14E635
SHA1:	B2EBE6DAF4D8DF168DF55555CD00218270D17260
SHA-256:	C9C6D8E05A1A86FBD8D941B880CF000D1787A95E6885ACA908914F37EEAE0DC8
SHA-512:	4ED5589C9210D0AB17A6B532829BE3C296E6B313E75C734E80EC84A2DDDF141ABDB2D8F0B784CDE498F892A5F7B737E5DE90A549C063A3CB358CF0624F88557D
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	282
Entropy (8bit):	5.296695774445326
Encrypted:	false
SSDEEP:
MD5:	9E67CC204886315074DE9CBDFA9BEAF3
SHA1:	365D737FCF838FE06B1B922E91175F34B19F94CA
SHA-256:	919AF4C824B041342637BEC89057B27FE3F82A841015CB64E51DE316DCE1D2D0
SHA-512:	3E72FC807647CCE8562EE6D9EDF4F23468981C8C56FF0D31397E7442C2EF2C8B8B7C2EFD2856C63B36609D2BEBD15A61013ACFC8C0E5FE55AF39F2EF5A3FF99D
Malicious:	false
Reputation:	unknown
Preview:	{"analyticsData":{"responseGUID":"6c990439-bc9a-48d8-8c69-7ee43d7def51","sophiaUUID":"5E8BF9F5-1E3B-447C-A619-6054B1C06D0A"},"encodingScheme":true,"expirationDTS":1738393735214,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	data
Category:	dropped
Size (bytes):	4
Entropy (8bit):	0.8112781244591328
Encrypted:	false
SSDEEP:
MD5:	DC84B0D741E5BEAE8070013ADDCC8C28
SHA1:	802F4A6A20CBF157AAF6C4E07E4301578D5936A2
SHA-256:	81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
SHA-512:	65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
Malicious:	false
Reputation:	unknown
Preview:	....

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	2814
Entropy (8bit):	5.134831056309631
Encrypted:	false
SSDEEP:
MD5:	00CE3DC67A9C5D383B813F39823269BE
SHA1:	C068181FB3BBC3C7C36921F41BC0A5BB6DF8AEED
SHA-256:	EDFB3437B534EF139C59E0A9CB2FCC97A0DB9A58561D1AC3F7DD1059BF294698
SHA-512:	DC49AB52149C1E32787E2A4FF7A7E2D1289941C190B588AA1B26E79BD20A8E9126C18B701A89A14AF12AAA1948E6AEFEC466AC0DAD72139DED39BC0D982E2F5F
Malicious:	false
Reputation:	unknown
Preview:	{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"16b69055e559d9736076b3486a40c268","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":289,"ts":1738219044000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"440687bb53f8466980a4e915a25b66ad","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1123,"ts":1738219044000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"10796c8f8ecc61c9ba9903a38a7c8d08","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1090,"ts":1738219044000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"90834d1892d85875c006bd60142174a5","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":295,"ts":1738219044000},{"id":"DC_Reader_Disc_LHP_Retention","info":{"dg":"d0a2bb2da1b081389e452c0ca9020631","sid":"DC_Reader_Disc_LHP_Retention"},"mimeType":"file","size":292,"ts":1738219044000},{"id":"DC_Reader_More_LHP_Banner","info":{"dg":"84b27544e3d4231f461d22c5c44e277a","sid":"DC_Reader_More_LHP_Banner"},"mimeType":"file","

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
Category:	dropped
Size (bytes):	12288
Entropy (8bit):	0.9882795187007584
Encrypted:	false
SSDEEP:
MD5:	334E8F6873510A5B66DFBD5334C30F4E
SHA1:	D8482D7416377D39DE120A969DC3098619761C10
SHA-256:	9A0D7B53B26D010C6FFAD3D501B8A66176B64C369E3A12C3A9DFCC22206F9B71
SHA-512:	8EF6E3A3443E396E8412D4C9F88F20A20DDC9FB5F89DABFCA704BFDE20D7DB766682597F38313A969D799AF36A7812D11ABADEAFE95D430F1639C22076D7C32C
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	SQLite Rollback Journal
Category:	dropped
Size (bytes):	8720
Entropy (8bit):	1.345344495174443
Encrypted:	false
SSDEEP:
MD5:	23C0206DD189B86BE37A5F92E6A95992
SHA1:	AD845E67C2302CC08816077298E1F3383D963D77
SHA-256:	D6F545D99CFE2BFB8AB8CE320C98D550141B738DE9DF3E56A8BCC253D3349F4B
SHA-512:	859093C4BA9C8C5DB090052FF399CAFA91602B38734CD1A183AA7F5993715CDDC6487AA8F9BFFDC0FBBA307E9237EC18E10630BBC6C0E276E10D758E175A3545
Malicious:	false
Reputation:	unknown
Preview:	.... .c.....@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................j...#..#.#.#.#.#.#.#.#.7.7........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	data
Category:	dropped
Size (bytes):	66726
Entropy (8bit):	5.392739213842091
Encrypted:	false
SSDEEP:
MD5:	132FBA763A168F446A3727DF0EEEDC9E
SHA1:	1E98D891E7F16771521FD73A9BD1B1230ED4BD5B
SHA-256:	CF5F70A9ECEC72FC7DD98950C946B27D5933B87F38B11B40B7F352B5029EBE69
SHA-512:	08A1FBE241E285DDD93859B807854E09A9A615B426DA7A5410E0EBFC2B6145DDBE62A87DD77929B12E002526568BF74BB46925936BA4783D559A5D2D87D9F472
Malicious:	false
Reputation:	unknown
Preview:	4.397.90.FID.2:o:..........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.96.FID.2:o:..........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.84.FID.2:o:..........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.95.FID.2:o:..........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.109.FID.2:o:..........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.105.FID.2:o:..........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.118.FID.2:o:..........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.77.FID.2:o:..........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.91.FID.2:o:..........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.87.FID.2:o:..........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.100.FID.2

C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-01-30 01-37-21-738.log

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	ASCII text, with very long lines (393)
Category:	dropped
Size (bytes):	16525
Entropy (8bit):	5.353642815103214
Encrypted:	false
SSDEEP:
MD5:	91F06491552FC977E9E8AF47786EE7C1
SHA1:	8FEB27904897FFCC2BE1A985D479D7F75F11CEFC
SHA-256:	06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB
SHA-512:	A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082
Malicious:	false
Reputation:	unknown
Preview:	SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig:

C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	ASCII text, with very long lines (393), with CRLF line terminators
Category:	dropped
Size (bytes):	15100
Entropy (8bit):	5.369084092301792
Encrypted:	false
SSDEEP:
MD5:	46E5737EAA57E9277384AC0AB8A36675
SHA1:	8727E05C9A57619060065B3AC20A57B520008B27
SHA-256:	B4DCD63184B57871694A1821EAA112B86AEC0B360DD4DC2A1C54E85B6B88DB3B
SHA-512:	BE5A01A41B373E035A829DD5DAF130C6B0359EB3BDEFA041CE44434FD081BAED0A3998FFAA857F896586B35FF4496082B1F5D1439324A60D6582172DAA3A2A02
Malicious:	false
Reputation:	unknown
Preview:	SessionID=c4104356-6083-4d62-9f52-bc75c8c69e62.1738219041753 Timestamp=2025-01-30T01:37:21:753-0500 ThreadID=6488 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=c4104356-6083-4d62-9f52-bc75c8c69e62.1738219041753 Timestamp=2025-01-30T01:37:21:754-0500 ThreadID=6488 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=c4104356-6083-4d62-9f52-bc75c8c69e62.1738219041753 Timestamp=2025-01-30T01:37:21:755-0500 ThreadID=6488 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=c4104356-6083-4d62-9f52-bc75c8c69e62.1738219041753 Timestamp=2025-01-30T01:37:21:755-0500 ThreadID=6488 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=c4104356-6083-4d62-9f52-bc75c8c69e62.1738219041753 Timestamp=2025-01-30T01:37:21:755-0500 ThreadID=6488 Component=ngl-lib_NglAppLib Description="SetConf

C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	29752
Entropy (8bit):	5.417077879300723
Encrypted:	false
SSDEEP:
MD5:	6D59DB786C1440967CF0CE366CB2B168
SHA1:	976CC5D8F75E51B131BD74908EE9475C9824B242
SHA-256:	18AAE089748ABBC4935E539AFB0BFBCDE7D7D4D43284262776E408437370CA40
SHA-512:	7BC8013DC07FB851684EE9CD3CB713FFE6FE9C72E3482973C2F0D866F460BAD44FE307C4C400FC977C41F6D4443435FB24A96F74D0952012BF88AE4A02953FA9
Malicious:	false
Reputation:	unknown
Preview:	06-10-2023 10:08:42:.---2---..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : *************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***********************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : **** Starting new session ******..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 10:08:42:.Closing File..06-10-

C:\Users\user\AppData\Local\Temp\acrocef_low\6c1becb1-02f8-4428-9155-f9fcd8e601e5.tmp

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
Category:	dropped
Size (bytes):	386528
Entropy (8bit):	7.9736851559892425
Encrypted:	false
SSDEEP:
MD5:	774036904FF86EB19FCE18B796528E1E
SHA1:	2BA0EBF3FC7BEF9EF5BFAD32070BD3C785904E16
SHA-256:	D2FC8EA3DDD3F095F7A469927179B408102471627C91275EDB4D7356F8E453AD
SHA-512:	9E9662EA15AE3345166C1E51235CDCE3123B27848E4A4651CC4D2173BDD973E4AD2F8994EFF34A221A9F07AA676F52BEB6D90FF374F6CCB0D06FA39C3EFE6B31
Malicious:	false
Reputation:	unknown
Preview:	...........[l\[.......p.a$..$.K...&%J.J...Wuo..dI.vk4.E..P.u..(.....1.I....A...............0.....$ctg.H.'....@.Zk...~.s.A]M.A..:g?.^{...cjL...X..#.Q{......z...m...K.U]-..^V.........@..P...U.R..z.......?......]nG..O{..n........y...v7...~C#..O.z...:...H&..6M;........c..#.y4u.~6.?...V?.%?SW.....K...[..`N.i.1..:..@?i.Q..O...`.....m.!y.{...?=.. .....Zk......%.6......o<.....yA}......no......u,.....U...a.......[S.n..`.....:...1......X..u.u...`..B=.&M.y..s.....}.i..l.'u]. ...6.s`....zdN.F.>;.d%D..}3..b..~..k.......,hl.j..._...F..p.z..o...C..,.Ss.u.Xd..a.Y.{.p...?.k..t,&..'...........^.f.hg....y..Y...i..m....<..^......yK.......;.5...E...K..Q.;k..\|;..B.{m..eS..>b..>...6...wmC.i.....wv..k..{..X...RB.P..?w......1l.H..{{.`g.P.8.Z..v_.G.....f.%+z.....p.P..u}.T.....~r]..W7..._..c.k.....@....y.K...uOSj........^....B..]..~{..;...c....r.J.m.S.}.....k....u*^...5./...{......3.I.p.t...V..........W-..\|.K.N.....n.........Bl...#)..;..4.x.....'....A....x..

C:\Users\user\AppData\Local\Temp\acrocef_low\a6c0fac7-d800-449d-b7c0-5181fc3d2f5c.tmp

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
Category:	dropped
Size (bytes):	758601
Entropy (8bit):	7.98639316555857
Encrypted:	false
SSDEEP:
MD5:	3A49135134665364308390AC398006F1
SHA1:	28EF4CE5690BF8A9E048AF7D30688120DAC6F126
SHA-256:	D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
SHA-512:	BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
Malicious:	false
Reputation:	unknown
Preview:	...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......\|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!\|G.1...... .3.`./....`~......G.............\|..pS.e.C....:o.u_..oi.:..\|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

C:\Users\user\AppData\Local\Temp\acrocef_low\b42bfdbd-3c5f-46ce-b98f-923cd7a93ed4.tmp

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
Category:	dropped
Size (bytes):	1419751
Entropy (8bit):	7.976496077007677
Encrypted:	false
SSDEEP:
MD5:	633503B0D7B277C81D2B5023F7B94093
SHA1:	88C76A607725220ACE1D34C8E2B6590E923AAB16
SHA-256:	7E3BD7BBA4BFD14E7075D7C18CEA167258581E0854535A09E26C9F73CC369D29
SHA-512:	8B0B94268483BE1301380EEA2DA8112EFEA67D7ADA91F86E89892D89C2E5A7329EA3E59F6FDB358978118A9ABDD7C328775E9269DA523794497D8E6C9B627D7E
Malicious:	false
Reputation:	unknown
Preview:	...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E\|.P..$ni.{.....T.^~<m-..J....RQk....f.....q.......V.rC.M.b.DiL\.....wq....$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..DT...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.........R.....j.WD).M..9.Fw...W.-a..z.l\..u.^....L..^.`.T...l.^.B.DMc.d....i...o.\|M.uF\|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,.e....5...X.}6.P....y\.s\|..Si..BB..y...~.....D^g...7'T-.5.!K.$\...2.

C:\Users\user\AppData\Local\Temp\acrocef_low\d61ad050-8457-447f-93a6-6b1788d7414e.tmp

Download File

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
Category:	dropped
Size (bytes):	1407294
Entropy (8bit):	7.97605879016224
Encrypted:	false
SSDEEP:
MD5:	EEE2F73FDF49F1B3FF8730F22101DC82
SHA1:	498FC43A0ACFCB110CCF5EF1BF4AC4DEAA2292B1
SHA-256:	38A3C845A54AC1FD764150E851216A22FD214551EACD607BD951574FE151FCB9
SHA-512:	47B13AF35800AB75210464B9874FDB0456B2FAFFC5E4C20EB50A355D4CB3319F372004E8AF66AEB5CF0C32ECBCD01BC08F84AC30AD3DE763CC25246C475C9839
Malicious:	false
Reputation:	unknown
Preview:	...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E\|.P..$ni.{.....T.^~<m-..J....RQk....f.....q.......V.rC.M.b.DiL\.....wq....$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..DT...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.........R.....j.WD).M..9.Fw...W.-a..z.l\..u.^....L..^.`.T...l.^.B.DMc.d....i...o.\|M.uF\|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,.e....5...X.}6.P....y\.s\|..Si..BB..y...~.....D^g...7'T-.5.!K.$\...2.

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 30 05:37:30 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.986736150292722
Encrypted:	false
SSDEEP:
MD5:	7B0495DFC0822841A18366DC3718D982
SHA1:	46500DF2218E61EB799CAB8B0BC21908332D9EFC
SHA-256:	FA86D7ECE06E84B000B18D9E29F6431D19819AE696060B85EF4C74EF6F9D156A
SHA-512:	62B4D241042E444F3A6042B7DA7AFA01CA8901939F6B9E749D68B851C0718E7F72BCDB35B032366F87864256CDE67E00D64D937BC84E4709BCD6D6D9CE4E9DB5
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....+.o.r..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Z.4....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Z.4....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Z.4....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Z.4..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Z.4...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............8......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 30 05:37:30 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.004416512669815
Encrypted:	false
SSDEEP:
MD5:	D9A45E0A24DDD0F5B45E95AA84A94A4A
SHA1:	6035CE296D0EE1190C73945BF38FA524981D089D
SHA-256:	F9A2EE30D232AB04E0E0F75B3F7F3640102A9A28D7FFB28809EB9148653B1D77
SHA-512:	94F0655388EDE4B8EC7ACF683EF1387B0C95F0F1D98B729DBFACDD4CCFEF02934F11C0D993FC4053187838A9800304CD206E731017EAFF440E2FD9F84A33BDC7
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......o.r..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Z.4....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Z.4....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Z.4....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Z.4..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Z.4...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............8......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.013640180738865
Encrypted:	false
SSDEEP:
MD5:	D63830E088F62FC103D74B7A6A3CFB44
SHA1:	538D7BB3F425567DB130E702D4610554E0F6191C
SHA-256:	5F5D24792C073AA9C323FDC03149049793F4D367052B4EA7F66743B69C9EF8DE
SHA-512:	967C9FB74E8B4DD10F071060A7B3159030CC94064682EAF549525D7BCF582A2074970F5D4FAC20A7EEDB0C2D1B3E9C23213FFA946CED68EC1DF5E9E4F32D1F90
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Z.4....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Z.4....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Z.4....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Z.4..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............8......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 30 05:37:30 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.999674185407486
Encrypted:	false
SSDEEP:
MD5:	FF86147D97998242327EFCD5BEF629B8
SHA1:	96DFCAB4340E50933FCC244D0A69561FE60E9751
SHA-256:	C840743521A31C898B10C9B89309C62FC9C9B35B2F1EF6B2F56087C882B29C5E
SHA-512:	C2CF8FCE2716257A07468AA9AD40527C8860C3B825B1C0AABA315E13D9157AFFBC77A13A64783382B527B4E580CDEAFE8281E77B47DC213349EE1F4185CBC809
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....w.o.r..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Z.4....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Z.4....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Z.4....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Z.4..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Z.4...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............8......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 30 05:37:30 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9863534047887996
Encrypted:	false
SSDEEP:
MD5:	B428F113C87012ADF121783609E69D92
SHA1:	4958AFB8D15174A2F7ED834FCCFDDA0AA56E4BE9
SHA-256:	D90823BB88A1FB669CF64AF9F06E154D7B86155CC44A8EAC9F5B829FCDACACFF
SHA-512:	71F84BDACA74D53F2688B260B0F09242DF343BBC638BAC1ED2DD05EE27A8DDE22DB9E13F8D0A6078D173E33002A6D1E8BCA8444055D812EFB82E2F5ABEF507C0
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....tm.o.r..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Z.4....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Z.4....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Z.4....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Z.4..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Z.4...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............8......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Jan 30 05:37:30 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.001897569823125
Encrypted:	false
SSDEEP:
MD5:	A4AC7382771D203217B042D0B24C149A
SHA1:	428355281A79399541DFAF2DEEB7FD408454627A
SHA-256:	5288B0BE28195F1EAB9E3368A43CB40AA3E814C1EAF390751745FBB9FA04AF80
SHA-512:	9E98ED4208536C6AACE2C556B3F3FCB8222DE5C157BFB931DB066AD8D5B240C81CA876BBEDA393E7513AD49C039AAFD7AED39D71A7D2708C75D225843DF0A43B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....\|.o.r..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Z.4....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Z.4....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Z.4....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Z.4..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Z.4...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............8......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\Downloads\70a271e4-c9da-4adc-8a92-bc2f390f824e.tmp

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (1585), with CRLF line terminators
Category:	dropped
Size (bytes):	15053
Entropy (8bit):	5.107823020698851
Encrypted:	false
SSDEEP:
MD5:	689072633E2F736C3E77036C702DB804
SHA1:	930BE3C36568F448B8A5EE4E8689EC35FE724E5A
SHA-256:	4D3FF3526C8DF0C8F6A077A8F84B7D2C19D7106E56E5B6E2F7760257633F0996
SHA-512:	3F7682513C8B1DD9BCA7AEE8B93B070EE388A6BFC1AB7007B75F91F9E7C10BD245E916E330F720B17FDCAF0EFF5F9A2B2AD006A4110F3F9CD2A81AAD0C738B43
Malicious:	false
Reputation:	unknown
Preview:	....<html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>office 365</title>.... <meta http-equiv="X-UA-Compatible" content="IE=edge">.. <meta name="viewport" content="width=device-width, initial-scale=1">.. <link rel="icon" href="data:image/webp;base64,UklGRnQEAABXRUJQVlA4WAoAAAAQAAAAfgAAfgAAQUxQSNoAAAARDzD/ERECbra9cRvo8cGSI2AUjkaNxlHoKi1LH3z4FwLw++hSRfR/AuRX98SMwkycCEBjDcAW6gA0dAdQQwsAUgTHGugGkjcs9aaFzVnOydrhJqt72bp7ai2vWGBaoBqDmtRidph/Xrdu3jBK9+5GCkxDAuugVIrgKIxSiRJGqUydPrZR8qlK4d9T/VihlMrUiRJiVUqZmZj7iRFpcJ1B3an5sfV1833lXXdPre5la6dkOSdnOpszrCJut5InRpXgOuTI/SDRDkBDDcApJECR+MSJGEXIlpgvBlZQOCB0AwAA8BYAnQEqfwB/AD6RPplHv7QlpTAWisPwEglkCHAMlE1Q6AIGqzmPn92f8B2Bm1PgfkB0nXTUl1++Nl+cvQ26e/mA/Zv1hPRh/ivUA/sH+Z60j0APLj9j391fSmCKNGXEo8uTvzMzMCi+dgEFcaUFKVG1lRDgj4DFPn0rqtSZ4B+nM5Khg0zrVhHdKHhMyXaNhnyXWUNGnqR3jjgkD6NPUjvFUnA+JPhIQrjXA9jC7JCDYZRS5PhQOG+6au9/ki6AAP7NcDT85w9sEBNDwgGYWAj4eFrQnVKT5jLL7IzlYHVXSDO/hynFnj3WIMduwUbLHL9ejVCotI5nI

C:\Users\user\Downloads\Notice Summon File.Doc (1) (1).html (copy)

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (4209), with CRLF line terminators
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	D51DD71A1528A0BF334D172F4A31CA3B
SHA1:	77EB758D7D3491FEC57D0E2A5F9B49C0EBEBE11C
SHA-256:	9D0C1E5ACE85F218BC1835EC4A46DC372A02BF805B3137CB82A34378B932CCD5
SHA-512:	BA3DC000C389BE2AA7749BF171FA149DB656F882C261E8EAFF63F9D28CE9145F172BE718C18458CEBC68760C9F01F9906075CF034030315F86D6C9B5896F5E30
Malicious:	false
Reputation:	unknown
Preview:	....<html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>office 365</title>.... <meta http-equiv="X-UA-Compatible" content="IE=edge">.. <meta name="viewport" content="width=device-width, initial-scale=1">.. <link rel="icon" href="data:image/webp;base64,UklGRnQEAABXRUJQVlA4WAoAAAAQAAAAfgAAfgAAQUxQSNoAAAARDzD/ERECbra9cRvo8cGSI2AUjkaNxlHoKi1LH3z4FwLw++hSRfR/AuRX98SMwkycCEBjDcAW6gA0dAdQQwsAUgTHGugGkjcs9aaFzVnOydrhJqt72bp7ai2vWGBaoBqDmtRidph/Xrdu3jBK9+5GCkxDAuugVIrgKIxSiRJGqUydPrZR8qlK4d9T/VihlMrUiRJiVUqZmZj7iRFpcJ1B3an5sfV1833lXXdPre5la6dkOSdnOpszrCJut5InRpXgOuTI/SDRDkBDDcApJECR+MSJGEXIlpgvBlZQOCB0AwAA8BYAnQEqfwB/AD6RPplHv7QlpTAWisPwEglkCHAMlE1Q6AIGqzmPn92f8B2Bm1PgfkB0nXTUl1++Nl+cvQ26e/mA/Zv1hPRh/ivUA/sH+Z60j0APLj9j391fSmCKNGXEo8uTvzMzMCi+dgEFcaUFKVG1lRDgj4DFPn0rqtSZ4B+nM5Khg0zrVhHdKHhMyXaNhnyXWUNGnqR3jjgkD6NPUjvFUnA+JPhIQrjXA9jC7JCDYZRS5PhQOG+6au9/ki6AAP7NcDT85w9sEBNDwgGYWAj4eFrQnVKT5jLL7IzlYHVXSDO/hynFnj3WIMduwUbLHL9ejVCotI5nI

C:\Users\user\Downloads\Notice Summon File.Doc (1) (1).html.crdownload

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (4209), with CRLF line terminators
Category:	dropped
Size (bytes):	46429
Entropy (8bit):	5.175694766628238
Encrypted:	false
SSDEEP:
MD5:	D51DD71A1528A0BF334D172F4A31CA3B
SHA1:	77EB758D7D3491FEC57D0E2A5F9B49C0EBEBE11C
SHA-256:	9D0C1E5ACE85F218BC1835EC4A46DC372A02BF805B3137CB82A34378B932CCD5
SHA-512:	BA3DC000C389BE2AA7749BF171FA149DB656F882C261E8EAFF63F9D28CE9145F172BE718C18458CEBC68760C9F01F9906075CF034030315F86D6C9B5896F5E30
Malicious:	false
Reputation:	unknown
Preview:	....<html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.. <title>office 365</title>.... <meta http-equiv="X-UA-Compatible" content="IE=edge">.. <meta name="viewport" content="width=device-width, initial-scale=1">.. <link rel="icon" href="data:image/webp;base64,UklGRnQEAABXRUJQVlA4WAoAAAAQAAAAfgAAfgAAQUxQSNoAAAARDzD/ERECbra9cRvo8cGSI2AUjkaNxlHoKi1LH3z4FwLw++hSRfR/AuRX98SMwkycCEBjDcAW6gA0dAdQQwsAUgTHGugGkjcs9aaFzVnOydrhJqt72bp7ai2vWGBaoBqDmtRidph/Xrdu3jBK9+5GCkxDAuugVIrgKIxSiRJGqUydPrZR8qlK4d9T/VihlMrUiRJiVUqZmZj7iRFpcJ1B3an5sfV1833lXXdPre5la6dkOSdnOpszrCJut5InRpXgOuTI/SDRDkBDDcApJECR+MSJGEXIlpgvBlZQOCB0AwAA8BYAnQEqfwB/AD6RPplHv7QlpTAWisPwEglkCHAMlE1Q6AIGqzmPn92f8B2Bm1PgfkB0nXTUl1++Nl+cvQ26e/mA/Zv1hPRh/ivUA/sH+Z60j0APLj9j391fSmCKNGXEo8uTvzMzMCi+dgEFcaUFKVG1lRDgj4DFPn0rqtSZ4B+nM5Khg0zrVhHdKHhMyXaNhnyXWUNGnqR3jjgkD6NPUjvFUnA+JPhIQrjXA9jC7JCDYZRS5PhQOG+6au9/ki6AAP7NcDT85w9sEBNDwgGYWAj4eFrQnVKT5jLL7IzlYHVXSDO/hynFnj3WIMduwUbLHL9ejVCotI5nI

Chrome Cache Entry: 260

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2992
Entropy (8bit):	7.798909604456528
Encrypted:	false
SSDEEP:
MD5:	CCBE247E32D99793E4D89BA7C5A7C535
SHA1:	994007E67FFA8341B0170BE99DFE230F366D4FE5
SHA-256:	2B7C62BD43122786351FF528727CEEF7CB2295ACFB38A20F9E37231B4C714D65
SHA-512:	55A87D58A7986B5D4875FA012B23FA3AAF63238A6233CEC252D1077480964A86D57AD2B0183B2B100FC5AE7102020742F980DB454594A44FA75824166D2C25BD
Malicious:	false
Reputation:	unknown
URL:	"https://img1.wsimg.com/isteam/ip/1812faaf-e56f-47cd-a093-05ce2655644c/blob-0b72675.png/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/fx-bl=s:90/rs=w:1535,m"
Preview:	RIFF....WEBPVP8X..............VP8 ....P........>m6.I.".. .....in.x....N......?....7Z....+....3..=.{.7.x.9.}.r..d.=..j_...'!.NC.l....9..}....@o}.f.........-=.&..'".4.xi.].@._R.X`4r.L!.............iP..L.`....R.P.....w...]U..W.O_..%..&..Y..JR.%a1.(..'<3s.YZ.\;..,.../.....U..3x..9.W.Y....j"Mp^.r.-.....]-.G..Q....l=.f.@..9PT..._...m.<&.i..x....0w.WZ~R.\...\.:$R..V>...vZ"[.."<.C."'9.?.-.n...^ Gzs...H..\2.g..^+&....RL..v..0R../..@X[......"eehe+w<.'.@..Yow...C......Wg!...opn\|B!..o:..r...n..Ji/.IC........"4.f..F..g$.,Y.!.[...Q....9.2.50..b,D.Q.oQB...{.....3u.K..?.....:1>..........<r.......9.D..K..6.....R..l8.le/.WM.....j..Xk..Px..,..&..G.qa..E.W.p.a\|.v..s.o.U..\#s+......i\|..b>.O..b.Oh..W.e.......Lq.z.H}^..D...~.....`\...y/....s......u9M.bF[&<u.w0..U..l....t.#..t..={...z.J5...Sz.e..=2..Ztt[H....BB..m..(E 3....\|......K..&.;.wU......K.S...W.Y6..........Q.W.oDNs.......w.1....n..y..m.\...SV...4GY q..{......[..y"...(..&_....4,..;l......._...9.nl...'.

Chrome Cache Entry: 261

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13623), with no line terminators
Category:	dropped
Size (bytes):	13623
Entropy (8bit):	5.387309516290063
Encrypted:	false
SSDEEP:
MD5:	07A454ECDF912184EC64CB00D3CFBA39
SHA1:	104AA879F5239DD5B905B249434670D7DB99EB35
SHA-256:	C7BC1AB60EB096934B31143965AA816CABC7BA0C2FC1234524CD46ACC3FB3C6B
SHA-512:	9038BAA49E5F0F88C2035F8147E631D7D6BCEA50F971496D48BC55652E14BFB6255054BBD2BBA3115E585B36BBF2989FD6AD30DD90E990C84E7221FEBBC13944
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";window.SS=window.SS\|\|{};var l=function(e,o){return e};try{var t=new Gettext({domain:"sstranslate"});l=function(e,o){return o?e:t.gettext(e)}}catch(e){}SS._=l,SS.initTooltips=function(){SS.emptyFieldRegex="^(?=.\\S).+$",SS.firstLastNameRegex="(^((\\w\|\\W){0,50})((\\s)((\\w\|\\W){1,50}){0,1}){0,1}$)",SS.passValidatorsRegex=[{regex:{pattern:"(.+){8,}",flag:"g",containPattern:!0},message:l("Password must be at least 8 characters long.")},{regex:{pattern:"[a-zA-Z]",flag:"g",containPattern:!0},message:l("Please include at least one letter.")},{regex:{pattern:"[0-9]",flag:"g",containPattern:!0},message:l("Please include at least one number.")},{regex:{pattern:"(.)\\1{2,}",flag:"g",containPattern:!1},message:l("Please do not repeat characters more than twice.")}],SS.emailInvalidCharsRegex="^[@\\-_+.&0-9a-zA-Z]+$",SS.emailValidationRegex="^([0-9a-zA-Z]+[-_+.&0-9a-zA-Z])?[-_+0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$",SS.fieldTest=function(e,o,t,n){return!!new RegExp

Chrome Cache Entry: 262

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (11145)
Category:	downloaded
Size (bytes):	35260
Entropy (8bit):	5.547569134927946
Encrypted:	false
SSDEEP:
MD5:	7306363B0A2A2481048E0CA0068304B4
SHA1:	C86F6BE0D23E752DE84A04B247D11FD8EA691941
SHA-256:	D83ADEEDF80A58D08A42E89E8CDF73CE03EE0CAE90568C4039671AD8A569E5BF
SHA-512:	6353F807EB3F0800361B021D4184C869FF889F264B59DA0F01F879956A3FD5B9AF9C712FFC0E5F8307B13907FF2AB96BF1768391AD89C3266EAA374E95FB36AA
Malicious:	false
Reputation:	unknown
URL:	https://8fb8895e6829.godaddysites.com/favicon.ico
Preview:	<!DOCTYPE html><html lang="en-ZA"><head><meta charSet="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width, initial-scale=1"/><title>2fa</title><meta name="author" content="2fa"/><meta name="generator" content="Starfield Technologies; Go Daddy Website Builder 8.0.0000"/><link rel="manifest" href="/manifest.webmanifest"/><link rel="apple-touch-icon" sizes="57x57" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:57,h:57,m"/><link rel="apple-touch-icon" sizes="60x60" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:60,h:60,m"/><link rel="apple-touch-icon" sizes="72x72" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:72,h:72,m"/><link rel="apple-touch-icon" sizes="114x114" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:114,h:114,m"/><link rel="apple-touch-icon" sizes="120x120" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.

Chrome Cache Entry: 263

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Category:	downloaded
Size (bytes):	23040
Entropy (8bit):	7.990788476764561
Encrypted:	true
SSDEEP:
MD5:	DE69CF9E514DF447D1B0BB16F49D2457
SHA1:	2AC78601179C3A63BA3F3F3081556B12DDCAF655
SHA-256:	C447DD7677B419DB7B21DBDFC6277C7816A913FFDA76FD2E52702DF538DE0E49
SHA-512:	4AEBB7E54D88827D4A02808F04901C0D09B756C518202B056A6C0F664948F5585221D16967F546E064187C6545ACEF15D59B68D0A7A59897BD899D3E9DDA37B1
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Preview:	wOF2......Z........8..Y...........................B.p.`..D....e.....d.....B..6.$..v. .....E.K...5l\e.v.~S$}.".8.....5.E....s...ai`W.u..8a2C..JuBj....x.....%.u.C.......p..c...7...+.1.GS.3...F_....-..`#........]...T.....x....&..{.....V..,..&~$D.#.P..\|gzz...B.7..m.3....HH.l.....Dj.F.X.....U..+.Q...T.`...ST...1...0....io`zu@.J2....3]}0.X...,..+"...............(k.CGl......`.y.._....3.t!O.,X:t.3....lw..U../:..b.]....V.$.y....G.....H..IN....bQ.+ \@....;...C3...c.l..i/....#..I.).Y...]...s..$K!..Tr...g%\|r.D.#.Y{..R..We...X.?...r.@...G.{..>..4^..b..,.z........T..[.ru#.7..{..G....J.3......Lz.C].of$Y2..^...>@L..P.........7..bB.....6f...ec.i..{._\...A.I.Lcy.Qm".....k.^.d.K(x7U...c.o.......}.T......iL..!.Z.......[O...%...*'?........^I./..;t.4%.....S...4....wY.b9.%.b...,.....tC..9.Z...V..CHnA.S.-.u$m.\....7{,..K{(.."....._...\|{.VowE@E@@..Zg.....`8..b..Z...^....l+...R..%.L.b...._..E.j9\+.L.#J.........?&...&..scE..b..Jc.8...V....L 1./k.3..7w....x..-.....

Chrome Cache Entry: 266

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2146)
Category:	downloaded
Size (bytes):	264551
Entropy (8bit):	5.551006671194974
Encrypted:	false
SSDEEP:
MD5:	2900E9BCADF43158626C75C0B915E4CB
SHA1:	C30C9A15E7D5CD1F9B8C7CB961DDEBB3FB4CCDBF
SHA-256:	B77CA35A3C7D32BFD643A1BA4A5E4859419C84A74A68DF4B8E569503A2D9F120
SHA-512:	D0C880A81D43FC8D63607B8B8260357419D0AFCE925BB713BA2BEDCA008845BF212085653CD3D619D844B9F6513A87B5A1A84689DD107C92CC0925C29ED731A3
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/destination?id=AW-1022241212&l=dataLayer&cx=c&gtm=45He51t0za200
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__cid"}],. "tags":[{"function":"__rep","once_per_event":true,"vtp_containerId":["macro",1],"tag_id":1}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"}],. "rules":[[["if",0],["add",0]]].},."runtime":[ [50,"__cid",[46,"a"],[36,[17,[13,[41,"$0"],[3,"$0",["require","getContainerVersion"]],["$0"]],"containerId"]]]. ,[50,"__e",[46,"a"],[36,[13,[41,"$0"],[3,"$0",["require","internal.getEventData"]],["$0","event"]]]]. .].,"entities":{."__cid":{"2":true,"4":true,"3":true}.,."__e":{"2":true,"4":true}...}.,"blob":{"1":"1"}.,"permissions":{."__cid":{"read_container_data":{}}.,."__e":{"read_event_data":{"eventDataAccess":"specific","keyPatterns":["event"]}}...}....,"security_groups":{."google":[."__cid".,."__e"..]...}....};.....var h,ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{d

Chrome Cache Entry: 267

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (1239)
Category:	dropped
Size (bytes):	38951
Entropy (8bit):	5.147721826570301
Encrypted:	false
SSDEEP:
MD5:	B36894A2CC15CCB5515EC7A168E9BD33
SHA1:	85C05620EA7323F00C3EAFE32807E2DE6BCE8DF1
SHA-256:	648FA034F13474D9FA07757E34E853AFD3382168F2B42B1521448FA16711B067
SHA-512:	F9DFFBC92513C314967F92280FF0C7FC3212ACDA72441C3EE4C80277B329B4CDC7927116C59C75110D5BA47A304166D609166D4F0AE402DEA0B3C80DE32B4E45
Malicious:	false
Reputation:	unknown
Preview:	/!. jQuery Validation Plugin 1.11.1. . http://bassistance.de/jquery-plugins/jquery-plugin-validation/. * http://docs.jquery.com/Plugins/Validation. . Copyright 2013 J.rn Zaefferer. * Released under the MIT license:. * http://www.opensource.org/licenses/mit-license.php. */..(function($) {..$.extend($.fn, {..// http://docs.jquery.com/Plugins/Validation/validate..validate: function( options ) {....// if nothing is selected, return nothing; can't chain anyway...if ( !this.length ) {....if ( options && options.debug && window.console ) {.....console.warn( "Nothing selected, can't validate, returning nothing." );....}....return;...}....// check if a validator for this form was already created...var validator = $.data( this[0], "validator" );...if ( validator ) {....return validator;...}....// Add novalidate tag if HTML5....this.attr( "novalidate", "novalidate" );....validator = new $.validator( options, this[0] );...$.data( this[0], "validator", validator );....if ( validator.set

Chrome Cache Entry: 268

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1352)
Category:	downloaded
Size (bytes):	1400
Entropy (8bit):	5.307032039583678
Encrypted:	false
SSDEEP:
MD5:	5CC6B93D41889C0A55C6C4FCD2D89713
SHA1:	51A59C1DAE337817C4EBAC39FBE61C232705A893
SHA-256:	8671CFDFA128168DB2136D7C17F55BA98DDBA221CDD1ACBBE559D4969280FD51
SHA-512:	8BCAAB1399B6D4D7475C4CF1DC45B0477A9D2AD37578DFCCF23C0C9303716DA1DECD5FBA858D5DD609CB89BCC784E04B72A0D7136BC6EE60DC3EF69CAB977C33
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-87bd33e6.js
Preview:	define("@widget/LAYOUT/c/bs-index2-87bd33e6.js",["exports"],(function(t){"use strict";t.a=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginBottom:t}," > :last-child":{marginBottom:"0 !important"}}},t.b=function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"medium";return{"> :nth-child(n)":{marginRight:t}," > :last-child":{marginRight:"0 !important"}}},t.c=function(t){const e=function(t){if("string"!=typeof t\|\|"{"!==t[0])return null;try{return JSON.parse(t)}catch(t){return null}}(t)\|\|{};let n=0;return e.blocks&&e.blocks.forEach((t=>{const e=t.text.length;n+=(global._\|\|guac.lodash).clamp(e,25,Math.max(e,25))})),n},t.g=()=>{const t=document.getElementsByClassName("ux-scaled");let e=1;return t&&t.length>0&&(e=t[0].getAttribute("data-scale")),e},t.r=t=>{let{count:e=0,fontSizeMap:n={},defaultFontSize:r}=t;const i=(global._\|\|guac.lodash).reduce(n,((t,e,n)=>{let[r,i=Number.MAX_VALUE]=e;return t.push({range:[r,i],

Chrome Cache Entry: 269

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (905)
Category:	dropped
Size (bytes):	960
Entropy (8bit):	5.203352394673048
Encrypted:	false
SSDEEP:
MD5:	62A914B2C847D4D02B76164D7A2A54C6
SHA1:	20D9F49A90A51FA6C8420640610DF77F7A96D919
SHA-256:	B08C2864EC27736C507B1CA4B3A225A19147841B861CD8494DAF95FA370FE639
SHA-512:	E67D3D9F68EF3151D93DEDAA3530DF89F0C957F08561E93134B219DEC23C2A1FE0D109AC666619526742C5411E4636ECE416A3AD1148C1AD0861F0050B41D3DE
Malicious:	false
Reputation:	unknown
Preview:	define("@wsb/guac-widget-shared/c/_commonjsHelpers-67085353.js",["exports"],(function(e){"use strict";var n="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};e.a=n,e.b=function(e){if(e.__esModule)return e;var n=Object.defineProperty({},"__esModule",{value:!0});return Object.keys(e).forEach((function(t){var r=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(n,t,r.get?r:{enumerable:!0,get:function(){return e[t]}})})),n},e.c=function(e,n,t){return e(t={path:n,exports:{},require:function(e,n){return function(){throw new Error("Dynamic requires are not currently supported by @rollup/plugin-commonjs")}(null==n&&t.path)}},t.exports),t.exports},e.g=function(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_commonjsHelpers-67085353.js.map.

Chrome Cache Entry: 273

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	13
Entropy (8bit):	2.7773627950641693
Encrypted:	false
SSDEEP:
MD5:	C83301425B2AD1D496473A5FF3D9ECCA
SHA1:	941EFB7368E46B27B937D34B07FC4D41DA01B002
SHA-256:	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
SHA-512:	83BAFE4C888008AFDD1B72C028C7F50DEE651CA9E7D8E1B332E0BF3AA1315884155A1458A304F6E5C5627E714BF5A855A8B8D7DB3F4EB2BB2789FE2F8F6A1D83
Malicious:	false
Reputation:	unknown
URL:	https://td.doubleclick.net/td/rul/944328721?random=1738219055254&cv=11&fst=1738219055254&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be51t0za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102081485~102123608~102482432~102539968~102546754&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.sugarsync.com%2Fpf%2FD4981104_043_6546057047&hn=www.googleadservices.com&frm=0&tiba=SugarSync&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1
Preview:	<html></html>

Chrome Cache Entry: 276

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17235)
Category:	downloaded
Size (bytes):	346432
Entropy (8bit):	5.573599616849689
Encrypted:	false
SSDEEP:
MD5:	9AD3DA9F166E127EE86B68784D1DFA94
SHA1:	E233DEE00F65028FAA786BF90D38585542D5D128
SHA-256:	FB16221CEA3A5C6C6325E863BA84C9B93300DFD3FA3152F4FE6BB261ED2B3076
SHA-512:	4A1F3B646C64D7156FD5F55707DF4A9C969A5D866E53DD1DBFA6E40F9CF413482F5AB31239110E704DAD3A64859E794E3001A10D1FC274C12CAD127CB8333C5F
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtm.js?id=GTM-KQHCXP
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"96",. . "macros":[{"function":"__jsm","vtp_javascript":["template","(function(){var a=navigator.userAgent\|\|navigator.vendor\|\|window.opera;return\/(android\|bb\\d+\|meego).+mobile\|avantgo\|bada\\\/\|blackberry\|blazer\|compal\|elaine\|fennec\|hiptop\|iemobile\|ip(hone\|od)\|iris\|kindle\|lge \|maemo\|midp\|mmp\|mobile.+firefox\|netfront\|opera m(ob\|in)i\|palm( os)?\|phone\|p(ixi\|re)\\\/\|plucker\|pocket\|psp\|series(4\|6)0\|symbian\|treo\|up\\.(browser\|link)\|vodafone\|wap\|windows (ce\|phone)\|xda\|xiino\/i.test(a)\|\|\/1207\|6310\|6590\|3gso\|4thp\|50[1-6]i\|770s\|802s\|a wa\|abac\|ac(er\|oo\|s\\-)\|ai(ko\|rn)\|al(av\|ca\|co)\|amoi\|an(ex\|ny\|yw)\|aptu\|ar(ch\|go)\|as(te\|us)\|attw\|au(di\|\\-m\|r \|s )\|avan\|be(ck\|ll\|nq)\|bi(lb\|rd)\|bl(ac\|az)\|br(e\|v)w\|bumb\|bw\\-(n\|u)\|c55\\\/\|capi\|ccwa\|cdm\\-\|cell\|chtm\|cldc\|cmd\\-\|co(mp\|nd)\|craw\|da(it\|ll\|ng)\|dbte\|

Chrome Cache Entry: 277

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 37828, version 1.0
Category:	downloaded
Size (bytes):	37828
Entropy (8bit):	7.994199601770781
Encrypted:	true
SSDEEP:
MD5:	50B140B1E97D859D6D0603414F4298EE
SHA1:	500E4872EE1BA9CF89F1BA626D64987B0F9AB5C9
SHA-256:	FDC9964050BFA24C27A3C76C6791B3674292A5F352CBC83D7A4DC49595BC3FB1
SHA-512:	55EF84E956A7943E3FC61A8A349E64E9F35B7DFC63402AB52B995F43A7CD4B1D2ACD300126DCDD610D0B106AF426848F998CCF154F712034422D242D6AD9130D
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Preview:	wOF2..............~....C..........................^...V..D?HVAR.'?MVARF.`?STAT.8'2..L+..\|.../~.....$.u....0..x.6.$.... .....e..([.lq...{En.0..I..h...[....-y2..)..@(.....T...K....$E.U.uA.b...AO..CU"O.W.]7..'............a.@...kF9.3.....xV..7.tg4#Ol.x}o.M...w...Q..))..-.i.R..&.P.......N..[F.C...x..9.\|.;......d$..L.<......=.M.S..HlLHr.#+.S}..+..C....D..'^..~.}..TeT`%.......^..$....0....1 A.. ...bm..]T.E...n;._Qqm....RK.....=....\{.h.O&.D$.U......YS U..i...@.:W........p..pS....-.w.EQwp@.....},.G.@,....0IAV....P...~..0.....8..f...5..Os...5..P...n&wS+.P:.7.e.$t~.s_...z..3..Z.....}.A..2Uj...@{.:Ln.}.t.....i.>Kl.."RQ..h.;.........%...eY.E?...W..00(.z.ml.J.TPP...........G...6.=.Z%...\T....W..q...9D.m...)6..1..\.....v7......U..jr..-i.c.3iL..,\..!...b.d.A...d..C.....Ra:Q.!.M,.e.SMC$$M.w..c.151=.m..o@.G$.X..P'..\|.E."..Z.k......i"......S8..@.d.....2..t..........{..X.]SN..$....K....j5..e..,.%...T..)+.";@.v...9.R..]......,...W.iY...f..r...Q.FY.P.#...X...S

Chrome Cache Entry: 278

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 32 x 32
Category:	downloaded
Size (bytes):	3208
Entropy (8bit):	7.524437732871687
Encrypted:	false
SSDEEP:
MD5:	17FCE89424A667970CEEDA47254E6B3B
SHA1:	3194AEAFD2E2298CD40365010BFFE9885BC47D01
SHA-256:	703D83346A5050796046240CD9CD899910E6ABCDD81379916828D77353BB5630
SHA-512:	450E38A4EEE6BC721E0CA70F9A67F47377BEFE32B3D6ACF1DF9A0F512EF3D6473701877CAFEB5530A90E024BE6BC8CCE4B54B3DE542849F2291E2F4F3F035C12
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/images/corp-iris/loading-indicator.gif
Preview:	GIF89a . .................................................!..NETSCAPE2.0.....!..Created with ajaxload.info.!.......,.... . ......Iia....bK.$.F...R.A.T.,..2S.05//.m.p!z...0...;$.0C....I!.HC(A@.o...!39T5.\.8)....`..d..wxG=Y..g...wHb..v.A=.0.V\.\.;........;...H.........0..t%.Hs..rY<H..........b..Z.b.OEg:...GY]..=.A.OQ.s....\b.h.9.=sg...c..e....*...f.7D..!.......,.... . ......IiY...YF5..F..R..Tb.G.J....L..d...&.Ymx...... \...@........ ....1..&R....H..4.1Q..\|V..%.z.v...#j0....l.Gg{0~..<.<..[.[.h.x..G...y.........[.0....G.....P.z...h...kz..i....y....h\|z.h.G..V.......\h..[........&.+..W.7.8...!..!.......,.... . ......I)1....1G5d].(..R..T2..jL.{..< .[.5.M....0..)... L...I...m..E..`....p..U....^f.%..^.......u.;..zz.}0.X....S0.ew.y.k<..%..O.......z..{....\|......%......F.i.1.0......Y.....8.x.....z..@....<...............8..Y<......8.\.P.$...!......!.......,.... . ......I.....g.EU... .R.a.TB.....p>'...e..$.."...\.#E1C.n.....~...J.,..,Aa.....Uw^4.I%P....u.Q.33.{0..i1T

Chrome Cache Entry: 279

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1160x290, components 3
Category:	dropped
Size (bytes):	24538
Entropy (8bit):	7.771120579189649
Encrypted:	false
SSDEEP:
MD5:	CFBB425E4A45C37960ADFA795DFB7EE0
SHA1:	3E3970B8341D022F16F524F9DF1D12A4B7FC7E60
SHA-256:	EA2B15FCD0516E76FCDC852AD80E74574C3C4879174E0022A5E743695C2B19A4
SHA-512:	02C8DEB1AEB0B2C74ACADE4188A92F751B0D6D67F7FD0CDC14942E9DA783EFB98504EA9A9EED4BEBDA83E16F52AABE18123729750599840B21E6CF8402394274
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100................................"..........C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......"...."........................................T............................!1Q.Aa.2RTUq......"67rt.......5Bs.#&3Db.8u...$%'C4Ed..................................:.............................!123RSbcq..4AQ."a.....#5...............?.....G.K?j..v3..U....~.&........................*ks...5...v....."`c..Ft..k'h.5...^d-N......g^d-N.~ L..u.D.:./:....:......g^dL.3...1.y.3..K..u.D.:./:....:......g^dL.3...1.y.3..K..u.D.:./:....:......g^dL.3...1.y.3..K..u.D.:./:....:......g^dL.3...1.y.3..K..u.D.:./:....:......g^dL.3...1.y.3..K..u.D.:./:....:......g^dL.3...1.y.3..K..u.D.:./:....:......g^dL.3...1.y.3..K..u.D.:./:....:......g^dL.

Chrome Cache Entry: 282

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	364
Entropy (8bit):	4.561528284615616
Encrypted:	false
SSDEEP:
MD5:	45100DDBE4FB816CA7BA9F16F494964A
SHA1:	B7A62A6E65E6CBF915B895CE14952250387295D9
SHA-256:	CCE2184EC089BABC70DED47B8474C543F6A5FF013E4BFD9DBAE8689489BB13BA
SHA-512:	08D730DB7FF2E5EE9BEF496CAC3341ECDEC96D579FD034087813FC9CBC87008824EE9577409BCB6002815FD441A7A05EF1B860A6340E59AFEF5181CB2665D674
Malicious:	false
Reputation:	unknown
Preview:	(function(w,d,c,k,a,b,t,e) {. var cs = d.currentScript;. if (cs) {. var uo = cs.getAttribute('data-ueto');. if (uo && w[uo] && typeof w[uo].setUserSignals === 'function') {. w[uo].setUserSignals({'ea': c, 'kc': k, 'at': a, 'bi': b, 'dt': t, 'ec': e});. }. }.})(window, document, false, false, false, false, false, false);..

Chrome Cache Entry: 283

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Category:	downloaded
Size (bytes):	23580
Entropy (8bit):	7.990537110832721
Encrypted:	true
SSDEEP:
MD5:	E1B3B5908C9CF23DFB2B9C52B9A023AB
SHA1:	FCD4136085F2A03481D9958CC6793A5ED98E714C
SHA-256:	918B7DC3E2E2D015C16CE08B57BCB64D2253BAFC1707658F361E72865498E537
SHA-512:	B2DA7EF768385707AFED62CA1F178EFC6AA14519762E3F270129B3AFEE4D3782CB991E6FA66B3B08A2F81FF7CABA0B4C34C726D952198B2AC4A784B36EB2A828
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Preview:	wOF2......\........,..[...........................z.p.`..D....e........]..B..6.$..v. .....E.K...5c[R..V.Vr!.....$....@n..P.....'%.1....."A...#H:.T.6.JL.7.g..7..x....N"..,h....R3..u.T..A.._O..f=Mu.e.....0.c.0.FV.q....m;8..J.t.-.%."......&..2...!\....n..]Lx..:......S/F.V.rf%..#.Uk}....X.1n..V.\|.O..aC ."...#..>..n.... $;.....y.5..\|>...;@..Q.D........FT...r=p.Llf...J.3..{Z.. t]Rp.N..Z..7"B..,D.0s..."o..V<...#.N.WZ...m.\......Pb....#:z...B......~w.....J.ABQ.u<.8j..m..r2.....Aq.fNY...P..c.L+......v.n..yV.w......l......H...,..2.."v.......R.V.[...s......@..L....CS..'....Z.2..o......).4.H{C.%..?.%^...#.A.]..[....._&.[~1..j.P..`.......=......[.D7h..5...s......d'.....,....?...6.;....f..(M.CV.....R..q.c.....4.6.k.V.h/..........H..?u..!mq5...9@..0YA9.M..:..reS.;._......K...\..S.^.2..Fv.l~'l..U.TN....OXv..]..`.X1w.4E.t%a...2!.c.R.............t.'Hc...2.8...K.w..p@..T..RZ.@..)}..'+.7s1..... . -.....E7<...C.J.D....Iw-...u...m.K.\e..>..*....7y\|{........G..d13g].t.%.y<..

Chrome Cache Entry: 284

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9878)
Category:	dropped
Size (bytes):	9931
Entropy (8bit):	4.957279642077239
Encrypted:	false
SSDEEP:
MD5:	F661A688D0EB115B0D33BBEEA209B93D
SHA1:	2E69E8004B41918742CE21FF770688C992C77B1D
SHA-256:	3EB1DD0A9EA5CD8318BFE26B02FF0168CAC14DB210C50F77FD28421832EC52C1
SHA-512:	159820F48227BE8D7125BC83B4E4AB01FD3161DCC6074FF81CB120EB83B3F6E0DDF86DE54B313351545A20931BE0EC12C0E033CC510134821B413CE380B9BC07
Malicious:	false
Reputation:	unknown
Preview:	define("@widget/LAYOUT/c/bs-boldOutline-e1892f15.js",["exports"],(function(e){"use strict";const l=(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M19.62 19.29l.026.71h-2.421l-.028-.658c-.119-2.71-2.48-4.833-5.374-4.833-2.894 0-5.254 2.123-5.373 4.833L6.421 20H4l.027-.71c.098-2.56 1.658-4.896 4.04-6.135-1.169-.99-1.848-2.402-1.848-3.9C6.219 6.357 8.733 4 11.823 4c3.09 0 5.605 2.357 5.605 5.255 0 1.497-.68 2.909-1.85 3.9 2.383 1.239 3.944 3.574 4.041 6.135zM11.822 6.273c-1.754 0-3.18 1.338-3.18 2.982 0 1.645 1.426 2.982 3.18 2.982 1.754 0 3.18-1.337 3.18-2.982 0-1.644-1.426-2.982-3.18-2.982z"});var a={__proto__:null,account:l,person:l,magGlass:(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M16.083 14.688l3.833 3.764-1.481 1.455-3.878-3.807a6.746 6.746 0 0 1-3.808 1.167C7.028 17.267 4 14.29 4 10.633 4 6.976 7.028 4 10.75 4c3.72 0 6.748 2.976 6.748 6.633 0 1.467-.5 2.894-1.415 4.055zm-.673-4.055c0-2.52-2.09-4.569-4.66-4.569-2.57 0-4.66 2.05-4

Chrome Cache Entry: 285

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5552)
Category:	dropped
Size (bytes):	70302
Entropy (8bit):	5.333387359759887
Encrypted:	false
SSDEEP:
MD5:	C22C390CDC6C37AF1CDC9441BC2A28C1
SHA1:	C545ED7EBF6F92FF2F64A489C7BB0E5133BB9327
SHA-256:	BFD98D5798910F72DB23A84228EBC9E105BFA4E3511B6FC90796E209FDB074AC
SHA-512:	9A5108970A0D2D3F5B23C9DECDD838CB69F588C5C91619AFAD490D42E71E162C93E2FC8E408817A9354E517BEE57D4EFFEB18CFB28B764291247879C22321E3C
Malicious:	false
Reputation:	unknown
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 289

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	35
Entropy (8bit):	2.9889227488523016
Encrypted:	false
SSDEEP:
MD5:	28D6814F309EA289F847C69CF91194C6
SHA1:	0F4E929DD5BB2564F7AB9C76338E04E292A42ACE
SHA-256:	8337212354871836E6763A41E615916C89BAC5B3F1F0ADF60BA43C7C806E1015
SHA-512:	1D68B92E8D822FE82DC7563EDD7B37F3418A02A89F1A9F0454CCA664C2FC2565235E0D85540FF9BE0B20175BE3F5B7B4EAE1175067465D5CCA13486AAB4C582C
Malicious:	false
Reputation:	unknown
URL:	https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=268746&d=sugarsync.com&u=D1C0A03C9B35375E4941260F3043CD10C&h=e137129166dd7bbfd1032565c528f81e&t=false
Preview:	GIF89a.............,...........D..;

Chrome Cache Entry: 292

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 22504, version 1.0
Category:	downloaded
Size (bytes):	22504
Entropy (8bit):	7.9897727403675995
Encrypted:	false
SSDEEP:
MD5:	1C6C65523675ABC6FCD78E804325BD77
SHA1:	898D9808304DC157F5DCB18CA169EC6E2B96B3D7
SHA-256:	08664859BAAB5ED98F0BF818ED77E38464FF1826DC6406D5ECBD651409AFBD92
SHA-512:	1505E8496C9BEE214C5F8815F8D88A31FFE2BAEB6FBA81A8228BD52220B9B2BB10464C1E1DBA11D6881583DFA478CDFB30A79CFA6F069C362FB65443FEB06918
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Preview:	wOF2......W..........W...........................z.p.`..D....e........Q..B..6.$..v. .....E.K...%...v.H$..F".... .ef ..D..[g..Nr"c.....U{AA.i.L.0.zkT.P.......BV.q.....`6.....>...[...E:4..d^.7..L......vL.\..xL..f.......T.....I......%.>+...95.N...<].....h.o7..).-....]R#..]....I..(W9..P........((...E....i}.eY.ys.y..^....k....9.s_....I...&D..Zf.C.1...CnfxQb....#.K..]....^.;3..~.@...V......:i..9...6.vU2+D.z...U......N.%..d....%...s.7...NM...I.i...<v....:.B...{..B..>.T$..@+....\|Y.>........8..Wo......r./..r.hJ...a.Dm......f..Uk...F..k......f.\...L.....s..."M......k{Ib.%.E"C...J..Jj[.Y.;...d..@........A.}....+1). m.t~...-.f...J..Cu.Z]umgqZJ..IN........c.8"v.L.q.CzU..v...{.5U....WJ.:o..<...j}...J.Dif.f~.g....N.do.~.U......x....AJ"A.)..H.I.D......:...1X..~.....W.LE.......).q.Q......K.\..rw]p......)}xP...Zj.@...(B.8.!..9$Va.8...Q....o...k...LB.j.......l.0.G.B\|Q.o.j.U.vg+k.#.0.<8.....Z...xQ...m....x..s3.....d`....;.+..smW.8A.d..._........D...%..'.

Chrome Cache Entry: 293

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	372
Entropy (8bit):	4.856292246994109
Encrypted:	false
SSDEEP:
MD5:	E37AC7CB4F928DE809FCB75D551A823B
SHA1:	E1BAA9549E9A569E1C35F5537A6FDCF7C4AF1EBA
SHA-256:	652975D62150BD7235354C50548E2DE1AE504384ADA269A163C613D9D58AE7BA
SHA-512:	882481DACE16B5E680056EBA913A8536E668FC30DD522D1400948E974E8BB0E8B83E9CAE9FFED0C2C358BF93D7DBECD456A33E26EB083C118F22C234918B4742
Malicious:	false
Reputation:	unknown
Preview:	//#DWR-REPLY..if (window.dwr) dwr.engine._remoteHandleBatchException({ name:'org.directwebremoting.extend.ServerException', message:'The specified call count is not a number' });..else if (window.parent.dwr) window.parent.dwr.engine._remoteHandleBatchException({ name:'org.directwebremoting.extend.ServerException', message:'The specified call count is not a number' });..

Chrome Cache Entry: 295

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5776)
Category:	dropped
Size (bytes):	5846
Entropy (8bit):	5.241205967162841
Encrypted:	false
SSDEEP:
MD5:	9686DC1807B7777BAC2458ADD0DBB7AE
SHA1:	386793F761D9FDBF5E23C15619D1B8D7E92F24DF
SHA-256:	1BC08285EB17463052A19C87F5D996446C500D474B3C0ABDD25F7F50FBCAD1EA
SHA-512:	908043C8F604A1C0FEF10CD2A341E6352C691324611440419D6F97B142BA50CA12A499F7A2B3C775CC4A4E9286FCBC4B7E3C6F461A0E49DAF27FA2AFF5C19DE3
Malicious:	false
Reputation:	unknown
Preview:	define("@widget/LAYOUT/bs-layout16-Theme-publish-Theme-284ccd50.js",["exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-index3","~/c/bs-themeOverrides","~/c/bs-boldOutline","~/c/bs-defaultSocialIconPack","~/c/bs-loaders","~/c/bs-overlayTypes","~/c/bs-index"],(function(e,t,r,o,n,a,s,i,l){"use strict";const{colorPackCategories:d,buttons:g}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,{LIGHT:u,LIGHT_ALT:c,LIGHT_COLORFUL:m,DARK:p,DARK_ALT:h,DARK_COLORFUL:y,COLORFUL:b,MVP:f}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants.paintJobs,x={[i.F]:"none",[i.b]:"none",[i.I]:"category-solid",[i.B]:"none",[i.L]:"category-overlay"},C={defaultHeaderTreatment:i.F,imageTreatments:x};var S={id:"layout16",name:"retro",packs:{color:"#00C8C5",font:"cabin"},logo:{font:"primary"},packCategories:{color:d.ACCENT},headerProperties:{alignmentOption:"center"},headerTreatmentsConfig:C,paintJobs:[u,c,m,b,y,h,p],defaultPaintJob:f,buttons:{primary:{fill:g.fills.SOLID,shape:g.shapes.SQUARE,decoration:

Chrome Cache Entry: 296

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10071)
Category:	downloaded
Size (bytes):	10220
Entropy (8bit):	5.498216965068644
Encrypted:	false
SSDEEP:
MD5:	892A543F3ABB54E8EC1ADA55BE3B0649
SHA1:	5847ED101F55D51C53538A7078971E7DE8FB6762
SHA-256:	8677971B119CCDB82AF697FF0E08F218490D15116F221D44301F1CC8797E67D4
SHA-512:	DE1984908768117CC0F2CDFAAB103352EA53A343F4B46C9F02F2A99C0458739CCE5938AEC2762EC750D3F09B74311A66DAFAB51657AC2229B9F67B796F3C6953
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/resources/js/flash/swfobject.202405150938.js
Preview:	/.SWFObject v2.2 <http://code.google.com/p/swfobject/> ..is released under the MIT License <http://www.opensource.org/licenses/mit-license.php> ./.var swfobject=function(){var D="undefined",r="object",S="Shockwave Flash",W="ShockwaveFlash.ShockwaveFlash",q="application/x-shockwave-flash",R="SWFObjectExprInst",x="onreadystatechange",O=window,j=document,t=navigator,T=false,U=[h],o=[],N=[],I=[],l,Q,E,B,J=false,a=false,n,G,m=true,M=function(){var aa=typeof j.getElementById!=D&&typeof j.getElementsByTagName!=D&&typeof j.createElement!=D,ah=t.userAgent.toLowerCase(),Y=t.platform.toLowerCase(),ae=Y?/win/.test(Y):/win/.test(ah),ac=Y?/mac/.test(Y):/mac/.test(ah),af=/webkit/.test(ah)?parseFloat(ah.replace(/^.webkit\/(\d+(\.\d+)?).$/,"$1")):false,X=!+"\v1",ag=[0,0,0],ab=null;if(typeof t.plugins!=D&&typeof t.plugins[S]==r){ab=t.plugins[S].description;if(ab&&!(typeof t.mimeTypes!=D&&t.mimeTypes[q]&&!t.mimeTypes[q].enabledPlugin)){T=true;X=false;ab=ab.replace(/^.*\s+(\S+\s+\S+$)/,"$1");ag[0]=par

Chrome Cache Entry: 298

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5268)
Category:	downloaded
Size (bytes):	274269
Entropy (8bit):	5.5604290066287
Encrypted:	false
SSDEEP:
MD5:	637FC1F25BF13B4C885B643C4EE15D0F
SHA1:	5C53D360C189A0BFFCACB3E61D5FC087C9BC273F
SHA-256:	65DFDDD66197F080B73D0799EC2187EEC524B1CA762BBC4F37570CB1530F4FE9
SHA-512:	8E1847C191C4E99C878370E3DD4BD6E5BA350D80AC690288C0BE5523F262BB3DE62C3F0FA055C54DBB1A625D9F9C5A7102E6EDEE7CF8136582D8C86B4EE51FBE
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/destination?id=AW-1052447870&l=dataLayer&cx=c&gtm=45He51t0za200
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_1p_data_v2","priority":2,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_autoEmailEnabled":true,"vtp_autoPhoneEnabled":false,"vtp_autoAddressEnabled":false,"vtp_isAutoCollectPiiEnabledFlag":false,"tag_id":4},{"function":"__ccd_ads_first","priority":1,"vtp_instanceDestinationId":"AW-1052447870","tag_id":7},{"function":"__rep","vtp_containerId":"AW-1052447870","vtp_remoteConfig":["map","enhanced_conversions",["map"]],"tag_id":1},{"function":"__ccd_ads_last","priority":0,"vtp_instanceDestinationId":"AW-1052447870","tag_id":6}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"},{"function":"_eq","arg0":["macro",0],"arg1":"gtm.init"}],. "rules":[[["if",0],["add",2]],[["if",1],["add",0,3,1]]].},."runtime":[ [50,"__ccd_a

Chrome Cache Entry: 300

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (786)
Category:	downloaded
Size (bytes):	842
Entropy (8bit):	5.258991916821592
Encrypted:	false
SSDEEP:
MD5:	31B521136207C11FF1F9985264424E8A
SHA1:	9EAF6B9717979CAEB5C7E846E17B2A89A08DC266
SHA-256:	C818B56446AE5A8D0466FC9C51D85104584E36F6D8B1C77E08A2D354E845E2CD
SHA-512:	DB2A8825F8C67B6361B86F5BB1DEE38089DD57E5E74ECBA335EF7D82D9D5E5AD3F64C07195FCDF700415F6F09B11BDB6A20410462ABAEC443335F19ACF8265B1
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-themeOverrides-e736c017.js
Preview:	define("@widget/LAYOUT/c/bs-themeOverrides-e736c017.js",["exports"],(function(e){"use strict";(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.a=e=>{let{sectionHeadingHR:t}=e;return t?{sectionHeadingHR:t}:{}},e.b=e=>{let{sectionHeadingColor:t}=e;return{HIGHLIGHT:{style:{color:"highlight"}},HIGH_CONTRAST:{style:{color:"highContrast"}}}[t]\|\|{}},e.c=e=>{let{sectionHeadingSize:t}=e;return t?{style:{fontSize:t}}:{}},e.s=e=>{let{sectionHeadingAlignment:t}=e;return{LEFT:{style:{textAlign:"left","@md":{textAlign:"left"}},alignmentOption:"left"},CENTER:{style:{textAlign:"center","@md":{textAlign:"center"}},alignmentOption:"center"},RIGHT:{style:{textAlign:"right","@md":{textAlign:"right"}},alignmentOption:"right"}}[t]\|\|{}}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-themeOverrides-e736c017.js.map.

Chrome Cache Entry: 302

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 24408, version 1.0
Category:	downloaded
Size (bytes):	24408
Entropy (8bit):	7.9925104649213425
Encrypted:	true
SSDEEP:
MD5:	EFEE2D080D7BEBDD2E0AEB2E030813A0
SHA1:	F8D38F9F9584E48C2E469877EBD94232265585F1
SHA-256:	BCA1D88ADA544D9C80872D4DA27133FAB6D347361FA26E932B47EC9559088FD0
SHA-512:	16C55AD46A26E0AF340F2B8A89BD98C1CCAD5C976B434AAFA7D1D8CD5049B40A58C5350FA42029710C9DD8040E7CEA05E57979731B941086CA096239169F4F3C
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Preview:	wOF2......_X..........^...........................H.p.`..D....e.....t..o..B..6.$..v. .....E.K...%.E.. >.t1.`......<........%r.y.%.@g..L..^.n..>j?.Ve...~.U............Im.-...3..S....).K.....l..m6.D.hv.;.'~%v.a.D>...Se...i..Z........O....gv.(.$.2IDT...2.q.`.6..i`..&...J.H...FcD..,...".[?.~...B.c...<T..<.r..s..D.....&c.@...i\.........[Z.h.....8.1............-.h.u......=.a.Y`..P....HP.r.....V2..D.xJu.....S.m..gr5/@v.>8.]......RW......z.A....am..z...(.4...i....&.Zd......u.{G3...H......[...$..o[.-.../]....d....Q....x..Q.o..Y,...8.i-...!..Fn]N.....D_..q...n..)&..).......x&.r:.D....d.M.m..6....M.V.....n.....h.l(?..8 d../.v.......>..ED$...B..e.T.Q.Jh.........=......'n..LH...UX.......JW..J..d...-Gp..ncuR.$\.&.......H.p..t.........lw9,.......?.\|g....{ed.C"e....f..OvPXE..i.t.K.x<x0!.cj........miy...kb.........jd.\{...E......n>.vj;...U.D.b..a4..\H.$........A.....*..vl..IH..!. J3\Nm............l.....?t..#CO.......^...\.......w...`'.....

Chrome Cache Entry: 303

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 21508, version 1.0
Category:	downloaded
Size (bytes):	21508
Entropy (8bit):	7.9880543334499885
Encrypted:	false
SSDEEP:
MD5:	24B8A8ABBEC56AB127ADC36E35F49BB3
SHA1:	0906975D70856EF3DF1AE3D91DB5D29687981C3F
SHA-256:	A79B4C65B454A795FF3868156F54BE09AC8360B9FD3BA21431B5C48FD9B66AFA
SHA-512:	1B60C792D65E363D9B4F190EC897685086685940D823D527BC3F4406127F556377A02AC7E8853A82275B0606C579B014006D42BAEE59D7B3B16AA92A335A9078
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6u8w4BMUTPHh30AXC-q.woff2
Preview:	wOF2......T...........S...........................z.p.`..`..D....s.....,..X..6...L.6.$..h. ..&..p.r...9..v. "...k{o>.1.a..J..^...:R........."c&...z...+.E&.6L.@....d.(.XV....&9...&.C.....8...Mz...4.\...p.......z...M5.X.joZ..V...`^.\|..2.q.8..i..A.....h.+.BC.n...-r+..d.._7....Z%........0.aL.'].?.H...d..r..%+.\|y.,....x..K..z5R..Y......L.Y}R..........I..j....3.{..0 ..%.G`Y..B.....s6....n...CD4."..%..)....T..B.D.5.....r4.2.l9..3[.n.7.1......?.../[\V.z-.IWt...TB#4B#4B#4B#..HSs.$...,-.b2.m..s3..(..>.."H.e#..u{.Z...M.O.E.Q........fg.f..1.N..^..2i K...W.'&X a~.%T.Wo.L.e&._O.....U....~..^.:..q....L..<.px\....$C....].#(.k..g^.^.;..Z.5..WK....d...[.G.\|p..C#......Z.........1.......`D..r.7..~.\|.......>9@.x...]T.KNdt....{.......9...l@....km...6..;...~.&.............?... ..#.....VW.>.k^.l.3......;P4....A.m..FHNx..w.e..4.j.+.^.R.T.TJ.........<....w...P#W"...&...6[4..T.G.]..<.DH...Q......p.2.L..$..@.........o..).a.)W<8n...v..t..G,w..ag:%.T9cv.........

Chrome Cache Entry: 306

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (12047)
Category:	downloaded
Size (bytes):	37188
Entropy (8bit):	5.584291119108781
Encrypted:	false
SSDEEP:
MD5:	B7B7570E53A90E2C1CCB6B1815E0A707
SHA1:	4D0E516B45BD0FF999910EA3DFB416F44EA3245F
SHA-256:	54831AD84949209D4945C6BAE9867F11CE65850DD01D53A9C016CCA7FFDD3241
SHA-512:	C643740FC52997C2B418EE77D2AB8897219FE122C14707EBEF7E5F3899352682F15073B2791E28F0C27296CC3BC1454382DD5F29FD5E590C19F6E66622ED5E09
Malicious:	false
Reputation:	unknown
URL:	https://8fb8895e6829.godaddysites.com/
Preview:	<!DOCTYPE html><html lang="en-ZA"><head><meta charSet="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width, initial-scale=1"/><title>2fa</title><meta name="author" content="2fa"/><meta name="generator" content="Starfield Technologies; Go Daddy Website Builder 8.0.0000"/><link rel="manifest" href="/manifest.webmanifest"/><link rel="apple-touch-icon" sizes="57x57" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:57,h:57,m"/><link rel="apple-touch-icon" sizes="60x60" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:60,h:60,m"/><link rel="apple-touch-icon" sizes="72x72" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:72,h:72,m"/><link rel="apple-touch-icon" sizes="114x114" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:114,h:114,m"/><link rel="apple-touch-icon" sizes="120x120" href="//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.

Chrome Cache Entry: 307

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (20947)
Category:	downloaded
Size (bytes):	24399
Entropy (8bit):	5.2375624098374
Encrypted:	false
SSDEEP:
MD5:	753CB19EE1A756E46FAA0F118B1B4E01
SHA1:	248885E3BFE7E71989BA9FFFB33B6EFF18166FEC
SHA-256:	ED9FFA2FBA5ECC75AF2F99E6EBADD5B927086F258037C2A848E94449CC579991
SHA-512:	4482C4D5F2F93DE8E095C549994A7783FA55CD1A6C4C9CC5E697CC2E2F00C98B04D5CB958CC1ADC4D0EF67F300BE014E112AE1D992487F40EB25BC93E8B47AAA
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js
Preview:	define("@wsb/guac-widget-shared/lib/components/Carousel-3d82957b.js",["exports","~/c/_rollupPluginBabelHelpers","~/c/_commonjsHelpers","~/c/interopRequireDefault","~/c/_react_commonjs-external"],(function(e,t,n,i,r){"use strict";var s=n.c((function(e){function t(n){return e.exports=t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e.exports.__esModule=!0,e.exports.default=e.exports,t(n)}e.exports=t,e.exports.__esModule=!0,e.exports.default=e.exports})),o=n.c((function(e){var t=s.default;function n(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,i=new WeakMap;return(n=function(e){return e?i:t})(e)}e.exports=function(e,i){if(!i&&e&&e.__esModule)return e;if(null===e\|\|"object"!==t(e)&&"function"!=typeof e)return{default:e};var r=n(i);if(r&&r.has(e))return r.get(e);var s={},o=Object.defineProperty&&Object.getOwnPropertyDescr

Chrome Cache Entry: 308

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4942), with no line terminators
Category:	downloaded
Size (bytes):	4942
Entropy (8bit):	5.472872874798736
Encrypted:	false
SSDEEP:
MD5:	DD83E3C5C25EDC9BEF62E40DC4722387
SHA1:	7CB549BA59FFC8842799FB967F436CF08B4BEF49
SHA-256:	751554B9BD3AC9886A3837CCD49A6C1589B9EE715A0972A020EE841A7B1119ED
SHA-512:	3D8D63A43A5F5139EC13338CF8873E118261E2D79B58299B33BCB5B7449799985FE3D9E3AE1CFB1E6D85C2BAC156EB9ED8C1BAADF65F1A960EBD51CB71E92100
Malicious:	false
Reputation:	unknown
URL:	https://dev.visualwebsiteoptimizer.com/j.php?a=268746&u=https%3A%2F%2Fwww.sugarsync.com%2Fpf%2FD4981104_043_6546057047&r=0.8160894882075054
Preview:	try{(function(){window._VWO=window._VWO\|\|{};var aC=window._vwo_code;if(typeof aC==='undefined'){window._vwo_mt='dupCode';return;}if(window._VWO.sCL){window._vwo_mt='dupCode';window._VWO.sCDD=true;try{if(aC){clearTimeout(window._vwo_settings_timer);var h=document.querySelectorAll('#_vis_opt_path_hides');var x=h[h.length>1?1:0];x&&x.remove();}}catch(e){}return;}window._VWO.sCL=true;window._vwo_mt="live"; var gcpfb=function(a,loadFunc,status,err,success){function vwoErr() {_vwo_err({message:"Google_Cdn failing for " + a + ". Trying Fallback..",code:"cloudcdnerr",status:status});} if(a.indexOf("/cdn/")!==-1){loadFunc(a.replace("cdn/",""),err,success); vwoErr(); return true;} else if(a.indexOf("/dcdn/")!==-1&&a.indexOf("evad.js") !== -1){loadFunc(a.replace("dcdn/",""),err,success); vwoErr(); return true;}};window.VWO=window.VWO \|\| [];window.VWO._= window.VWO._ \|\| {};window.VWO._.gcpfb=gcpfb; window._vwo_cdn = "https://dev.visualwebsiteoptimizer.com/cdn/"; window._vwo_apm_debug_cdn = "https:

Chrome Cache Entry: 309

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	221
Entropy (8bit):	5.32955468303281
Encrypted:	false
SSDEEP:
MD5:	8F12765EB30FBDCFCDC116D13F7FC272
SHA1:	506E45B7D3930756EACCE0DAD449A3C8CDB3EAC6
SHA-256:	265995EB76326E95613750F6F6570B850F5C22280D262DE9B9632A16CEB98B9B
SHA-512:	7AA2F396B105BCCF2B943FD2AC60929D8BF3A0EB8574B77451CB29816DF8ACDCD07694B526D7E4585F849DFDA3A0FE6E95661179E13F682DBF54098D98154BFB
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js
Preview:	define("@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js",["exports"],(function(i){"use strict";i.N="-249vw"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-navigationDrawer-27f5f1f5.js.map.

Chrome Cache Entry: 311

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	105560
Entropy (8bit):	5.173099073295946
Encrypted:	false
SSDEEP:
MD5:	6837678401F602120E41C9EAA7A7E915
SHA1:	A1F801D56B6666BDDED519DE10A8F04B9257AE0E
SHA-256:	DAE89C4D8697DC845428A11C2BDE64334AB65738EE97F598414D857B5D9D3FD2
SHA-512:	F0B529B9BED94C6EAC30FDB59CB1C2D347D78015B06C5D11577B12B2312A63D8D1AE684E5C05B7DE979EAEB848A337C20E7B00E089ADB2802B772A9690A005BF
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("scc-c2",[],e):"object"==typeof exports?exports["scc-c2"]=e():t["scc-c2"]=e()}(self,(()=>(()=>{"use strict";var t={d:(e,n)=>{for(var r in n)t.o(n,r)&&!t.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:n[r]})},o:(t,e)=>Object.prototype.hasOwnProperty.call(t,e),r:t=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})}},e={};t.r(e),t.d(e,{_isDebug:()=>v,debug:()=>w,error:()=>h,info:()=>m,log:()=>m,setDebug:()=>b,warn:()=>g});var n={};t.r(n),t.d(n,{cmdLogEvent:()=>Ki,cmdLogPerf:()=>Gi});var r,o,i,a,c,u=(r="",i={document:o=Object.create({get cookie(){return r},set cookie(t){r=t}})},a={},"undefined"==typeof window?{window:i,document:o,navigator:a}:{window:window\|\|i,document:window.document\|\|o,navigator:navigator\|\|a}),f=function(){return u.window},s=functi

Chrome Cache Entry: 313

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (52002)
Category:	dropped
Size (bytes):	61067
Entropy (8bit):	5.351592874563313
Encrypted:	false
SSDEEP:
MD5:	E24414A8DBEF9B575372472AD083EBEF
SHA1:	8315F019D72E4149138617331A3F49B8FD96C044
SHA-256:	E870ABF437E788E34F9E50BB281DB676920C15196BDF24B338D79E976F9CBD47
SHA-512:	52330A76F13469F5915DB48B0778BB4BABF58567CB298921A8ED7CD01EFD27481E36D09A3C0E610ABAA0DABA71365AD71FDB396520DBF80CF83023B66110F02B
Malicious:	false
Reputation:	unknown
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Chrome Cache Entry: 314

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	427
Entropy (8bit):	5.037423177918122
Encrypted:	false
SSDEEP:
MD5:	C817E9E264AA1A08A72854FC82C94366
SHA1:	37E24CB47717C516F4F025BCE923CAF09361FE7D
SHA-256:	C07AF8E07AD04AD71DB19D105A0C4F34B3D90A29707032FDAAE232A2FF87E8AF
SHA-512:	F83727903651A1BD5D61977E2CFAA3DA752FC2E785DD9910DCEC18EED9F048D7CE5D5B1938736D7B37AD3F9813ABC9D5781936F588542D99A4438B6C9E8BDE86
Malicious:	false
Reputation:	unknown
Preview:	WebFontConfig = {. google: { families: [ 'Lato:400,700:latin', 'Montserrat:400,700:latin', 'Roboto+Slab:400,700:latin' ] }. };. (function() {. var wf = document.createElement('script');. wf.src = 'https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js';. wf.type = 'text/javascript';. wf.async = 'true';. var s = document.getElementsByTagName('script')[0];. s.parentNode.insertBefore(wf, s);. })();

Chrome Cache Entry: 318

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	595
Entropy (8bit):	4.9300002229657025
Encrypted:	false
SSDEEP:
MD5:	45AB947F002492FD17FA139987870C17
SHA1:	10AF9649340EBA9D69442D2E3304029DB994617C
SHA-256:	84608DC1F3A289D1E34C9943C94978BEB4F2DF796B012DA14721A4FDEE9A299E
SHA-512:	88AEAB36176A27076256800CA22903A122BA7D5184CB0487CBBD9FC3B126FD646192FA02337F88AF39F8597C8748F3E17D9FB817C9B475168820A0F4623F213A
Malicious:	false
Reputation:	unknown
Preview:	.// Provide a default path to dwr.engine.if (dwr == null) var dwr = {};.if (dwr.engine == null) dwr.engine = {};.if (DWREngine == null) var DWREngine = dwr.engine;..if (publicLinkPage == null) var publicLinkPage = {};.publicLinkPage._path = '/dwr';.publicLinkPage.newCSRFToken = function(callback) {. dwr.engine._execute(publicLinkPage._path, 'publicLinkPage', 'newCSRFToken', false, false, callback);.}.publicLinkPage.landingPagePublicLink = function(p2, p3, callback) {. dwr.engine._execute(publicLinkPage._path, 'publicLinkPage', 'landingPagePublicLink', false, false, p2, p3, callback);.}.

Chrome Cache Entry: 319

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1988), with no line terminators
Category:	downloaded
Size (bytes):	1988
Entropy (8bit):	4.980206857730233
Encrypted:	false
SSDEEP:
MD5:	C65C1D3644CE89EF5065B03AB871B884
SHA1:	497E06D788E2F750C6CF0907D3889E497609A2D8
SHA-256:	752D474D080E140B2AB1B85C787D54E53683ACAB9BA875728EE3AAF3DE0681AC
SHA-512:	B0BDDB005D375BF51D91D9856186EBD302A17E3624920C4D242732400A623768841D5A6011542449E11AC1001A0EE5B39551E4185BB2584575EC88BBB75DF762
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/public/css/min/custom-tooltip.css
Preview:	ul:first-child li.green:before{content:"\2713\0020";margin-left:-18px!important}ul .empty,ul .green{list-style-type:none}ul:first-child li.empty:before{content:"";margin-left:0!important;padding-left:0}ul:first-child li.empty:before{content:""}.ui-tooltip-content{margin:0 -10px -7px -10px;font-family:Lato,"Helvetica Neue",Arial,sans-serif!important;color:#f33!important;font-weight:500!important;font-size:14px!important;padding:0 10px 0 0!important;text-align:left}.ui-tooltip-content ul{color:#f33!important;font-family:Lato,"Helvetica Neue",Arial,sans-serif!important;font-size:14px!important;font-weight:500!important;list-style-type:disc;line-height:20px;margin-bottom:7px;padding-left:40px}.ui-tooltip-content li{text-align:left}.ui-tooltip-content ul.empty{padding-left:30px}.ui-tooltip-content li.green{color:#0ab162}div[id^=ui-tooltip].ui-corner-all{border:0 solid transparent!important}.box,.ui-tooltip{z-index:10000!important;border-radius:4px;max-width:350px;min-width:350px;box-shadow:

Chrome Cache Entry: 320

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	304
Entropy (8bit):	5.609970428503769
Encrypted:	false
SSDEEP:
MD5:	DAA79AD7558674F6A12D962ABF47F2F6
SHA1:	03EEA0EBEBD11EC14CFA5A651EB0ACA2604829A7
SHA-256:	604281887CD770ED21601933E9636A7A9C8A57A30D7D796AE7D760EEF64D5089
SHA-512:	B335EBCB0C982398C56D9A5F68F5D4E36A850AB139976BD94354C7CD18F1F370866A74F46FCD399F46E410D59AF7FBA890A17003BB4FD456DD43A6DE531D28F9
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js
Preview:	define("@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js",["exports"],(function(o){"use strict";o.D="DESKTOP_NAV_COVER",o.M="MOBILE_NAV",o.N="NAV_DRAWER",o.S="SIDEBAR",o.a="DESKTOP_NAV"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-searchFormLocations-c86f2a99.js.map.

Chrome Cache Entry: 322

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4533), with no line terminators
Category:	downloaded
Size (bytes):	4533
Entropy (8bit):	5.801772837041865
Encrypted:	false
SSDEEP:
MD5:	C721E42191F45FF4FF1D53FED3A1FAC6
SHA1:	D2090847F713B1B5131E823E0070001F2714880F
SHA-256:	B0F058C0F45B629DB93A4AAC5F401D063F62A2F6A85C44F78A7F0DF90F62784C
SHA-512:	437F393FE5F16FA58456EF08E424C26C50FF5670E64769D4B0630CC74CB3935B730413DE98DCB263F2F1EE38D5CDD079C3AF42694D4307933B379BB58C838C06
Malicious:	false
Reputation:	unknown
URL:	https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944328721/?random=1738219055254&cv=11&fst=1738219055254&bg=ffffff&guid=ON&async=1&gtm=45be51t0za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102081485~102123608~102482432~102539968~102546754&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.sugarsync.com%2Fpf%2FD4981104_043_6546057047&hn=www.googleadservices.com&frm=0&tiba=SugarSync&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()*1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{co

Chrome Cache Entry: 323

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	4550
Entropy (8bit):	5.145637663008931
Encrypted:	false
SSDEEP:
MD5:	6A8343DB6C0D76DC02907B41DD6958FE
SHA1:	A69596045C745AC2B0D702C2A5C994590CEF7966
SHA-256:	525C9BB002B1DC62E4A1ACFFA106B02155C67289816C4DC8C994CB135BE172C3
SHA-512:	2E7B050C6F1F993ED9E75ABC78194063B209D72BAF396E0EAB3463D6FFE1878131E5D05975A4B3D6A61A487370D89A61660B43B987EC168FF91BCF3991900497
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/resources/js/lib/ScPublicLink.202405150938.js
Preview:	var ScPublicLink = window.ScPublicLink = function() {..var publicFileLinkSendButton = "send_pf_button";..var publicFileLinkCancelButton = "cancel_pf_button";..var publicFileLinkSubmitButton = "submit_pf_button";....var closePanelCallback;..function initScPublicLink(_closePanelCallback){...closePanelCallback = _closePanelCallback;..}....//Send button..function sendPublicLink(){...//Disable buttons...$j("#"+publicFileLinkSendButton).removeClass("button_bl").addClass("button_disabled").unbind("click");...$j("#"+publicFileLinkCancelButton).removeClass("button_gr").addClass("button_disabled").unbind("click");...$j("#sendpubliclinkform").submit();...var pt = _gat._getTracker('UA-2126719-6');...pt._trackEvent('Email', 'Send', 'share public link via email');..}..../*.. Processes the response from the server when a send has finished... * This is called from an external jsp (sendPublicFileLinkSuccess.jsp).. */..function doneSendPublicLink(obj, hasError, captchaObject) {...if (!hasError) {....

Chrome Cache Entry: 324

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	unknown
URL:	https://events.api.secureserver.net/t/1/tl/event?dh=8fb8895e6829.godaddysites.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=1.0.1&vg=dd2753ca-b7c1-4846-9ac3-f407c1613f86&vtg=dd2753ca-b7c1-4846-9ac3-f407c1613f86&dp=%2F&trace_id=f18f1f31f5c24d5eb8a5441d22538852&cts=2025-01-30T06%3A38%3A07.940Z&hit_id=c1f80603-9866-4c0f-a681-f35556155b25&ea=click&ht=pageevent&eid=ux2.COOKIE_BANNER.cookie1.Group.Default.Button.Primary.232137.click&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%221812faaf-e56f-47cd-a093-05ce2655644c%22%2C%22pd%22%3A%222023-07-05T13%3A45%3A42.897Z%22%2C%22meta.numWidgets%22%3A3%2C%22meta.theme%22%3A%22layout16%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&ap=IPv2&vci=850822744&z=532094344
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 326

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (383)
Category:	downloaded
Size (bytes):	437
Entropy (8bit):	5.418011449016951
Encrypted:	false
SSDEEP:
MD5:	21AD22788E6CAA18A4E9E57F7372B108
SHA1:	50EBDD2452193BEAB7D1899F788FBBF32D90DD55
SHA-256:	0FE26F07B9E5D49590F55D31CBC381CA9337850F89B09940E3B384FCD6D26464
SHA-512:	4237775466FC3A94FE9FD769B9A186DBF8559FE5E06442EA107872462B1591DA2EBFC2786DD8D05495538428F668D940A4D851AE8E13DAFBBF8B763EAAD2F063
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js
Preview:	define("@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js",["exports"],(function(e){"use strict";const{headerTreatments:{FILL:n,FIT:t,INSET:o,BLUR:a,LEGACY_BLUR:c}}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants;e.A="accent",e.B=a,e.C="category",e.F=n,e.I=o,e.L=c,e.N="neutral",e.P="primary",e.a="none",e.b=t,e.c="light_dark"})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-overlayTypes-e1dbe765.js.map.

Chrome Cache Entry: 327

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16085)
Category:	dropped
Size (bytes):	412946
Entropy (8bit):	5.651686092842957
Encrypted:	false
SSDEEP:
MD5:	C588E2F3FEB15614383EA3A11CE9753D
SHA1:	553DB46B8D6A831F85D8C988E1DAA7910036B61A
SHA-256:	240207E86237FC9813EB27AEA3C4F1928FF6BCF8BD23719A9CC84E3304A13345
SHA-512:	0C9F5579B2B3DA0FFC73A9DAF8C6D2DB70B6AB77F8B8731B5F12C757DD31BBD9601957B34E3DE5F3091E8C55B32D1C86214EC9B9973973C81FEB4077CD22540C
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_ga_send","priority":13,"vtp_value":true,"tag_id":11},{"function":"__ogt_ip_mark","priority":13,"vtp_instanceOrder":0,"vtp_paramValue":"internal","vtp_ruleResult":["macro",1],"tag_id":13},{"function":"__ogt_referral_exclusion","priority":13,"vtp_includeConditions":["list","sugarsync\\.com","paypal\\.com","app\\.sugarsync\\.com","\\*\\.sugarsync\\.com","zuora\\.com","surveymonkey\\.com","support\\.sugarsync\\.com"],"tag_id":14},{"function":"__ogt_session_timeout","priority":13,"vtp_sessionMinutes":30,"vtp_sessionHours":0,"tag_id":15},{"function":"__ogt_1p_data_v2","priority":13,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType"

Chrome Cache Entry: 329

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (517)
Category:	dropped
Size (bytes):	1824
Entropy (8bit):	5.354080866353084
Encrypted:	false
SSDEEP:
MD5:	90AEF03626622AC57E268EC1528D948B
SHA1:	4C7C074B6876CCEEB3E7E6663AD940D66F7FE65B
SHA-256:	52E83ABE4017C00C16B71F133B16E287182496D6D10F584647FD2963F68C890A
SHA-512:	36AE743A9E0B67F5872500B980F7A1CA2AE629E2F6453A047B5DA3FFA11738F21C0791917AC1FFC8F9518EAF1166884BB2047691B090663C15CEAEDA1A2D03F8
Malicious:	false
Reputation:	unknown
Preview:	/. Quantcast measurement tag. Copyright (c) 2008-2022, Quantcast Corp../.'use strict';(function(d,k,h){var l=function(a){var b=h.createElement("a");b.href=a;return b},m=[/^http[s]?:\/\/((adservice.google.)\|([^\/]fls\.doubleclick\.net))\/.~oref=(?<url>[^;\n])/,/^http[s]?:\/\/[^\/]tealium.\/.page_url=(?<url>[^&])/],n=function(){if(k.top!==k.self){try{for(var a=0;a<m.length;a++){var b=h.location.href.match(m[a]);if(b&&b.groups.url){var c=decodeURIComponent(b.groups.url);break}}}catch(g){}return c?l(c):l(h.referrer)}return h.location},p=function(a,b,c){return a?"nc"===.a?!b\|\|!c\|\|0>b.indexOf(c):"eq"===a?b===c:"sw"===a?0===b.indexOf(c):"ew"===a?(a=b.length-c.length,b=b.lastIndexOf(c,a),-1!==b&&b===a):"c"===a?0<=b.indexOf(c):!1:!1},f=function(a,b,c){var g=n().href;p(b,g,c)?a(g):a(!1)},e=function(a){return"array"==={}.toString.call(a).match(/\s([a-zA-Z]+)/)[1].toLowerCase()?{labels:a.join(",")}:{labels:""+a}};try{__qc("defaults",d,{labels:"_fp.event.Default"})}catch(a){}__qc.apply(nu

Chrome Cache Entry: 330

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4551), with no line terminators
Category:	dropped
Size (bytes):	4551
Entropy (8bit):	5.8123141632188275
Encrypted:	false
SSDEEP:
MD5:	23C2F8C8654E7385B69E5E457279BD8C
SHA1:	8F70399D7F33840E0FFF006F616B1A3604C709E0
SHA-256:	A84974461924FC868354C91DAD9F349EC1C101EB8D94B14116F20BCCC76668E6
SHA-512:	3B73A1292E930236BB8B6969DE19217F70DBA214B5E5E34837CAB8810647F1E7DE4BC30B7691CB062F7EF8EB2C19FF6899E9CBC1FEEFE707A04E556C11AA966E
Malicious:	false
Reputation:	unknown
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()*1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{co

Chrome Cache Entry: 331

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2134)
Category:	dropped
Size (bytes):	13188
Entropy (8bit):	5.4223896155104025
Encrypted:	false
SSDEEP:
MD5:	7C96A5F11D9741541D5E3C42FF6380D7
SHA1:	D3FA2564C021CF730E58FFDDB138CF6B57ED126E
SHA-256:	81016AC6BE850B72DF5D4FAA0C3CEC8E2C1B0BA0045712144A6766ADFAD40BEE
SHA-512:	23C162A2E268951729B580E5035AD6CA9969CFCC5CE58A220817B912E76B38BE6C29C3CA7680CB4E8198863D95A72EA65BD06FF7189B5C8475E4C1CE501AEAB1
Malicious:	false
Reputation:	unknown
Preview:	/. Copyright 2016 Small Batch, Inc.. . Licensed under the Apache License, Version 2.0 (the "License"); you may not. * use this file except in compliance with the License. You may obtain a copy of. * the License at. . http://www.apache.org/licenses/LICENSE-2.0. . Unless required by applicable law or agreed to in writing, software. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the. * License for the specific language governing permissions and limitations under. * the License.. /./ Web Font Loader v1.6.26 - (c) Adobe Systems, Google. License: Apache 2.0 */(function(){function aa(a,b,c){return a.call.apply(a.bind,arguments)}function ba(a,b,c){if(!a)throw Error();if(2<arguments.length){var d=Array.prototype.slice.call(arguments,2);return function(){var c=Array.prototype.slice.call(arguments);Array.prototype.unshift.apply(c,d);return a.apply(b,c)}}return function(){return a.app

Chrome Cache Entry: 332

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 640x345, components 3
Category:	dropped
Size (bytes):	26822
Entropy (8bit):	7.792635298501242
Encrypted:	false
SSDEEP:
MD5:	A49F559A995FFEF628CBA86C71AA0C14
SHA1:	5E80D52A24E2D059613B3DC90D2D3EE60452E9FE
SHA-256:	1D1C5A556AC66995DFACAAE2E364186BF9DAAF2F1B241AA41F18BBB5259F1323
SHA-512:	BDDFB9C61C81A02E32D8C4AD6DE89FD9E5B6CA4A11E06DD712D5F44C6A66457E5A475AD681F211EDAA62BAD10D5456518D68BCDFEB59A2FDAC02868C28094F91
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*.............................J...........R.(...........i.........Z.......H.......H..............0210........0100...................................Y........ICC_PROFILE............0..mntrRGB XYZ ............acsp.......................................-....................................................desc.......$rXYZ........gXYZ...(....bXYZ...<....wtpt...P....rTRC...d...(gTRC...d...(bTRC...d...(cprt.......<mluc............enUS.........s.R.G.BXYZ ......o...8.....XYZ ......b.........XYZ ......$.........XYZ ...............-para..........ff......Y.......[........mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6...C....................................................................C.......................................................................Y....................................................................................d.....X-....A....p.D...!..A.x.(.....P.<.p..........[..1...d..........f.h...4........(....... ...............%../....><....= ..

Chrome Cache Entry: 333

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2343)
Category:	dropped
Size (bytes):	52916
Entropy (8bit):	5.51283890397623
Encrypted:	false
SSDEEP:
MD5:	575B5480531DA4D14E7453E2016FE0BC
SHA1:	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
SHA-256:	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
SHA-512:	174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
Malicious:	false
Reputation:	unknown
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u();v=v\|\|q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2\|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240\|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192\|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING\|\|[];w.TAGGING[a]=!0};var ba=Array.isArray,c

Chrome Cache Entry: 335

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 200 x 60, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3613
Entropy (8bit):	7.865386856332153
Encrypted:	false
SSDEEP:
MD5:	F5B1ADC4DFA4429C30130239BF4FF1AB
SHA1:	E6DCAA2A7625C12BD679943BB17E1500BB53DCCD
SHA-256:	D756DEC02DD5A9C03CFE855C2DA21903CA509CEA7339996B4842149B80B872D0
SHA-512:	73763790D54BAB4E3F5C06E78710F3E232FEB4E8FBCE9A24CF8D98E41255E255E7E31170D30A99CB44D1FBE8AFE45F5D25382D5A4EF995CC3323A89D91978902
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.......<.....#[......IDATx...t.E..kB.......(d.YA ...!... ....... ..,..DY...c! ..d="..".r..qa.E. .#.H......k...]5G.L.....$.]..U......0-.pS.:..nfZZZ....0.1.iii]d.......LKK.9"@.0L.eD..}0.ii..A..........;..V..$...n4.d"0@&...#s8.......H.....fZZab.A...}..3(...$...&..di.q..`..`..fZZa`.kA.0..~;...d......<..;.....2.ii..A...ys.. .3-..l..H.m..f....L.Od..LK+........`5h8f..A....ii..1.`.(..a.......3....\..AO.Z.c.R."..V..c..1..9.......y.0........w.."l....0.y.ii.\.-..'$.zs..... .......{..%>D..dZZ......y..z..k....MM..ImDs...e.o.s./.A.A....r-...=..{.!.sO.......]s{.v../.C...5..FUs`XF......KR.\..Ns..t..P...H.7..?.,..Q0y.j....c.A,..<.E.hL.....K.....0.?...>.9..g..^ ............9.. ........6..A...2.l..j2....m4H.c.b.......p'..0$.A.0.b4.....4e.kAro4R.`>R..k.0.....=?'.TC.....b:rC..$........1X.N..r.D.....p.!E..O...I.Eq....[..sz~.3...e.....Pq1h'..q..x.O..L._s......Y..=D3.-.x.P...>F....".....1.8.I~.{j....A...r.S:....g.....U.(`.. ...V.]..c2.GsB....c..1.. .

Chrome Cache Entry: 337

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (362)
Category:	dropped
Size (bytes):	56342
Entropy (8bit):	4.071130029468606
Encrypted:	false
SSDEEP:
MD5:	7AD9E9A7FD45999AE98B93602CC35DDE
SHA1:	3F77D1858B4B9778501D1EFBF37CEF11ACE29D64
SHA-256:	304B9387615F38B91A41FFC819E862411DC91E6431736580D8BA841A79BFF310
SHA-512:	15CD6AE24D9B6010E093E71D64DB6F855B4B680B20C53A017010AC2BA203291958AD23D2D09EB04188E61A7701C490AB30A261F310B149CC93CDB9AE077E4929
Malicious:	false
Reputation:	unknown
Preview:	/* SCRIBD API. * Source: http://www.scribd.com/javascripts/scribd_api.js. * Date: 2011-11-25. * /.(function(window) {.. if(!window.scribd) {. var getRandomInt = function(min, max) { . return Math.floor(Math.random() (max - min + 1)) + min; . };.. function Document(options) {.. this.params = function() {. var params = {};. return {. set: function (key, val) {. params[key] = val;. },. get: function(key) {. return params[key];. }. };. }();.. this.params.set('document_id', options.document_id);. this.params.set('domain', "www.scribd.com"); // default domain if none set.. if (options.hasOwnProperty('access_key')){. this.params.set('access_key', options.access_key);. } else if (options.hasOwnProperty('secret_password')){.

Chrome Cache Entry: 340

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2231)
Category:	dropped
Size (bytes):	504230
Entropy (8bit):	5.259597185770774
Encrypted:	false
SSDEEP:
MD5:	D6B98BD5289A1C3B8482219B4C2AE52A
SHA1:	3D45CE286E2088E794ABEB0765D24B669B7C62B5
SHA-256:	AB13E027A1ECA325BB30EDA0615698F865D7DE6394128BDB4A78CC7F511858BE
SHA-512:	8B368D48B4B3236D114F755DD91616B211BD1BBDE45BC7488F32CA178D9D536F00514C0710AAF8AB1E15F6FA130BBD50752428B6F4C23E928F6463AFE5DC4845
Malicious:	false
Reputation:	unknown
Preview:	(function(global,factory){if(typeof module==="object"&&typeof module.exports==="object"){module.exports=global.document?factory(global,true):function(w){if(!w.document){throw new Error("jQuery requires a window with a document");}return factory(w);};}else{factory(global);}}(typeof window!=="undefined"?window:this,function(window,noGlobal){var deletedIds=[];.var slice=deletedIds.slice;var concat=deletedIds.concat;var push=deletedIds.push;var indexOf=deletedIds.indexOf;var class2type={};var toString=class2type.toString;var hasOwn=class2type.hasOwnProperty;var support={};var version="1.11.3",jQuery=function(selector,context){return new jQuery.fn.init(selector,context);.},rtrim=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,rmsPrefix=/^-ms-/,rdashAlpha=/-([\da-z])/gi,fcamelCase=function(all,letter){return letter.toUpperCase();};jQuery.fn=jQuery.prototype={jquery:version,constructor:jQuery,selector:"",length:0,toArray:function(){return slice.call(this);},get:function(num){return num!=null?(num<0?this

Chrome Cache Entry: 342

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	266
Entropy (8bit):	5.182741116673583
Encrypted:	false
SSDEEP:
MD5:	8578A331AD09BB2EF6359FEC3916BEFC
SHA1:	38B68F5C02CBDB6E29C50F8858710E0392B0B8D6
SHA-256:	3D7E7552E3801941A408C504AA732223FE2BED5D12E248680847D772182CB639
SHA-512:	B034DDDA04F8DEE0D174651D13A89AF9FE5ED28E1E81FAB229AFA119B9B0A9C418E324FFCE28E909D8D596BEAE98FA1AC0BA09C74E7E7689B945C032088C5E18
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js
Preview:	define("@wsb/guac-widget-shared/c/_react_commonjs-external-a1351e34.js",["exports"],(function(e){"use strict";const n=global.React\|\|guac.react;e._=n})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_react_commonjs-external-a1351e34.js.map.

Chrome Cache Entry: 343

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 16680, version 1.0
Category:	downloaded
Size (bytes):	16680
Entropy (8bit):	7.9859899250615225
Encrypted:	false
SSDEEP:
MD5:	418EF4BC695166FFE3E360464C36D561
SHA1:	14DC7DEBE48D39DF7918760E9C9D9642F5563140
SHA-256:	E0A2B0E87B833F07A76BDAAECEF067579C0988C25E6FD528C96B410004605E60
SHA-512:	0FB4EE591E48F5833D31FA0D60CF1618BF8936984C23BF13EF8E9C4BFEE5849C80F53C8C6E0145FAF74ACBDDC7BCFB1C5910F382837105E3ED2B7635C5B21E68
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/gfonts/s/cabin/v27/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2
Preview:	wOF2......A(.......0..@.................................X.`?STATZ..$......O..$..6.$..D. ..8..m.....5lc`....e.v.C........V75.!l........99...: .u.KD .d...m.T......v.m.:M.Q.6d@...h...}.@4z,Q-f/.>.b=..2I.^w.[ow..4...W.H.r..w.....;...."B=..h.wD........x.o.Xt....Q5.%x.{......"....X..F......-;....-#.h..0bt.w.C.L.a...iX.b#.8.qj....5.c>.n.\-5T45...s-.L.T...D.'.b..@1q.f6.....%.5.......~V.....>.9Q$..I ..B..)...4N..D..)2.k......)\|.B9....^.]?../6.....ykmi A..g.H.%P....b....@h.B..t......;.'...HL.^.....L..<.......V.....r...?m...Y..[.....(.F.hD.iDDD...$H..!..#.../.kX.K)Ia@..~.X..k.........(.f#wAx........)e.......Zv..])..v.z:v+..8.%...7g...g3mw<...<.sX6W...t.U.gvu....Y'......Q{....]R..$.L.a...U.e....,R...eNQn...'UW..6?...8E........6mS$...l.../..@... ."i...(......Q...-A.x...Lv..%.Gu.F..,.L........Y..O..j........,.x...Tzy3`s.0.Y.!....e.........A..q.;....E..........U.g..y.><.EDD)...\a`m.xxn... ..=..w..H.....N.{ ....vw.b...BM2.@H.....Pdd.*.......#..i.h..!!.P.P.@.. ..@.

Chrome Cache Entry: 344

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 24448, version 1.0
Category:	downloaded
Size (bytes):	24448
Entropy (8bit):	7.99088597353699
Encrypted:	true
SSDEEP:
MD5:	865E46AF816320C9F32234E8968558D0
SHA1:	6791E9F732FCBDE0F375F84CCBC14C4AC72795A3
SHA-256:	6C84348296EBE2E2A0830C3962EB02156419D9BC76371C2EADAF7329D827D550
SHA-512:	34EB9CB9C4DCA6E0CA7FA1C9379E49AF97E9CCB7C94A6A4B9CCD4D6EA62007B70A4792463902BAE705177CCAA46DA883C06911074BC13C6DD403C4EB18965074
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Preview:	wOF2......_........(.._"..........................H.p.`..D....e...........B..6.$..v. ..6..E.K.G.%l\e.v@..}5.a.G-:....T.fZ.....d..v..V.. b.$..BM8J.....Z..k$..`..?..3..&Q..yO...k.GG./.G.ql.E.....~....o.}.^.k&o.M.O...[..'.4.A.p....u...E`.bG........}NU....G.V..L.#.R!...f.M......9jlc...Qc.:.....T............F5.?o.:..k.Z.W...!.h...^.....t..7..Ns.9...a.xC...7,.....^...a:...QI..Gj6sF..T.P'xq....C.K.pz.@v..)LVQ..h..v..uV{@.e8...{.5...yG..x....n.6.!...m..@.'. ...Q.v.\6.[..f.....s.?.sL..E...2.>b.CG...>b..Yr.......m....8/D..n{..8..[.....V...>.h.t....!./v...h..`E..y.I..~.H...,[.w..^....jg.w...:.....a..j{.....Q...G..K^......t...[.......zNc5BV....T......N$.][r.6Jr..`..u...'..~.7..7b...0I ....$8.@M.F7.F EQ.NH........R.g.8.SH.=.p..u....?.....&......r.g......\|............^......PR....#ug.6.F..>..K;...Q..Z..Y....jB ......"s.w.ei3@..8....HW.......%....DDD.G.......eo(%K... ....a:..dH...UJ...........J..lC.~.}.......R.......E.vbe[<f....*...z...>iP9o......j).

Chrome Cache Entry: 345

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (833)
Category:	dropped
Size (bytes):	46161
Entropy (8bit):	4.936860763575983
Encrypted:	false
SSDEEP:
MD5:	5847FB67FBF42D19E57C648F0205E6C8
SHA1:	F431828E34BF9D823055B0BC362DC6B01B2A16C5
SHA-256:	E62F5B14732A074441870987B020A833202E7BB4E8255D54C5FC9BCB06BF735A
SHA-512:	5FEF2BD8A1ADBA7C7B8CA435B9967D8187A4C1BA310DCD1C052C50A033266A82CCB3ED2EC8DF5CF14FD439CB51698D06EBB910973E2159B99283A6A024A6F9DF
Malicious:	false
Reputation:	unknown
Preview:	//louserzed images links.var louserzed_images_links = "/images";..var msg_contacts_firstName = "First Name";.var msg_contacts_lastName = "Last Name";.var msg_contacts_emailAddress = "Email Address";.var msg_contacts_phone = "Phone Number";.var msg_contacts_unblock = "Unblock";.var msg_contacts_edit = "Edit";.var msg_contacts_removeEmail = "Are you sure you want to remove #email from the share list?";.var msg_contacts_listNameisTaken = "Sorry that list name is already taken.";.var msg_contacts_listNameHavaOneChar = "Sorry, the list name must have at least one character.";.var msg_contacts_pickContactToEdit = "Please pick a contact to edit.";.var msg_contacts_pickContactToUnblock = "Please pick a contact to unblock.";.var msg_contacts_pickContactToDelete = "Please pick a contact to delete.";.var msg_contacts_editContact = "Edit Contact";.var msg_contacts_editContacts = "Edit Contacts";.var msg_contacts_updating = "Updating...";.var msg_contacts_loading = "Loading...";.var msg_contacts_ad

Chrome Cache Entry: 347

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 121 x 121
Category:	dropped
Size (bytes):	25370
Entropy (8bit):	7.842319242406539
Encrypted:	false
SSDEEP:
MD5:	6DE1E16F6ACD893DE646D372EA340726
SHA1:	529A63F0B716688ABCC9698B4B3A26B1D60B4522
SHA-256:	141E1FDC72E1DAAEB86F5CD62B1BE33A07B7DCB35882AE5AAC02B65B5402A591
SHA-512:	DE319868B6B9735EB1FC2EF400FD8CA7324AB7F3CF73D36B676D07B3DAC55D6E0E26BF74E54783C097332010D8E885BEDBC54DB7C6CB678E0194762C2E0E87CA
Malicious:	false
Reputation:	unknown
Preview:	GIF89ay.y...................l.w...H.XY.g\|..........8.L.....g.r...<.O..U.c.........w...............!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Macintosh)" xmpMM:InstanceID="xmp.iid:FFA41D10B7BD11E3B235D0A649296047" xmpMM:DocumentID="xmp.did:FFA41D11B7BD11E3B235D0A649296047"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FFA41D0EB7BD11E3B235D0A649296047" stRef:documentID="xmp.did:FFA41D0FB7BD11E3B235D0A649296047"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>............................................................................

Chrome Cache Entry: 348

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4524), with no line terminators
Category:	downloaded
Size (bytes):	4524
Entropy (8bit):	5.793921436142422
Encrypted:	false
SSDEEP:
MD5:	573BD0EEF78083185D7DC11D0A150967
SHA1:	EC515FF6D10931CCFA8D71E4433381F68902D052
SHA-256:	BC09976024724D6F560377877CD149A815C9898BEDCA8E2C74AA14F7196DCCAC
SHA-512:	111CB27D0BFA19F37D7B0052052B856D41EAF1A8F034E9A099EC37225DF6ECF275215D7267C599954396BD1E2B1963F7B0C8767D9F7DF660EED5BCBF66A1B44E
Malicious:	false
Reputation:	unknown
URL:	https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1022241212/?random=1738219055220&cv=11&fst=1738219055220&bg=ffffff&guid=ON&async=1&gtm=45be51t0za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102081485~102123608~102539968~102546754&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.sugarsync.com%2Fpf%2FD4981104_043_6546057047&hn=www.googleadservices.com&frm=0&tiba=SugarSync&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()*1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{co

Chrome Cache Entry: 349

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	troff or preprocessor input, ASCII text
Category:	downloaded
Size (bytes):	961
Entropy (8bit):	5.0436522169966596
Encrypted:	false
SSDEEP:
MD5:	0C86A8DD3D9F1166695D85F1CA428DB0
SHA1:	A94E530C975A612CA4D4950B5969CD7FA7411E91
SHA-256:	3ABCB970BEE521D96397C69DECD81D7FFF8592785D9B23C09187A8AC320371F4
SHA-512:	38B94EA3BE6BE73361CA81234F1A8C3ACB61A569C01AEED00E01A15486560A77FEFCDE84887E8598BFAF44EDE365DF8AFDDD4AAEC709A354F28AC297019A0DBE
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/stylesheets/common/infoBanner.202405150938.css
Preview:	.b1 {. margin: 0pt 2px;. display:block;. background: #c5e4f8 none repeat scroll 0%;. font-size: 1px;. height:1px;. overflow: hidden;.}...b2 {. margin: 0pt 1px;. display:block;. background: #c5e4f8 none repeat scroll 0%;. font-size: 1px;. height:1px;. overflow: hidden;.}...disp {. background: #c5e4f8 none repeat scroll 0%;. padding: 2px 10px;. font-family: Arial;. font-size: 12px;.}...disp.error {..background-color: #f7c5df;..font-size: 12px;.}...b1.error, .b2.error {..background-color: #f7c5df;..font-size: 1px;.}...disp a, .disp a:visited, .disp a:active, .disp a:hover {. color: #138BDE;. font-weight: bold;. text-decoration: none;.}...disp a:hover {. text-decoration: underline;.}..a.msg_killbox {..display:block;..background: #c5e4f8 url(/images/files-images/fm_icons.png) no-repeat scroll 4px -2047px;..width: 16px;..height: 20px;..padding-right: 10px;..*margin-right: 10px;.}..a.msg_killbox.error {..background-color: #f7c5df;.}.

Chrome Cache Entry: 353

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	9630
Entropy (8bit):	7.955920275136458
Encrypted:	false
SSDEEP:
MD5:	3A26FA03595604158C8F5CE2C593A171
SHA1:	45BDB0EC6754F4B6CA7FBE1DBFF8296D67453B94
SHA-256:	780350F167AC630E74C675F3E052A9E1CDD2E13D24587164C81C14D1587344FB
SHA-512:	C736EE0BD7B0D15141541AF9B5AB9C1064F176AA484B04778D636E9FD8E6412DBA7F6ED482102923534202CBE690ED1F78220E039F21C588C1DB99F7914A5254
Malicious:	false
Reputation:	unknown
URL:	"https://img1.wsimg.com/isteam/ip/1812faaf-e56f-47cd-a093-05ce2655644c/blob-0b72675.png/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1160,h:290"
Preview:	RIFF.%..WEBPVP8X...........!..VP8 .$.........".>m6.I$#%....Y...gn.h:3.)..........._.K.g......oME+.]._.?6..........w...W...g<.~...{........Q.....W...B..L..?.o..p}.5i<..W.._.?.?`...[._..i.........>x.../...i>................../....~P.d...x.^.^.}.......^._..h.3..?p.................h>....k...S..o._.0}....O...?..!?...............@..%...L./.%.$.D...._"K.I\|./.%.$.D.....S.h..z....mE.?...A....(.1.....;. N...."....;. N...."....;. N...."....-p.-5.$...sj)T.b...-&r.....U?.I...J...U?.I.......Y;..0.7..&..8.O2..w.MB.M. .pMu..[..<C;.....3.]B".R.Sa..:..z,Fj.$gI&Hm..-...w..$.Dv...>..0xf.k.}L.....H..$.D...._ .s\.5t..6.I.V@.E..0.X]...".j}O../......f..>.C8$\|.6...~...B.'.8.K.&:..ZRg.s..Z..%..h^..k.....hw....T..oh..._"K.I..aF....cmE..Q...~..6d.^6.R......c....tG...Z%.......X"&H.....#.Ij.'.3.g...Lm..S.j...K6..Lm..Sq.IpQY...Lm...>..$.9.....?..1..V..H..'...V.I..x.QQv....cmE... b.sT.!....x.....T.!.....R...j)T..Y)J.q>6.R.....cmE..QJ.6.T]...I...mE..Q.......w....cmE..Q

Chrome Cache Entry: 354

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 23236, version 1.0
Category:	downloaded
Size (bytes):	23236
Entropy (8bit):	7.986328239479246
Encrypted:	false
SSDEEP:
MD5:	716309AAB2BCA045F9627F63AD79D0BF
SHA1:	38804233A29AAF975D557FE14E762C627BEF76E0
SHA-256:	115F6A626CA115D4AD5581B59275327E0E860B30330A52B0F785561332DD2429
SHA-512:	ADB0BC6CB9B230EDA5DAC7396A94A9A4DBA9C8BA0B2EB73F5F21A20C3CA3D14651420BC6A17E67A71B5BBA624F5A4E92D55CBBB898985DCCA838184F6DFB2B15
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/gfonts/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Preview:	wOF2......Z........\..Z^..........................z.p.`..`..D....s...........B.....6.$..v. .....E.r........}Q.J..0..m..%h...1/<...J......z..........N&2\.K{iZ.....F$.AZ.!.=..a(...mv..t.6d..lH2..E}..j2..oq..Q..B#..........i.....\..%...0.Os..f.^;}..J....i..>]..w-...rN&#Y.N.9n.......[.=d...y..;...54..`7(.......!......b...$$..{._...\|.;...7....0...Wlls..8.P.[.Ts.tu.T...c....F.g.;.....@.^/3......U0..Pu..;]......%.:...Z../..t..(..p..#..!!-...}.#..ET.Q5A._K.6...Q\.7,....8.E....R.ATPQ..(iI..60.Y....^....\.7}.z....c......Y}Y....1....(...y.!Z.,...h...{.n....j....8.&..!....0'....m....7..L...rA...C..K....I..0.l8...A...."......'...........,M`.`.}..2.."<.MW[.....?..5..;.`.".d..dU..........V1..W.O.,.....r....+./.....z.m\..2...l ..6....... .+J..k..T%..4Uy..U.#.=....]'...f...R.u.Z......s.g.P+\....(....$...W....s'.{.R'...>..5f.R..9......&.`.A....b.Jexn.$..g.4.../.#.VR.B%.f+3&.qb.?...:.~........:Dg.5,...j.B..B.^-.......?.ig......(..O..~ ..\...T%:......P..M."..+.++_4...

Chrome Cache Entry: 355

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (651)
Category:	dropped
Size (bytes):	698
Entropy (8bit):	5.240081353203154
Encrypted:	false
SSDEEP:
MD5:	7B01FCDF2048E82F4DF741791CD44F61
SHA1:	D1D126931B5D6937B1496E7950342D6A06F361B9
SHA-256:	CBC04C06117804A9A97013C97A0714B027DF8279C5F1D0FD0478756A0944AEE6
SHA-512:	3D16B5D5D68C92C6098534C10E57B5FAF389BA31D3DB8D004927410657895F147BBB1AF23A20509AC6834F66B6D98ED0DFBA944756D8EE419D73437CCAEBD897
Malicious:	false
Reputation:	unknown
Preview:	define("@wsb/guac-widget-shared/lib/common/constants/traffic2-0a7e72c6.js",["exports"],(function(a){"use strict";const e="click",o="pandc.vnext";var n,i,s=(n=o,i={editor_preview:{submit_contact_form:e,messaging_fab_open:e,messaging_fab_close:e,messaging_webApp_appstore:e,conversations_learn_more:e},shop_widget:{click_pagination_back_arrow:e,click_pagination_forward_arrow:e,click_pagination_number:e}},(global._\|\|guac.lodash).mapValues(i,((a,e)=>(global._\|\|guac.lodash).mapValues(a,((a,o)=>[n,e,o,a].join("."))))));a.TRAFFIC_PREFIX=o,a.default=s,Object.defineProperty(a,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=traffic2-0a7e72c6.js.map.

Chrome Cache Entry: 356

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4544), with no line terminators
Category:	downloaded
Size (bytes):	4544
Entropy (8bit):	5.807750497846142
Encrypted:	false
SSDEEP:
MD5:	3DFB112FEC8DF56AE0BED93F97B0F31F
SHA1:	3B34C30F54EF6890E78E5061ADA1DCBDF5C754A9
SHA-256:	F47AA954AABB23BDC8AB6A5199225B9821CCC3BF4201B8BEB4A3EA9B5BAD0F81
SHA-512:	26EE77C05C428F6AEF8BC468A961451D1DC09F85FFEE1C8A4444B310DADFD3435A897BEAAA6F37E8A7FBBBDAB14B1204983C67A27DC0B0EE3DD1F19F4A45E268
Malicious:	false
Reputation:	unknown
URL:	https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052447870/?random=1738219055277&cv=11&fst=1738219055277&bg=ffffff&guid=ON&async=1&gtm=45be51t0v9118936673za201&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102081485~102123608~102482432~102539968~102546754&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.sugarsync.com%2Fpf%2FD4981104_043_6546057047&hn=www.googleadservices.com&frm=0&tiba=SugarSync&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()*1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{co

Chrome Cache Entry: 358

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2146)
Category:	downloaded
Size (bytes):	271175
Entropy (8bit):	5.553308054055811
Encrypted:	false
SSDEEP:
MD5:	FC970C23D3CD689A93E0B4A9385C2DD7
SHA1:	AD25F93DD2E4FFED887EA35AC21B3EF3BA03655A
SHA-256:	3A7CEE9885BE6CA5CC23483169EAB9A37C5264B2F1FF1B9615782CBEE72BF515
SHA-512:	85D5E3D7B225B4E525F1F97668C03CA2C19E646040920D574CF5BC9E251A9AEAEB5C4E71C79916B02B66DF898A1E09904642089102536622688505A1B9770A8E
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/destination?id=AW-944328721&l=dataLayer&cx=c&gtm=45He51t0za200
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__cid"}],. "tags":[{"function":"__rep","once_per_event":true,"vtp_containerId":["macro",1],"tag_id":1}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"}],. "rules":[[["if",0],["add",0]]].},."runtime":[ [50,"__cid",[46,"a"],[36,[17,[13,[41,"$0"],[3,"$0",["require","getContainerVersion"]],["$0"]],"containerId"]]]. ,[50,"__e",[46,"a"],[36,[13,[41,"$0"],[3,"$0",["require","internal.getEventData"]],["$0","event"]]]]. .].,"entities":{."__cid":{"2":true,"4":true,"3":true}.,."__e":{"2":true,"4":true}...}.,"blob":{"1":"1"}.,"permissions":{."__cid":{"read_container_data":{}}.,."__e":{"read_event_data":{"eventDataAccess":"specific","keyPatterns":["event"]}}...}....,"security_groups":{."google":[."__cid".,."__e"..]...}....};.....var h,ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{d

Chrome Cache Entry: 359

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (330)
Category:	downloaded
Size (bytes):	390
Entropy (8bit):	5.206764812811324
Encrypted:	false
SSDEEP:
MD5:	C86B7F8224FA45FB1682AC94D8F75AC6
SHA1:	9561F67AAE74B14702DB79C22F9C7F9E6F3B3239
SHA-256:	010083B88E95F18CEFDB90796ACCE02073E91FC8DFEFB27A7F5F3F75529E4906
SHA-512:	B239BAC43D973D0076F4E0C0720906560B0AED76472F50202841B2EABB66C5AD5774E35449007AA2DC3E6A096330AB14D1AA9374645136C89A20B45E4BBDBC52
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js
Preview:	define("@wsb/guac-widget-shared/c/interopRequireDefault-c83974f7.js",["exports","~/c/_commonjsHelpers"],(function(e,o){"use strict";var t=o.c((function(e){e.exports=function(e){return e&&e.__esModule?e:{default:e}},e.exports.__esModule=!0,e.exports.default=e.exports}));e.i=t})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=interopRequireDefault-c83974f7.js.map.

Chrome Cache Entry: 360

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65324)
Category:	downloaded
Size (bytes):	155758
Entropy (8bit):	5.06621719317054
Encrypted:	false
SSDEEP:
MD5:	A15C2AC3234AA8F6064EF9C1F7383C37
SHA1:	6E10354828454898FDA80F55F3DECB347FD9ED21
SHA-256:	60B19E5DA6A9234FF9220668A5EC1125C157A268513256188EE80F2D2C8D8D36
SHA-512:	B435CF71A9AE66C59677A3AC285C87EA702A87F32367FE5893CF13E68F9A31FCA0A8D14F6A7D692F23C5027751CE63961CA4FE8D20F35A926FF24AE3EB1D4B30
Malicious:	false
Reputation:	unknown
URL:	https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Preview:	/!. Bootstrap v4.3.1 (https://getbootstrap.com/). * Copyright 2011-2019 The Bootstrap Authors. * Copyright 2011-2019 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). /:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace},::after,::before{box-sizing:

Chrome Cache Entry: 364

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21556)
Category:	dropped
Size (bytes):	21592
Entropy (8bit):	5.118279269599776
Encrypted:	false
SSDEEP:
MD5:	1C56940A864F144FAE2EB40EE952CB94
SHA1:	EBFC754CE962A1F9025853F2995B3987F0383D87
SHA-256:	3C37A4AA3CF6AAAE6921A4B750C0E4F81FD338D6878BE90B0FAF2F921039CB23
SHA-512:	AEF4B08A01D56BD8855653499B375DB11D8FD7D67C4BCDC74323236BADC47B70DDFEDC14CE89828736C63FFE147BF71C14311580296D41B59F11A3305993ADDD
Malicious:	false
Reputation:	unknown
Preview:	!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("tti",[],e):"object"==typeof exports?exports["tti"]=e():t["tti"]=e()}(window,function(){return n=[function(t,e){var n=function(){return this}();try{n=n\|\|Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e,n){"use strict";e.__esModule=!0,e.setCustomProperties=e._sendWebVitalsData=e._collectVitals=e.calculateTTI=void 0,n(2);function i(){0<s.timeToInteractive&&setTimeout(function(){window._expDataLayer=window._expDataLayer\|\|[],window._expDataLayer.push({schema:"add_perf",version:"v1",data:window._tccInternal?{type:"pageperf",properties:s,custom_properties:c}:{timing_object:s,is_hard_navigation:!0,custom_properties:c}})},0)}function r(){var t,e,n=(r=0<arguments.length&&void 0!==arguments[0]?arguments[0]:{}).name,r=r.value;s[n]="CLS"===n?r:Math.round(r),"timeToInteractive"===n&&(s.hasOwnProperty("FID")?i():(t=0,e=setInt

Chrome Cache Entry: 366

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (367)
Category:	downloaded
Size (bytes):	421
Entropy (8bit):	5.615758069936489
Encrypted:	false
SSDEEP:
MD5:	401821742DEF46C40D4CF5F0121C8BEC
SHA1:	1852305A4F2D7E120F9B7BD185790B98CDF9BFA6
SHA-256:	462D8298239BC61418760DB4204CD135D990537E625782D059CB9D3A1D0266A4
SHA-512:	38A53048605CF83ADAC562721A2818462EEE8289A79DEF4E02FE5B73B4515D8BC2303A577BADB6A9A55D75F3644459D5652B2AA75390A2CE7A925D3DDA8D6D4D
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-99523055.js
Preview:	define("@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-99523055.js",["exports"],(function(e){"use strict";var n=(global.keyMirror\|\|guac.keymirror)({CONTACT_US:null,MESSAGING_EMAIL:null,MESSAGING_CONVERSATIONS:null,JOB_POSTING:null});e.default=n,Object.defineProperty(e,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=formIdentifiers-99523055.js.map.

Chrome Cache Entry: 369

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 34328, version 1.0
Category:	downloaded
Size (bytes):	34328
Entropy (8bit):	7.992979044306872
Encrypted:	true
SSDEEP:
MD5:	6581AB53C220B5828E37162349375431
SHA1:	1922912CA5AB6EB5A55DB138B183B38D066E85C8
SHA-256:	A8E429611131E3FDC2018EC943A36100DBABB4AAA788C8DEAD6BDCF927917293
SHA-512:	B8FE079BD4AACD01FA41799999452B27051A4CCB4DBB91D9E1F2662C5D6112032B1633DFB2E31DB71F57FB4511A48B55646D034BD6F81CAF017ED0DACE0603F2
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Preview:	wOF2...............D..............................l..H...?HVAR...`?STAT..'...@/l.....p.<....0..F.6.$..(. ............l.V3.....'%6..&...%;N5.!l.@4.[.......}Xw.F....R..z..i"\:.S.v..g..j..s\...E(...B...#43....f..i.ql....\|>6.4..C..\..D\|fmt..C......'./.`..T.........[.3.......}H\.R.8.6w].b.:.]'..x..}/....J tA...V>..w\..5..W..j6..f.Z.b...#( .@bHH..nv....3.;...@......\..v..1Hr.v....=<.._P.......l..#...@....h.kx^....U..t..E.g4K.D....#.1v.7.3VD.....)...jt.yk..s..O.'.U.Z.....y.D....\.b.<!$..!h....x(T.B.!..n....kG.;k...kU).u..jG.."..@..Hc.B..o)ex..?"G.16....F...q.}.z...g.U..(....?...?........E.F1.1P.Ft.....c.w....n3.o.9.Z2..P,5..QNmF+Hv.V..!..!..)....}.z.../ .r.x......db..GY.e.;.....l..k.....h..S.....X.1..y.P.v>..V..h@j.m.......Z..n..am..s>w.C...4.Rl.....s.J..n...1.h..........'.5(..s..Zc..>r.s..G.r6...l.xf,mJ.,........J..4.......>m&.=.u..[v...y37I&K...,~ ..An..A.P1...'l....p.u.U.....k.i..5w.ou..~u._E.`....}?..............BF...(....1**.=2...#q.m?K.YD....y

Chrome Cache Entry: 370

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2146)
Category:	dropped
Size (bytes):	264561
Entropy (8bit):	5.5510728981078845
Encrypted:	false
SSDEEP:
MD5:	06501036F4591340E9DC993C542B8ED2
SHA1:	FE7DC2DBC257711252B623E81942E42668E55168
SHA-256:	F850C98003744CD36DB48C7CB5E962C60356365F7C3011DE9814BA9EA156F0AF
SHA-512:	E938E9C1328BD1E8BA790D7F5DE96C816B7EF3C4F029E306AB5A5D942FEA9EA971E540AD3E86F447072311F49AA3538E7DAB5B437C9B93C9867A1EF774F7F669
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__cid"}],. "tags":[{"function":"__rep","once_per_event":true,"vtp_containerId":["macro",1],"tag_id":1}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"}],. "rules":[[["if",0],["add",0]]].},."runtime":[ [50,"__cid",[46,"a"],[36,[17,[13,[41,"$0"],[3,"$0",["require","getContainerVersion"]],["$0"]],"containerId"]]]. ,[50,"__e",[46,"a"],[36,[13,[41,"$0"],[3,"$0",["require","internal.getEventData"]],["$0","event"]]]]. .].,"entities":{."__cid":{"2":true,"4":true,"3":true}.,."__e":{"2":true,"4":true}...}.,"blob":{"1":"1"}.,"permissions":{."__cid":{"read_container_data":{}}.,."__e":{"read_event_data":{"eventDataAccess":"specific","keyPatterns":["event"]}}...}....,"security_groups":{."google":[."__cid".,."__e"..]...}....};.....var h,ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{d

Chrome Cache Entry: 374

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	3610
Entropy (8bit):	4.482983956606433
Encrypted:	false
SSDEEP:
MD5:	5A18C34845D2D8CD26945C994384B2E9
SHA1:	F1DD6A79C2D27D6220B3340554748631E1CAEE77
SHA-256:	50C1F65514B565D9D67160F865C01B50A981016543FDE036E37596921971F570
SHA-512:	8518438E46D4C8D4A8A5D0A42DE391C339B068907A3E38FA92BCD8F9655597F254A2EF132758C77FFB6DE68867F3B7734124AA023E05CB45B836DE199CCE4983
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/public/js/LC_MESSAGES/sstranslate-en.json
Preview:	{. "messages": {. "": {. "domain": "sstranslate",. "lang": "js_JP",. "plural-forms": "nplurals=1; plural=0;". },. "No plans could be retrieved from server. Please retry later.": [ null, "No plans could be retrieved from server. Please retry later." ],. "Most Popular": [ null, "Most Popular" ],. "SELECT": [ null, "SELECT" ],. "SELECTED": [ null, "SELECTED" ],. "Password is required.": [ null, "Password is required." ],. "Please do not repeat characters more than twice.": [ null, "Please do not repeat characters more than twice." ],. "Please do not use common words.": [ null, "Please do not use common words." ],. "Unable to check password strength.": [ null, "Unable to check password strength" ],. "Name is required.": [ null, "Name is required." ],. "Email is required.": [ null, "Email is required." ],. "Please enter a valid Email.": [ null, "Please enter a valid

Chrome Cache Entry: 376

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9330)
Category:	downloaded
Size (bytes):	245413
Entropy (8bit):	5.454197304950874
Encrypted:	false
SSDEEP:
MD5:	60F91991EAFDE3E90388665F44724A35
SHA1:	A842DB88B6FE990BF56DAB402245715DDC22B7AE
SHA-256:	547958601153B05F56EFA04C46B4495BED0F0D2C04860E774FD19BF50A90182D
SHA-512:	4296A8554B7E3524274D9153D8396A5886BDE767A63ED525BE7C7A078EDC431143CDAD464AA361CC73AFB12721DD395ED6E67D8EC3F00EFD2092F3216D73FD96
Malicious:	false
Reputation:	unknown
URL:	https://connect.facebook.net/en_US/fbevents.js
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 377

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	397
Entropy (8bit):	4.8240364163168605
Encrypted:	false
SSDEEP:
MD5:	93BA76329F26D66E97415DEF8963318F
SHA1:	8A6C93BE64C90914D3C2118DD3F008664303F2BD
SHA-256:	5D96D4058CC3AC06EE93F9E39C134BEA79ACE6B2F5B7ABD5D8A196507AB5BAA6
SHA-512:	3A7A52C9698E2BDD32DEB827123EB432D42F0A286CD9DED0F266F256700782D4B3899D35D8DA6AB9D4EB1B731B2F762B997D1D29EFCE82484E6B13661CE1CBEE
Malicious:	false
Reputation:	unknown
URL:	https://8fb8895e6829.godaddysites.com/manifest.webmanifest
Preview:	{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:192,h:192,m"},{"sizes":"512x512","type":"image/png","src":"//img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:512,h:512,m"}],"name":"2fa","short_name":"2fa","theme_color":"#4aa6d0","background_color":"#4aa6d0"}

Chrome Cache Entry: 379

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3043)
Category:	downloaded
Size (bytes):	3092
Entropy (8bit):	5.221416224205306
Encrypted:	false
SSDEEP:
MD5:	852CBC5322260E00B44F2C682F88B2C7
SHA1:	BCAF229E6134F43EB5F974C9891E4D16FAF1D344
SHA-256:	BAE437DBEFE58377D88C9D579DB7C59F4202F3FBF88866D0005FB375BE6B2CD7
SHA-512:	F031B43F7FA0DA001F71DDCFFE5E322A94C5F1F52F7C4D67D34880243D9D361AC55C0E5001DD004390867CB31E5DEF5D4D9282E6E2ECB9AEC0E880AA5B786BA3
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js
Preview:	define("@widget/LAYOUT/c/bs-loaders-fffeeba5.js",["exports","~/c/bs-index3"],(function(e,a){"use strict";e.B=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).createElement((global.React\|\|guac.react).Fragment,null,(global.React\|\|guac.react).createElement(c,{viewBox:"0 0 44 44",width:"3em",height:"3em",fill:"currentColor"},(global.React\|\|guac.react).createElement("path",{fillRule:"evenodd",d:"M31.968 23H12.032c-.57 0-1.032-.448-1.032-1 0-.553.462-1 1.032-1h19.936c.57 0 1.032.447 1.032 1 0 .552-.462 1-1.032 1"})),(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,a.k.loaderBalance)),style:{"> svg":{animation:"balance 1s infinite cubic-bezier(.62,.06,.33,.79);",transformOrigin:"center"}}},e)},e.C=function(e){const{SVG:c}=(global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element;return this.merge({tag:"div",children:(global.React\|\|guac.react).crea

Chrome Cache Entry: 380

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 2 x 77, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	92
Entropy (8bit):	5.113252816027877
Encrypted:	false
SSDEEP:
MD5:	C82CD9EE6C37659B9D61E9C720654F5B
SHA1:	EA8693CCD81F6972E2C944AAE4053DA0AC999669
SHA-256:	A780F877CE27E34406EF52BD6587D4783DA19FEE5F44CC9217FDACBD323A9DA1
SHA-512:	32805561D11DE390E558E29C1C423B6C19C84B41114DD5423A1ECFA53E45722B870A96F9C36427DE81B297A324F63AAB93B7484BEB9C991295F0367733DC7553
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.......M......."....#IDAT(.cr..&.0`...0..C.7(.AnXSG.......O...i....IEND.B`.

Chrome Cache Entry: 381

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (51384), with no line terminators
Category:	dropped
Size (bytes):	51385
Entropy (8bit):	5.293328685395304
Encrypted:	false
SSDEEP:
MD5:	6626C1362840EBFC8F48294E8F023E18
SHA1:	4EC0DFB37C3E536C1B5EC04B68C9846FDBAF9EEF
SHA-256:	AABC88A6DB8B22022F96CA88E4F0A7BE426ABEF2B35169A71515A2D55246402A
SHA-512:	B037A19B52C1047198EC7F19E99066054E454964380E2354239834260D11248E617D6759B944DDF39A25B883C8F430603D8E13097396E2DEDA9BB6905C1CD42A
Malicious:	false
Reputation:	unknown
Preview:	function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"\|\|o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0,enforced:!1};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.uetConfig.cusig={hasLoaded:!1,timeoutId:null,blob:{}};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",

Chrome Cache Entry: 384

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17235)
Category:	dropped
Size (bytes):	382681
Entropy (8bit):	5.571009633783874
Encrypted:	false
SSDEEP:
MD5:	CF24AAF5920A9B65DAE61C09966E9CBC
SHA1:	27EB187052DD97C7F30DF9415C8A3116435C6B87
SHA-256:	5B6C77796A9D8B3AD3FDEA2B975BAAB09C8DD55B5CADF91CDA1D8468B5739F99
SHA-512:	D05A452250272C9AE8D106495E32D861405146A092C67C4494E820996D1588FF76BAC2CF092A99097EA1A0C2CF76871D1D73EEBA8CE55EBE0CD494E7FF5EC8A9
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"96",. . "macros":[{"function":"__jsm","vtp_javascript":["template","(function(){var a=navigator.userAgent\|\|navigator.vendor\|\|window.opera;return\/(android\|bb\\d+\|meego).+mobile\|avantgo\|bada\\\/\|blackberry\|blazer\|compal\|elaine\|fennec\|hiptop\|iemobile\|ip(hone\|od)\|iris\|kindle\|lge \|maemo\|midp\|mmp\|mobile.+firefox\|netfront\|opera m(ob\|in)i\|palm( os)?\|phone\|p(ixi\|re)\\\/\|plucker\|pocket\|psp\|series(4\|6)0\|symbian\|treo\|up\\.(browser\|link)\|vodafone\|wap\|windows (ce\|phone)\|xda\|xiino\/i.test(a)\|\|\/1207\|6310\|6590\|3gso\|4thp\|50[1-6]i\|770s\|802s\|a wa\|abac\|ac(er\|oo\|s\\-)\|ai(ko\|rn)\|al(av\|ca\|co)\|amoi\|an(ex\|ny\|yw)\|aptu\|ar(ch\|go)\|as(te\|us)\|attw\|au(di\|\\-m\|r \|s )\|avan\|be(ck\|ll\|nq)\|bi(lb\|rd)\|bl(ac\|az)\|br(e\|v)w\|bumb\|bw\\-(n\|u)\|c55\\\/\|capi\|ccwa\|cdm\\-\|cell\|chtm\|cldc\|cmd\\-\|co(mp\|nd)\|craw\|da(it\|ll\|ng)\|dbte\|

Chrome Cache Entry: 385

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4942), with no line terminators
Category:	dropped
Size (bytes):	4942
Entropy (8bit):	5.468210190460236
Encrypted:	false
SSDEEP:
MD5:	860D7BA2B15F0E2146573C70F6A6DF5E
SHA1:	CF9F65C5E380615268FECFE84B41CD8F8BEA1590
SHA-256:	3B415902194E81CEB2F49CBCBF1CFB6EF932EF23398C1E38D35B7BD10A0263DC
SHA-512:	2A1E8C63593996DE173991E90A34F43967A3F86B12EBAFD34F874CE8548FB8366DB24352CFD08A7A28E0D09CA4B1B8B8C3E120B9188AFA0A79448B9996C966CC
Malicious:	false
Reputation:	unknown
Preview:	try{(function(){window._VWO=window._VWO\|\|{};var aC=window._vwo_code;if(typeof aC==='undefined'){window._vwo_mt='dupCode';return;}if(window._VWO.sCL){window._vwo_mt='dupCode';window._VWO.sCDD=true;try{if(aC){clearTimeout(window._vwo_settings_timer);var h=document.querySelectorAll('#_vis_opt_path_hides');var x=h[h.length>1?1:0];x&&x.remove();}}catch(e){}return;}window._VWO.sCL=true;window._vwo_mt="live"; var gcpfb=function(a,loadFunc,status,err,success){function vwoErr() {_vwo_err({message:"Google_Cdn failing for " + a + ". Trying Fallback..",code:"cloudcdnerr",status:status});} if(a.indexOf("/cdn/")!==-1){loadFunc(a.replace("cdn/",""),err,success); vwoErr(); return true;} else if(a.indexOf("/dcdn/")!==-1&&a.indexOf("evad.js") !== -1){loadFunc(a.replace("dcdn/",""),err,success); vwoErr(); return true;}};window.VWO=window.VWO \|\| [];window.VWO._= window.VWO._ \|\| {};window.VWO._.gcpfb=gcpfb; window._vwo_cdn = "https://dev.visualwebsiteoptimizer.com/cdn/"; window._vwo_apm_debug_cdn = "https:

Chrome Cache Entry: 387

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (13406)
Category:	dropped
Size (bytes):	13457
Entropy (8bit):	5.423362441222623
Encrypted:	false
SSDEEP:
MD5:	60112F899283FEE78C34AB18049D4CAC
SHA1:	B482E4635B2988D196FA996E6748EC2A2B6F98C3
SHA-256:	8BB325C9C2BBB10947BA44471B0F7E1485C8C9BD60D6CB53A19372E6AF20F586
SHA-512:	51CA1BBC8BBAEB29B4D167C20D8C2D1682EA485C1E2F1B9FC5B618E63F6CF623CC44CFED60BFF978441ACD618263C14AFA326D5F04F660FC8AD8096ABEA4B9C7
Malicious:	false
Reputation:	unknown
Preview:	define("@widget/MESSAGING/bs-Component-de800ada.js",["radpack","exports","@wsb/guac-widget-shared@^1/lib/components/Recaptcha/badge","@wsb/guac-widget-shared@^1/lib/common/constants/traffic2","@wsb/guac-widget-shared@^1/lib/common/constants/form/formIdentifiers"],(function(e,o,a,t,r){"use strict";var l=(global.keyMirror\|\|guac.keymirror)({MESSAGING_FAB:null,MESSAGING_MESSAGE_FLYOUT:null,WELCOME_MESSAGE:null,SEND_MESSAGE_TO:null,EMAIL_OPT_IN_TOGGLE:null,EMAIL_OPT_IN_MESSAGE:null,COLOR_SATURATION_KNOB:null,COLOR_HUE_SLIDER_KNOB:null});const c=(global.React\|\|guac.react).createElement("path",{d:"M0.342304 14.5C7.35025 6.3293 3.35025 0.829295 0 0.0.0 0.0 5.4 2.1 32.3502 0.329295C32.3503 3.8293 -3.13481 20.7261 0.342304 14.5Z"});function s(e){let{text:o}=e;return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{category:"neutral",section:"overlay",style:{backgroundColor:"neutral",margin:"-medium medium medium medium",borderRadius:"5px",po

Chrome Cache Entry: 388

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 131 x 103, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3943
Entropy (8bit):	7.781809840471042
Encrypted:	false
SSDEEP:
MD5:	B6FAA5F9F01E96C333C018364003F245
SHA1:	673AA3ABD78EC86DFBA2F01AA0D24556720A020A
SHA-256:	7C79FEE6A2C724D20121F3207F453EF8E8738AF9F4FC38116BE9DD4778428AD1
SHA-512:	29BA4F2C27F1BDFA048C50DE86DF5E1D6780009535E62CEEFC4CDD4AEC1F0EE7D97DA46CEDE453E987D093C9179467A94687019BFE2E410D10E647CA919C8DFC
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/images/corp-iris/share-icon.png
Preview:	.PNG........IHDR.......g.....#H......tEXtSoftware.Adobe ImageReadyq.e<...$iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Macintosh)" xmpMM:InstanceID="xmp.iid:AF0C7A83238F11E386638B745B58D8F8" xmpMM:DocumentID="xmp.did:AF0C7A84238F11E386638B745B58D8F8"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:B8F613FE223711E386638B745B58D8F8" stRef:documentID="xmp.did:AF0C7A82238F11E386638B745B58D8F8"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>/..i....IDATx..yl.....s.....w}.C@.TZh.T.T(.G.A.%AE).%..I.!RE.BK(%.(..R..4UK....h....p4I..#..w......L.o..B.c;.....J

Chrome Cache Entry: 390

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5409)
Category:	downloaded
Size (bytes):	12628
Entropy (8bit):	5.346410691430038
Encrypted:	false
SSDEEP:
MD5:	A9995B1EBFCB27F7164B5FB8E078E902
SHA1:	8484259DE7AF1E02982A7DEC1492BED1F73AEC6F
SHA-256:	5BA6A1DE6B342A624B5B33B0D11AB9E29C17448C7CF914CA1F38FD58C6F8BFC5
SHA-512:	7B09B9FC1103EBDE65D2BBAA340FE8CE08D948A4C62C86E5A6FB60CB5A30F56F297CB10BCB84938D713976C340B48065A002DF7CCAF968F124CCAB374F9FB08E
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/1812faaf-e56f-47cd-a093-05ce2655644c/gpub/6e0d9bdb860397ab/script.js
Preview:	window.cxs && window.cxs.setOptions({ prefix: "c2-" });.window.wsb=window.wsb\|\|{};window.wsb["Theme16"]=window.wsb["Theme16"]\|\|window.radpack("@widget/LAYOUT/bs-layout16-Theme-publish-Theme").then(function(t){return new t.default();});.window.wsb["DynamicFontScaler"]=function(e){let t,{containerId:o,targetId:n,fontSizes:r,maxLines:a,prioritizeDefault:s}=e;if("undefined"==typeof document)return;const i=document.getElementById(o),c=document.getElementById(n);function l(e){return function(e){const t=parseInt(d(e,"padding-left")\|\|0,10),o=parseInt(d(e,"padding-right")\|\|0,10);return e.scrollWidth+t+o}(e)<=i.clientWidth&&function(e){const t=e.offsetHeight,o=parseInt(d(e,"line-height"),10)\|\|1;return Math.floor(t/o)}(e)<=a}function p(){if(!i\|\|!c\|\|t===window.innerWidth)return;if(c.hasAttribute("data-font-scaled"))return void function(){c.removeAttribute("data-last-size");const e=document.querySelector(`#${n}-style`);e&&e.parentNode.removeChild(e)}();t=window.innerWidth;const e=Array.prototype.sl

Chrome Cache Entry: 391

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1211)
Category:	downloaded
Size (bytes):	1261
Entropy (8bit):	5.340315611373646
Encrypted:	false
SSDEEP:
MD5:	CB9BFA0FBDD957FBE7F4841B70341DB2
SHA1:	9CAD12A3580D3E4D340CB867E88B687C75564C5A
SHA-256:	513864FD4EBD1926F3E1E78B436A90C2BC3A5D16835B50415E7B318D7DEEC2A2
SHA-512:	DF98C3262F64DA4EA9CACF75FF7CB685D71B69142D89F726AB3E13CF6F25432DC395D7C0950E1632F0E519F135B02FDA0753739189E51F1C9210ACA6692551DD
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js
Preview:	define("@wsb/guac-widget-shared/lib/components/ColorSwatch-4196a0a9.js",["exports"],(function(e){"use strict";const o=e=>{let{color:o,isActive:t,inStock:r,isSmall:l}=e;const a=r\|\|void 0===r,c=l?"24px":"38px",n=l?"20px":"32px",i={borderRadius:"50%",borderWidth:"1px",borderStyle:"solid"},s={outer:{...i,display:"flex",alignItems:"center",justifyContent:"center",width:c,height:c,borderColor:t?"lowContrast":"transparent"},inner:{...i,borderColor:"ultraLowContrast",color:"ultraLowContrast",width:n,height:n,background:a?o:`linear-gradient(to left top, ${o} calc(50% - 1px), currentColor, ${o} calc(50% + 1px) )`}};return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.outer},(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.Element.Block,{style:s.inner}))};o.propTypes={color:(global.PropTypes\|\|guac["prop-types"]).string.isRequired,isActive:(global.PropTypes\|\|guac["prop-types"]).bool,inStock:(

Chrome Cache Entry: 393

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	9373
Entropy (8bit):	5.308756406204296
Encrypted:	false
SSDEEP:
MD5:	D0435A094FD3C60000B3FCF18E0BD422
SHA1:	847C58658763B80052CFB93C508990A8AD268883
SHA-256:	A851492A453E728DC6196E1A89A259ED5BB15343135033B73A24CDE239DBF704
SHA-512:	76BA0A25AEB02BBFBC006FFD467C4E1C490BD586CC038E853398EC423BC4D90927E931F5DF6D50B792000F1DF5623AE4FE4D237D3118FF550F3D6312915A67B2
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/public/js/min/gettext.js
Preview:	Gettext=function(t){this.domain="messages",this.locale_data=void 0;var e=["domain","locale_data"];if(this.isValidObject(t))for(var a in t)for(var r=0;r<e.length;r++)a==e[r]&&this.isValidObject(t[a])&&(this[a]=t[a]);return this.try_load_lang(),this},Gettext.context_glue=".",Gettext._locale_data={},Gettext.prototype.try_load_lang=function(){if(void 0!==this.locale_data){var t=this.locale_data;if(this.locale_data=void 0,this.parse_locale_data(t),void 0===Gettext._locale_data[this.domain])throw new Error("Error: Gettext 'locale_data' does not contain the domain '"+this.domain+"'")}var e=this.get_lang_refs();if("object"==typeof e&&0<e.length)for(var a=0;a<e.length;a++){var r=e[a];if("application/json"==r.type){if(!this.try_load_lang_json(r.href))throw new Error("Error: Gettext 'try_load_lang_json' failed. Unable to exec xmlhttprequest for link ["+r.href+"]")}else{if("application/x-po"!=r.type)throw new Error("TODO: link type ["+r.type+"] found, and support is planned, but not implemented at

Chrome Cache Entry: 394

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23126)
Category:	dropped
Size (bytes):	23189
Entropy (8bit):	4.539345073526186
Encrypted:	false
SSDEEP:
MD5:	3D092EF4ABA019B14F01C40747E40554
SHA1:	1C26145272FCF4CA91AF501288CCE84B1BFFD38B
SHA-256:	B4C48B77BBE6BBACF7D16BDAA81F5509FB8EA0FBFDDFBF2D12307F7A88518846
SHA-512:	F7180D3D98CF17556E27D62EF719DD9E35041679BAB74BD49BD898EB0FB62018EF6C6B64D06E9E0CAC4A646154DB93A1D35096B098DDCFF7B02CD6889A29DA0A
Malicious:	false
Reputation:	unknown
Preview:	define("@widget/LAYOUT/c/bs-defaultSocialIconPack-91835b99.js",["exports"],(function(a){"use strict";const e=(global.React\|\|guac.react).createElement("path",{d:"M12 2C6.477 2 2 6.477 2 12s4.477 10 10 10 10-4.477 10-10A10 10 0 0 0 12 2zM7.055 13.745a.97.97 0 0 1-.073-.509l.182-2.072a.687.687 0 0 1 .29-.364c.182-.11.582.036.582.036l2.619 1.31s.4.181.4.509c-.037.436-.219.436-.364.509l-3.055.654s-.436.146-.581-.073zm4.945.473l-.036 3.018s.036.437-.219.51c-.144.02-.291.02-.436 0l-2.036-.655a.6.6 0 0 1-.291-.364c-.073-.218.182-.545.182-.545l2.036-2.255s.327-.29.582-.145c.254.145.254.436.218.436zm-.364-3.236a.687.687 0 0 1-.581-.182l-2.51-3.418s-.363-.4-.181-.691a.64.64 0 0 1 .363-.291l2.4-.873c.11-.036.218-.145.582.073.255.145.291.655.291.655l.036 4.145s-.072.51-.4.582zm1.419.582l1.636-2.582s.145-.364.436-.327c.152.002.29.085.364.218l1.382 1.636a.676.676 0 0 1 .072.473c-.072.218-.472.363-.472.363l-2.91.837s-.4.073-.545-.182c-.145-.255 0-.51.037-.436zm3.781 3.309L15.6 16.655a.815.815 0 0 1-.4

Chrome Cache Entry: 395

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (63425)
Category:	downloaded
Size (bytes):	315483
Entropy (8bit):	5.474161180844693
Encrypted:	false
SSDEEP:
MD5:	023DC7E0EEA3619FAAC1DB80F59BE9F2
SHA1:	468228801169B13DAEA9FAE4CBA03402DED4BBD3
SHA-256:	F3B72F363D0AE5D74EB4139B2CEAA4B1A84EFC2C71A65E2D18D2BDCDE62049C8
SHA-512:	6B75A599C8EF49EDF7C08EF7F65CCD27904D78290FC2A3E1A38ED1B795593BD1F534D52C46AA4DC2E22C8F658339970F45BF12012D7381683E0649802169C485
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.32.4.js
Preview:	var Core=function(e){var t={};function n(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return e[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)n.d(r,o,function(t){return e[t]}.bind(null,o));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/",n(n.s=68)}([fun

Chrome Cache Entry: 396

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	242268
Entropy (8bit):	5.51924203646087
Encrypted:	false
SSDEEP:
MD5:	F2DB0912CD66165B9C85398F1A41A7B1
SHA1:	16892E42E52145FEA170D6F58C0AC46B312CEB8B
SHA-256:	833518345D069C40D251E16D0D4F51E3C7D2F2B4C69802C5B50A3351B8F1803E
SHA-512:	54AC24E34DD1E8181FA2FBDA5F3D75C74708FFCD1090C6A9EDB90E374E453ED2D88EBAA971BA931FF5EF0D00D3B5255A6AF78B8D83AEC2CD1C6E5B1357CE1DA0
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-87595056.js
Preview:	define("@widget/LAYOUT/c/bs-index3-87595056.js",["radpack","exports","~/c/bs-_rollupPluginBabelHelpers","~/c/bs-overlayTypes","~/c/bs-index2","~/c/bs-index","~/c/bs-dataAids","@wsb/guac-widget-shared@^1/lib/components/ColorSwatch","@wsb/guac-widget-shared@^1/lib/components/Carousel","~/c/bs-navigationDrawer","~/c/bs-searchFormLocations"],(function(e,t,a,r,o,l,n,i,c,s,g){"use strict";class p extends((global.Core\|\|guac["@wsb/guac-widget-core"]).UX2.utils.createElement("Background")){}a._(p,"propTypes",{className:(global.PropTypes\|\|guac["prop-types"]).string,backgroundSize:(global.PropTypes\|\|guac["prop-types"]).string,backgroundPosition:(global.PropTypes\|\|guac["prop-types"]).string,style:(global.PropTypes\|\|guac["prop-types"]).object,imageData:(global.PropTypes\|\|guac["prop-types"]).object,mobileWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,desktopWidthMultiplier:(global.PropTypes\|\|guac["prop-types"]).number,blur:(global.PropTypes\|\|guac["prop-types"]).bool}),a._(p,"defaultPr

Chrome Cache Entry: 397

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4562), with no line terminators
Category:	dropped
Size (bytes):	4562
Entropy (8bit):	5.816546324574051
Encrypted:	false
SSDEEP:
MD5:	D44745D0CA3E3EBD188F80F096D6E325
SHA1:	484BD1B203505E8183110FC2D4C65A9C9D94F8A6
SHA-256:	FAE2C97619E710B8B913ECBC242A2470A545DA096D6F4347347390D0B06249DF
SHA-512:	6153CB2E2D4C469FD0789D26D1A39C18A31DA427255278521F573196EE2F73651EF92867A9445EF7FB3485CB44068E7D7907224625B589B803C27BB09BAF5A6B
Malicious:	false
Reputation:	unknown
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()*1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{co

Chrome Cache Entry: 398

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (442)
Category:	dropped
Size (bytes):	486
Entropy (8bit):	5.227340053777477
Encrypted:	false
SSDEEP:
MD5:	5F10DF611C856F376981BE4DFBD17753
SHA1:	4463A27419B2FDFDBD81770C74DEE2E74BE948E0
SHA-256:	EBD2BA2A0E879AE2CEC7D513324E04346153A581BE3AA202662E6C9D5B1CE6E1
SHA-512:	F5911E08ED8B57B2E4B10C8AC622C4E7A82AEEC7D5B1AFED9C064A2975F41E211149CE1692FCF2F9497508E7ECDF678E48EC2CFA1D8C9112507950748146D5D8
Malicious:	false
Reputation:	unknown
Preview:	define("@wsb/guac-widget-shared/lib/components/Recaptcha/badge-e542c4f1.js",["exports"],(function(e){"use strict";class a extends(global.React\|\|guac.react).Component{render(){return(global.React\|\|guac.react).createElement((global.Core\|\|guac["@wsb/guac-widget-core"]).UX.Style,null,".grecaptcha-badge { visibility: hidden; }")}}e.default=a,Object.defineProperty(e,"__esModule",{value:!0})})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=badge-e542c4f1.js.map.

Chrome Cache Entry: 399

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	1040
Entropy (8bit):	4.966327900999645
Encrypted:	false
SSDEEP:
MD5:	521E2FED9485AFC075783DF24A70D45B
SHA1:	5190FA95A5CF16EE62478693E3BB1E0EC8020524
SHA-256:	39B5E6205E683F80B919FDA368D80FA6A3CCD57D6302406F531D589F50837A66
SHA-512:	70C3645B6A2B09B59D300E36494CC9B52CA18D17587B8E71FC170184A7A500A449F6714F5B424B8BC93D323CE5E51442E571E80FD09C3C030981BBEA992A982E
Malicious:	false
Reputation:	unknown
Preview:	/*. This file contain all code necessary to implement a page spinner. * dependency: /resources/stylesheets/spinner.css. /..var isSpinnerDisplayed = false;../. Function used to display the loading spinner.. /.function showOverlaySpinner() {..if (!isSpinnerDisplayed) {...isSpinnerDisplayed = true;...$('#overlaySpinner').removeClass('hiddenElement');..}.}../. Function used to hide the loading spinner.. /.function hideOverlaySpinner() {..if (isSpinnerDisplayed) {...isSpinnerDisplayed = false;...$('#overlaySpinner').addClass('hiddenElement');..}.}../. This will create at the end of page a DIV element which will be used to. * display the spinner.. */.function createSpinnerDiv() {..if ($('#overlaySpinner').length === 0) {...$('body')......append(.......'<div class="overlay hiddenElement" id="overlaySpinner"><div>'.........+ '<img class="loader" src="/images/account-images/SpinningWheel.gif">'.........+ '</div></div>');..}.}..// run when the document is ready.$j(document).rea

Chrome Cache Entry: 401

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1535x384, components 3
Category:	dropped
Size (bytes):	7301
Entropy (8bit):	6.676170415860454
Encrypted:	false
SSDEEP:
MD5:	D390CE8593CC797A8C09094662FEEBC6
SHA1:	FF8DBB6BCCA4D9211CDE9E30760AC9911766CE31
SHA-256:	2A74EC7211098E9CA04C4BFC8A507BF13596460716A6EDA455EFAE496127198C
SHA-512:	767957D14DDD15CA0E6EB5EA14865071485E029D954EE0D9C828BBC972445973C8D505AD784007D87CA2EA1BCD276CA568A564BEFAABC8599FE0FE76D969D864
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II...........................V...........^...(.......................i.......f.......8c......8c................0210....................0100...........................................C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((...........".............................................................A!1............................................................?....,r..7.,r..7.\|..o.n7.<....g..5.f5...".X.H.......( .DJP.V..(%.A.....h............Q...X..P...............%T.(!J..UB..h.. ..h"............".".....j.h4....+....Q5AU......H...,........@.........P@.@....B....,@..@UCA@.X...3...E..PU...2.UTT...,.....X.........\|.dt..\.F9t....yn.Q.9n.Q..-.j,H..@U...........P..(".........P..Z.. ...P................%F..T..AQA..ej.P...P......h"........ .....".*.......b......@.TX.....(...).............&#H.....\..@....UE.P...@i...PU...b,.D..+1`...U....b.......<.1.c2:H.s...]$..o.cp...c

Chrome Cache Entry: 402

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (23486), with escape sequences
Category:	downloaded
Size (bytes):	23573
Entropy (8bit):	5.432160276158223
Encrypted:	false
SSDEEP:
MD5:	3C889BDAEC6D2E633A1AF827A7361639
SHA1:	AEDC87EE908351695DA8B077D5AA0C06042CBE71
SHA-256:	40F3DF26368DCD3223A3B9D04B9B24439855D3439FA6E88AABEC75032ADE7721
SHA-512:	B10757D7727707A90E13BC19EF5B0D78BEC1507B1E982AD1EC40C5285315A207F530AF2769DFBEC1DBD8409E9E4716792D2C9C5E0FA91924DADAC3D6181B621F
Malicious:	false
Reputation:	unknown
URL:	https://secure.quantserve.com/aquant.js?a=p-0dpsUgIU6xoGw
Preview:	/* Copyright (c) 2008-2023, Quantcast Corp. https://www.quantcast.com/legal/license /.!function(){"use strict";var e="qcSes";function t(){var e=r();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,(function(t){var n=(e+16Math.random())%16\|0;return e=Math.floor(e/16),("x"===t?n:3&n\|8).toString(16)}))}var n=function(){try{if(!window.sessionStorage)return t()}catch(e){return t()}var n;try{if(n=window.sessionStorage.getItem(e))return n}catch(e){return t()}n=t();try{window.sessionStorage.setItem(e,n)}catch(e){}return n}();function r(){return(new Date).getTime()}function o(){return new Date}function a(e){var t=new Date(2e3,e,1,0,0,0,0),n=t.toUTCString(),r=new Date(n.substring(0,n.lastIndexOf(" ")-1));return t.getTime()-r.getTime()}function i(){return Math.round(2147483647*Math.random())}var c=/qcdbgc=1$/.test(window.location.toString());function u(e,t){if("undefined"!=typeof console){var n="ERROR"===e?".[41m QuantJS .[0m":".[44m QuantJS .[0m";console.log.apply(console,[n].conca

Chrome Cache Entry: 404

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (522)
Category:	downloaded
Size (bytes):	586
Entropy (8bit):	5.2378887904744955
Encrypted:	false
SSDEEP:
MD5:	FADB3719FFA2A9E96CDC64FFEA0220FA
SHA1:	B9B00833E59E99ECE036B518D8429AF5EFEC1163
SHA-256:	E8A5463FF98210D3017DEEE55D5A287AD01AAA11DBE7DEB7D07F7D15D7F609F2
SHA-512:	C6E3581F7676B3204BC0FC8D4DCCF5A383FDE6F17A27D2F855EBEE3D205459BD9866A219808EAB1D4D4B37676D13B516AF546C7125C3FFA22CA74B995A180644
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js
Preview:	define("@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-8ce54c82.js",["exports"],(function(e){"use strict";function n(){return n=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var r=arguments[n];for(var t in r)Object.prototype.hasOwnProperty.call(r,t)&&(e[t]=r[t])}return e},n.apply(this,arguments)}e._=n,e.a=function(e,n,r){return n in e?Object.defineProperty(e,n,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[n]=r,e}})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=_rollupPluginBabelHelpers-8ce54c82.js.map.

Chrome Cache Entry: 408

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	343
Entropy (8bit):	4.401695868487591
Encrypted:	false
SSDEEP:
MD5:	05EB403B2DEEE8E90EB1688BDF4690F7
SHA1:	38B23C8155ECFC057E66B327CAA46DF652B65839
SHA-256:	3E03C84B95893AFAD6B4C09EB6E4B52A877DABB56AD5502AA5373771FCA516D3
SHA-512:	2E8B985CD59DA300E6091EEB2D0AFE05F47C0188B7A23DBFFAC617975244206B3979A94AA9224B97DAFA87FD342AE7054D8C3A88A8596741FE41D0FEA35513FD
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/stylesheets/common/spinner.202405150938.css
Preview:	.overlay {. position: fixed;. z-index: 998;. width: 100%;. height: 100%;. top: 0;. left: 0;. right: 0;. bottom: 0;. background-color: rgba(0, 0, 0, 0.04);.}...loader {. position: fixed;. z-index: 999;. margin: auto;. top: 0;. left: 0;. bottom: 0;. right: 0;.}...hiddenElement {..display: none;.}

Chrome Cache Entry: 409

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5268)
Category:	dropped
Size (bytes):	274259
Entropy (8bit):	5.560239577820018
Encrypted:	false
SSDEEP:
MD5:	5117BFD66B799B510DA079CA1BF0F7E6
SHA1:	882A047343EE62C3A50C7DB73D10595543EB1005
SHA-256:	8505002DB7536F4F04F27F8BEA64972897D9C2FF511C5238C0D0CE1286CA434D
SHA-512:	D7122CA3AE0420421364E2F085BC0825C55FE5569A4439265EF0C1BBEF8835567AD5795C1286F9A02BE23391FE900F7867BC17BAB474046BC2EC078790D8A964
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_1p_data_v2","priority":2,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_autoEmailEnabled":true,"vtp_autoPhoneEnabled":false,"vtp_autoAddressEnabled":false,"vtp_isAutoCollectPiiEnabledFlag":false,"tag_id":4},{"function":"__ccd_ads_first","priority":1,"vtp_instanceDestinationId":"AW-1052447870","tag_id":7},{"function":"__rep","vtp_containerId":"AW-1052447870","vtp_remoteConfig":["map","enhanced_conversions",["map"]],"tag_id":1},{"function":"__ccd_ads_last","priority":0,"vtp_instanceDestinationId":"AW-1052447870","tag_id":6}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"},{"function":"_eq","arg0":["macro",0],"arg1":"gtm.init"}],. "rules":[[["if",0],["add",2]],[["if",1],["add",0,3,1]]].},."runtime":[ [50,"__ccd_a

Chrome Cache Entry: 410

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2146)
Category:	dropped
Size (bytes):	264567
Entropy (8bit):	5.551294414586941
Encrypted:	false
SSDEEP:
MD5:	2DC55EC4469FFF83E30D8833855DD568
SHA1:	477F150AFB9C1DE99B501D1980EB8A9F22B1F383
SHA-256:	F5E8D02BE266788CC456C971465E2E367DAE0185F39922F7D113D7974CEAC8A0
SHA-512:	10DB09D4FD11F558F6CAB7380C05D7A72D5F9090225B6A9D50CD6260DACBF5FE13F868AFE4E689FB8DB377AE6776A983C6878A55040E463B1E2C8DFEC7366FEC
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__cid"}],. "tags":[{"function":"__rep","once_per_event":true,"vtp_containerId":["macro",1],"tag_id":1}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"}],. "rules":[[["if",0],["add",0]]].},."runtime":[ [50,"__cid",[46,"a"],[36,[17,[13,[41,"$0"],[3,"$0",["require","getContainerVersion"]],["$0"]],"containerId"]]]. ,[50,"__e",[46,"a"],[36,[13,[41,"$0"],[3,"$0",["require","internal.getEventData"]],["$0","event"]]]]. .].,"entities":{."__cid":{"2":true,"4":true,"3":true}.,."__e":{"2":true,"4":true}...}.,"blob":{"1":"1"}.,"permissions":{."__cid":{"read_container_data":{}}.,."__e":{"read_event_data":{"eventDataAccess":"specific","keyPatterns":["event"]}}...}....,"security_groups":{."google":[."__cid".,."__e"..]...}....};.....var h,ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{d

Chrome Cache Entry: 411

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	9772
Entropy (8bit):	5.492626903247724
Encrypted:	false
SSDEEP:
MD5:	BBA800060D72E616A58F00811EBC5930
SHA1:	0DD45AEE8186FAB4F8A981A60F89E3B6DA0129EC
SHA-256:	E7A44BB269F302957BFF51DA3895FC3D33CB42AEAF7B142F2217AC31B7FC99DB
SHA-512:	3C3743354EF4FA477CBBE52676A520F5C85B5A3D9F751D82A1554AA9E2964D8777250180B4BE75E252971F2971E0CF23E1629F1BFAAAD493A2B329D12908D521
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css?family=Lato:400,700%7CMontserrat:400,700%7CRoboto+Slab:400,700&subset=latin,latin,latin"
Preview:	/* latin-ext /.@font-face {. font-family: 'Lato';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2) format('woff2');. unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+0304, U+0308, U+0329, U+1D00-1DBF, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;.}./ latin /.@font-face {. font-family: 'Lato';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2) format('woff2');. unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;.}./ latin-ext */.@font-face {. font-family: 'Lato';. font-style: normal;. font-weight: 700;. src: url(https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2) format('woff2');. unicode-range: U+0100-02BA, U+02B

Chrome Cache Entry: 413

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (852)
Category:	downloaded
Size (bytes):	919
Entropy (8bit):	5.236642015723828
Encrypted:	false
SSDEEP:
MD5:	1CCD3C1052745E96CE686CC6F6143F10
SHA1:	0B19BB42233073967E22FE75572E12908E70A8C9
SHA-256:	F075FEFC90D97DA32D93AB7A2C9660A9D73B41A3B022497C8E6683CB6F98BF88
SHA-512:	0A274F4D70897638F9EC9F0A04D79C0BF6FA94E297A7938F773345395AC64F2CB87B9DA2D265DDC017C3AE0C16B88B207E8688110AE8A5E91FC662767D78587A
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-a2e90765.js
Preview:	define("@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-a2e90765.js",["exports"],(function(e){"use strict";function r(){return r=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])}return e},r.apply(this,arguments)}e._=function(e,r,t){return(r=function(e){var r=function(e,r){if("object"!=typeof e\|\|null===e)return e;var t=e[Symbol.toPrimitive];if(void 0!==t){var n=t.call(e,r\|\|"default");if("object"!=typeof n)return n;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===r?String:Number)(e)}(e,"string");return"symbol"==typeof r?r:String(r)}(r))in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e},e.a=r})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-_rollupPluginBabelHelpers-a2e90765.js.map.

Chrome Cache Entry: 415

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4542), with no line terminators
Category:	dropped
Size (bytes):	4542
Entropy (8bit):	5.810695947130016
Encrypted:	false
SSDEEP:
MD5:	EFD7AC42A45EAE50BC5DFD931A67C18B
SHA1:	139A76782E705EC32C5AF0A30E32F25A6211A4E9
SHA-256:	CAD5C02B3A1D219BE3AEFCE326E168FAD36D10F639B6706B9CD2094F04F029AE
SHA-512:	2BEF210045AAA55E9DC309B8B210C28984EF3E3B2DA0AE01ACA17DA4B6CAEEC67DF4B38EF3087D728B6C3074204EBA34E2967EE27D87B8E926CB94308C9DBBD0
Malicious:	false
Reputation:	unknown
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");} var m=k(this),n=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",q={},t={};function u(a,b,c){if(!c\|\|a!=null){c=t[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}} function v(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],g;!a&&e in q?g=q:g=m;for(e=0;e<d.length-1;e++){var f=d[e];if(!(f in g))break a;g=g[f]}d=d[d.length-1];c=n&&c==="es6"?g[d]:null;b=b(c);b!=null&&(a?h(q,d,{configurable:!0,writable:!0,value:b}):b!==c&&(t[d]===void 0&&(a=Math.random()*1E9>>>0,t[d]=n?m.Symbol(d):"$jscp$"+a+"$"+d),h(g,t[d],{co

Chrome Cache Entry: 416

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1824)
Category:	dropped
Size (bytes):	1874
Entropy (8bit):	4.934407477113311
Encrypted:	false
SSDEEP:
MD5:	EDC15AD5DAAC3CFA744BFFDB1E0174BE
SHA1:	E314A5CA702D0E77B2C2C023ADDADE266EA223B2
SHA-256:	3B54AEACFDA01BE53800632989A82F6F5A7F92E927159A37A4324B38D3DFFEF8
SHA-512:	8B8805D67FF993BD406EEB6682B1578537A3D6B7DC6711BE7152120689C77147D8C24351ACEBD2A06AE9B81D858EAED19C44E6792FE3C147EEAF3133C635589B
Malicious:	false
Reputation:	unknown
Preview:	define("@widget/LAYOUT/c/bs-dataAids-6a839d53.js",["exports"],(function(E){"use strict";var R=(global.keyMirror\|\|guac.keymirror)({BACKGROUND_IMAGE_RENDERED:null,HAMBURGER_MENU_LINK:null,HEADER_WIDGET:null,HEADER_SECTION:null,HEADER_VIDEO:null,HEADER_VIDEO_EMBED_WRAPPER:null,HEADER_VIDEO_EMBED:null,HEADER_VIDEO_EMBED_INSET_POSTER:null,HEADER_VIDEO_EMBED_FILL_POSTER:null,HEADER_VIDEO_BACKGROUND:null,HEADER_SLIDESHOW:null,HEADER_SLIDE:null,HEADER_HERO_SLIDE:null,HEADER_PHONE_RENDERED:null,HEADER_PIPE_RENDERED:null,HEADER_ADDRESS_RENDERED:null,HEADER_LOGO_RENDERED:null,HEADER_LOGO_IMAGE_RENDERED:null,HEADER_LOGO_OVERHANG_CONTAINER:null,HEADER_LOGO_TEXT_RENDERED:null,HEADER_TAGLINE_RENDERED:null,HEADER_TAGLINE2_RENDERED:null,HEADER_NAV_RENDERED:null,HEADER_CTA_BTN:null,CART_ICON_RENDER:null,CART_ICON_COUNT:null,CART_ICON_PIPE:null,CART_TEXT:null,CART_DROPDOWN_RENDERED:null,SEARCH_FORM_RENDERED:null,SEARCH_ICON_RENDERED:null,SEARCH_ICON_RENDERED_OPEN:null,SEARCH_CLOSE_RENDERED:null,SEARCH_FI

Chrome Cache Entry: 417

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32946), with no line terminators
Category:	downloaded
Size (bytes):	32946
Entropy (8bit):	5.238083057459066
Encrypted:	false
SSDEEP:
MD5:	7DFCA6968EAE03D7A7EAC3B8B5FF2535
SHA1:	6EEFAE4095CB747A355B8524DFD186C790C0EABD
SHA-256:	4E7C765464EA55163298B2001DC0C034DBD635446BB75C288CD29BB00AB3A8A3
SHA-512:	EBDEF46A3374777EE4B4EE3FC0ADAD0CC65BC8865FC1582932756A58C33AC4BBFCC1608D855FE7D824857F5BB574320DC1DB7C7506F5DB4D983A4418760FE9AE
Malicious:	false
Reputation:	unknown
URL:	https://8fb8895e6829.godaddysites.com/sw.js
Preview:	(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:()=>a}),s(913);class a extends Error{constructor(e,t){super(((e,...t)=>{let s=e;return t.length>0&&(s+=` :: ${JSON.stringify(t)}`),s})(e,t)),this.name=e,this.details=t}}},524:(e,t,s)=>{s.d(t,{h:()=>a}),s(125),s(913);const a=null},594:(e,t,s)=>{function a(e,t){const s=new URL(e);for(const e of t)s.searchParams.delete(e);return s.href}async function n(e,t,s,n){const r=a(t.url,s);if(t.url===r)return e.match(t,n);const i=Object.assign(Object.assign({},n),{ignoreSearch:!0}),c=await e.keys(t,i);for(const t of c)if(r===a(t.url,s))return e.match(t,n)}s.d(t,{F:()=>n}),s(913)},536:(e,t,s)=>{s.d(t,{x:()=>r}),s(913);const a={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registratio

Chrome Cache Entry: 418

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (829)
Category:	downloaded
Size (bytes):	876
Entropy (8bit):	5.561256771975726
Encrypted:	false
SSDEEP:
MD5:	9219CF782ED219BD3929A51E99503BC2
SHA1:	6AAC399854EC0405949566FAFDCA8C121F0CDA58
SHA-256:	89388608D7BCECED5AD74231681FFCE822AD580ACB9FD7E492970176E3E38347
SHA-512:	D421851026422D46E1561FA852084CE7B41E32C7451DCF85900838265D330F09389DA18F4D8A5FAF3E0A4076508BA7E93EA9C5F8B5B32ACF32205C9B6E65E709
Malicious:	false
Reputation:	unknown
URL:	https://img1.wsimg.com/blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-4e26cd6b.js
Preview:	define("@widget/LAYOUT/c/bs-index-4e26cd6b.js",["exports"],(function(o){"use strict";const{widgetTypes:e,colorPackCategories:t,themeConstants:n,buttons:l}=(global.Core\|\|guac["@wsb/guac-widget-core"]).constants,s=(global.keyMirror\|\|guac.keymirror)({NONE:null,SMALL_UNDERLINE:null,FULL_UNDERLINE:null,INLINE:null}),i=24,r=n.DEFAULT_OVERLAY_TEXT_SHADOW,a={about4:i,introduction5:i,content5:i,ordering1:i,payment2:i,zillow1:i,reviews1:i,rss1:i,subscribe3:i,mlsSearch1:i,contact10:i,countdown1:i,quote1:i},c={spotlight:{fill:l.fills.SOLID},external:{fill:l.fills.NONE,decoration:l.decorations.NONE,shadow:l.shadows.NONE}};o.A="365px",o.B="24px",o.C=c,o.D=25,o.I=28,o.M=40,o.O="0px 2px 10px rgba(0, 0, 0, 0.3)",o.S=40,o.W={about1:!0},o.a=r,o.b="18px",o.c=a,o.d="600px",o.e=t,o.s=s})),"undefined"!=typeof window&&(window.global=window);.//# sourceMappingURL=bs-index-4e26cd6b.js.map.

Chrome Cache Entry: 423

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2172), with no line terminators
Category:	downloaded
Size (bytes):	2172
Entropy (8bit):	4.888010843508281
Encrypted:	false
SSDEEP:
MD5:	476EF46BD36BB9AB00438E938217F93B
SHA1:	4E18B1108759F65566D0E93F4D3D3CECC8A1F86B
SHA-256:	9365AAC2496E397F022642D5AC31DF865821DE4167A2921BA500AF0BB550E50F
SHA-512:	14CB5CB41A5B6EF2E77177DD93631C2073D66033ABA346D11B653B3E1BCF6F64EA5596AC1A5A738A481FC98177A3543102783ABB1DF5F04242EEEABCB7F18A23
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/public/css/min/cookie-banner.css
Preview:	div#agreementBar{background-color:#ebebeb;position:fixed;top:auto;bottom:0;width:100%;height:80px;z-index:9999;font-size:14px;border-top:1px solid #ddd;opacity:.93}div#agreementBar div#agreementContent{position:relative;max-width:1140px;height:100%;margin-left:auto;margin-right:auto}div#agreementBar div#agreementContent div{float:left;display:inline;font-weight:400}div#agreementBar div.agreement-text{width:950px;height:100%;position:relative}div#agreementBar div.agreement-text p{position:absolute;width:100%;top:50%;transform:translateY(-50%);color:#000;font-weight:400;text-align:center;margin:0;padding:0 20px 0 20px}div#agreementBar div.agreement-text a{text-decoration:underline;color:#5cb85c}div #agreementBar div.agreement-button{height:100%;padding-left:10px}div#agreementBar div.agreement-button button{position:absolute;width:100px;top:50%;transform:translateY(-45%);background:#ebebeb none repeat scroll 0 0;border-radius:5px;border-color:#000;border-width:1px;border-style:solid;color

Chrome Cache Entry: 424

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	assembler source, ASCII text
Category:	downloaded
Size (bytes):	2025
Entropy (8bit):	5.057520746643073
Encrypted:	false
SSDEEP:
MD5:	C2E8A7E596C578EF703CCA6192BBA990
SHA1:	ED04AF6AB49A1462F024D7D6769B890383A637E9
SHA-256:	55876C0C975BA0069668C416DBDE207ADD04D0E3E92ACB794B70B6D21C1C707B
SHA-512:	CBFD9D71DE32E31B184D8E7750B5491DC1F99E1A4F59FFB38B09A7E026B5CA542720392DDFC58B320664370DEA08522E0FF4AEAC22228E8495422EC33053C4A9
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/stylesheets/alpha/pf-download-landing-page-v3.202405150938.css
Preview:	.iris{..margin-bottom:0!important;.}..imageFrame{..margin: 0px auto 20px auto;..max-width:600px;.}..pf-down-main-div{..font-family:'Lato',Arial,sans-serif;..font-size:20pt;..text-align:center;.}..pf-owner-shares-text{..color:#1f1f1f;..margin-bottom:16pt;.}...pf-down-file-name{..color:#3d92bf;.}..pf-down-file-size{..color:#676767;.}..submitButton{..padding:20px 60px 20px 60px;..-webkit-border-radius: 4px;..-moz-border-radius: 4px;..border-radius: 4px;..color:#3ead63;..margin:20px.}.#submit-button-text{..font-weight:bold;..font-size:13pt;..color:white;.}..line-separator{..width: 90%;..height: 1px;..background-color: #d1d1d1;..margin-top: 20px;..margin-bottom: 20px;..position: relative;..left: 5%;.}..pf-container-landing{. display:none;.}..pf-container-retry{. display:none;.}..pf-container-second{. display:none;.}..pf-container-iframe{. display:none;.}..pf-container-image{. display:none;.}..pf-container-ioffice{. display:none;.}..pf-container-error{. display:none;.}..

Chrome Cache Entry: 427

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text
Category:	dropped
Size (bytes):	2811
Entropy (8bit):	5.1401899109552325
Encrypted:	false
SSDEEP:
MD5:	09033B0C9521739CCAB0AD9BF9FF430C
SHA1:	E2DAAD7454FAAEBC0FA0A44471A464E759276A53
SHA-256:	605C1E9C52A845ED8DFF6E4B9352D00B6069532A6653002461BA672FBF5D0FC0
SHA-512:	E202C2D4370443E3C10F90EEA4237D6B99C5DEEB2A16486E8ED7C242181B16952F6AFFCB01FD4A94C1890EFC7B1335EF478626F6C0737362974B0C2529657E78
Malicious:	false
Reputation:	unknown
Preview:	function isLogin() {. .return document.getElementById('account-info') !== null;. }. . function getDomain() {. .var arr = window.location.hostname.match(/([a-z0-9-]*?)\.[a-z]{2,}$/);. .if (arr !== null && arr.length > 0) {. ..return "." + arr[0];. .}. .return ".sugarsync.com";. }. ..function getCookie(name) {...var re = new RegExp(name + "=([^;]+)");...var value = re.exec(document.cookie);...return (value != null && value.length == 2) ? unescape(value[1]) : null;..}....//displays the cookie banner..function showCookieBanner(){...//if jQuery is available, use it...if(typeof($j) !== 'undefined' && typeof($j('#agreementBar').slideToggle) === "function"){....$j('#agreementBar').slideToggle();...} else if(typeof($) !== 'undefined' && typeof($('#agreementBar').slideToggle) === "function"){....$('#agreementBar').slideToggle();...} else {....document.getElementById("agreementBar").style.display = 'block';...}..}...//verify if exists the cookie for cookie acc

Chrome Cache Entry: 428

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1027), with no line terminators
Category:	downloaded
Size (bytes):	1027
Entropy (8bit):	5.124050707004321
Encrypted:	false
SSDEEP:
MD5:	C9089467E2A9D86A32E17086EE8889CF
SHA1:	6AA2DDE71E454EC23078C0A1FD3AA12C87431D12
SHA-256:	50C7EDE2C8EBCF7D70ED19AE3DFEEAC6EC4ED75AF785EECCE98443D3189DB41C
SHA-512:	B28310D148F1CEE9A9CDF2E1DF4E731FD4797C879639F0C7951E3AD293782E39A3B4CE82029E0CCE4145FC5019DB8A7DD494FC77EA0001BF01B1952220FB9841
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/public/js/min/vwo.js
Preview:	var _vwo_code=function(){var t=!1,n=document;return{use_existing_jquery:function(){return!1},library_tolerance:function(){return 2500},finish:function(){if(!t){t=!0;var e=n.getElementById("_vis_opt_path_hides");e&&e.parentNode.removeChild(e)}},finished:function(){return t},load:function(e){var t=n.createElement("script");t.src=e,t.type="text/javascript",t.innerText,t.onerror=function(){_vwo_code.finish()},n.getElementsByTagName("head")[0].appendChild(t)},init:function(){settings_timer=setTimeout("_vwo_code.finish()",2e3);var e=n.createElement("style"),t="body{opacity:0 !important;filter:alpha(opacity=0) !important;background:none !important;}",i=n.getElementsByTagName("head")[0];return e.setAttribute("id","_vis_opt_path_hides"),e.setAttribute("type","text/css"),e.styleSheet?e.styleSheet.cssText=t:e.appendChild(n.createTextNode(t)),i.appendChild(e),this.load("//dev.visualwebsiteoptimizer.com/j.php?a=268746&u="+encodeURIComponent(n.URL)+"&r="+Math.random()),settings_timer}}}();_vwo_setti

Chrome Cache Entry: 429

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	assembler source, ASCII text, with very long lines (1515)
Category:	downloaded
Size (bytes):	106693
Entropy (8bit):	5.255831798710544
Encrypted:	false
SSDEEP:
MD5:	FD1A35670C297C23CA6B7A6EC88A3420
SHA1:	389AEA823D230FA6EE22A3C2526C5731A9EDD448
SHA-256:	32595D447830801661158E10F324EBB5AD76F90F23515452FCDEEF0C641C1FB8
SHA-512:	FCF4E83A1E36F56306E670AA9FBF0F51B72839174F4C2D44BD149FCE986D15B563B772EFAB8C4DD8757EFAF19AC96A61C68019D4ACB0E12E6064670CED4735D6
Malicious:	false
Reputation:	unknown
URL:	https://www.sugarsync.com/stylesheets/iris/all.202405150938.css
Preview:	/! Bootstrap v2.1.1 * * Copyright 2012 Twitter,Inc * Licensed under the Apache License v2.0 * http://www.apache.org/licenses/LICENSE-2.0 * * Designed and built with all the love in the world @twitter by @mdo and @fat. / html,html a,body{-webkit-font-smoothing:aliased!important;text-rendering:optimizeLegibility;}.html,body,div,span,applet,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,big,cite,code,del,dfn,em,img,ins,kbd,q,s,samp,small,strike,strong,sub,sup,tt,var,b,u,i,center,dl,dt,dd,ol,ul,li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td,article,aside,canvas,details,embed,figure,figcaption,footer,header,hgroup,menu,nav,output,ruby,section,summary,time,mark,audio,video{margin:0;padding:0;border:0;font-size:100%;font:inherit;vertical-align:baseline;}.article,aside,details,figcaption,figure,footer,header,hgroup,nav,section{display:block;}audio,canvas,video{display:inline-block;display:inline;*zoom:1;}audio:not([controls]){display:none;}h

Chrome Cache Entry: 432

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Suserng: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	792
Entropy (8bit):	7.6634568727925
Encrypted:	false
SSDEEP:
MD5:	138F196E984491E32DAC12235FE1831E
SHA1:	0B41EE506C82DD5F6795BFD7A2307926540BCB78
SHA-256:	2DC50F75EAA74A4F9537B32D692CAF20293333C1D108B9CE8F1E42DA87AEB6B1
SHA-512:	E4984B1FFF82F4386720A0EF23D09B2A6F221ACE68DB4846D4DD21231F9AD5AB818A451CD2393695FA50CA359A2CEE7A1758E9BF566827115E8E70B8C96AB046
Malicious:	false
Reputation:	unknown
URL:	"https://img1.wsimg.com/isteam/ip/static/pwa-app/logo-default.png/:/rs=w:192,h:192,m"
Preview:	RIFF....WEBPVP8 .............>m4.G.#"!3.....in.o......._.k"?T..xW............#.....G._f._.....ffffffffffffd...\|.AK..^%.33$u$....$..W.*...EuT.a....(.@3..n....}..G.P.1.0k.!.%.)...e....R$\|6.[..".fVK....R.o.U4...)B.9...NhG.:.....fi...9\......@....x.9.-9)....lOp...\|...'......NL...g...7&......\|./P.>6.. !..6R....r.0Z..."/M.C.a.&....5...hD..5:..An.pQf.D.....[m,#6....:...<....VYT.J5:.9.w........>u..#.z3i..9.......\|...T.....v=.I.]..!m!.h....-uT7.V\|Wh`.V$O9J.i!.BQ..v..J.qo.}.}.;..:...g...M..@d..}....c.....<...lF...>};N>...#.SULy~j.2...s..U..f...Z......Uo."....R.Q#-.R/.<..~0.N9.....:c..Y...?XD.[..F.....?"..`O!N.....~.....z.//.}:.i...Wu...0..wF]...`2q}..ZiS..~<...V.7.I..Bo.Ys..".......=~o.....^...&.. .#......vy.-.d.a.N.E......7..'..b....1..1G....q.......

Chrome Cache Entry: 434

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16085)
Category:	downloaded
Size (bytes):	412970
Entropy (8bit):	5.651777561412463
Encrypted:	false
SSDEEP:
MD5:	8B38EEDB3C59FD9822C31E8F18BD2D03
SHA1:	026832CF8ABBD51C84613ECEB9803BDF12704526
SHA-256:	AD52C0DA560CB1D9EAAAA60DDA039904B9B86758714F024F4DCC536D8B18A9AD
SHA-512:	2E4C278EA5899CFB3B1F46A60E96E5ECCABFBDBDCCA1277A2B6B8222140692CBE4BE015D600425CC2C055329650D757C41CA732E1B710A712C7E1F038DDA0DA5
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=G-PZ6N980F31&cx=c&_slc=1
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":false},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_ga_send","priority":13,"vtp_value":true,"tag_id":11},{"function":"__ogt_ip_mark","priority":13,"vtp_instanceOrder":0,"vtp_paramValue":"internal","vtp_ruleResult":["macro",1],"tag_id":13},{"function":"__ogt_referral_exclusion","priority":13,"vtp_includeConditions":["list","sugarsync\\.com","paypal\\.com","app\\.sugarsync\\.com","\\*\\.sugarsync\\.com","zuora\\.com","surveymonkey\\.com","support\\.sugarsync\\.com"],"tag_id":14},{"function":"__ogt_session_timeout","priority":13,"vtp_sessionMinutes":30,"vtp_sessionHours":0,"tag_id":15},{"function":"__ogt_1p_data_v2","priority":13,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType"

Static File Info

General

File type:	PDF document, version 1.5
Entropy (8bit):	7.956397114349359
TrID:	Adobe Portable Document Format (5005/1) 100.00%
File name:	SERVED SUMMON LETTER 01-30-2025.pdf
File size:	21'051 bytes
MD5:	42aa31c5a1e2ecc84c5de1297f691800
SHA1:	d4b6bc45b26d22fd899279e147e530e271cae227
SHA256:	724ea08f15b106cfc83fe28e610b951952630408abdd7cd3baf0c55dc9898a68
SHA512:	052f91510e6b80fb8699d2b0cb5322d3fe6d8196d80c266ca171f018f4a665ec8a5204d100eaea502a7778233cc7b7639a2a8025932fec0b8246cfd88ff29f5d
SSDEEP:	384:m25yOYbkTXG9+Fe6e9ATms63fKAFlLsr5DHulxnBVO2LP8HLZz333J5g:TJYbORe6e9ATl6PTLsr5DHulxBlgZznQ
TLSH:	B792D08B9C1BDAEB9D018BDC7D511EF5C9EC52623F087ED925008F4F3CD49928D905A9
File Content Preview:	%PDF-1.5.%.....2 0 obj.<<./Type /Catalog./Pages 4 0 R./OpenAction [5 0 R /FitH null]./PageLayout /OneColumn./AcroForm 6 0 R./Version /1#2E5.>>.endobj.8 0 obj.<<./Filter /FlateDecode./Length 10.>>.stream..x.+......\|..endstream.endobj.9 0 obj.<<./Filter /Fl

File Icon


Icon Hash:	62cc8caeb29e8ae0

Static PDF Info

General
Header:	%PDF-1.5
Total Entropy:	7.956397
Total Bytes:	21051
Stream Entropy:	7.972810
Stream Bytes:	19869
Entropy outside Streams:	5.228305
Bytes outside Streams:	1182
Number of EOF found:	1
Bytes after EOF:

Keywords Statistics

Name	Count
obj	10
endobj	10
stream	8
endstream	8
xref	0
trailer	0
startxref	1
/Page	0
/Encrypt	0
/ObjStm	1
/URI	0
/JS	0
/JavaScript	0
/AA	0
/OpenAction	1
/AcroForm	1
/JBIG2Decode	0
/RichMedia	0
/Launch	0
/EmbeddedFile	0

Image Streams

ID	DHASH	MD5	Preview
28	405540951c407140	f540a449f36ed264a1751eacc2a2852a

Description:	Adversaries may abuse Internet browser extensions to establish persistent access to victim systems. Browser extensions or plugins are small programs that can add functionality and customize aspects of Internet browsers. They can be installed directly or through a browser's app store and generally have access and permissions to everything that the browser can access.
Tactics:	Persistence
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Process: Process Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report SERVED SUMMON LETTER 01-30-2025.pdf

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\83f0a96a-1e2b-4b8d-b33c-b698c873c087.tmp

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\9505ae17-638d-43f1-a17c-06a7bf67ad4e.tmp

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF4fa7c8.TMP (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-250130063723Z-170.bmp

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt23.lst (copy)

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.1276

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt23.lst (copy)

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt23.lst.1276

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

Windows Analysis Report
SERVED SUMMON LETTER 01-30-2025.pdf