Edit tour

Windows Analysis Report
Technical Data Sheet.html

Overview

General Information

Sample name:Technical Data Sheet.html
Analysis ID:1647799
MD5:c2abf8456eedeb56fe5a35f0623c5ad5
SHA1:408cbbe9313b6ada722490b4b9fc9ad2111af08b
SHA256:cb3f5cf9525419dc1d4114ca79ef3b66eaad0ab9706da238df119352dfff9674
Infos:

Detection

HTMLPhisher
Score:60
Range:0 - 100
Confidence:100%

Signatures

Yara detected HtmlPhish10
HTML IFrame injector detected
HTML Script injector detected
HTML file submission containing password form
Detected hidden input values containing email addresses (often used in phishing pages)
HTML body contains low number of good links
HTML body contains password input but no form action
HTML body with high number of embedded images detected
HTML title does not match URL
None HTTPS page querying sensitive user data (password, username or email)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 4660 cmdline: "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\Technical Data Sheet.html MD5: B6CB00FCB81D3B66870817AEBE7163BB)
    • chrome.exe (PID: 3952 cmdline: "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=1900 --field-trial-handle=2000,i,7290978603726058000,12469770623565897191,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: B6CB00FCB81D3B66870817AEBE7163BB)
  • cleanup
SourceRuleDescriptionAuthorStrings
0.1.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    No Sigma rule has matched
    No Suricata rule has matched

    Click to jump to signature section

    Show All Signature Results

    Phishing

    barindex
    Source: Yara matchFile source: 0.1.pages.csv, type: HTML
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: New IFrame, src: https://cdnmatrix.online/fl/5nhz3r98
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: New script tag found
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: hannes.bogner@biog.at
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: Number of links: 0
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: <input type="password" .../> found but no <form action="...
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: Total embedded image size: 182784
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: Title: Sign in to your Microsoft account does not match URL
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: Has password / email / username input fields
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: <input type="password" .../> found
    Source: Technical Data Sheet.htmlHTTP Parser: No favicon
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: No favicon
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: No <meta name="author".. found
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: No <meta name="copyright".. found
    Source: unknownHTTPS traffic detected: 23.55.235.226:443 -> 192.168.2.16:49700 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.17.249.203:443 -> 192.168.2.16:49698 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.17.249.203:443 -> 192.168.2.16:49699 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 47.253.40.255:443 -> 192.168.2.16:49702 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 142.250.80.65:443 -> 192.168.2.16:49704 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.16:49711 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 47.253.40.255:443 -> 192.168.2.16:49712 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.17.245.203:443 -> 192.168.2.16:49717 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.17.245.203:443 -> 192.168.2.16:49718 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.16:49722 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.229:443 -> 192.168.2.16:49723 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.229:443 -> 192.168.2.16:49724 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.229:443 -> 192.168.2.16:49725 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 172.64.41.3:443 -> 192.168.2.16:49729 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 172.64.41.3:443 -> 192.168.2.16:49730 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 142.251.41.14:443 -> 192.168.2.16:49733 version: TLS 1.2
    Source: chrome.exeMemory has grown: Private usage: 1MB later: 27MB
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
    Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
    Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
    Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: global trafficHTTP traffic detected: GET /ajax/jquery.validate/1.13.0/additional-methods.min.js HTTP/1.1Host: ajax.aspnetcdn.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /leaflet/dist/leaflet.css HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /leaflet/dist/leaflet.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /module/v3.8.37/opalmoo.js HTTP/1.1Host: hudeload.routedynamo.onlineConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /crx/blobs/Ad_brx2zn0VllUfDy3IInsf2x_JT_KYwvCFCBKIccViK8GQrmAxO7uKh27DftB49uvpTV6LoiwfTytfG26LWZ9yEblrh9n2ArDUdsJt1S0eRDzFPHmbtV_p0UKkid0dN6ohjAMZSmuWMxdBIryELE2Jro2LlEMjsJPgraw/EFAIDNBMNNNIBPCAJPCGLCLEFINDMKAJ_25_3_1_1.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /leaflet@1.9.4/dist/leaflet.css HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /leaflet@1.9.4/dist/leaflet.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /leaflet@1.9.4/dist/images/marker-icon.png HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://unpkg.com/leaflet@1.9.4/dist/leaflet.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /leaflet@1.9.4/dist/images/marker-shadow.png HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /10/301/384.png HTTP/1.1Host: b.tile.openstreetmap.orgConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /fl/5nhz3r98 HTTP/1.1Host: cdnmatrix.onlineConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /leaflet@1.9.4/dist/images/marker-shadow.png HTTP/1.1Host: unpkg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /leaflet@1.9.4/dist/images/marker-icon.png HTTP/1.1Host: unpkg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /assets/global/pdf/css/app.css HTTP/1.1Host: cdnmatrix.onlineConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cdnmatrix.online/fl/5nhz3r98Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /assets/global/pdf/css/conf.css HTTP/1.1Host: cdnmatrix.onlineConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cdnmatrix.online/fl/5nhz3r98Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /assets/global/pdf/css/conn.css HTTP/1.1Host: cdnmatrix.onlineConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cdnmatrix.online/fl/5nhz3r98Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /10/301/384.png HTTP/1.1Host: b.tile.openstreetmap.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"Origin: https://cdnmatrix.onlinesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://cdnmatrix.online/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /npm/@popperjs/core@2.11.8/dist/umd/popper.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cdnmatrix.online/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /npm/bootstrap@5.3.3/dist/js/bootstrap.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cdnmatrix.online/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficHTTP traffic detected: GET /webstore/inlineinstall/detail/efaidnbmnnnibpcajpcglclefindmkaj HTTP/1.1Host: chrome.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
    Source: global trafficDNS traffic detected: DNS query: unpkg.com
    Source: global trafficDNS traffic detected: DNS query: hudeload.routedynamo.online
    Source: global trafficDNS traffic detected: DNS query: ajax.aspnetcdn.com
    Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
    Source: global trafficDNS traffic detected: DNS query: cdnmatrix.online
    Source: global trafficDNS traffic detected: DNS query: b.tile.openstreetmap.org
    Source: global trafficDNS traffic detected: DNS query: cdn.jsdelivr.net
    Source: global trafficDNS traffic detected: DNS query: www.google.com
    Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
    Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
    Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
    Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
    Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
    Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
    Source: unknownHTTPS traffic detected: 23.55.235.226:443 -> 192.168.2.16:49700 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.17.249.203:443 -> 192.168.2.16:49698 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.17.249.203:443 -> 192.168.2.16:49699 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 47.253.40.255:443 -> 192.168.2.16:49702 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 142.250.80.65:443 -> 192.168.2.16:49704 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.16:49711 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 47.253.40.255:443 -> 192.168.2.16:49712 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.17.245.203:443 -> 192.168.2.16:49717 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 104.17.245.203:443 -> 192.168.2.16:49718 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.16:49722 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.229:443 -> 192.168.2.16:49723 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.229:443 -> 192.168.2.16:49724 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.229:443 -> 192.168.2.16:49725 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 172.64.41.3:443 -> 192.168.2.16:49729 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 172.64.41.3:443 -> 192.168.2.16:49730 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 142.251.41.14:443 -> 192.168.2.16:49733 version: TLS 1.2
    Source: classification engineClassification label: mal60.phis.winHTML@20/0@24/232
    Source: unknownProcess created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --start-maximized --single-argument C:\Users\user\Desktop\Technical Data Sheet.html
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=1900 --field-trial-handle=2000,i,7290978603726058000,12469770623565897191,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: C:\Users\user\AppData\Local\Chromium\Application\chrome.exe "C:\Users\user\AppData\Local\Chromium\Application\chrome.exe" --no-sandbox --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=1900 --field-trial-handle=2000,i,7290978603726058000,12469770623565897191,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Users\user\AppData\Local\Chromium\Application\chrome.exeProcess created: unknown unknown

    Stealing of Sensitive Information

    barindex
    Source: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmlHTTP Parser: file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.html
    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
    Process Injection
    1
    Process Injection
    OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
    Encrypted Channel
    Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
    Extra Window Memory Injection
    1
    Extra Window Memory Injection
    LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
    Non-Application Layer Protocol
    Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
    Application Layer Protocol
    Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
    Ingress Tool Transfer
    Traffic DuplicationData Destruction

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand
    SourceDetectionScannerLabelLink
    Technical Data Sheet.html0%VirustotalBrowse
    No Antivirus matches
    No Antivirus matches
    No Antivirus matches
    SourceDetectionScannerLabelLink
    https://unpkg.com/leaflet/dist/leaflet.css0%Avira URL Cloudsafe
    https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.min.js0%Avira URL Cloudsafe
    https://unpkg.com/leaflet@1.9.4/dist/leaflet.css0%Avira URL Cloudsafe
    https://unpkg.com/leaflet@1.9.4/dist/leaflet.js0%Avira URL Cloudsafe
    https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/popper.min.js0%Avira URL Cloudsafe
    https://cdnmatrix.online/assets/global/pdf/css/conf.css0%Avira URL Cloudsafe
    https://cdnmatrix.online/assets/global/pdf/css/app.css0%Avira URL Cloudsafe
    file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.html0%Avira URL Cloudsafe
    https://hudeload.routedynamo.online/module/v3.8.37/opalmoo.js0%Avira URL Cloudsafe
    https://cdnmatrix.online/assets/global/pdf/css/conn.css0%Avira URL Cloudsafe
    https://ajax.aspnetcdn.com/ajax/jquery.validate/1.13.0/additional-methods.min.js0%Avira URL Cloudsafe
    https://b.tile.openstreetmap.org/10/301/384.png0%Avira URL Cloudsafe
    https://unpkg.com/leaflet/dist/leaflet.js0%Avira URL Cloudsafe
    https://unpkg.com/leaflet@1.9.4/dist/images/marker-shadow.png0%Avira URL Cloudsafe
    https://unpkg.com/leaflet@1.9.4/dist/images/marker-icon.png0%Avira URL Cloudsafe
    https://cdnmatrix.online/fl/5nhz3r980%Avira URL Cloudsafe
    NameIPActiveMaliciousAntivirus DetectionReputation
    jsdelivr.map.fastly.net
    151.101.1.229
    truefalse
      high
      chrome.cloudflare-dns.com
      172.64.41.3
      truefalse
        high
        cdnmatrix.online
        47.253.40.255
        truetrue
          unknown
          dualstack.n.sni.global.fastly.net
          151.101.1.91
          truefalse
            high
            www.google.com
            142.251.40.100
            truefalse
              high
              hudeload.routedynamo.online
              47.253.40.255
              truefalse
                unknown
                unpkg.com
                104.17.249.203
                truefalse
                  high
                  googlehosted.l.googleusercontent.com
                  142.250.80.65
                  truefalse
                    high
                    a46.dscr.akamai.net
                    23.55.235.226
                    truefalse
                      high
                      clients2.googleusercontent.com
                      unknown
                      unknownfalse
                        high
                        b.tile.openstreetmap.org
                        unknown
                        unknownfalse
                          high
                          cdn.jsdelivr.net
                          unknown
                          unknownfalse
                            high
                            ajax.aspnetcdn.com
                            unknown
                            unknownfalse
                              high
                              NameMaliciousAntivirus DetectionReputation
                              https://unpkg.com/leaflet/dist/leaflet.cssfalse
                              • Avira URL Cloud: safe
                              unknown
                              file:///C:/Users/user/Desktop/Technical%20Data%20Sheet.htmltrue
                              • Avira URL Cloud: safe
                              unknown
                              https://cdnmatrix.online/assets/global/pdf/css/conf.cssfalse
                              • Avira URL Cloud: safe
                              unknown
                              https://unpkg.com/leaflet@1.9.4/dist/leaflet.cssfalse
                              • Avira URL Cloud: safe
                              unknown
                              https://unpkg.com/leaflet@1.9.4/dist/leaflet.jsfalse
                              • Avira URL Cloud: safe
                              unknown
                              https://chrome.google.com/webstore/inlineinstall/detail/efaidnbmnnnibpcajpcglclefindmkajfalse
                                high
                                https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.min.jsfalse
                                • Avira URL Cloud: safe
                                unknown
                                https://cdnmatrix.online/assets/global/pdf/css/conn.cssfalse
                                • Avira URL Cloud: safe
                                unknown
                                https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/popper.min.jsfalse
                                • Avira URL Cloud: safe
                                unknown
                                https://hudeload.routedynamo.online/module/v3.8.37/opalmoo.jsfalse
                                • Avira URL Cloud: safe
                                unknown
                                https://cdnmatrix.online/assets/global/pdf/css/app.cssfalse
                                • Avira URL Cloud: safe
                                unknown
                                https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.cssfalse
                                  high
                                  https://unpkg.com/leaflet/dist/leaflet.jsfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  https://unpkg.com/leaflet@1.9.4/dist/images/marker-shadow.pngfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  https://ajax.aspnetcdn.com/ajax/jquery.validate/1.13.0/additional-methods.min.jsfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  https://clients2.googleusercontent.com/crx/blobs/Ad_brx2zn0VllUfDy3IInsf2x_JT_KYwvCFCBKIccViK8GQrmAxO7uKh27DftB49uvpTV6LoiwfTytfG26LWZ9yEblrh9n2ArDUdsJt1S0eRDzFPHmbtV_p0UKkid0dN6ohjAMZSmuWMxdBIryELE2Jro2LlEMjsJPgraw/EFAIDNBMNNNIBPCAJPCGLCLEFINDMKAJ_25_3_1_1.crxfalse
                                    high
                                    https://b.tile.openstreetmap.org/10/301/384.pngfalse
                                    • Avira URL Cloud: safe
                                    unknown
                                    https://unpkg.com/leaflet@1.9.4/dist/images/marker-icon.pngfalse
                                    • Avira URL Cloud: safe
                                    unknown
                                    https://cdnmatrix.online/fl/5nhz3r98true
                                    • Avira URL Cloud: safe
                                    unknown
                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs
                                    IPDomainCountryFlagASNASN NameMalicious
                                    142.250.65.170
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    151.101.1.229
                                    jsdelivr.map.fastly.netUnited States
                                    54113FASTLYUSfalse
                                    142.250.80.14
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    1.1.1.1
                                    unknownAustralia
                                    13335CLOUDFLARENETUSfalse
                                    142.251.111.84
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    151.101.1.91
                                    dualstack.n.sni.global.fastly.netUnited States
                                    54113FASTLYUSfalse
                                    142.250.80.65
                                    googlehosted.l.googleusercontent.comUnited States
                                    15169GOOGLEUSfalse
                                    142.251.40.138
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    142.251.40.100
                                    www.google.comUnited States
                                    15169GOOGLEUSfalse
                                    142.251.41.14
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    23.55.235.226
                                    a46.dscr.akamai.netUnited States
                                    20940AKAMAI-ASN1EUfalse
                                    239.255.255.250
                                    unknownReserved
                                    unknownunknownfalse
                                    104.17.245.203
                                    unknownUnited States
                                    13335CLOUDFLARENETUSfalse
                                    142.251.32.100
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    142.251.40.195
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    104.17.249.203
                                    unpkg.comUnited States
                                    13335CLOUDFLARENETUSfalse
                                    47.253.40.255
                                    cdnmatrix.onlineUnited States
                                    45102CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCtrue
                                    172.217.165.142
                                    unknownUnited States
                                    15169GOOGLEUSfalse
                                    172.64.41.3
                                    chrome.cloudflare-dns.comUnited States
                                    13335CLOUDFLARENETUSfalse
                                    IP
                                    192.168.2.16
                                    Joe Sandbox version:42.0.0 Malachite
                                    Analysis ID:1647799
                                    Start date and time:2025-03-25 09:20:10 +01:00
                                    Joe Sandbox product:CloudBasic
                                    Overall analysis duration:
                                    Hypervisor based Inspection enabled:false
                                    Report type:full
                                    Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                    Number of analysed new started processes analysed:13
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • EGA enabled
                                    Analysis Mode:stream
                                    Analysis stop reason:Timeout
                                    Sample name:Technical Data Sheet.html
                                    Detection:MAL
                                    Classification:mal60.phis.winHTML@20/0@24/232
                                    Cookbook Comments:
                                    • Found application associated with file extension: .html
                                    • Exclude process from analysis (whitelisted): svchost.exe
                                    • Excluded IPs from analysis (whitelisted): 172.217.165.142, 142.250.80.14, 142.251.111.84, 142.251.40.138, 142.250.65.170, 142.251.40.234, 142.250.80.74, 142.250.80.10, 142.250.80.106, 142.251.41.10, 142.250.80.42, 142.250.64.106, 172.217.165.138, 142.250.72.106, 142.250.65.234, 142.250.64.74, 142.250.65.202, 142.251.40.202, 142.251.40.170, 142.250.176.202, 20.12.23.50, 20.3.187.198, 184.31.69.3
                                    • Excluded domains from analysis (whitelisted): fe3.delivery.mp.microsoft.com, fs.microsoft.com, clients2.google.com, accounts.google.com, content-autofill.googleapis.com, ajax.googleapis.com, slscr.update.microsoft.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net, fe3cr.delivery.mp.microsoft.com
                                    • Not all processes where analyzed, report is missing behavior information
                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                    • VT rate limit hit for: cdnmatrix.online
                                    No created / dropped files found
                                    File type:HTML document, ASCII text
                                    Entropy (8bit):4.601681998080204
                                    TrID:
                                      File name:Technical Data Sheet.html
                                      File size:1'230 bytes
                                      MD5:c2abf8456eedeb56fe5a35f0623c5ad5
                                      SHA1:408cbbe9313b6ada722490b4b9fc9ad2111af08b
                                      SHA256:cb3f5cf9525419dc1d4114ca79ef3b66eaad0ab9706da238df119352dfff9674
                                      SHA512:28fb1a8a75c88c235ed3abef09d8a38f32f018689d53ac8541956e223fb874245e8da6375a709eb0a4beb29881093a192cfd41c5ab28765d73e89ce452b99dab
                                      SSDEEP:24:SuCUo3Zlqe6fibNVFQtW4woVkfVdKjp6NVGhd:FINvu
                                      TLSH:05210EA7ACF4A12612818675B1F5B10DCE12D90371958CA5F4AC13C95FC1F8ACDC3258
                                      File Content Preview: <html lang="en">.. <head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">... Security Headers -->. <meta http-equiv="X-Content-Type-Options" co
                                      Icon Hash:1270ce868a8686b8