Windows Analysis Report http://vun.fyi

Overview

General Information

Sample URL:	http://vun.fyi
Analysis ID:	440607
Infos:
Most interesting Screenshot:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

HTML body contains low number of good links

HTML title does not match URL

Classification

Signatures

Phishing:

HTML body contains low number of good links

Source: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	HTTP Parser: Number of links: 0
Source: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	HTTP Parser: Title: amateurcommunity.com does not match URL
Source: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	HTTP Parser: Title: amateurcommunity.com does not match URL

Source: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	HTTP Parser: No <meta name="author".. found
Source: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	HTTP Parser: No <meta name="author".. found

Source: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	HTTP Parser: No <meta name="copyright".. found
Source: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 172.67.186.58:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.186.58:443 -> 192.168.2.4:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.186.58:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 156.67.36.11:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 156.67.36.11:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 79.99.237.117:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 79.99.237.117:443 -> 192.168.2.4:49763 version: TLS 1.2

Source: global traffic

HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: vun.fyiConnection: Keep-Alive

Source: unknown

DNS traffic detected: queries for: vun.fyi

Source: jquery-ui.min[1].css.3.dr	String found in binary or memory: http://jqueryui.com
Source: jquery-ui.min[1].css.3.dr	String found in binary or memory: http://jqueryui.com/themeroller/?ffDefault=Trebuchet%20MS%2CTahoma%2CVerdana%2CArial%2Csans-serif&fw
Source: {A8CB73C6-D5C8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://date.amateurco
Source: ~DF577202D1B236B2F0.TMP.1.dr	String found in binary or memory: https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Lato:wght
Source: css2[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVeww.woff)
Source: css2[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHvxo.woff)
Source: css[1].css.3.dr	String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WdhzQ.woff)
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/06ec5e72-bee5-47eb-9ee7-596d439becbd.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/2295d19f-d849-4612-aee4-b52b3140de46.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/2a596b2c-68f1-47cc-90f4-c30b43e1b377.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/2dc7c618-2821-413c-9cc8-2b1ba81d3150.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/337cec69-7d2a-4fa0-bdcb-957beddd662e.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/522edb9b-91af-42af-b82a-5ccd3167f3a8.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/5eed96ed-a75e-478d-9eac-1acfebf3d65e.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/76fc24b0-f9ec-46c9-90a3-e6febcc49c73.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/7f180115-9e0a-409a-8901-b00270ee398e.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/91b7daff-dcb6-4f4c-8cf9-c3efb4cc3bbe.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/a2a73b8e-f2a3-4b2a-8d16-9da8ceee7603.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/c4f1e007-9c9b-4663-8d93-ef28deb69faa.jpg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://imedia.justservingfiles.net/c5d91890-95fe-4b69-b5c4-de92e29b9bac.jpg
Source: {A8CB73C6-D5C8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://lovelybabestu.com/?a=838500&cr=31179&lid=15576&mh=Z29VZ3NRWFZRZm1SZ2NLWmt0VlFMRWVWRoot
Source: {A8CB73C6-D5C8-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DF577202D1B236B2F0.TMP.1.dr	String found in binary or memory: https://lovelybabestu.com/?a=838500&cr=31179&lid=15576&mh=Z29VZ3NRWFZRZm1SZ2NLWmt0VlFMRWVWcHZ4TEFnSE
Source: ~DF577202D1B236B2F0.TMP.1.dr	String found in binary or memory: https://lovelybabestu.com/?utm_source=YL7F2GKhQLlCl&utm_campaign=N2
Source: ~DF577202D1B236B2F0.TMP.1.dr	String found in binary or memory: https://lovelybabestu.com/?utm_source=YL7F2GKhQLlCl&utm_campaign=N2Common
Source: {A8CB73C6-D5C8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://lovelybabestu.com/?utm_source=YL7F2GKhQLlCl&utm_campaign=N2Root
Source: {A8CB73C6-D5C8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://lovelybabestu.com/?utm_source=YL7F2GKhQLlCl&utm_campaign=N2r
Source: imagestore.dat.3.dr	String found in binary or memory: https://lovelybabestu.com/favicon.ico
Source: {A8CB73C6-D5C8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://lovelybabmmunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=83850
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/img/_btns/icon_checkmark_white.svg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/img/_btns/icon_close_white.svg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/img/_btns/icon_settings_white.svg
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/img/_btns/mobile_icon.svg
Source: imagestore.dat.3.dr, sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/img/_favicons/treff6_fav.png?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/img/_logos/ac_w.png
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/img/_patterns/apple-touch-icon.png?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/js/helpers/validation.js?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/js/plugins/jQueryUI/jquery-ui.min.css?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/js/plugins/jQueryUI/jquery-ui.min.js?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/js/plugins/jQueryUI/jquery.ui.touch-punch.min.js?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/js/popwin.js?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/style/templates/SexApps/SexApp2/style.css?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/widgets/corner/corner.css?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form.css?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form.js?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form_helper.js?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/location_auto_fill_v3.js?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/step.js?691788
Source: sa6200[1].htm.3.dr	String found in binary or memory: https://media.campartner.com/click.php?cp=19192z157ae&track=true
Source: icon_close_white[1].svg.3.dr	String found in binary or memory: https://sketch.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 172.67.186.58:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.186.58:443 -> 192.168.2.4:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.248.55.208:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.186.58:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 156.67.36.11:443 -> 192.168.2.4:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 156.67.36.11:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 79.99.237.117:443 -> 192.168.2.4:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 79.99.237.117:443 -> 192.168.2.4:49763 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@3/61@9/5

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A8CB73C4-D5C8-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DFC8F5F2247555980C.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6684 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6684 CREDAT:17410 /prefetch:2	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Screenshots

Behavior

Click here to start
Slideshow Behavior Animation

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
79.99.237.117	date.amateurcommunity.com	Switzerland	44227	JUSTNET-AS--CarrierService--CH	false
156.67.36.11	o-2349.cloudtraff.com	Germany	25418	CQINT-NLDE	false
172.67.186.58	lovelybabestu.com	United States	13335	CLOUDFLARENETUS	false
104.248.55.208	trustmeiamcdn.com	United States	14061	DIGITALOCEAN-ASNUS	false
188.40.168.204	vun.fyi	Germany	24940	HETZNER-ASDE	false

Contacted Domains

Name	IP	Active
trustmeiamcdn.com	104.248.55.208	true
o-2349.cloudtraff.com	156.67.36.11	true
date.amateurcommunity.com	79.99.237.117	true
vun.fyi	188.40.168.204	true
lovelybabestu.com	172.67.186.58	true
imedia.justservingfiles.net	unknown	unknown
code.jquery.com	unknown	unknown
lpmedia.justservingfiles.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://vun.fyi/	false	Avira URL Cloud: safe	unknown
https://date.amateurcommunity.com/landing/sa6200?cp=19192z157ae&pub=1419&spub_id=838500&tag=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&fsk=18&zz=true&hit_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d&tp_redirect_id=1c3bbe42-5ba6-4b0e-a900-3cb0d5c1660d	false		high
https://lovelybabestu.com/?a=838500&cr=31179&lid=15576&mh=Z29VZ3NRWFZRZm1SZ2NLWmt0VlFMRWVWcHZ4TEFnSE1rekNtYS0zNDg0OA%3D%3D&mmid=2135&p=0&rf=&rn=zc4YmJqUys4WmdeVzgu&t=N2	false		unknown

ID:	440607
Product:	CloudBasic
Start time:	17:18:14
Start date:	25.06.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A8CB73C4-D5C8-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	338892CC09E6C5A05E8B9F4DCFF8A9CB	5F5861CCAE1BF5053122023F766EFDC0E1A45509	21DF3BAC0658430068EE6DB533B01EF0D7F5516C5172F4C89C4F1D47C8FA07CE
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A8CB73C6-D5C8-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	5685787398DDF029BB3EDA83371D6C33	BB3BF4C5CFF755C4D4E277A9E56640E1418D63D2	A8347BAEEF014C2E0477C60CED4E2B299FAEFCE01CDA8DF19601A638783A22CB
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AECFED84-D5C8-11EB-90EB-ECF4BBEA1588}.dat	Microsoft Word Document	E29EC78C7E9A96E9054072F1D2CF95BB	5BD24C201EF43F7C446EC2CE2EEF2248621DE72E	FE003A8DEF9D8A2B13F24BA79E4D08064370C8DA91768D8A788EE4E8F4C209D6
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat	data	528B6B061F71ECF2F38133813422C06C	3BD8C72E943C3AD7C607C1A40E48EE2F27EFCBE2	C9A1B43BCE6C4955664A2A8BA081A158D8072E85AEE9FBB248DE5F2F38DF6215
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\91b7daff-dcb6-4f4c-8cf9-c3efb4cc3bbe[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x462, frames 3	CCA3CDD8DB055FFE40728A9372F8D9E5	81A59A94D0CB1DCE3E641255696F31B3A1D6FDE4	A76419CB2801213A34F1E355F8AF84C88E69B117D9ABC106EB3D20468717AA8F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BEL74FW2.htm	HTML document, ASCII text, with CRLF line terminators	4F8E702CC244EC5D4DE32740C0ECBD97	3ADB1F02D5B6054DE0046E367C1D687B6CDF7AFF	9E17CB15DD75BBBD5DBB984EDA674863C3B10AB72613CF8A39A00C3E11A8492A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\JTUSjIg1_i6t8kCHKm459WdhzQ[1].woff	Web Open Font Format, TrueType, length 36476, version 1.1	1D5C95E94471631656269370C5A25EC0	AC4BEAD063433D779EA67B8CAA1B9343EFC5AEC5	817B68251580D1008720E34A1A63E5FA2C3618525E2732E0883DD57B35A2433B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\S6u9w4BMUTPHh6UVeww[1].woff	Web Open Font Format, TrueType, length 33380, version 1.1	FBEBA361561B9DABB20093CF0CCA9D16	95D4AEF114EF0E05027A0B4A85AF2886089EBCCA	6DA92C6ABEC30FAE0EFD4BE24356C76FBECBF79C4067245847F3B248E1B51E4C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\S6uyw4BMUTPHvxo[1].woff	Web Open Font Format, TrueType, length 34040, version 1.1	ABE0A52A291F69EF321AE49F6F04FDA9	53ADF9D37CA45B0ED755BD7F98DC52C4708AA161	B687A15F35FEC35B1B0C244745D787D325476E1DA995D166969D477C0838204A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\css2[1].css	ASCII text	336D25ADCA67AFBE9298863E0BB25E83	302F72C4F645CC9C83662292B53005B0B7F7D380	8D1B4618C569589BF4C34108AEC05A3216CF120E25DED2B0C0451469EC33AE43
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery.ui.touch-punch.min[1].js	UTF-8 Unicode text, with very long lines	700B877CD3ADE98CE6CD4BE349D81A5C	C1C36E6927436231EB20474356B29667C4C648AA	000854D782781AFF1B16EA5451C1DA3D07EFADD35AB911CCB7E4B851571A25BD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\m1[1].jpg	[TIFF image data, big-endian, direntries=12, height=968, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=535], progressive, precision 8, 535x940, frames 3	B131929E76AFD10223437ACBB18C4A0B	7BC6BC1E3508FED4128167D15E3C87795579D1E5	7BDAEEDFD4F0C1B4DA9EFCF1C73CBC25F1F0B8CE1C60B5910911428CF37547A3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\sa6200[1].htm	HTML document, UTF-8 Unicode text	57A3FBF8DA018C8C2AE6A14771D1D944	D452D72AFDC9DE6191D0EE5F03664EDC46F19E50	85B9D00559463730E242CB852FA5AC2500F6874C47467BF6B3F793DCA65B3BEE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\treff6_fav[1].png	PNG image data, 32 x 32, 8-bit colormap, non-interlaced	B473EB2B0040B81AA7D9BB0686AE2601	54EBA5FFECD1981615B2D2755C11E3FAFD5E6259	C4883224F887FBC91821DF2FFB86FAF036D973D863B7164427F4229C96E34D76
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2295d19f-d849-4612-aee4-b52b3140de46[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x697, frames 3	09D612FD044AF4ABFA6EB9B855800B52	655EBFEFCD6B25719A8672BEC26328A7693C36F0	BB77AA3B1A0E43570B7B001F6D6FBCAA4BD1E14874B96A4451546EE0F9071AA1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x1000, frames 3	E4CE5F40038121DB40B4164520985964	A4CA4A3721C000A179F07AAB471ECF639530619B	BBD74757F0AB08997B058E2ADECF2B4B161EC9A3EE68FAF1FAE09CEA8E5BA2C2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2a596b2c-68f1-47cc-90f4-c30b43e1b377[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x697, frames 3	07FE14C07668220471F6C7F4FA35E41E	CDAC480D29D3F93FD06ADBC4A4769F548790F1C0	665BBB5707895F42421DCF3629CE94BEA03FD06FB7CA899D56FE77192B902C8F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\2dc7c618-2821-413c-9cc8-2b1ba81d3150[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x697, frames 3	CF734F29044EB878C6097E3264BD84E4	09264F030870E09C92EB160BB58A0DD96DF94B8C	B2E711CCD40211AFEDA964E904FCAFE06439E02D18EAAA08F7384F0C7B081469
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\3[1].jpg	[TIFF image data, big-endian, direntries=12, height=1066, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x996, frames 3	77DCFD691E711F17A6997501EAA57E9E	5814B6166E86F303C3C09DF441ECA61F79812802	F01475EAE631CA4ABF167C558C0BFFC56DB78C4E6309F9EDDA75A16CAD7F1032
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\7f180115-9e0a-409a-8901-b00270ee398e[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x462, frames 3	EACC0A4507EBA62C812663EB8B78EE7A	54FDD0D173BCAD7D2B19E97B3CA409C991CA8FAD	927B3909DD3BDCCA0846736F62B3C82A7525A539D2F76EB3DAB8E1EC970EA38C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\a2a73b8e-f2a3-4b2a-8d16-9da8ceee7603[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x462, frames 3	AF05A9344B2F54793C333E194E320ADC	1EB66157F2B7D72F126EA47CB6F46F304F2AEC65	24CCDA4450DD6F1CAD2EB83F93C1EF6CFF4CF560AB3291AE6667232F8D246685
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\c4f1e007-9c9b-4663-8d93-ef28deb69faa[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x462, frames 3	2A2F2909947506EB93E3260B4688E07E	EAFED9341AB5AE768E5621D27B198332803DE55A	82686CC18A482429323A2A706A103E86294804DF55A8251C38A6EFBF7C6ADAD3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\corner[1].css	ASCII text	43655257EB7D838F6E16E4F65F4C0E0D	A09367781DEB167F18459ADFD96A5A82D089BC46	0DCCBD3F3D3F9074CA635CC844FCF4C9D31116AE88B53867F07030918B40C88D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon[1].ico	MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel	844BCD9049695636748329894C8FBE89	6FA53676D0D7AB6E7A2DE59141504C5F720ED819	EB258B448AADE5657517A72596C2984AD989E8615291DAC1A5798A5772E6B59F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\form[1].css	ASCII text	9B95AC70DA2FA411EE9FDCE540040ADE	9F166C1F0212C860BC48BDD24EAEF27FEEFA2CAC	195C953A7E6F40CA401CBE3B8F67D174909F6BD6A6F58C4D58649DAE7341F13F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\icon_checkmark_white[1].svg	SVG Scalable Vector Graphics image	FD7483541EED609BDB33E6D85DD3918B	10E558EB0EA192EDB5EB11C7DE0D1C5F01D158AB	D7CBECFC2B11D8969255DB0112B70393EAAFDC7D19CA34845A3A90B3BB14853C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\icon_close_white[1].svg	SVG Scalable Vector Graphics image	BED2D6E8C45BCB92BCC193F4DE6DE247	02DB266D500EF6064B02F74F3EFCE227FD0CDEB5	F14C6F1A324CB2670BD7C9381A9C9242253E5FD4F912CB462A54CF308D9F7234
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery-ui.min[1].css	ASCII text, with very long lines	26812A28850395F8F865BE4893FB20C7	69731223FFE4F669444E96F24C54811015E6A776	550CEB9559BB4237527909FF21E719804F6B9DF337F741F756821C0C9963392B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\p[1].js	ASCII text	76BBD4645D042423FFAFC3CF17DC795A	43C09073390E5BADCFF456184F3CD414DE22DAB2	2D63179572ADA938CBDEB8913202B32DBD8FD5D7FDEC5872CDEF330CEEC71FF4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\style[1].css	ASCII text	B0A224F19169103CE14871BFF5C156AB	2A6CD1327DE1BDB2D4039ACADEF0382FCC36615F	14978C085F94C9503A51049432B6BB3810669996D365BF748C23423B2658DA65
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\337cec69-7d2a-4fa0-bdcb-957beddd662e[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x697, frames 3	A02141DDE3A8536AE9753321BEA7CB73	281EF24D471BB8652D32876801A097099C5FD3D3	4E514ABB4AB920C558ABF98F811AF70E880109BBCC91E0A4412F0D74CD463888
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\4[1].jpg	[TIFF image data, big-endian, direntries=12, height=437, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=620], baseline, precision 8, 620x413, frames 3	50330BEA0657D4970DF344E30C614BD1	4EE1B2AE0D64353D6AEEA1A8D2990B3B44262CF6	610722F302421581B4B53F04EBC5A9EB5EA19F5AB937475557B36277CF11B5D5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\522edb9b-91af-42af-b82a-5ccd3167f3a8[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x462, frames 3	7DDB3783DCDAC796E2C8A1AF18537998	878E1793B62CCD15D27A997BFB677E67B6CDD182	8E7036EE2708B308DA952756EF746B7B27D92FE0A39EB0346D9E550244CB0FD2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\5[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, frames 3	C05E7E19A056C3A367C8F0A22BC945F9	116CE76F25A2C13452EC00477998BAD418FE178F	1CD3FBBCF6CC405FF0D3A5D4E9A5DEB7BBE44BDD2834E3F242FAF7B59A5478C8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\5eed96ed-a75e-478d-9eac-1acfebf3d65e[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x462, frames 3	68D9D4B7906922B098CF612CFF13C78A	37BC0F1D1B6E5B053D028DAF4E366594FAB1C31A	22E8F8CE23017B2409AD8E38EB643D50BA309F378C53C17D7599DFAC2024F104
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\76fc24b0-f9ec-46c9-90a3-e6febcc49c73[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x697, frames 3	6BA7A0F696920968F08680E02495992E	0C7AF06A019F2AF5F98CBD336E418603E91ACF11	403DD30164DA84F1A67CE86A9D58A2D2D34CFD12951B076D3FB96CF30FA113ED
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\c5d91890-95fe-4b69-b5c4-de92e29b9bac[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x697, frames 3	634556C04A3B955235123E3569D433A9	7C1BD17122772A0062EF85D011C16CF570AE8B72	DBB4FDC67E2993D2B6676D1F98D7D4C84D3E45BD4C0C4FEF542B60C33782CC25
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\css[1].css	ASCII text	1AD44BCC3BD5814C22A5D5ECEC83A69B	87CF6D8F7F06D0C739D24B53A75067C762723887	8216FF0B508AE761C0921BE7152498F97F1920F71DC358D767E096217025B219
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\form[1].js	ASCII text	E33E0C833FBA615CCF85222EC345E247	A30FC2F0B0464BD6DFB48E4F227834A6719A1FFA	D5DB5DBA10EB17B6A17200D511308A45F025FBDA16E41A822FF3634107C47146
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\form_helper[1].js	ASCII text	EA92B053B331E47C4181F8FB6AAD3D4F	0FE2DC2F22957A6A49BFA745CE5BCAB757CCA77A	E9EA9A3362EAFF855C8BED3B0451FA0CB3B11E22694804FBC4C7695B873469A9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\jquery-3.3.1.min[1].js	ASCII text, with very long lines	A09E13EE94D51C524B7E2A728C7D4039	0DC32DB4AA9C5F03F3B38C47D883DBD4FED13AAE	160A426FF2894252CD7CEBBDD6D6B7DA8FCD319C65B70468F10B6690C45D02EF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\jquery-ui.min[1].js	ASCII text, with very long lines	D935D506AE9C8DD9E0F96706FBB91F65	7F650EE30C6A4D3EEA04032039B20FF72997559B	C4D8DBE77FEB63E5A61BEE0BEAD4E5F66E8FA6A927599BD1B74ACED52467273C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\jquery.min[1].js	ASCII text, with very long lines	C9F5AEECA3AD37BF2AA006139B935F0A	1055018C28AB41087EF9CCEFE411606893DABEA2	87083882CC6015984EB0411A99D3981817F5DC5C90BA24F0940420C5548D82DE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\step[1].js	ASCII text	A3ABE7EFFEEFA80EE0DE68807456AC05	BF5A26B7B3E43A3BA84F543767261C6889669C08	11ED73B8F19930EF1D1F05DA475BAA3B0489D3B07D0DEB5B73B4A2814911B7F2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\validation[1].js	ASCII text, with very long lines	3532314C834D94883035CFA6E929D5CB	5E88FB7090ECF8812820494A6B6D068EA31C8266	D8BEC43FA0C0C15402B98176CC557CF4C72C7A881AB1D0143354B87839C90D62
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\06ec5e72-bee5-47eb-9ee7-596d439becbd[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1366, frames 3	A04F3D4D00474F6F831C1BA0650EF923	956CB139C6A8921C81285B8F9D5284F7A67DF265	C5961C0C5CC4EE90A88EE200AB5ABE87AECBDB73B3F25937998734195B6AB2EE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\1[1].jpg	[TIFF image data, little-endian, direntries=14, height=4016, bps=182, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D750, orientation=upper-left, width=6016], baseline, precision 8, 1280x823, frames 3	330BAF5432DD9FB43D8F8535ECDBF80A	9835595976A8A096FB559127B3B477E7CE3C8611	F7A5A21E12752610493D77AE9BE5985E52EEEC89A37E257E44FEDB72FEAB8CBD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\V7I0Y6JY.htm	HTML document, UTF-8 Unicode text, with very long lines	2C3F203A6684D8AFC60943CE0EC86227	FE01ABB96DC4CDE24D1DA752454C85964081BC27	B682363B57735F420B1AE035BF722C5CBA0DA88067D98506D9F324D04D62373B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\ac_w[1].png	PNG image data, 328 x 60, 8-bit colormap, non-interlaced	E216E6EE1B9E93D2E30D7E9C9CE8FE97	0E8EF4EA8172D78DBD040148959DF87C67F8953D	190FF0A113EE7385B9D5C731E7FB95990EE16BDF8FBF2B20F8001B67BDA8A180
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\f[1].js	ASCII text, with very long lines, with no line terminators	958569A4DED23F07DEA872676EF087BA	E33C5F3A3885294E49A11654CBDDC67704FB2CE1	963A44FA6CBB7486C60762C3EE87598CEBAC50D93FFC8BCDA9AC4B946637138B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\icon_settings_white[1].svg	SVG Scalable Vector Graphics image	4CFB7053B507047575472BD4744CD48E	B206519C48B9918AD9D942272B97A4A339F8CFAE	8CBEF24BA3D9B52B1FBAEE7DEA6AFEA845AC690C35E15AA714249DFA7BE44FEF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\location_auto_fill_v3[1].js	UTF-8 Unicode text	3487C8B50EF041D5D35320C4B55DE6A0	8DF17A6E991AA74D0EFCE47F23A8127C2DF5214A	8C1D19AF401B38950AA8D968003FFF242DEADBFCED898CE11AFEE8F035D9E9C1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\m2[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 620x833, frames 3	A6A59BBBF74744D90C62619BEB651984	696FFAAAA3DA9154B20BA4D787FBED64679F9B5B	F5E58679899833FFB28A779B910CE39EB6AB1AF7C69C9F0DFD7617B6B3F004AC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\m3[1].jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 620x833, frames 3	0D119D60D922938DF32B195B599AFE39	36D69B2CD688BB0ECA3A832192ED53A727604DA3	DFCBC7D35C193E7BF5F377704794F6B8848158B1C1AC4FF6C0F8C2AA0F5ECAD1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\m4[1].jpg	[TIFF image data, big-endian, direntries=12, height=850, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=620], baseline, precision 8, 620x824, frames 3	B702DA8E0D26D73DBB7198E54A7C397C	02A3FFDB368753B83F540813826F6E8F5E5FC9AE	578E3ED42B3723F1DA751511034CB647610957EFA9DE2838421D131BAE09BC91
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\m5[1].jpg	[TIFF image data, big-endian, direntries=12, height=1127, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=620], baseline, precision 8, 620x1098, frames 3	322049D1869617B2AFDA71FFE3A7ABA8	649E068AA02E53D03037166EBADE563667D101C5	3A64DBB32FB1380ABEE8BD645859BCF34DCCFCD9ADC1A68F97C7DD09B0CBA743
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mobile_icon[1].svg	SVG Scalable Vector Graphics image	AD80A5DB53A50193255EFFFBD0D81EA7	C91367ADB048920CCE06A29F73929C5E162B4A4A	E19960405C1514B10D67E041D781D14161B03F92860018883C1608C1621BA333
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\popwin[1].js	ASCII text	8AA015AEB910B2F9F37C80A373A07507	163DDAA1DC6FB43F6FC8E95C842E8C3FB5D3553B	80C43823E625EE5E54008F00FF89C66020C614DAE397401177A790FEE8C950A0
C:\Users\user\AppData\Local\Temp\~DF577202D1B236B2F0.TMP	data	BCF9AAB8CB3E4A34F6126218211D1CBB	D3361FD89A250C346486E1CFB7531393CC78AFF7	B16A100DD0D06C46A53202E531861257CC4A05980C44B806310286EC821B79D0
C:\Users\user\AppData\Local\Temp\~DFC8F5F2247555980C.TMP	data	0F4FBFCD6C8D31AF28D8CB13DF45C6C9	280F5EE9D8F867795E3CB6BCA1FEC8F44591CAA3	3B826D5AC21CBD0F9CCED7BFB1CFF8D8E24018D28746907DFBBDE18CC20B0D5F
C:\Users\user\AppData\Local\Temp\~DFE44EA173C50D6925.TMP	data	722C622911CF0E0B8E1F1A25622693B2	102DB5B2893A9F33891CED02428E985F8090C2A9	0DF95EFB3726335D8010A465E6612DE04CD1F27CC715708FD90079F209F92941

Windows Analysis Report http://vun.fyi

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing:

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs