Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC55LrdgOMctgJTF4aBFIDuUJB9xKyAVKEFqtPWDKRUFfRVL-2BZtxCjl35gXp1OzUaHmIog3KXNno0PoTN23H9BQ1hA1I4Go28GRqYv7PhkfrIKUdo6Jh-2FSBIhY5KlD9FeYRn1L-2B-2BMgQY6LlmMzMXTnvw7UnzwNdVP1PbwypC7fFdExRx58oUXa2-2B-2BalmqLe5W1

Overview

General Information

Sample URL:https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC55LrdgOMctgJTF4aBFIDuUJB9xKyAVKEFqtPWDKRUFfRVL-2BZtxCjl35gXp1OzUaHmIog3KXNno0PoTN23H9BQ1hA1I4Go28GRqYv7P
Analysis ID:1501226

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 4308 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC55LrdgOMctgJTF4aBFIDuUJB9xKyAVKEFqtPWDKRUFfRVL-2BZtxCjl35gXp1OzUaHmIog3KXNno0PoTN23H9BQ1hA1I4Go28GRqYv7PhkfrIKUdo6Jh-2FSBIhY5KlD9FeYRn1L-2B-2BMgQY6LlmMzMXTnvw7UnzwNdVP1PbwypC7fFdExRx58oUXa2-2B-2BalmqLe5W1v8o6qt5REv0B6VFQlHAFmxOrJwwlVAfqpYP-2F2sboiXoQAHvGwJjya8Z0ekRGMG7bMmVlZZUW01i9bQvV2Roks7TGNIp5b8POzZoY7Flnjs8-2BWCKAXUlzsDGMCYn1wZLGEFCYezv5KLt7H-2B6i7jNoux9HEaj0YN-2FsUjM9mCJTgphh38iFRym9tGMNFA-2BOSbTsr97EtmjyJboLtiw1evQHnbbIF-_zqBH9ExdcHz8y5jmZhTFlw0CoZyZAmMI16-2BYnIHsyEPJD-2BoDN2SPQabUJIOnni0R-2B9LuEMQe5DNe-2FjiLt8trXQ-2FOqf4ejJg2VmneQcoqFw-2FOZ9DUuUQCjAGgXC4-2FMsb4ms1HxxS9-2BbcfDfJEAFbMGI1IqwsTqbsLkZk3wna7WxZhO9yKcxiL35UkkPnIa2uIQdto9JuNDufvBk0TMo3qFWmeUNULbncHTxwF-2BPu3KFg6jaF7PfITImZUzMiJ-2BmIExlNmZxhZJkfZzdAqw-2F5Aqwi8V5PS51veG29uQ68vd-2BZeVK-2FPHULwOlPzxq83ylDa MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3736 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1984,i,2840156738289080602,16217606372956413791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNpVVphN2syWGhvSFJYYngvcWNweDZteGRBSWtyS3RocFhpK1JvODhlQ0s1HTTP Parser: No favicon
Source: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNpVVphN2syWGhvSFJYYngvcWNweDZteGRBSWtyS3RocFhpK1JvODhlQ0s1HTTP Parser: No favicon
Source: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNpVVphN2syWGhvSFJYYngvcWNweDZteGRBSWtyS3RocFhpK1JvODhlQ0s1HTTP Parser: No favicon
Source: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNpVVphN2syWGhvSFJYYngvcWNweDZteGRBSWtyS3RocFhpK1JvODhlQ0s1HTTP Parser: No favicon
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.32.76:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.32.76:443 -> 192.168.2.16:49766 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49768 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49770 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49771 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 18MB later: 30MB
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknownTCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknownTCP traffic detected without corresponding DNS query: 51.124.78.146
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: global trafficDNS traffic detected: DNS query: u14209785.ct.sendgrid.net
Source: global trafficDNS traffic detected: DNS query: patientportal.advancedmd.com
Source: global trafficDNS traffic detected: DNS query: pp-wfe-100.advancedmd.com
Source: global trafficDNS traffic detected: DNS query: apis.google.com
Source: global trafficDNS traffic detected: DNS query: api2.heartlandportico.com
Source: global trafficDNS traffic detected: DNS query: amds-material-dev.advancedmd.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: api.heartlandportico.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 51.124.78.146:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.32.76:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.32.76:443 -> 192.168.2.16:49766 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49768 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49770 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.183.220.149:443 -> 192.168.2.16:49771 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: classification engineClassification label: clean0.win@16/40@32/221
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\Dictionaries
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC55LrdgOMctgJTF4aBFIDuUJB9xKyAVKEFqtPWDKRUFfRVL-2BZtxCjl35gXp1OzUaHmIog3KXNno0PoTN23H9BQ1hA1I4Go28GRqYv7PhkfrIKUdo6Jh-2FSBIhY5KlD9FeYRn1L-2B-2BMgQY6LlmMzMXTnvw7UnzwNdVP1PbwypC7fFdExRx58oUXa2-2B-2BalmqLe5W1v8o6qt5REv0B6VFQlHAFmxOrJwwlVAfqpYP-2F2sboiXoQAHvGwJjya8Z0ekRGMG7bMmVlZZUW01i9bQvV2Roks7TGNIp5b8POzZoY7Flnjs8-2BWCKAXUlzsDGMCYn1wZLGEFCYezv5KLt7H-2B6i7jNoux9HEaj0YN-2FsUjM9mCJTgphh38iFRym9tGMNFA-2BOSbTsr97EtmjyJboLtiw1evQHnbbIF-_zqBH9ExdcHz8y5jmZhTFlw0CoZyZAmMI16-2BYnIHsyEPJD-2BoDN2SPQabUJIOnni0R-2B9LuEMQe5DNe-2FjiLt8trXQ-2FOqf4ejJg2VmneQcoqFw-2FOZ9DUuUQCjAGgXC4-2FMsb4ms1HxxS9-2BbcfDfJEAFbMGI1IqwsTqbsLkZk3wna7WxZhO9yKcxiL35UkkPnIa2uIQdto9JuNDufvBk0TMo3qFWmeUNULbncHTxwF-2BPu3KFg6jaF7PfITImZUzMiJ-2BmIExlNmZxhZJkfZzdAqw-2F5Aqwi8V5PS51veG29uQ68vd-2BZeVK-2FPHULwOlPzxq83ylDa
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1984,i,2840156738289080602,16217606372956413791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1984,i,2840156738289080602,16217606372956413791,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		3
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		1
Extra Window Memory Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC55LrdgOMctgJTF4aBFIDuUJB9xKyAVKEFqtPWDKRUFfRVL-2BZtxCjl35gXp1OzUaHmIog3KXNno0PoTN23H9BQ1hA1I4Go28GRqYv7PhkfrIKUdo6Jh-2FSBIhY5KlD9FeYRn1L-2B-2BMgQY6LlmMzMXTnvw7UnzwNdVP1PbwypC7fFdExRx58oUXa2-2B-2BalmqLe5W1v8o6qt5REv0B6VFQlHAFmxOrJwwlVAfqpYP-2F2sboiXoQAHvGwJjya8Z0ekRGMG7bMmVlZZUW01i9bQvV2Roks7TGNIp5b8POzZoY7Flnjs8-2BWCKAXUlzsDGMCYn1wZLGEFCYezv5KLt7H-2B6i7jNoux9HEaj0YN-2FsUjM9mCJTgphh38iFRym9tGMNFA-2BOSbTsr97EtmjyJboLtiw1evQHnbbIF-_zqBH9ExdcHz8y5jmZhTFlw0CoZyZAmMI16-2BYnIHsyEPJD-2BoDN2SPQabUJIOnni0R-2B9LuEMQe5DNe-2FjiLt8trXQ-2FOqf4ejJg2VmneQcoqFw-2FOZ9DUuUQCjAGgXC4-2FMsb4ms1HxxS9-2BbcfDfJEAFbMGI1IqwsTqbsLkZk3wna7WxZhO9yKcxiL35UkkPnIa2uIQdto9JuNDufvBk0TMo3qFWmeUNULbncHTxwF-2BPu3KFg6jaF7PfITImZUzMiJ-2BmIExlNmZxhZJkfZzdAqw-2F5Aqwi8V5PS51veG29uQ68vd-2BZeVK-2FPHULwOlPzxq83ylDa0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
api2.heartlandportico.com
35.211.11.79
truefalse
    		unknown
    plus.l.google.com
    		172.217.16.206
    		truefalse
      		unknown
      api.heartlandportico.com
      		35.211.72.108
      		truefalse
        		unknown
        www.google.com
        		142.250.185.132
        		truefalse
          		unknown
          u14209785.ct.sendgrid.net
          		167.89.115.58
          		truefalse
            		unknown
            d1nn1qnqm7ih5y.cloudfront.net
            		18.244.18.58
            		truefalse
              		unknown
              d11ag707s7acdq.cloudfront.net
              		13.227.219.87
              		truefalse
                		unknown
                d1he4b11razhen.cloudfront.net
                		13.224.189.97
                		truefalse
                  		unknown
                  patientportal.advancedmd.com
                  		unknown
                  		unknownfalse
                    		unknown
                    amds-material-dev.advancedmd.com
                    		unknown
                    		unknownfalse
                      		unknown
                      apis.google.com
                      		unknown
                      		unknownfalse
                        		unknown
                        pp-wfe-100.advancedmd.com
                        		unknown
                        		unknownfalse
                          		unknown

                          Contacted URLs

                          NameMaliciousAntivirus DetectionReputation
                          https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNpVVphN2syWGhvSFJYYngvcWNweDZteGRBSWtyS3RocFhpK1JvODhlQ0s1false
                            		unknown

                            World Map of Contacted IPs

                            • No. of IPs < 25%
                            • 25% < No. of IPs < 50%
                            • 50% < No. of IPs < 75%
                            • 75% < No. of IPs

                            Public IPs

                            IPDomainCountryFlagASNASN NameMalicious
                            18.244.18.58
                            		d1nn1qnqm7ih5y.cloudfront.netUnited States
                            		16509AMAZON-02USfalse
                            172.217.16.206
                            		plus.l.google.comUnited States
                            		15169GOOGLEUSfalse
                            35.211.11.79
                            		api2.heartlandportico.comUnited States
                            		19527GOOGLE-2USfalse
                            167.89.115.58
                            		u14209785.ct.sendgrid.netUnited States
                            		11377SENDGRIDUSfalse
                            74.125.71.84
                            		unknownUnited States
                            		15169GOOGLEUSfalse
                            172.217.18.3
                            		unknownUnited States
                            		15169GOOGLEUSfalse
                            142.250.185.110
                            		unknownUnited States
                            		15169GOOGLEUSfalse
                            142.250.185.132
                            		www.google.comUnited States
                            		15169GOOGLEUSfalse
                            142.250.181.234
                            		unknownUnited States
                            		15169GOOGLEUSfalse
                            13.224.189.97
                            		d1he4b11razhen.cloudfront.netUnited States
                            		16509AMAZON-02USfalse
                            216.58.206.46
                            		unknownUnited States
                            		15169GOOGLEUSfalse
                            18.65.39.83
                            		unknownUnited States
                            		3MIT-GATEWAYSUSfalse
                            216.58.206.68
                            		unknownUnited States
                            		15169GOOGLEUSfalse
                            13.227.219.87
                            		d11ag707s7acdq.cloudfront.netUnited States
                            		16509AMAZON-02USfalse
                            18.244.18.3
                            		unknownUnited States
                            		16509AMAZON-02USfalse
                            18.65.39.114
                            		unknownUnited States
                            		3MIT-GATEWAYSUSfalse
                            239.255.255.250
                            		unknownReserved
                            		unknownunknownfalse
                            142.250.184.227
                            		unknownUnited States
                            		15169GOOGLEUSfalse
                            35.211.72.108
                            		api.heartlandportico.comUnited States
                            		19527GOOGLE-2USfalse
                            142.250.186.74
                            		unknownUnited States
                            		15169GOOGLEUSfalse
                            172.217.16.131
                            		unknownUnited States
                            		15169GOOGLEUSfalse

                            Private

                            IP
                            192.168.2.16

                            General Information

                            Joe Sandbox version:40.0.0 Tourmaline
                            Analysis ID:1501226
                            Start date and time:2024-08-29 15:53:01 +02:00
                            Joe Sandbox product:CloudBasic
                            Overall analysis duration:
                            Hypervisor based Inspection enabled:false
                            Report type:full
                            Cookbook file name:defaultwindowsinteractivecookbook.jbs
                            Sample URL:https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC55LrdgOMctgJTF4aBFIDuUJB9xKyAVKEFqtPWDKRUFfRVL-2BZtxCjl35gXp1OzUaHmIog3KXNno0PoTN23H9BQ1hA1I4Go28GRqYv7PhkfrIKUdo6Jh-2FSBIhY5KlD9FeYRn1L-2B-2BMgQY6LlmMzMXTnvw7UnzwNdVP1PbwypC7fFdExRx58oUXa2-2B-2BalmqLe5W1v8o6qt5REv0B6VFQlHAFmxOrJwwlVAfqpYP-2F2sboiXoQAHvGwJjya8Z0ekRGMG7bMmVlZZUW01i9bQvV2Roks7TGNIp5b8POzZoY7Flnjs8-2BWCKAXUlzsDGMCYn1wZLGEFCYezv5KLt7H-2B6i7jNoux9HEaj0YN-2FsUjM9mCJTgphh38iFRym9tGMNFA-2BOSbTsr97EtmjyJboLtiw1evQHnbbIF-_zqBH9ExdcHz8y5jmZhTFlw0CoZyZAmMI16-2BYnIHsyEPJD-2BoDN2SPQabUJIOnni0R-2B9LuEMQe5DNe-2FjiLt8trXQ-2FOqf4ejJg2VmneQcoqFw-2FOZ9DUuUQCjAGgXC4-2FMsb4ms1HxxS9-2BbcfDfJEAFbMGI1IqwsTqbsLkZk3wna7WxZhO9yKcxiL35UkkPnIa2uIQdto9JuNDufvBk0TMo3qFWmeUNULbncHTxwF-2BPu3KFg6jaF7PfITImZUzMiJ-2BmIExlNmZxhZJkfZzdAqw-2F5Aqwi8V5PS51veG29uQ68vd-2BZeVK-2FPHULwOlPzxq83ylDa
                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                            Number of analysed new started processes analysed:15
                            Number of new started drivers analysed:0
                            Number of existing processes analysed:0
                            Number of existing drivers analysed:0
                            Number of injected processes analysed:0
                            Technologies:
                            • EGA enabled
                            Analysis Mode:stream
                            Analysis stop reason:Timeout
                            Detection:CLEAN
                            Classification:clean0.win@16/40@32/221

                            Warnings

                            • Exclude process from analysis (whitelisted): svchost.exe
                            • Excluded IPs from analysis (whitelisted): 142.250.184.227, 142.250.185.110, 74.125.71.84, 34.104.35.123
                            • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
                            • Not all processes where analyzed, report is missing behavior information
                            • VT rate limit hit for: https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC55LrdgOMctgJTF4aBFIDuUJB9xKyAVKEFqtPWDKRUFfRVL-2BZtxCjl35gXp1OzUaHmIog3KXNno0PoTN23H9BQ1hA1I4Go28GRqYv7PhkfrIKUdo6Jh-2FSBIhY5KlD9FeYRn1L-2B-2BMgQY6LlmMzMXTnvw7UnzwNdVP1PbwypC7fFdExRx58oUXa2-2B-2BalmqLe5W1v8o6qt5REv0B6VFQlHAFmxOrJwwlVAfqpYP-2F2sboiXoQAHvGwJjya8Z0ekRGMG7bMmVlZZUW01i9bQvV2Roks7TGNIp5b8POzZoY7Flnjs8-2BWCKAXUlzsDGMCYn1wZLGEFCYezv5KLt7H-2B6i7jNoux9HEaj0YN-2FsUjM9mCJTgphh38iFRym9tGMNFA-2BOSbTsr97EtmjyJboLtiw1evQHnbbIF-_zqBH9ExdcHz8y5jmZhTFlw0CoZyZAmMI16-2BYnIHsyEPJD-2BoDN2SPQabUJIOnni0R-2B9LuEMQe5DNe-2FjiLt8trXQ-2FOqf4ejJg2VmneQcoqFw-2FOZ9DUuUQCjAGgXC4-2FMsb4ms1HxxS9-2BbcfDfJEAFbMGI1IqwsTqbsLkZk3wna7WxZhO9yKcxiL35UkkPnIa2uIQdto9JuNDufvBk0TMo3qFWmeUNULbncHTxwF-2BPu3KFg6jaF7PfITImZUzMiJ-2BmIExlNmZxhZJkfZzdAqw-2F5Aqwi8V5PS51veG29uQ68vd-2BZeVK-2FPHULwOlPzxq83ylDa

                            LLM Input / Output

                            InputOutput
                            URL: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNp Model: jbxai
                            {
"brand":["LOS ANGELES CENTER FOR NOSE,
 THROAT ALLERGY"],
"contains_trigger_text":false,
"prominent_button_name":"unknown",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                            URL: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNp Model: jbxai
                            {
"brand":["LOS ANGELES CENTER FOR EAR,
 NOSE,
 THROAT AND ALLERGY",
"AdvancedMD"],
"contains_trigger_text":false,
"prominent_button_name":"Log In",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                            URL: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNp Model: jbxai
                            {
"brand":["LOS ANGELES CENTER FOR NOSE,
 THROAT ALLERGY"],
"contains_trigger_text":false,
"prominent_button_name":"unknown",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                            URL: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNp Model: jbxai
                            {
"brand":["LOS ANGELES CENTER FOR EAR,
 NOSE,
 THROAT AND ALLERGY",
"AdvancedMD"],
"contains_trigger_text":false,
"prominent_button_name":"unknown",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                            URL: https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNp Model: jbxai
                            {
"brand":["LOS ANGELES CENTER FOR NOSE,
 THROAT ALLERGY"],
"contains_trigger_text":false,
"prominent_button_name":"Make Payment",
"text_input_field_labels":["Card Holder Name",
"Billing Address",
"Zip Code",
"Card Number",
"Exp (MM/YY)"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

                            Created / dropped Files

                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:53:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                            Category:dropped
                            Size (bytes):2673
                            Entropy (8bit):3.9803923421736465
                            Encrypted:false
                            SSDEEP:
                            MD5:592A5E5AD46324981CCC656F5339AECB
                            SHA1:3C56E5B4170FE6BE6558BDCCD0503F9C4F449408
                            SHA-256:4636FCC3628DD1DB2698D7784FDAE27110D6FDCAA5A78FC2838003D1528AE20D
                            SHA-512:11709CA9494B42B5878790454048CA398F0B66DD99A1D90D2DF40FC19F12C90E576C6AA74824213994926C241D048184F6FF613547503536901A24859512E3A5
                            Malicious:false
                            Reputation:unknown
                            Preview:L..................F.@.. ...$+.,....S ......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............1b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:53:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                            Category:dropped
                            Size (bytes):2675
                            Entropy (8bit):3.9998899178193446
                            Encrypted:false
                            SSDEEP:
                            MD5:E5F1C100B3A66316F87B0607F854CD8C
                            SHA1:D6825A15C88AFB0F9A62C60F10DB1B1548E74918
                            SHA-256:FA0F0E86AF3D37DA06B4B68BD9B7C68793BEAB3B11D814D16D2A94535E5C07E8
                            SHA-512:BA140547F9A20D5DCF289464E612B47426EFCAC79264D9149F56105DF05C65FF0F0CBA2CB32BEA2684C2E8250A234C2BBEBAB1E0E42E6F13E012AC048045C709
                            Malicious:false
                            Reputation:unknown
                            Preview:L..................F.@.. ...$+.,....E.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............1b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                            Category:dropped
                            Size (bytes):2689
                            Entropy (8bit):4.007650206311711
                            Encrypted:false
                            SSDEEP:
                            MD5:4D1AAC428D127FF0F4730CAE5F7C38D3
                            SHA1:C533CFAAF1D0BB33B404579B7D089A8D612CDCDD
                            SHA-256:5A6B6FB8022228F457656A3A5348C8D3B4D50DD935991A3F9C6A1CD0E970C13A
                            SHA-512:ADB5D4D1B9AE7FE96FBDE50681711F3FC66F846BB9392FC8DA42C52C47D847C9928D758C36FEE2CA1938A05FB717A048DCCE7B6177D027E2B73152F50760BE05
                            Malicious:false
                            Reputation:unknown
                            Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............1b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:53:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                            Category:dropped
                            Size (bytes):2677
                            Entropy (8bit):3.999958409997132
                            Encrypted:false
                            SSDEEP:
                            MD5:BD46F46BCEAD47618CF94047E544A680
                            SHA1:B96204BCC18145F69A1B34B25CDF19FFC52B8E62
                            SHA-256:AFEF72ED5568E8AD7C2B0F57BD5AC6BA29961A5C192B6BEB7FA7867E9DB213FC
                            SHA-512:4FD227820A888275A6F24A2D56CEBEEA16D15E957F3F92C0B8B4EF3E3C84BE36D9C133B6F23B90015A9375A4E706B180CFC66AA89CBB7F517AD45DC91FE01482
                            Malicious:false
                            Reputation:unknown
                            Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............1b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:53:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                            Category:dropped
                            Size (bytes):2677
                            Entropy (8bit):3.9864727474262844
                            Encrypted:false
                            SSDEEP:
                            MD5:00D7560224B104598002260372F0B810
                            SHA1:7A8060C4D52C1186DC9160AAD62ADAEC890874B3
                            SHA-256:AA6B8BDC52F2DE932ADD9F7C994EF6F8E74590AC333B93AF9955CB85ACC277FC
                            SHA-512:9404435958DFFDA8235CA9CC5D16B28A1AF37533D04C49B5A693F8E1E00538A42DFDC7DA775BCE478EEAE0A04D40A20DABA64C846F70E98166336F72854268EB
                            Malicious:false
                            Reputation:unknown
                            Preview:L..................F.@.. ...$+.,....L>......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............1b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Aug 29 12:53:30 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                            Category:dropped
                            Size (bytes):2679
                            Entropy (8bit):3.9931990865398546
                            Encrypted:false
                            SSDEEP:
                            MD5:BCA5C00C22648C0B94B848511BAA3C2C
                            SHA1:A27A8F3EBE55856A3A5CD5D80360AFEEE6A115B1
                            SHA-256:78609460F3949C490361EA2C8A1B44D22551A5AE952DCECD99DEF2A5CBC1D4CA
                            SHA-512:AF22B26CA6AAF16B1A3365534789BC51DB2C15A0C7790FAB4B82ED29C54432DD11A3041D2370116795C50CBD4B7F07E6BCCBDCF2047FE7EC8B3970AF8AA57854
                            Malicious:false
                            Reputation:unknown
                            Preview:L..................F.@.. ...$+.,....3h......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Y.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Y.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Y.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Y.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............1b.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                            Chrome Cache Entry: 100

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):176
                            Entropy (8bit):4.982684948557416
                            Encrypted:false
                            SSDEEP:
                            MD5:694340C49B54E2156D5E1F894D49E27D
                            SHA1:24BC23619E6A9FC829AC84E2058C9BCDCB239FC9
                            SHA-256:8FDB03760EBF1ADF49E8A47CD6C2795403BF30404AD8CD64AEFE83CB04672B89
                            SHA-512:6827F33B43A556D4231BF879B99E9A6A7291945B655A2831FF25209DEA90204ADB4749A39A159FC479DD230CD0B15C5617AFD0E9ED0F41C3AC8B2458A3EA19C6
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISMwmAdQXDNDOvjBIFDauIVykSBQ3DUgC2EgUNpRCc1BIFDWxIHsgSBQ2ZZ4tUEgUNbEgeyBIeCYad6h_P4BOsEgUNq4hXKRIFDcNSALYSBQ2lEJzUEhcJUuIO02vJk4cSBQ1sSB7IEgUNbEgeyBIQCQciSAp9A-eUEgUNmWeLVA==?alt=proto
                            Preview:CjYKBw2riFcpGgAKBw3DUgC2GgAKBw2lEJzUGgAKBw1sSB7IGgAKBw2ZZ4tUGgAKBw1sSB7IGgAKJwoLDauIVykaBAgHGAEKCw3DUgC2GgQIHhgBCgsNpRCc1BoECCMYAQoSCgcNbEgeyBoACgcNbEgeyBoACg0KCw2ZZ4tUGgQIORgB

                            Chrome Cache Entry: 104

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:SVG Scalable Vector Graphics image
                            Category:dropped
                            Size (bytes):3406
                            Entropy (8bit):4.550948522101117
                            Encrypted:false
                            SSDEEP:
                            MD5:CF72E5E7F29A68BC729D7948FC63084C
                            SHA1:63F8D5637D881EC55DEA3806BFB57AE86A78F73D
                            SHA-256:D3505F55BEA0CF3B0A5B7DA76344A895DF41B695DA85C3D5B5FB8C7ADA7378E5
                            SHA-512:864E5A40246BE18428EE286A671B2DA76F08AAA0C2407998105728BAE66E9918BD561AFC2B089480C8972FC004658D77393A12FBF5D3CA19B495654308A178BA
                            Malicious:false
                            Reputation:unknown
                            Preview:<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 299.17 96.38"><defs><style>.cls-1{fill:#4b4f54;}.cls-2{fill:#ff671b;}</style></defs><title>logoFInal</title><path class="cls-1" d="M97.46,71.71l-2.32-5.77H82.74l-2.32,5.77H78.09l9.6-23.45h2.5l9.6,23.45Zm-8.54-21.3L83.4,64.12H94.48Z"/><path class="cls-1" d="M112.79,71.71V69a7.24,7.24,0,0,1-5.91,3.13c-4.5,0-7.59-3.44-7.59-8.89s3.09-8.93,7.59-8.93a7.21,7.21,0,0,1,5.91,3.16V48.27h1.86V71.71Zm0-4.25v-8.4A6.78,6.78,0,0,0,107.2,56c-3.77,0-5.94,3.16-5.94,7.28s2.18,7.24,5.94,7.24A6.81,6.81,0,0,0,112.79,67.46Z"/><path class="cls-1" d="M123.44,71.71l-7.17-17h2l6.19,14.84,6.12-14.84h2.08l-7.17,17Z"/><path class="cls-1" d="M144.72,71.71v-2A7.4,7.4,0,0,1,139,72.13,5.68,5.68,0,0,1,133,66.48c0-3.69,3-5.62,5.94-5.62a7.35,7.35,0,0,1,5.77,2.43V59.83c0-2.53-2-3.9-4.57-3.9a6.6,6.6,0,0,0-5.31,2.5l-1-1.27a8.24,8.24,0,0,1,6.54-2.85c3.45,0,6.19,1.65,6.19,5.45v12Zm0-3.34V64.65a6.38,6.38,0,0,0-5.13-2.35c-2.81,0-4.64,1.79-4.64,4

                            Chrome Cache Entry: 105

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans
                            Category:downloaded
                            Size (bytes):217360
                            Entropy (8bit):6.419276317380006
                            Encrypted:false
                            SSDEEP:
                            MD5:629A55A7E793DA068DC580D184CC0E31
                            SHA1:3564ED0B5363DF5CF277C16E0C6BEDC5A682217F
                            SHA-256:E64E508B2AA2880F907E470C4550980EC4C0694D103A43F36150AC3F93189BEE
                            SHA-512:6C24C71BEE7370939DF8085FA70F1298CFA9BE6D1B9567E2A12B9BB92872A45547CBABCF14A5D93A6D86CD77165EB262BA8530B988BF2C989FADB255C943DF9B
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/OpenSans.4543090a37b427da.ttf
                            Preview:...........0DSIG..D...;....tGDEF.&....7|....GPOS.7.7..7....8GSUB.+=...7.....OS/2.>.........`cmap)./h........cvt .M..........fpgm~a..........gasp...#..7l....glyft8.K..%.../.head.v....<...6hhea...s...t...$hmtx.5<.........kernT+.~..U@...6loca)......4...Vmaxp.C......... names......x....post.C.l...@..&+prepC...................!..__.<..........51.......LL.......b...........................{...............................V......./.\.......................3.......3.....f..................@. [...(....1ASC.@. ...........X ........H..... ...................#...5...+.3.......h...q.....^.R.^.=.j.V...h...?...T.!.........f.......d...^...+.......u...^...h...j.!...!.?...h...w...h.o...1.y...../.....}.....s...!.....}.......T.#.`.....'...9.......;.}.....;.}.....d.j.m...........h.......{.....R...........3.V.1.........s.^.......s...s.}.s.....b.'.............3.......q.........s.......s.D.....j.............9...1.'.......R...=.h.....H...h.....#.........?...{.....h...!.{...5...d...F...R...h...T...d.....m.....h

                            Chrome Cache Entry: 107

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:Unicode text, UTF-8 text
                            Category:dropped
                            Size (bytes):107552
                            Entropy (8bit):4.453787869575152
                            Encrypted:false
                            SSDEEP:
                            MD5:830385D84B513E7934DA5E62790BAE7C
                            SHA1:94CE8CDF478969ECB39BAA3316819FDC8372F18B
                            SHA-256:AA0FDDA48E7C81E32AD57589DE4AB49B87622E06C3B038F0347FF48C83A13DEE
                            SHA-512:6A823A6F121ECB23E4CB8504ABE76268542697AF6BDEF1C75C8D4B27E85969564258A486260549425267FBF3A91E779CC5E40E1B4AE19105A6A0067E5492F5D4
                            Malicious:false
                            Reputation:unknown
                            Preview:var Heartland = (function () {.'use strict';../* -----------------------------------------------------------------------------.This file is based on or incorporates material from the projects listed below.(collectively, "Third Party Code"). Microsoft is not the original author of the.Third Party Code. The original copyright notice and the license, under which.Microsoft received such Third Party Code, are set forth below. Such licenses.and notices are provided for informational purposes only. Microsoft, not the.third party, licenses the Third Party Code to you under the terms of the.Apache License, Version 2.0. See License.txt in the project root for complete.license information. Microsoft reserves all rights not expressly granted under.the Apache 2.0 License, whether by implication, estoppel or otherwise..----------------------------------------------------------------------------- */./*. json2.js. 2011-10-19.. Public Domain... NO WARRANTY EXPRESSED OR IMPLIED. USE AT YOUR

                            Chrome Cache Entry: 108

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:Unicode text, UTF-8 text, with very long lines (32000)
                            Category:dropped
                            Size (bytes):37931
                            Entropy (8bit):5.4153779371245685
                            Encrypted:false
                            SSDEEP:
                            MD5:73C6850396835226A45224698B43059A
                            SHA1:DB4255AFD4B5E1A03DAE721E1D0C367B011DE405
                            SHA-256:23A2910290EFB69A0B108FDE2A3BAEC75EA713CBCB354C4F129A51042D3C3178
                            SHA-512:326B480D74B94564C764E489D5961F88473A98C7AA998CB71B55DB6F7ED8CF86A228971CEB0BCCB2FB9E619714B782BC747A572454AE9826B4EA804A232DCC60
                            Malicious:false
                            Reputation:unknown
                            Preview:var Heartland=function(){"use strict";var e={};!function(){function t(e){return e<10?"0"+e:e}function r(e){return c.lastIndex=0,c.test(e)?'"'+e.replace(c,function(e){var t=l[e];return"string"==typeof t?t:"\\u"+("0000"+e.charCodeAt(0).toString(16)).slice(-4)})+'"':'"'+e+'"'}function n(e,t){var a,d,c,l,u=null,p=o,f=t[e];switch(f&&"object"==typeof f&&"function"==typeof f.toJSON&&(f=f.toJSON(e)),"function"==typeof s&&(f=s.call(t,e,f)),typeof f){case"string":return r(f);case"number":return isFinite(f)?String(f):"null";case"boolean":case"null":return String(f);case"object":if(!f)return"null";if(o+=i,l=[],"[object Array]"===Object.prototype.toString.apply(f,[])){for(c=f.length,a=0;a<c;a+=1)l[a]=n(a.toString(),f)||"null";return d=0===l.length?"[]":o?"[\n"+o+l.join(",\n"+o)+"\n"+p+"]":"["+l.join(",")+"]",o=p,d}if(s&&"object"==typeof s)for(c=s.length,a=0;a<c;a+=1)"string"==typeof s[a]&&(u=s[a],(d=n(u,f))&&l.push(r(u)+(o?": ":":")+d));else for(u in f)Object.prototype.hasOwnProperty.call(f,u)&&(d=

                            Chrome Cache Entry: 109

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:HTML document, ASCII text, with very long lines (487), with no line terminators
                            Category:downloaded
                            Size (bytes):487
                            Entropy (8bit):4.978941542234329
                            Encrypted:false
                            SSDEEP:
                            MD5:ADBD4BAAF8B60C9C5A24E3288C287A59
                            SHA1:42AEC6E3DF106EDEEDAF10DB12FE06CF2A35190D
                            SHA-256:A403DAF9B458AA5499D02EC2D6CD64D459B4207AFC5CFAC002D49BE6C7BA47F0
                            SHA-512:E72681ABBE2E691E1C4B67AD945A82AD0E854D834182F84196A6A05B6C5E357D6347B55F58AF6BEB38BD8A635483B3C00A92CAF18EF230F5A5CACC907F1A7BF0
                            Malicious:false
                            Reputation:unknown
                            URL:https://api.heartlandportico.com/SecureSubmit.v1/token/2.1/button.html
                            Preview:<!DOCTYPE html><meta content="text/html; charset=utf-8"http-equiv="Content-Type"><meta content="width=device-width,initial-scale=1,user-scalable=no"name="viewport"><title></title><style>body{margin:0}</style><body id="heartland-field-body"><div id="heartland-field-wrapper"><input id="heartland-field"type="submit"><div class="extra-div-1"></div><div class="extra-div-2"></div></div><script src="securesubmit.js"></script><script>(new Heartland.HPS).configureButtonFieldIframe()</script>

                            Chrome Cache Entry: 111

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:PNG image data, 562 x 333, 8-bit/color RGBA, non-interlaced
                            Category:downloaded
                            Size (bytes):21113
                            Entropy (8bit):4.063176925463628
                            Encrypted:false
                            SSDEEP:
                            MD5:332B3A8DAA312CEB2F3C4D8DCF741211
                            SHA1:3471A8386137958E1A3BCA3B9526C320664312C1
                            SHA-256:F34FEC00A8AC8EDE0AC9EB7CCAEDC89829C8645D6973DF488B0E14110375927E
                            SHA-512:E7BAC996C704345E86BA0F8826BF131507967964F61BB7C793A33F651F8AE3B5CC2E747892624782A61B4067C94EF7E25CE973613BAEABC181D0433EAAAFD9D4
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/cvv1.9b19a81049fe22c2.png?raw=true
                            Preview:.PNG........IHDR...2...M......P......pHYs...#...#.x.?v..9.iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c014 79.156797, 2014/08/20-09:53:02 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/". xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:exif="http://ns.adobe.com/exif/1.0/">. <xmp:CreatorTool>Adobe Photoshop CC 2014 (Macintosh)</xmp:CreatorTool>. <xmp:CreateDate>2016-04-26T14:33:08-04:00</xmp:CreateDate>. <xmp:ModifyDate>2016-06-08T10:42:32-04:00</xmp:ModifyDate>. <xmp

                            Chrome Cache Entry: 113

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):168
                            Entropy (8bit):4.852147332051986
                            Encrypted:false
                            SSDEEP:
                            MD5:003333C091925CFF14BC48D2A605D3D8
                            SHA1:1EAF7D90ECF8579B5807D7D81F0A4F2C31A78425
                            SHA-256:102745BE1E6DD87680DBC5D78DD0652E45C4FD5B213A2FA5F0A713DFCB6DF888
                            SHA-512:376160849E9C40DF13D97C670F17B9ADF7AEA75ABE4AF40B65D1A8210C592BFF1943E9A61B184E5C5D7961F372AB7304E44E80D28C9F34E14A4F59B4E02A1C1D
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISMwlL240d-XEWVhIFDauIVykSBQ3DUgC2EgUNpRCc1BIFDWxIHsgSBQ1sSB7IEgUNbEgeyBIeCYad6h_P4BOsEgUNq4hXKRIFDcNSALYSBQ2lEJzUEh4JUuIO02vJk4cSBQ1sSB7IEgUNbEgeyBIFDWxIHsg=?alt=proto
                            Preview:CjYKBw2riFcpGgAKBw3DUgC2GgAKBw2lEJzUGgAKBw1sSB7IGgAKBw1sSB7IGgAKBw1sSB7IGgAKJwoLDauIVykaBAgHGAEKCw3DUgC2GgQIHhgBCgsNpRCc1BoECCMYAQobCgcNbEgeyBoACgcNbEgeyBoACgcNbEgeyBoA

                            Chrome Cache Entry: 115

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):224
                            Entropy (8bit):5.108492425425756
                            Encrypted:false
                            SSDEEP:
                            MD5:D28F3DFDC227F4659FC198CC8956FC54
                            SHA1:5B18A63F87D05BB56A21AA4F8B04BE07A4A1BE78
                            SHA-256:5F4F2D0861717A291839E782392DF40B9873F87BAFD835019ADA2496E4E8A5CA
                            SHA-512:BEF589A1A95997E5216240919D83B9ECC645F94A263F27266B595A1081CD039D1AC38A556B1EB569302E30A00BA6FEBD9A4B329537CE24481B0A1F4AC778347A
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISMwmmel-UgAjUTBIFDauIVykSBQ3DUgC2EgUNpRCc1BIFDe7Se0sSBQ2ZZ4tUEgUN9AO67xIeCYad6h_P4BOsEgUNq4hXKRIFDcNSALYSBQ2lEJzUEhAJb9m5Dm5-3RASBQ3u0ntLEhAJByJICn0D55QSBQ2ZZ4tUEhAJRHfrGn6VCkkSBQ30A7rv?alt=proto
                            Preview:Ck4KCw2riFcpGgQIBxgBCgsNw1IAthoECB4YAQoLDaUQnNQaBAgjGAEKCw3u0ntLGgQINBgBCgsNmWeLVBoECDkYAQoLDfQDuu8aBAg7GAEKJwoLDauIVykaBAgHGAEKCw3DUgC2GgQIHhgBCgsNpRCc1BoECCMYAQoNCgsN7tJ7SxoECDQYAQoNCgsNmWeLVBoECDkYAQoNCgsN9AO67xoECDsYAQ==

                            Chrome Cache Entry: 119

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:PNG image data, 800 x 100, 8-bit/color RGBA, non-interlaced
                            Category:downloaded
                            Size (bytes):59755
                            Entropy (8bit):6.928449112926951
                            Encrypted:false
                            SSDEEP:
                            MD5:CEADA08D149BD9C2D63706E67EB7B1E9
                            SHA1:2D5349E58C204D5BA868762DA56D2E00E14DA807
                            SHA-256:034E3497EF4AD52FC86F06C33934AA132ED75668E0089513F114F7BA219E2A60
                            SHA-512:9CC6ED65D8809F9FE4C4F198CB425FC9FF6FABB8C621B3BC2FE44C4EAA4B588A49F8EC40D07FE72CE3FC1A11C02672D87FC5BF165CBFB56C78CBB2E1A44C6D08
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/ss-shield@2x.c16b62022a69ec4b.png?raw=true
                            Preview:.PNG........IHDR... ...d.....~QT.....pHYs...............F.iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c014 79.156797, 2014/08/20-09:53:02 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/". xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/". xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#". xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:tiff="http://ns.adobe.com/tiff/1.0/". xmlns:exif="http://ns.adobe.com/exif/1.0/">. <xmp:CreatorTool>Adobe Photoshop CC 2014 (Macintosh)</xmp:CreatorTool>. <xmp:CreateDate>2016-06-22T15:10:40-04:00</xmp:CreateDate>.

                            Chrome Cache Entry: 120

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:HTML document, ASCII text, with very long lines (1528)
                            Category:downloaded
                            Size (bytes):2415
                            Entropy (8bit):5.385409567541608
                            Encrypted:false
                            SSDEEP:
                            MD5:BDBCBB3B6ADE6737CB3252F40E87CD60
                            SHA1:58A513764BFC6F0D0387D2081C7BFEA4BF6032F9
                            SHA-256:A475A496036528BCDA17EBEF09238A6BBA569AB9BD5662494C49A50CBEA2B475
                            SHA-512:4C4635351CA813218DCE084A5E5E823E8C84428227FF508FFEB15DDCD0759F75EE6D70F21FBF9C190F46BA4FA4B3FD555098261AC28205A61ED1D7D0D395D4E2
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/131482/billing?token=T1RXYzdqa3RhcWpGM3htWU45Z0xWL0lyNmpUWXdvaU9nSTlZc09yZ3JoQUJNNzdnNFlBNFUwTTBZMFAyMjZjOTJCcXdDTlpxRUNHZkVDeTU4RlZoamExR28ycG5neHpsT3F3SktvS0dMU01tbjFEWGhmNE01WjdGd1Vta3dFS1FXUWZvVkplTzNIOUFmaHJ2bWVPRnNpVVphN2syWGhvSFJYYngvcWNweDZteGRBSWtyS3RocFhpK1JvODhlQ0s1
                            Preview:<!DOCTYPE html><html lang="en-us"><head>. <title>Advanced MD | Patient Portal</title>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=2.0, user-scalable=1">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="robots" content="noindex">. <base href="/">. <link rel="shortcut icon" href="favicon.ico?v=2">. <script src="https://apis.google.com/js/api.js" async="" defer></script>. <script src="https://api2.heartlandportico.com/SecureSubmit.v1/token/2.1/securesubmit.min.js" async="" defer></script>.<style>@import"https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-theme-default/material-theme.css";@import"https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/amds-icons.css";@charset "UTF-8";html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}@media print{*,*:before,*:after{color:#000!important;text-shadow:none!important;backgr

                            Chrome Cache Entry: 122

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (2051)
                            Category:downloaded
                            Size (bytes):15009
                            Entropy (8bit):5.465623684974502
                            Encrypted:false
                            SSDEEP:
                            MD5:DEBC792D9379E95E47071E67D3480AE3
                            SHA1:978B28EE04BE45DE1F89BB589F7DD1A3367C913F
                            SHA-256:5F301B41A86204F34CE1F69010EC3A242FC11E61CDEA50BC82968C064A406CC3
                            SHA-512:CDF30590B090C7BF509D5C773DDFE52144070B216EAAD1A5149880EA02F911D3769D82F34E0B4D4F139EDD1CB1A04F49A93307FD49C609988AAA4BDD08C5FBCA
                            Malicious:false
                            Reputation:unknown
                            URL:https://apis.google.com/js/api.js
                            Preview:(function(){var aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},ca=ba(this),g=function(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-.1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}},h=function(a,b,c){if(a==null)throw new TypeError("The 'this' value for String.prototype."+c+" must not be null or undefined");if(b instanceof RegExp)throw new TypeError("First argument to String.prototype."+c+" must not be a regular expression");return a+""};.g("String.prototype.endsWith",function(a){return a?a:function(b,c){var d=h(this

                            Chrome Cache Entry: 123

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (1572)
                            Category:downloaded
                            Size (bytes):56115
                            Entropy (8bit):5.347323537885137
                            Encrypted:false
                            SSDEEP:
                            MD5:3C89B4E5563F4BA0410A1D7D4F3AD23E
                            SHA1:6455000459BF2AD68625B8B554A652CC84145261
                            SHA-256:B17609553B24140FC01409B78FA834FE878DE6410FE9E8996B0A5F6A984DDD6D
                            SHA-512:F85D5BA57633E85A9A3DC826A33DE76FF22725DE7398FC0049E1395CD46603F0B1F2E1BB47422BCF0D2D71FC2BA497322CFC40EF5101A3FF25E89757E4F6CA56
                            Malicious:false
                            Reputation:unknown
                            URL:"https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin-ext"
                            Preview:/* cyrillic-ext */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Open Sans';. font-style

                            Chrome Cache Entry: 124

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):40
                            Entropy (8bit):4.284183719779188
                            Encrypted:false
                            SSDEEP:
                            MD5:5DFB63A358284239FDE837B8B33E5267
                            SHA1:0F2B7276DAD3CBB7F2E1B77E0B6CFAB4346812BD
                            SHA-256:CADFC91CF76D004375FBE9FFE9971D4627532BAA277A21060BA3BEFDEF644EF4
                            SHA-512:061D49A861370EB6146A9F6AA36E123E72E08813C37F2961B0B324F0CE97298FF1D509F8C7CE026BDF2E68EE21509E2BF66F13EC99548743348A4BCEB9A97425
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwkc4fzkMdts_hIFDVALr7ASBQ01hlQc?alt=proto
                            Preview:ChoKCw1QC6+wGgQICRgBCgsNNYZUHBoECEsYAg==

                            Chrome Cache Entry: 125

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (65536), with no line terminators
                            Category:downloaded
                            Size (bytes):300971
                            Entropy (8bit):5.1188856251583195
                            Encrypted:false
                            SSDEEP:
                            MD5:C1DB6D769CB841A9D2CCB364A100F757
                            SHA1:CB8AFFA064D49090138BCB2BDC8F96912471ADA4
                            SHA-256:96518CFDDFE78CDAD221E3117DFE60525908EC533E6C311D7D6A05563AD1DE44
                            SHA-512:45537E045F3CBF01A50EFB56531312CD3007FF77CE33834588627483A37C63512E9B64A0CD408B982F8E681FBC5235AEB7DE9FB67EFFEDA341CB6104C2DD142E
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/styles.bc20a01cb439f66e.css
                            Preview:@import"https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-theme-default/material-theme.css";@import"https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/amds-icons.css";@charset "UTF-8";/*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:none;text-decoration:underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{font-size:2em;margin:.67em 0}mark{background:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:r

                            Chrome Cache Entry: 126

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):56
                            Entropy (8bit):4.771640636343321
                            Encrypted:false
                            SSDEEP:
                            MD5:9172168A3B449AB44937AC92631558A9
                            SHA1:E209AB0033A7C1DB9FD8E949E5BD67D995CBCEA6
                            SHA-256:BFFC07CEA0CEBACF6221E00ADCA66513A4AFA183FCC0D078419531E3BAAEBD30
                            SHA-512:71A9150CC6F78B41CAD8C382EF6BE7E6EEA1EEFC6823F55E1E542BF23D0215248250EA026FFCCACE5A9DF97E48CBA6925817464FF4CF3B7C794DF9B2A29512A1
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmGneofz-ATrBIFDauIVykSBQ3DUgC2EgUNpRCc1A==?alt=proto
                            Preview:CicKCw2riFcpGgQIBxgBCgsNw1IAthoECB4YAQoLDaUQnNQaBAgjGAE=

                            Chrome Cache Entry: 127

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (65536), with no line terminators
                            Category:dropped
                            Size (bytes):4687935
                            Entropy (8bit):5.672771458233306
                            Encrypted:false
                            SSDEEP:
                            MD5:6D6D9D296808FAFE4181909AB77BBBDA
                            SHA1:262606EDECA573681E8B59C641295E33303A39FE
                            SHA-256:77F605F302B8458E237E88B7BCCC9ABD69782DD60F6C29DF57AA8E13CB45BAD5
                            SHA-512:583F6F86B3181BB627D2FC5BCB9AFC2C5E6E18EC93C9A408345E1B1DE6CDCA740B608894A94D7DF546D9B58FA980BBB2A0B5737F2582AD79B2A0F9D8B106DC4B
                            Malicious:false
                            Reputation:unknown
                            Preview:(self.webpackChunkportal_shell=self.webpackChunkportal_shell||[]).push([[179],{30040:(Ie,R,s)=>{"use strict";s.d(R,{kp:()=>v,qX:()=>de,vA:()=>N,fY:()=>u});var n=s(8789);const e=["onlineintake/reasonforvisit","onlineintake/complete","account/","captcha","onlinescheduling/v2/patients","ccof"],m=["documents/upload","legacy/account/changesettings","v2/credit-card-on-file"];var c=(()=>{return(ae=c||(c={})).Base="pp-base-theme",ae.DarkBlue="darkblue",ae.LightBlue="lightblue",ae.Dark="dark",c;var ae})(),r=s(70074);let u=(()=>{class ae{constructor(){this.themeCfg={baseTheme:c.Base,themeName:c.DarkBlue}}loadThemeConfig(){return(0,n.of)(this.themeCfg)}adjustHeightByRoute(He,Pt=!1){const B=Pt?m:e;return B.some(Yt=>He.url.toLocaleLowerCase().includes(Yt))||B.some(Yt=>He.urlAfterRedirects.toLocaleLowerCase().includes(Yt))}}return ae.\u0275fac=function(He){return new(He||ae)},ae.\u0275prov=r.\u0275\u0275defineInjectable({token:ae,factory:ae.\u0275fac,providedIn:"root"}),ae})();var t=s(97582),x=s(435

                            Chrome Cache Entry: 128

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
                            Category:downloaded
                            Size (bytes):77160
                            Entropy (8bit):7.996509451516447
                            Encrypted:true
                            SSDEEP:
                            MD5:AF7AE505A9EED503F8B8E6982036873E
                            SHA1:D6F48CBA7D076FB6F2FD6BA993A75B9DC1ECBF0C
                            SHA-256:2ADEFCBC041E7D18FCF2D417879DC5A09997AA64D675B7A3C4B6CE33DA13F3FE
                            SHA-512:838FEFDBC14901F41EDF995A78FDAC55764CD4912CCB734B8BEA4909194582904D8F2AFDF2B6C428667912CE4D65681A1044D045D1BC6DE2B14113F0315FC892
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/fontawesome-webfont.e9955780856cf8aa.woff2?v=4.7.0
                            Preview:wOF2......-h..........-.........................?FFTM.. .`..r.....(..X.6.$..p..... .....u[R.rGa...*...'.=.:..&..=r.*.......].t..E.n.......1F...@....|....f.m.`.$..@d[BQ.$([U<+(..@P.5..`....>.P..;.(..1..l..h...)..Yy..Ji......|%..^..G..3..n........D..p\Yr .L.P.....t.)......6R.^"S.L~.YR.CXR...4...F.y\[..7n..|.s.q..M..%K......,.....L.t.'....M.,..c..+b....O.s.^.$...z...m...h&gb...v.....'..6.:....s.m.b.1.m0"....*V.....c.$,0ATPT.1.....<..;...`..'.H.?.s.:..ND.....I..$..T..[..b4........,....bl6...IL.i}.&.4.m,'....#....Rw..bu..,K......v....m_-...\H....HH.......?...m..9P...)9.J..$.....8......~.;.r..n.=$.....Nddn.!'....;...8..'.N...!.-..J.........X.=.,......"`:....... {......K!'...-FH....#$~.Z_.......N5VU8F....%.P..........Cp..$.Q.......r.....k.k...3...:R.%....2{.....h%.)8..........ILK.6v.#......,;.6..N.2.hv...........OO..t#....xT..Bf....q^.#....?{.5b.I..%-WZ..b.A...^.1..n5.....NQ.Y'.........S.....!t" .`b3..%....35....fv;....l..9.:jgf?gr..p.x. ..|.. $. e.

                            Chrome Cache Entry: 129

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                            Category:downloaded
                            Size (bytes):15086
                            Entropy (8bit):2.541437605283768
                            Encrypted:false
                            SSDEEP:
                            MD5:7A97A94B3A886BECAB8BD482A0C85874
                            SHA1:94A07EF125633818F92EA3457967A0A927CCB332
                            SHA-256:05E6C55EF2FB42FBE3385C541E3976A2C4B329EB9A89D9D0B406C84D97C2686E
                            SHA-512:24EFFBC2011902565860756D9E007C39FC8898392AC9B17B19792718D87860E5F8F004DC88DD89408BD1C45160C07FDEF933F9C794C819BB52D8EBBC230301AD
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/favicon.ico?v=2
                            Preview:............ .h...6... .... .........00.... ..%..F...(....... ..... ......................................................................................................h.V.f.A.h...g.*.h.1.............................................j...g...g.a.g...g.^.g...g.O.........................................g.%.g...h.`.g...g./.g...g...U.......................................^...g...g...g.f.f.}.g...g...................................g.T.g...g...g...e.5.g...g...g...h.......................f...g...g...g...g...g...g.9.g...g...g...g.M.....................f.2.g...g...g...h.q.b.".g...g...g...g...g.>.....................j.).g...g...l...h.S.g...g...g...g...g...h.......................f.(.f.F.h. .h...g...g...g...g...g...g.W.g...h.S.................l...g...g...g...g...g...g...g...g.m.g...g...g...g...h.Q.........h...g...g...g...g...g...g...g...f.p.g...g...g...g...g.y.....i...g...g...g...g...g...g...h.L...."f...h.v.h...g...g.C.........f.x.g...g...g...g...f.z$m...................................c...g...g

                            Chrome Cache Entry: 130

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):184
                            Entropy (8bit):5.11854775606741
                            Encrypted:false
                            SSDEEP:
                            MD5:315AB4B075D4F5411C56BBFBC753A4A2
                            SHA1:5D156E97E1EC31397B5EADFCAAFDC6D3571E9E40
                            SHA-256:0281D0A8440B2F70CA1766F2372A6F83035C081DA30D1E1C4A942AA0C4F73700
                            SHA-512:FD229A18C7CD928E0C94FCD2AFFEB38C2B84D310BBDB957641DBC2B65DD45DFEEF76C8A3682D26B89BF44B381CC8E3A8A54AD9EBE47ED43668C64246C8ECAF89
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISMwmKXsVJtGDBwRIFDauIVykSBQ3DUgC2EgUNpRCc1BIFDe7Se0sSBQ2ZZ4tUEgUNbEgeyBIeCYad6h_P4BOsEgUNq4hXKRIFDcNSALYSBQ2lEJzUEhAJb9m5Dm5-3RASBQ3u0ntLEhAJByJICn0D55QSBQ2ZZ4tUEhAJUuIO02vJk4cSBQ1sSB7I?alt=proto
                            Preview:CjYKBw2riFcpGgAKBw3DUgC2GgAKBw2lEJzUGgAKBw3u0ntLGgAKBw2ZZ4tUGgAKBw1sSB7IGgAKJwoLDauIVykaBAgHGAEKCw3DUgC2GgQIHhgBCgsNpRCc1BoECCMYAQoNCgsN7tJ7SxoECDQYAQoNCgsNmWeLVBoECDkYAQoJCgcNbEgeyBoA

                            Chrome Cache Entry: 131

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (3015), with no line terminators
                            Category:downloaded
                            Size (bytes):3015
                            Entropy (8bit):5.365690795162639
                            Encrypted:false
                            SSDEEP:
                            MD5:F82D581AA364ACC142717DBDA2DAC271
                            SHA1:0929A744C51016670B1C401A6364662F96A40B6F
                            SHA-256:050CA712A0421EAB5924B2F0C277BC549CE05627D9CAE243BA21A5F990A673C3
                            SHA-512:3BC3AC4F261DC4487FF253B44360BB6D58D5A4E80BCAF20A19BD71F621524F8FFE239658D8E44A03DF56FF28AC28C1EB9624D129772F4CDE6C42281CA1FDE5C1
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/runtime.828784c1b995f56f.js
                            Preview:(()=>{"use strict";var e,v={},h={};function r(e){var n=h[e];if(void 0!==n)return n.exports;var t=h[e]={id:e,loaded:!1,exports:{}};return v[e].call(t.exports,t,t.exports,r),t.loaded=!0,t.exports}r.m=v,e=[],r.O=(n,t,l,f)=>{if(!t){var a=1/0;for(i=0;i<e.length;i++){for(var[t,l,f]=e[i],s=!0,o=0;o<t.length;o++)(!1&f||a>=f)&&Object.keys(r.O).every(b=>r.O[b](t[o]))?t.splice(o--,1):(s=!1,f<a&&(a=f));if(s){e.splice(i--,1);var u=l();void 0!==u&&(n=u)}}return n}f=f||0;for(var i=e.length;i>0&&e[i-1][2]>f;i--)e[i]=e[i-1];e[i]=[t,l,f]},r.n=e=>{var n=e&&e.__esModule?()=>e.default:()=>e;return r.d(n,{a:n}),n},r.d=(e,n)=>{for(var t in n)r.o(n,t)&&!r.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:n[t]})},r.f={},r.e=e=>Promise.all(Object.keys(r.f).reduce((n,t)=>(r.f[t](e,n),n),[])),r.u=e=>e+"."+{242:"3720d00f5a054488",312:"5741a208cd925cb7",357:"21c9903c9ccc60ba",512:"9bc87b909a9ebbb9",616:"84a566d605d87702",641:"b844026e1754aa0b"}[e]+".js",r.miniCssF=e=>{},r.o=(e,n)=>Object.prototype.hasOwnProperty

                            Chrome Cache Entry: 132

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (582), with CRLF, LF line terminators
                            Category:downloaded
                            Size (bytes):149638
                            Entropy (8bit):4.942085930773206
                            Encrypted:false
                            SSDEEP:
                            MD5:976AEFE9AD86359727C7F5CA90124EC2
                            SHA1:21A5A45D1B1A9A2542521E2E6D25A6F1C9166240
                            SHA-256:9A7BA4157D730B6EC069FCD2CD3EF90D3E694CAA0E42D13D75323EB602C4C091
                            SHA-512:4725AC5BB9050E2418506B08999574D3B47C1D4582C7DC38D1989E5F2CFA79EA17324F7F9430C22CB62DCDC3D987F2B0BA77CDB704E4183BD21693060BAD3705
                            Malicious:false
                            Reputation:unknown
                            URL:https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-theme-default/material-theme.css
                            Preview:/* You can add global styles to this file, and also import other style files */.@import url("https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin-ext");.@import url("https://fonts.googleapis.com/icon?family=Material+Icons");./* Theme for the ripple elements.*/./* stylelint-disable material/no-prefixes */./* stylelint-enable */..mat-ripple-element {. background-color: rgba(0, 0, 0, 0.1); }...mat-option {. color: rgba(0, 0, 0, 0.87); }. .mat-option:hover:not(.mat-option-disabled), .mat-option:focus:not(.mat-option-disabled) {. background: rgba(0, 0, 0, 0.04); }. .mat-option.mat-selected:not(.mat-option-multiple):not(.mat-option-disabled) {. background: rgba(0, 0, 0, 0.04); }. .mat-option.mat-active {. background: rgba(0, 0, 0, 0.04);. color: rgba(0, 0, 0, 0.87); }. .mat-option.mat-option-disabled {. color: rgba(0, 0, 0, 0.38); }...mat-primary .mat-option.mat-selected:not(.mat-option-disab

                            Chrome Cache Entry: 134

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (58316), with no line terminators
                            Category:downloaded
                            Size (bytes):58316
                            Entropy (8bit):5.544487366386742
                            Encrypted:false
                            SSDEEP:
                            MD5:6AD0160EF7E55046344194326BAF8047
                            SHA1:D29DA73025C94A5A83058F460CA66895632A443B
                            SHA-256:C77FA61B6C6BE144435E8C67CDBCA511E07F83D87709D96BDF269472DA1F287B
                            SHA-512:00A83D8E90DDD0E14AF046943E4FC7279EF614E381039BF5411E4C1E9998AE4411D02AB1EDC8B10B7C968B7D79E2394FECA3C6E3FA6311D557FC52AC26123117
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/polyfills.55f1c22607bcff8d.js
                            Preview:(self.webpackChunkportal_shell=self.webpackChunkportal_shell||[]).push([[429],{30704:(s,v,t)=>{"use strict";t(67795),t(29523),t(13991),t(12116)},12116:()=>{"use strict";!function(n){const c=n.performance;function E(at){c&&c.mark&&c.mark(at)}function p(at,F){c&&c.measure&&c.measure(at,F)}E("Zone");const T=n.__Zone_symbol_prefix||"__zone_symbol__";function x(at){return T+at}const B=!0===n[x("forceDuplicateZoneCheck")];if(n.Zone){if(B||"function"!=typeof n.Zone.__symbol__)throw new Error("Zone already loaded.");return n.Zone}let L=(()=>{class at{constructor(r,f){this._parent=r,this._name=f?f.name||"unnamed":"<root>",this._properties=f&&f.properties||{},this._zoneDelegate=new z(this,this._parent&&this._parent._zoneDelegate,f)}static assertZonePatched(){if(n.Promise!==Ft.ZoneAwarePromise)throw new Error("Zone.js has detected that ZoneAwarePromise `(window|global).Promise` has been overwritten.\nMost likely cause is that a Promise polyfill has been loaded after Zone.js (Polyfilling Promise a

                            Chrome Cache Entry: 135

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:PNG image data, 1000 x 630, 8-bit colormap, non-interlaced
                            Category:dropped
                            Size (bytes):303183
                            Entropy (8bit):7.990474437550748
                            Encrypted:true
                            SSDEEP:
                            MD5:37A7E4AA9A5D1C94C6ACA2841C9C9728
                            SHA1:B5290FE999F07CE51B3F9AADD75079AED22B9768
                            SHA-256:551F2D98CBBA13DAD00F93D52CF245355129E053C7DD5D4413F9803562903301
                            SHA-512:A6CB94C4E8F671B8DF443E45156DBE8105F30D875DC36672B319ADBA272BD52D6F7F44B021505E8F8C966589D232EBF65B6FD45D6876EC529E5FA762CD75E60D
                            Malicious:false
                            Reputation:unknown
                            Preview:.PNG........IHDR.......v......fXQ...KiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about=""/>. </rdf:RDF>.</x:xmpmeta>.<?xpacket end="r"?> I.:....gAMA......a.....sRGB.........PLTEooo:65721lllnononnklm...nnnmmm>98...2.-dhj=76ppp.../*)...kkl...954fggB=<732FA@:421,+=98ijk@;:cgi510JFEMJI*%%4/.,('...D?>@==FCB......HDCY]_70.>;;X..QMLFA9fik]..$! ...#..ZadPONa..LH@...[ZYhkmNJB&#"..._ce........ URR=52YWV......LHGY^bL..]abO..efeC?8FEE:2/W[]kkj)#"T.....adfGC;cdd)..KF>4-+....".:98...B....#T..Q..!..I...&.BA@Y..OVZRQQ=.....IE=F..gii[..TYZ$.5F@6.#+......VUU.!'%..JIIe..?0*TPO...QMEF92!*2__^6?DaefOKJ332MLLaaaA=6:.([_`A5/]\[aehU\`VNH...0%"I<600/'18.,,C>6%..:72B87QZ^;)$c..ijhP/"08=)((...JPR5)#a.....S5&*6=...5$.7..7..+..M@:XTS?;4C&.0..YRLJ).1../;C..'i..JSYCBB;BECKO655HB7)--..

                            Chrome Cache Entry: 136

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):16
                            Entropy (8bit):3.5
                            Encrypted:false
                            SSDEEP:
                            MD5:C30293D472F38A34B059E1117248F543
                            SHA1:EBEF1674A322180E73EDA0F9D0708C53778F0568
                            SHA-256:EA0E9DDA60F4154C3F8CAF8981979A52CE0896B14EE3508C015A1CA01B2D36D8
                            SHA-512:F86F2D40A6FB9D7E23F5EAFB30938A2A68CF236E054F93EFDDD40B43CECC65AB3133A93E7268F610A359B59FE157F016EBB7A2B6D4614235D466406E41E7CC9E
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkkOLe1jIJ2GBIFDU98_AI=?alt=proto
                            Preview:CgkKBw1PfPwCGgA=

                            Chrome Cache Entry: 137

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with no line terminators
                            Category:downloaded
                            Size (bytes):16
                            Entropy (8bit):3.75
                            Encrypted:false
                            SSDEEP:
                            MD5:3A53191B99F93CC2F6CD95C0E092BB37
                            SHA1:F946C0DC1D5DDB628E02A817A93185FE45BB7436
                            SHA-256:D08195102F6B0BB80D0D39682EECE68E27E0D4D9A549DFBA14158700CD15EB3F
                            SHA-512:C2C80B813A770A63A2DB643C96AFFEE75DFB1FC5351539FB4F75F0A41210AE3A83ACBC3A9C88F489FFF3DD686CCEA49CBE2F7FCC559944AD06B87DB1D8BAC25B
                            Malicious:false
                            Reputation:unknown
                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAlS4g7Ta8mThxIFDWxIHsg=?alt=proto
                            Preview:CgkKBw1sSB7IGgA=

                            Chrome Cache Entry: 91

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (372), with no line terminators
                            Category:downloaded
                            Size (bytes):372
                            Entropy (8bit):5.334608593666556
                            Encrypted:false
                            SSDEEP:
                            MD5:614A08C98EA7F3548FF8A6D7FB1170BE
                            SHA1:7B9A1925AD08AFD091BBF324D05F79794899B96D
                            SHA-256:970810885B5B1D0ECA99FD9415A2E64BDB09F9A2788DDD481444655944FCCECE
                            SHA-512:A9AC7B0831EF402ABF8D2B58E781FABDF5AF3EDE2D4E0F793B2DDE44C632E26598A563918E2027C82E3001E6B218A81F8548E8F927C9FC17AA667C54E92E699C
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/512.9bc87b909a9ebbb9.js
                            Preview:"use strict";(self.webpackChunkportal_shell=self.webpackChunkportal_shell||[]).push([[512],{80512:(i,a,o)=>{o.r(a),o.d(a,{PortalBillingLoaderModule:()=>t});var n=o(73064),e=o(70074);let t=(()=>{class l{}return l.\u0275fac=function(d){return new(d||l)},l.\u0275mod=e.\u0275\u0275defineNgModule({type:l}),l.\u0275inj=e.\u0275\u0275defineInjector({imports:[n.fC]}),l})()}}]);

                            Chrome Cache Entry: 92

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:HTML document, ASCII text, with very long lines (478), with no line terminators
                            Category:downloaded
                            Size (bytes):478
                            Entropy (8bit):4.963157681803416
                            Encrypted:false
                            SSDEEP:
                            MD5:2D10EE5FD11DB564B117AAF26C6C85E9
                            SHA1:53606494D1DA808FCC503BE6191DDD94015DFE96
                            SHA-256:F696E6FFE283A6926DDAE88BBF902A2C893411486A20F48F3953115BE2896888
                            SHA-512:EE67867D1EE7A27A0E53F50CE6CD0FF5D9E7CB31572F13529A85966C693E0858FB0C1832C15D815A0FAB28F7EA8BE4914BB7EFC929E3086B6A61AD1CBF9230F1
                            Malicious:false
                            Reputation:unknown
                            URL:https://api.heartlandportico.com/SecureSubmit.v1/token/2.1/field.html
                            Preview:<!DOCTYPE html><meta content="text/html; charset=utf-8"http-equiv="Content-Type"><meta content="width=device-width,initial-scale=1,user-scalable=no"name="viewport"><title></title><style>body{margin:0}</style><body id="heartland-field-body"><div id="heartland-field-wrapper"><input id="heartland-field"type="tel"><div class="extra-div-1"></div><div class="extra-div-2"></div></div><script src="securesubmit.js"></script><script>(new Heartland.HPS).configureFieldIframe()</script>

                            Chrome Cache Entry: 93

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
                            Category:downloaded
                            Size (bytes):48236
                            Entropy (8bit):7.994912604882335
                            Encrypted:true
                            SSDEEP:
                            MD5:015C126A3520C9A8F6A27979D0266E96
                            SHA1:2ACF956561D44434A6D84204670CF849D3215D5F
                            SHA-256:3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
                            SHA-512:02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C
                            Malicious:false
                            Reputation:unknown
                            URL:https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
                            Preview:wOF2.......l......D...............................O..B..h?HVAR.x.`?STAT.$'...0+...|.../V........+..2.0..6.6.$..`. ..~......[B4q.....t..P.M_.z...1..R.S*...u.#..R....fR.1.N.v.N.P...;.2........!Z......Qs...5f.G.K.an2&....2...*......C.H.t..N!.....nh.<(.vN.....j.._.L.P.t..Ai.%.............._I.i,..o,C.].H.X9.....a.=N....k.....n.L..k.f.u..{...:.}^\[..~5...Z`...........`!...%4..,...K0..&.a/....P....S....m.Z......u...D.j.F...f.0`I.`.`.h#..)(FQ.F!o$........S.).MV8%Rh...r...x...T]$.=......Y...!.3.&U..."....Q....{.l/0..d..4iJ/..}...3....i[Z..NG.WD...>.[U..Q.h..@m.=..S...1C2...d...<..v.?.q.f..n...OUz.....&Z......Z."..N.....n...9.B..C..W....}...W..6Zs.i.+Z........jB.n..x.8M.....q..@I....-.%..,C,..K..#.2...4)/.v_..x.<....t.....%[.4?.=j.V..jj''..W.u..q....I.L.=......E...\.M.7{.>......W........C.`...,9$......\..o........y...4A..m.P.,X..=?.:................wF`..+.P..........M!.4.......l.>M..t.ff5r..^..Z.g...!fA,hIIQ...e.R>B.AH.VuX..>..\.=.ky...1>C....>C.c.;...6D.

                            Chrome Cache Entry: 94

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text, with very long lines (371), with no line terminators
                            Category:downloaded
                            Size (bytes):371
                            Entropy (8bit):5.333200638529657
                            Encrypted:false
                            SSDEEP:
                            MD5:C72F94AA793C603DA26F0D31F1390B21
                            SHA1:F5197CAD06B35F241E9B92EAA10954150329A135
                            SHA-256:586EB78AAC23DD031AE06C7429D241958E4A87E5FF494C4C2ABDC2799D3B3ACF
                            SHA-512:23B4C0ED786E73936D1BB7F4869C680E6B0054C73F21172B82185F99B45926B0393E32D528EED6034F8767E62183B40D66D9CD3838DEDAD0C6943B29D47D5F3E
                            Malicious:false
                            Reputation:unknown
                            URL:https://pp-wfe-100.advancedmd.com/312.5741a208cd925cb7.js
                            Preview:"use strict";(self.webpackChunkportal_shell=self.webpackChunkportal_shell||[]).push([[312],{7312:(i,a,o)=>{o.r(a),o.d(a,{PortalBillingLoaderModule:()=>t});var n=o(73064),e=o(70074);let t=(()=>{class l{}return l.\u0275fac=function(d){return new(d||l)},l.\u0275mod=e.\u0275\u0275defineNgModule({type:l}),l.\u0275inj=e.\u0275\u0275defineInjector({imports:[n.fC]}),l})()}}]);

                            Chrome Cache Entry: 95

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text
                            Category:downloaded
                            Size (bytes):26076
                            Entropy (8bit):4.9491898169791035
                            Encrypted:false
                            SSDEEP:
                            MD5:FB5CBA4B1FEF7F473C2678ED4A25FB2C
                            SHA1:03F05E41D7FCA6D4BB8C0CA6DCAD86C17A896BAA
                            SHA-256:7D7DB4A3B65F03C2217BF8FDDF5B10B1B0AD02F99099DB11599E1BF397780574
                            SHA-512:5587CC292358554972ADCC4D07BB87513F16356DDC95C4A6E49D03E27D2218BE03F4329F23ABAF78949593E1DE270A840DDA60EA4BCE42D1DAD1002BCE0240B5
                            Malicious:false
                            Reputation:unknown
                            URL:https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/amds-icons.css
                            Preview:@font-face {. font-family: "amds-icons";. src: url("./font/amds-icons.woff2") format("woff2"), url("./font/amds-icons.woff") format("woff"), url("./font/amds-icons.svg") format("svg"), url("./font/amds-icons.ttf") format("truetype");. font-weight: 400;. font-style: normal; }...amds-icon {. /* Universal attribute selectors slow IE's general rendering and interaction performance on deep DOMs; hence, the need for a compound class selector. */. /* use !important to prevent issues with browser extensions that change fonts */. font-family: "amds-icons" !important;. speak: none;. font-style: normal;. font-weight: normal;. font-variant: normal;. text-transform: none;. line-height: 1;. /* Better Font Rendering =========== */. -webkit-font-smoothing: antialiased;. -moz-osx-font-smoothing: grayscale; }. .amds-icon:before {. font-style: normal;. color: inherit; }...amds-icon-4x6-card-selected:before {. content: "\e94c"; }...amds-icon-4x6-card:before {. content: "\e94d"; }.

                            Chrome Cache Entry: 96

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:Web Open Font Format (Version 2), TrueType, length 50296, version 1.0
                            Category:downloaded
                            Size (bytes):50296
                            Entropy (8bit):7.996029729235154
                            Encrypted:true
                            SSDEEP:
                            MD5:B02AB8B0D683A0457568340DBA20309E
                            SHA1:E18C3B8737970D37BE1BB85B0F588303A89E63BB
                            SHA-256:0D8601A776B7DC777CD23BC42392D05A43DF0D6402328E8913B58811083B513D
                            SHA-512:509792D83FE043CC84C560548A6AF42E43C7D94EEC0CE7B9C4B6C28FCA70C49EC77E65320D063A91209EEE7D363E03C7526CB2C2AA807766C5D213D3FC3174F3
                            Malicious:false
                            Reputation:unknown
                            URL:https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
                            Preview:wOF2.......x......U(..............................B..z..n?HVAR.!.`?STAT. '...@+...8.../V.....h.....>.0....6.$..x. .....c...[.EqET..v..F.&.....r...(.]p..,..[p......d.S.}....'&.1..xo....U.. ...Q...CVU.X5}$..bK........l~...-1I..nu.Vb..ZJ.u..Z.Nk'.e..?.....&.........N...$...........:..]..x]T...n.L....`...!JT.3x-....xq]..EEH.S..q....7.t....t...J.].A.*y...h..].,..{i....P.Z.\.5....6}9....?......Z.e..e..Q...k....K..=....hn..n..1........5`.#.c...%..%.bRm.&.M......#......73.....q.....{...3.%.....Q"Q..b....nTy.....,.lG..b'....V=.....g..DNO#%.C6.K..Q]P.GfU...q.0..Brw.P-.|....s...0....Z..1..n@B.....k.w..O..'.D!....J....M..._.Y....X.0.s..H...5...2S..S......e.....0..X=...n....HG.1.#N[J........$h..PA.;.^.?{."...)W.twu.N...h:......9....Q.R.L..KO.&E...6ky":.b!*.2.(J..BR@LPDE.#.b..v..p...v....wU......Nw'.<...S;.....'y/..b3..].v{.].N\.^...n.O\.vk........ ........Vd8?.n..$h[Z.}.._w_..N.O.O\..ne..@Bl2.Q[W...;...Z?...<.T.X".@.*..AZ......\.*.%..h...[....3..4,[.3HK_..8.v...s.)v.

                            Chrome Cache Entry: 98

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:ASCII text
                            Category:downloaded
                            Size (bytes):569
                            Entropy (8bit):4.896633254731508
                            Encrypted:false
                            SSDEEP:
                            MD5:71D6A57D21337114032CA39B294F3591
                            SHA1:ADA1D867672276F16EF4D3B8A46A519FBA8E3D4E
                            SHA-256:36B2057EB5EEF261A2CBB8C149DCF3A11EDAA15CCD8E3D462EB34999F5FF8F2A
                            SHA-512:BC5F5B55C2741FED993D5D25A36030028C388C8888EA2D1D1F24970AEC4F856CDA366940B99D54FF2D4D9AF16DF8DE39AB847A7BA2BE0B649DE1CE2C9E70A330
                            Malicious:false
                            Reputation:unknown
                            URL:https://fonts.googleapis.com/icon?family=Material+Icons
                            Preview:/* fallback */.@font-face {. font-family: 'Material Icons';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2) format('woff2');.}...material-icons {. font-family: 'Material Icons';. font-weight: normal;. font-style: normal;. font-size: 24px;. line-height: 1;. letter-spacing: normal;. text-transform: none;. display: inline-block;. white-space: nowrap;. word-wrap: normal;. direction: ltr;. -webkit-font-feature-settings: 'liga';. -webkit-font-smoothing: antialiased;.}.

                            Chrome Cache Entry: 99

                            Download File
                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                            File Type:Web Open Font Format (Version 2), TrueType, length 35020, version 1.0
                            Category:downloaded
                            Size (bytes):35020
                            Entropy (8bit):7.993805146945904
                            Encrypted:true
                            SSDEEP:
                            MD5:4361BDA06069CC38137AE964EBF1B7F4
                            SHA1:06C138B3DFC87B8095C03BB3BBA5209EEF93D44B
                            SHA-256:B71EA895A661F0C1E9930FC75CFA3D5F327220B4D613EAAF3E1C262739531671
                            SHA-512:50083C62B65305751A40F1C01746AD279BF4CFAD1F18631436AFD6D14109DE312ED43DC35A24217ED7116F89B254190ACA06D69516255AACDABE89EC1AB84A9D
                            Malicious:false
                            Reputation:unknown
                            URL:https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/font/amds-icons.woff2
                            Preview:wOF2...............4...y.........................`..p.....4....6.$..l..8.. ..*. ...E#r....H_5..]zT.u.....'.....v......a.RtNo+..kO.aq.n...k.q......|y..1WvQ..RX.Q`@....}.K.......?..,.3..'..A&..I.C...h.&.$x..B}...#A*)..T...Mm..T.;?_....Vo..G.'~F.>..V.u.U[w'n..74D..s~.......z.2..\p....j._5=.q.zf4....O..n..A..$+.m?%O.[}....$........s..E..16..X...1"..WDn.z..D.r."b..........:E1.N...J.N.S/ Z].^.z./.....].......]..}Z..i.I..e..x..|...6.W.J...........#...}...*.1{..c..+..........#1A#:.'.lL..>.....P.....7...<.......i..`X...p]..R4....QN.Y....2..C.r4;....=(..O.7H$.qe............F7$6...6...J.FS. 5C..,x....c.qi..q.....3[ Fc..."..3.U.....v7.#g..M3..s.^..L ...*AQA.E.?s...?c..; ..2o......lL.y...#s..BO;._.M./8.A...@.....8... ..............Od..&.;.......rMB}.y..L9....*..E.rP.C.....<pA...u..h.B.........4.,.8=...9.3Z5Z;.h........o....S.OY?-...g....?.{......4.9.%.n.bt.h.h.hS3....U.....&....L.6.\.....'..?V^Q.(s...L...)@..o.o..N_.t.zB.&..4.B..7.....%=..6'.h..6....M E...v.<..

                            Static File Info

                            No static file info