Windows
Analysis Report
http://www.hvacplus.com
Overview
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64_ra
- chrome.exe (PID: 6876 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t http://w ww.hvacplu s.com/ MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA) - chrome.exe (PID: 7064 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2208 --fi eld-trial- handle=178 8,i,124206 1703659770 1248,90942 3640960425 4493,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: | ||
Source: | File created: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
app.purechat.com | 13.32.121.25 | true | false | unknown | |
server.iad.liveperson.net | 162.252.72.215 | true | false | unknown | |
www.google.com | 142.250.186.68 | true | false | unknown | |
hvacplus.com | 209.87.159.219 | true | false | unknown | |
api-prod.eba-bnrzyg4w.us-east-2.elasticbeanstalk.com | 3.140.97.7 | true | false | unknown | |
www.hvacplus.com | unknown | unknown | false | unknown | |
hits-cache.com | unknown | unknown | false | unknown | |
widgetapi.purechat.com | unknown | unknown | false | unknown | |
a.mouseflow.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.186.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.186.78 | unknown | United States | 15169 | GOOGLEUS | false | |
172.217.16.136 | unknown | United States | 15169 | GOOGLEUS | false | |
34.104.35.123 | unknown | United States | 15169 | GOOGLEUS | false | |
1.1.1.1 | unknown | Australia | 13335 | CLOUDFLARENETUS | false | |
142.250.186.163 | unknown | United States | 15169 | GOOGLEUS | false | |
3.15.255.72 | unknown | United States | 16509 | AMAZON-02US | false | |
216.58.206.42 | unknown | United States | 15169 | GOOGLEUS | false | |
162.252.72.215 | server.iad.liveperson.net | United States | 11054 | LIVEPERSONUS | false | |
142.251.173.84 | unknown | United States | 15169 | GOOGLEUS | false | |
216.58.206.46 | unknown | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
3.140.97.7 | api-prod.eba-bnrzyg4w.us-east-2.elasticbeanstalk.com | United States | 16509 | AMAZON-02US | false | |
13.32.121.25 | app.purechat.com | United States | 16509 | AMAZON-02US | false | |
142.250.184.227 | unknown | United States | 15169 | GOOGLEUS | false | |
209.87.159.219 | hvacplus.com | United States | 36444 | NEXCESS-NETUS | false | |
142.250.186.42 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.186.136 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.186.99 | unknown | United States | 15169 | GOOGLEUS | false | |
65.9.86.59 | unknown | United States | 16509 | AMAZON-02US | false |
IP |
---|
192.168.2.17 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1501358 |
Start date and time: | 2024-08-29 19:26:20 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsinteractivecookbook.jbs |
Sample URL: | http://www.hvacplus.com |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 19 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | stream |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@20/53@26/201 |
- Exclude process from analysis (whitelisted): SIHClient.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.99, 216.58.206.46, 142.251.173.84, 34.104.35.123, 142.250.186.42, 142.250.184.227, 142.250.186.136, 216.58.206.42, 142.250.186.170, 142.250.181.234, 142.250.185.170, 142.250.186.74, 142.250.185.106, 142.250.185.138, 142.250.185.234, 142.250.185.202, 142.250.186.106, 142.250.186.138, 142.250.184.202, 172.217.23.106, 216.58.212.138, 142.250.185.74, 142.250.184.234, 172.217.16.136
- Excluded domains from analysis (whitelisted): ssl.google-analytics.com, fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- VT rate limit hit for: http://www.hvacplus.com
Input | Output |
---|---|
URL: https://www.hvacplus.com/ Model: jbxai | { "brand":["HVAC PLUS"], "contains_trigger_text":false, "prominent_button_name":"unknown", "text_input_field_labels":["unknown"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false} |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.993964180287572 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6B82F4260AF8E94C3FB3653C30B4FFDC |
SHA1: | 0671B2EFBE9F7439AD8A11925ED5BF1ED4EE67DE |
SHA-256: | 49722DC604680F9AA80939AF66A04B46034AC50EE1DFB80A1E0D0D2BD8C01FEE |
SHA-512: | 096817B18912ED0072F75F7CE2C561EAFC5A38496AA9C5BB9CB595F65D8E159072696DB8F33E61C520277EB9BA3643A9BFD642A812DC7682B8CB62368698AC85 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.007483973600642 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7D2A1D9B26D0ED336C6AD7BA746162BE |
SHA1: | 76779ADA50F1922960B0447A475B6BDB4F58EBFF |
SHA-256: | 7F61D2A7323C5E66CFF0A086E4E3587D741F459F1EAEE2FF69765BE35C1D934A |
SHA-512: | BB8757AD23611B0F98DE3CE3FF5196548F17D8167A33615F4164B34BDED99C994A6A507CD6C342FF716EB6A112D635242D8ED3BE2806DCBBD2A061B9A065824A |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.0171363292685145 |
Encrypted: | false |
SSDEEP: | |
MD5: | 30C60FDBC93E06797BFF073F231B52FE |
SHA1: | EFB64C27B8ED2D44E8F2911549BC6402D147392D |
SHA-256: | EF70705BCFC346E2C485C12949DADA775A33635AF89CB1DC662C05C9DCDF3071 |
SHA-512: | 5E9D99287018250ACB910E0B2E7BE00099A6BBD43653B24900DCAD55D99AD7E7C996A9960565433170177AEBF0E853292C8B48B932B692D7C3E0920B068FF3B6 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 4.008334119758939 |
Encrypted: | false |
SSDEEP: | |
MD5: | 23B4D0818652BA61B3AEF239551F50E8 |
SHA1: | E19D261BDA636D171564D7F9EC2EFDBA0C22CFA4 |
SHA-256: | BD87CEBBB9B687B93ECB1512060276A65D7BF7FE85254B06CE9A9F5E38CFFDFB |
SHA-512: | B3B7729DB5B8990504E56DD1EA8DEC49052BA6C0D3B0CB4159A4F6CFC727315D6D37E7EF430DE0080474FAC4AE72F368335AD0D30BFE99447F18B7EEA8240750 |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.996707446077396 |
Encrypted: | false |
SSDEEP: | |
MD5: | DD44BC9BBE0E2802BBFADC6B5807DB72 |
SHA1: | CC26060AA73ADD2DE58FDDE60A9B4F32CA989FD8 |
SHA-256: | 95CFD80753F48032DB784C240AED7E4297EC53875B4537C12E68AC357DF40FC9 |
SHA-512: | 8A1AA96BD02BA9015E51CAEBC2D500CD9827BD900D6283F110877646ED65471940B686AA255E7A05D7F1E4F844ADFEEAB6E54B593EDD09C69E60B7D39D9E515D |
Malicious: | false |
Reputation: | unknown |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 4.007144828356892 |
Encrypted: | false |
SSDEEP: | |
MD5: | 2DABAA2AE1F08B206823092B19E4DB19 |
SHA1: | 3DEDD4C40E66D36F75C8F0FBC1FCCCB12BF7D484 |
SHA-256: | BE1BEF4F79F3ABEA418179033D4F17B8046C2B305FE18268F968D1E64A7C8B24 |
SHA-512: | B5F717D9C53009D9F8D49AF28AEE2342219DBF9FFB19EBCB5C82C903A69AD30F2CE750F323CC92D856BB14DFCCD39AA90813CA612B67E52BE90EF2C944F40381 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 163313 |
Entropy (8bit): | 4.930081767182207 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3B4B13DAD33B475E11FEB26FD3468ECC |
SHA1: | 3D542E33A9F3EB3CB45E06FE93D08DD4B7490496 |
SHA-256: | DEDEA3AA22A087B3745C9635E7A3D65E772D57CE590B541A6A32069A0B1D60B9 |
SHA-512: | 5D48F1CA62332A5E9FDB08352E778C4DDE3CACEF1AAB159085BC6EADCE55A0E7778E626DF0C9D96473355E325C12E9819E82D28F75906BEF597611B3C388BB05 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 14189 |
Entropy (8bit): | 4.348919712797976 |
Encrypted: | false |
SSDEEP: | |
MD5: | C16ED6F82B78D8F3BC07DE6F5EBD8EB6 |
SHA1: | 9E50D8FE0FEB418A67F036E6B9C5F63582CF2A20 |
SHA-256: | CC25A6F31727452533E6170A15BFC3010D54B1CC4661836905F226F0BD41F1C0 |
SHA-512: | 4A5C1B4D7578CC55B888021C3F5B3874DF8C4E99B35D02D3CDE8509110FADD9398EC76A13EFF9847A571F2245044572B06F4DB4C06B1F1609E705FD954AE54F1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 6666 |
Entropy (8bit): | 7.90632114382104 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1395EC3BE5A9C84CDB9FAB8E43B8C0E2 |
SHA1: | 97CB41079E1FAE1CD2EAA557E00A902E142A8102 |
SHA-256: | 4A21CE2915E3C31FD07B52D5CF269D850D694DEC353465954C8E475DAF6B9525 |
SHA-512: | 4B0B5CBF425A1B63BA1F3F4FB8D8148983C6D1D81BCC9E29B5EF732D641B28A891AC9A21D60BE344F46D1205957B5BDD1986176BD6FA68D02875B64F1846D4BD |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 10421 |
Entropy (8bit): | 7.947620548164858 |
Encrypted: | false |
SSDEEP: | |
MD5: | 40500026F1BF9E47D09F6F813E7BA011 |
SHA1: | 6AF90B7EB716BAF01FBD8D08B5BE5DB933166A11 |
SHA-256: | F35ABC6924291B0686A2A36180AF050D9A79BB3AAA3DA0C3227C58711518BA4A |
SHA-512: | BDD0AA415970DF88DF6962820346193B52E27F9407AC7B621CF098FA318629AD42BAE42293D478CDEE99394CB0EE7F3D500F7438E1B61B6DF8FD08670A3DC153 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 747 |
Entropy (8bit): | 4.756332367779961 |
Encrypted: | false |
SSDEEP: | |
MD5: | D3E849BE0977D53DE4AF933B40293FF6 |
SHA1: | F6D83810DA46CE18315E04B19C8011BAB2D9620E |
SHA-256: | 71EFC700B9091F1449E2C952536CF7281ADED3A30A96E44BE5D06E606E2904BD |
SHA-512: | 2019DC8E9E2462514A2A3C5E8D4181C03A7D89B1846624844A78367C59CD9A35573F8FCCA22A734FD635736295F90A9241B2D2665F06F880BF0E7D15001D6A2B |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/lib/ccard.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1476 |
Entropy (8bit): | 4.952950895589963 |
Encrypted: | false |
SSDEEP: | |
MD5: | 0371B5A2D50E985B09B7D337EDC0DC9F |
SHA1: | 07AD383DE4CD0E21C289E3C6695B4822D1A7AD1D |
SHA-256: | 4DC77EE90DC2225B57B31D28FE06213CD6C491BDC7249A6E70EBD003B72C5702 |
SHA-512: | 45685C0B5F5DF00DEF13B9295EAE997B819C3DF19EDC3416B9E9E15C06DC1A264E6AA1A88CBB56C22B7579E33D8CB18716FF219F0A57DDB9492868D3B1FD87C5 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/css/owl-carousel/owl.carousel.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 149 |
Entropy (8bit): | 4.9705381723670605 |
Encrypted: | false |
SSDEEP: | |
MD5: | DB7FD83A26B7622AC99AFD28D72570AA |
SHA1: | BF62DDEA48FFE5F88129CD3CE822A59970AFE117 |
SHA-256: | F5AEF01FBC0F4C3DDDB3D6F52D0F7673D1A64B50BB0761B80A628899AE212FF1 |
SHA-512: | 4E388A20DE79C5298B7A612C6E84F240F8DCE6D49819675BD8FC4FA77CFF1C3882D4EB1A41AAA81A4426D448D8C21E6E054B777C62C08F4CDABF86A53909EFBD |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3848 |
Entropy (8bit): | 7.793473345202653 |
Encrypted: | false |
SSDEEP: | |
MD5: | FC5BF61BF1513511EC3866FA572EF06D |
SHA1: | 838A5391605F874EBB5E19072A2B46105CE92179 |
SHA-256: | E57E62C5761981D416F9A4872E8B6388C1911BE3B0ECF5ED3D626927FD73A41E |
SHA-512: | D7AA7AACBEBB3CD6CA3E3F1D310157C1FDB3398413B6A77BD364072CDC3E168709E5C8ACCF67A32A9780AE80A50BF181D2BEC93D65B136979BD56E3DCB5DB3E7 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 28788 |
Entropy (8bit): | 7.97420661954564 |
Encrypted: | false |
SSDEEP: | |
MD5: | 42861B52EB125CC4EF1DC09A4600D244 |
SHA1: | 108FB1753E4D3543836BACDDE8EDF870D7017C60 |
SHA-256: | 99A830C1CEB54F5988C137EE498FB9900BF2502424D3C7059DC1F456D962E546 |
SHA-512: | 5857A2C11B48F8B14153060CD80634B39BC8945FCA193ABC1C2D5255BB8403097B269E713FEA8511BC098F29AAE86D1361D3860E21FF0CBABDC4FD1F3311C8E8 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 30 |
Entropy (8bit): | 4.481727678869736 |
Encrypted: | false |
SSDEEP: | |
MD5: | AA385DB0EDC8478D5F7C7AE23E4B42F5 |
SHA1: | F6D2E6601482C47E4A1A832E289C1F2A1F53CBF3 |
SHA-256: | CD58ADC4794B80A276F5EBBFA5A2033A8C456FD1F3FC391A072CF3327919F0A0 |
SHA-512: | DA91207C3BA857B19CEDC6D11DA298B32AD2859DD438A18080F7E51FE4730643B14DF613ABDA92B515B9F0563DE4318012A871444C5F4B077827D3AFF5B80B93 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/noconflict1.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 149 |
Entropy (8bit): | 5.0117576988776396 |
Encrypted: | false |
SSDEEP: | |
MD5: | FE974175C1269E8A77C23DAD5FEE8267 |
SHA1: | 8311D07649E8376BDF9829E274D0ADEAA8C93285 |
SHA-256: | 1C61EA6E6F24CB0C625638F6237ADC8C1AF02B969830B833A33A7B7DF9925435 |
SHA-512: | 7B0561C9D08765612175870E156FF8107701B612606F0187D16DE0DF8586512A4E4E2DE7BBD572FD308BECF0CDB602DFFBBD1E2AC9E566306619B963FC477BA1 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 57839 |
Entropy (8bit): | 4.968078186991384 |
Encrypted: | false |
SSDEEP: | |
MD5: | A4679428221DFAD03E7BAF255283A049 |
SHA1: | 772B8AF341CE7400416E3807423D180479AEF382 |
SHA-256: | 77C72487B165C1B634B0C60B8973983EA2CCF6724B2D383089BBD01922F36114 |
SHA-512: | 7861459C320588720AB62CAF4F61FBE5BC1052F9B15028CC38877807A0F90EA0ECE3E9A620644557A9E638FF5AD0A2344D769D917062C993626CD012DDD02949 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/css/stylesheet.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 149 |
Entropy (8bit): | 4.973158034954733 |
Encrypted: | false |
SSDEEP: | |
MD5: | 67A67353C8B5EB4F1C797F806DF4E496 |
SHA1: | 31ACC1726D6C4A0DFA11B9A1C2BEA790E9BC061B |
SHA-256: | 115C7BA3E4E952B3625903E2814438928E02092D5C211CE23CBBD9EF15D9BA61 |
SHA-512: | 0AC7124F5A43369324D03CE76D0D7DF66976708A50AAE31C761EE08FD8BFC5F196E9AA74B2ED35004597D296D54F84E686E86399410210E0DE84A4E5BE64BC50 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 146054 |
Entropy (8bit): | 5.019637412269734 |
Encrypted: | false |
SSDEEP: | |
MD5: | 071E62CE5DD692147A8C1911143780BF |
SHA1: | EF2A8DF6E2079CB152634B51E6B97BF5D8823AB6 |
SHA-256: | 883301D7C63848F2E028162692201987530E219598357E475826A847722AF58E |
SHA-512: | E5BB6D1BAF8B3B017F26F1E3604269301F10F0F8236B460C2D479F5A4AC3C28C390EDFD3DC87DF70B186688C0AD6BB42704BEB4E2ADEB6D503BDA0098AD59A43 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/css/bootstrap.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22388 |
Entropy (8bit): | 5.340794659982224 |
Encrypted: | false |
SSDEEP: | |
MD5: | CB6AFEA6EE75D2FC22E4A22512425465 |
SHA1: | F91258C83A54D1D44DF8637909885B300B5D305B |
SHA-256: | 31FE46164CE2459191CA1F7727FD742CE01833EE4F705459E88D43F53FCC9F80 |
SHA-512: | 91FDA973E0A4490AC58E5F3881A5600E41721DB09714047CE3666C680961710DC060D454FA1A668D8D43A21D9D8358CEF90BE89D199AA9BD4124D32F9F8FBF0B |
Malicious: | false |
Reputation: | unknown |
URL: | "https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2615 |
Entropy (8bit): | 4.881101201043646 |
Encrypted: | false |
SSDEEP: | |
MD5: | 910C5ADFACB3E86D4DC3ABC4A03F6B72 |
SHA1: | 65BE7735A29AC72E765198DAD4DDD319BEA7B53E |
SHA-256: | B1D9327FE157838B4122333C2EE40550F54F2E38FE58BB16A8FD76F14DCFDC19 |
SHA-512: | ACDE516CCD23A71E6CEAA6CED8DB7CE298BFC5E3B0492A29B956E599D6E6B2EACB4F1673D1151F395DED6A5A719CCD6EF659851330810313785368819560A61B |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/mage/cookies.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 34797 |
Entropy (8bit): | 4.828516742895271 |
Encrypted: | false |
SSDEEP: | |
MD5: | 8C414E1787C0AC9F10B16B252361C8B2 |
SHA1: | 30C994521024E01FCBCEB82D58CB9B6B4D4C7E62 |
SHA-256: | 394EE4643D5C3FC7D0A671052576E3E7250E6CBCCC407772679A359CE59F2794 |
SHA-512: | 9BFD70BCCA48C51A13A5EDBE65E672A31EB1D042555B3349058783CF72C4609E12FC595A26D7EB033979870D10D3A1CBEACD7271E62B142615F13F0E57F8F9C9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4774 |
Entropy (8bit): | 4.902798241592569 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9A99F8D63C137A15FE584C7DAF86E240 |
SHA1: | DFAB14B10A2396A65D6A1F27E4C2DD162C590C24 |
SHA-256: | B1AE8E255E4302F0C4F75209EC7DA74F4D165F12BC369A49DAE1CF2C60B6625A |
SHA-512: | CA79F53785550CC08082ACAEA81FAC7569683EA2516F6729C095DF20F0B75871FDCDB7174CF76020EB4A123E2FA751AA70C26CBA2DB41CD824F7ABDB3D8C22A3 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/pmatch/css/style.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1150 |
Entropy (8bit): | 5.248434505777206 |
Encrypted: | false |
SSDEEP: | |
MD5: | 88733EE53676A47FC354A61C32516E82 |
SHA1: | A07B8EB3FF62A59CEEE8E2B0D082B9E3FFC2317B |
SHA-256: | CE2DE4B3BE943FD5414DC6F3190D332FC9F6369F5DFBF6366B00B261ED02A4CF |
SHA-512: | 3E4D45904EE4036F7A151A2F40E5AEB1709077E59696177A8D8AC200CAC43196C28496F8974A34CFD8706137BE9C660125FFD70BC40BBBD7291F12CB8BCF1864 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1163 |
Entropy (8bit): | 6.412920908872005 |
Encrypted: | false |
SSDEEP: | |
MD5: | 36F1943AE5E28A38FB0C5F81BFC37103 |
SHA1: | 2B91B1A9933023F6CD2CDB1BDF1F3FCD5922D34C |
SHA-256: | 2D1E85A5D99BF3E7187D1FA19A17EAF9CD4C79579C687CBB539A2DEE3560349E |
SHA-512: | 35DE5255B569A8B8696B6CFE4408ECEBC8B69531E84A9DEC0B620743E640DCF108570677F645856C6B7B1CC3C8F633C4216248D99E52FC213C3F05038CA72AA8 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/images/bulet.gif |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 34849 |
Entropy (8bit): | 5.4283179061895295 |
Encrypted: | false |
SSDEEP: | |
MD5: | 7184520C667B0BEAF6492E25D79A8DF5 |
SHA1: | F6D2C8A273B56277185D9803FB47DAE49A4E6E78 |
SHA-256: | 211393B09AB7FDFBA9DDB5F6135625E6674613FD89B872D258AB535A348D2ADB |
SHA-512: | F52D3EA03064E485E970DF8D7AF6244F81D7210B138D7E21B2C804EBEB53E4FB7DCB9A1A999FD33A0598ED9490262A14DDFBE633396BAA4EED1F9EA6D7B7E924 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.875 |
Encrypted: | false |
SSDEEP: | |
MD5: | C6CB4F21C7DCEB18C48B802BDE96868D |
SHA1: | D44E74B07ED4E8267728C2BCDD16599E9110D05B |
SHA-256: | B77A3071A80FC28A1E314D251064103CF265866101F7CDCCCF00B77C80484BD5 |
SHA-512: | 8C65A0458DD4A8B93AEEA70A0CA67DB43B6E1C0DAAB17B7091449335532F3F5489E5B8A1617B42B99EE95B66CD8EF3E572F537121C9960743E100FE560F4C0F0 |
Malicious: | false |
Reputation: | unknown |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAmjtX8M-_pNXBIFDT0fUzw=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 10269 |
Entropy (8bit): | 5.104720784166663 |
Encrypted: | false |
SSDEEP: | |
MD5: | 9A848FC34BB15AE4BB876112AA59C4CB |
SHA1: | 5D544914F4F5CE7F788861545905AAB491B96018 |
SHA-256: | 8EF84C396E6431DF5E29E49C43E1F557A9F30EE8231BC5D5C8E54AD97D16D15E |
SHA-512: | D43B55FFF4F7B512F6DEE175B3F76D3C0D65D0BDAC883889794FE2750D9B86B0D1286A663987AFB6079DB10516C4295805ACE459C1E7F16EAE63865B4D18D721 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/css/responsive.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 14008 |
Entropy (8bit): | 5.256792074023561 |
Encrypted: | false |
SSDEEP: | |
MD5: | B8D990EC68FACABAA5E427DDB18AFCF7 |
SHA1: | 8984ECF8CFE7E234719CECA6033B4C31436A0C51 |
SHA-256: | 467D16A975F33CB8685EF8BE6C95CEA856EA7929840EC89914886C6236BC5143 |
SHA-512: | 640D3A427AA1E868863E1FA393AC74A1E1370B11C71A61C3810757958315B62FA82A9EB61466E77B508C25B111F365C84DD4EB057332A07269060C378CDEE7B4 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/jquery.bxSlider.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 95992 |
Entropy (8bit): | 5.391333957965341 |
Encrypted: | false |
SSDEEP: | |
MD5: | F03E5A3BF534F4A738BC350631FD05BD |
SHA1: | 37B1DB88B57438F1072A8EBC7559C909C9D3A682 |
SHA-256: | AEC3D419D50F05781A96F223E18289AEB52598B5DB39BE82A7B71DC67D6A7947 |
SHA-512: | 8EEEAEFB86CF5F9D09426814F7B60E1805E644CAC3F5AB382C4D393DD0B7AB272C1909A31A57E6D38D5ACF207555F097A64A6DD62F60A97093E97BB184126D2A |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 10331 |
Entropy (8bit): | 4.802982265491155 |
Encrypted: | false |
SSDEEP: | |
MD5: | 6043F96A71D2685FECD02E2AB99E84D9 |
SHA1: | CFE4B5B08BBA43C94897082EA3AE62329BCCCA40 |
SHA-256: | 727EE107A8036E193FEF85E1FAF9E1EB145D25D03A4AA73D6DB7C5AD71118797 |
SHA-512: | 2DC0B2793FE0FC56B60BA63E271E225E6C3AD1ADBB76EC99DF4AAE01077DD37E47CDD438147B4D985D2E26DE7319D9262CE923FB0DEFF0471C1BF0165FBC9031 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 14616 |
Entropy (8bit): | 7.940279047514479 |
Encrypted: | false |
SSDEEP: | |
MD5: | D955D32F99F7C751AD086C3F0A79A6B8 |
SHA1: | F2AB1483A3166CDBE16E6420BCD9306F203AE4A0 |
SHA-256: | 160675D7912FA2B5AA5F332DB869D2869C2B7B4815BD1CB3F016D90EB6B6B27A |
SHA-512: | F8CEEA0F73B79A3D6FF610D004583FA479E51B1FF7CC5F9EB217633A3901512A4753CF1AC0372FF48D49F9A85DE880730D91F4E8AC0773C54D32688C3350A087 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 170 |
Entropy (8bit): | 3.8075027245798485 |
Encrypted: | false |
SSDEEP: | |
MD5: | E7D292231AA604DD7A497B19DE346488 |
SHA1: | 1F07D9260108958960A187AD36A1BF20618AD1CF |
SHA-256: | BEDF333584002E5C2AC56B78C195F40243BB143991F9C783250E74D27C637C47 |
SHA-512: | 08428A755864CB8447D3F2D4DB3D33CBC2E7A398C38034528BAFFFD4620D76098D214EB91E058AD542C03CC332B6C89B11F83127890574C2F97701C48B1E9226 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1665 |
Entropy (8bit): | 5.221389230587169 |
Encrypted: | false |
SSDEEP: | |
MD5: | F23CF727E4FCCA9A5470658DA5E755C9 |
SHA1: | 98C420DADBA613AE097236B8A54138D0A5FA94CF |
SHA-256: | 91EE720F3C25EC6B209D88019C20E2592340FF1FE1C94F3D5431E5FD1E77E5DC |
SHA-512: | 8AD17FF48FCD8A063DBB8BA48F0F6CEFF906E920BB2C9E50E2944D3274DB19902C3B8FD14947A57D5B98064F00912936DEA11CB9C22A754973CE9CB6A9FEE31A |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/css/owl-carousel/owl.theme.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 38745 |
Entropy (8bit): | 4.8723768620636045 |
Encrypted: | false |
SSDEEP: | |
MD5: | D795089F95A22306CCA9B337C439C65A |
SHA1: | 5DCD6AE86DEC74E0E481ECA75CC12836933416F9 |
SHA-256: | 328CAB78EBB3E3C4E94E23B87630A56AE7AD2DB686ECD1D69F93176318B6F82D |
SHA-512: | 5EE5571B9063EA1174E2DE1B16A1CD8F2FF8239D62AED6EF53B6E6F087840822CA4C31E13CCDE891071C603B75213CCD16D1FC03312C38CB027014C214F5E7A2 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/scriptaculous/effects.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1597 |
Entropy (8bit): | 4.73302274814688 |
Encrypted: | false |
SSDEEP: | |
MD5: | BA0EDA44563ECF432EAABD5C681D7ED5 |
SHA1: | 6E69F1A8F1CF740143117FFEAA6CC74A83E65B5F |
SHA-256: | 25EDC1009C82ED5E4A65744AED8ED743F2E32CEEED36EFD46822A04D1469388F |
SHA-512: | 7770F168D74026DBD700042FB8CAADFCE22A64F7D7B060883BC24AB005C64E83CE82A3AA60B64283777F3BBBDEB8DDA0586092F9995E31B10EB5F131B42B21FA |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/mage/translate.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22592 |
Entropy (8bit): | 4.638913438341276 |
Encrypted: | false |
SSDEEP: | |
MD5: | BFF5486446E27AECEB7EB73DE7756C17 |
SHA1: | 24049C8F3C0511A5CBBE65D6A0D0FA852E255D1F |
SHA-256: | 349778AFE309CF47E57CBC2D17E7F220149A789A52E7D3E941A63BB4C165E6B0 |
SHA-512: | 7B7EF5283A53F3057C512793AA9AE9A1F2DBA592161C37528FC60F3268EFCA43E101BBC82E9968F20945ACE6C316222254B59656499335E41562718C1227F72B |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/varien/js.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 6157 |
Entropy (8bit): | 7.902782837059821 |
Encrypted: | false |
SSDEEP: | |
MD5: | F15CC7D981126EEDF11C6C8C4734560F |
SHA1: | 78C24A34F97FC47C9B61DE33B0363EB694DE28AA |
SHA-256: | C0DD3F2DA144DA86F1694E0495DA72371F0A4B6D3FEA8D7ED7C7C5BB205E5EC9 |
SHA-512: | DDF739D37E8499F67153332A1BD9ABF1E1360046D8138422DBCBE1B4AB3B9346613A0B9BEFBB66E59025485EBDA71280426A3BEA4DD56089CA88CF51097778B9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 46274 |
Entropy (8bit): | 5.48786904450865 |
Encrypted: | false |
SSDEEP: | |
MD5: | E9372F0EBBCF71F851E3D321EF2A8E5A |
SHA1: | 2C7D19D1AF7D97085C977D1B69DCB8B84483D87C |
SHA-256: | 1259EA99BD76596239BFD3102C679EB0A5052578DC526B0452F4D42F8BCDD45F |
SHA-512: | C3A1C74AC968FC2FA366D9C25442162773DB9AF1289ADFB165FC71E7750A7E62BD22F424F241730F3C2427AFFF8A540C214B3B97219A360A231D4875E6DDEE6F |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 48236 |
Entropy (8bit): | 7.994912604882335 |
Encrypted: | true |
SSDEEP: | |
MD5: | 015C126A3520C9A8F6A27979D0266E96 |
SHA1: | 2ACF956561D44434A6D84204670CF849D3215D5F |
SHA-256: | 3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA |
SHA-512: | 02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C |
Malicious: | false |
Reputation: | unknown |
URL: | https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4148 |
Entropy (8bit): | 7.818684553520774 |
Encrypted: | false |
SSDEEP: | |
MD5: | A3BEF944586B37B28D170E850551F499 |
SHA1: | C464DDD32075121858315BD07DD1DBB0FE895596 |
SHA-256: | 1B879E27E1862257774AD8B444F9CF2D69CC043C597FD442369C6E3923969299 |
SHA-512: | 24B9EA5F7C3BDFA0028F381CE617A2622E98D291E7756C31792532768523474F2D162A4D953ACE90B3491D3A8BFA05D7F208D544B700FD120C379E9076F5F609 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/images/pay-4.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52797 |
Entropy (8bit): | 4.029688138268403 |
Encrypted: | false |
SSDEEP: | |
MD5: | A5F96C62D75BE144282EF6CC429A6259 |
SHA1: | 99A600283194105BE6679B4A7CBA8AC27A8C455A |
SHA-256: | 9221608A4DF26C3A67D553A85EA42269235CA69D2FF47419148853830D5CEA2D |
SHA-512: | 214A522A93CA957B8FA2489838D119506FC7E1CD6BC385666C676704A075F2A9BFF636E7C50E11BF90DAF6A1260778486B79380F144DA197C1E854E91119EE39 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/owl-carousel/owl.carousel.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4711 |
Entropy (8bit): | 5.035611430609867 |
Encrypted: | false |
SSDEEP: | |
MD5: | A14A0DC196C6CC41C9669AC1F87D80DD |
SHA1: | EA4AAE9A6A9382714DF8B9ED6CE2A35265FF8A7B |
SHA-256: | 431D674CA250CC2B5A1C8E1F023D408149CDA1169ECBF57D04009A116411D1BC |
SHA-512: | 35E12608A69A143CF09689DDAC940227C345A18D6FB251078A1963CC072FACE89B5F43148ADACB2C45FE5107CB26D8CABE90A7AA8AD55B100A339577DB307AD9 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 17753 |
Entropy (8bit): | 6.887025176623594 |
Encrypted: | false |
SSDEEP: | |
MD5: | DEF739A9B7259AED34C75BD549E59E49 |
SHA1: | 57033C7FA87F75537DB049F29F8821D208287D76 |
SHA-256: | 3D6B6EEE4E6BFEED58D3AD23159AD229DEEDD8CA20E25CCED6A23CF1B7A9CEAC |
SHA-512: | FCEB95CC788BA9CD52E3BDFEE4011FFD021E237E5D3361E49FBC3DC9CA28C592412FC09D5FA43C38A9E3B51E839D894E2D489E76F2A158BEC09719907A7F2C3D |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 12080 |
Entropy (8bit): | 5.270301680783571 |
Encrypted: | false |
SSDEEP: | |
MD5: | 3CC943CF82FE16508CED6EE433E4845C |
SHA1: | 4C77F08560EC485125148699D556AB07BCD50F79 |
SHA-256: | D70317ECFD90A7AA5D068E210DE6940A0F1E473275526EAE00400B9D141FF41E |
SHA-512: | 7B948F5ACD130875B968474A0B421DC88DF90712E37D2CFBA8912F8B6A021C1991B5CF8E3FFD3C88471E75E4A09203D9FF9B3DA762AE4F4B888DE22013EB0930 |
Malicious: | false |
Reputation: | unknown |
URL: | https://app.purechat.com/VisitorWidget/WidgetScript |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 36868 |
Entropy (8bit): | 5.176279342143451 |
Encrypted: | false |
SSDEEP: | |
MD5: | C5B5B2FA19BD66FF23211D9F844E0131 |
SHA1: | 791AA054A026BDDC0DE92BAD6CF7A1C6E73713D5 |
SHA-256: | 2979F9A6E32FC42C3E7406339EE9FE76B31D1B52059776A02B4A7FA6A4FD280A |
SHA-512: | D9EF2AAB411371F5912381C9073422037528C8593AB5B3721BEA926880592F25BD5DFDEC5991CDFE5C5EF5F4E1D54E390E93DFD3BCA3F782AC5071D67B8624D4 |
Malicious: | false |
Reputation: | unknown |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 31066 |
Entropy (8bit): | 4.801922269100877 |
Encrypted: | false |
SSDEEP: | |
MD5: | 046759400DB7A6096376E50110104EDD |
SHA1: | F02BE2B96396A9A9AAB71B17CFFBC77F025FC906 |
SHA-256: | 1B88542D1458CD86DACD3DE3CB9635DED83C01EDCAE01BE5F49451611985CFF8 |
SHA-512: | 0A37E1983F0E6C31A6D0B8B9DF98338AC5239B46CE053B0153F4284B96910A0A9B02D70558D1CF84A5864653C0E17D74B5080E4DAD0CEE13C2B00D51513580C9 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/scriptaculous/dragdrop.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4744 |
Entropy (8bit): | 5.035600989545859 |
Encrypted: | false |
SSDEEP: | |
MD5: | 1174F6FC34CA5D54BA10B0C719386E7C |
SHA1: | 08B8E5917B089105DAD96850C3BF99B7183F292F |
SHA-256: | 8A2E4F92CBA8509D0D26255BB950E4A53345FAD6C1B38DA13448B9C7A561832A |
SHA-512: | 0B93CE208E2B111F55D474E30DC6E1B840BBF7D3025DF51A03556F252CD2007D4387E25E80BEBE7D3826E0B1C6017269D30C863FFEBCBA65FE830BCCB6E81C68 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/scriptaculous/builder.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 39080 |
Entropy (8bit): | 4.719371266141512 |
Encrypted: | false |
SSDEEP: | |
MD5: | CC33CF31BFF59331AF843B9EE17F0F69 |
SHA1: | EADDD4B2E062290575F69B5418CA258F2334890C |
SHA-256: | 76493B037686B5C5CF4DB0AA1C5245C09158D6BEDEFDB382AA2AEF474A0C154E |
SHA-512: | 75C7E06CA1A92AD340C593D04222B6AF75D05A3A97F66952FB4C41F896E1441E6F5E2994BE4312D36EA46D74C11D17ED139639155C15569ECB87A80DBF0A7534 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/js/prototype/validation.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 66624 |
Entropy (8bit): | 7.996443365254666 |
Encrypted: | true |
SSDEEP: | |
MD5: | DB812D8A70A4E88E888744C1C9A27E89 |
SHA1: | 638C652D623280A58144F93E7B552C66D1667A11 |
SHA-256: | FF82AEED6B9BB6701696C84D1B223D2E682EB78C89117A438CE6CFEA8C498995 |
SHA-512: | 17222F02957B3335849E3FE277B17C21C4AAF0C76CD3DA01A4CA39C035629695D29645913865B78E097066492F9CEE5618AF5159560363D2723BED7C3B9CF2A8 |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 27466 |
Entropy (8bit): | 4.752060795123139 |
Encrypted: | false |
SSDEEP: | |
MD5: | 4FBD15CB6047AF93373F4F895639C8BF |
SHA1: | 12D6861075DE8E293265FF6FF03B1F3ADCB44C76 |
SHA-256: | DDD92F10AD162C7449EFF0ACAF40598C05B1111739587EDB75E5326B6697C5D5 |
SHA-512: | F8BE32CBA15170319B5C9F663C6F0C4FFDD4083CF047D80F7B214D302B489ECA25FBEE66DDB9366D758A7598EFC9B9A886B02C9F751AE71F207CB9DB1356243A |
Malicious: | false |
Reputation: | unknown |
URL: | https://www.hvacplus.com/skin/frontend/seoinc/hvac/css/font-awesome/css/font-awesome.min.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4426 |
Entropy (8bit): | 4.425753664853671 |
Encrypted: | false |
SSDEEP: | |
MD5: | A457935D44E224B38FCE6AD4BDD17E2C |
SHA1: | 7E9FF9A2E4672825B45F44A9A6C0A617A75839BA |
SHA-256: | 35B89684F3AA93458084A7BBA04EAABD05459B09D940DB3CE47AD86642F8EC01 |
SHA-512: | 5637EC8ECD722172DBA29EB93CD1CA79ABC0AFC78EE2D2B1679630BCF2A370BCEA6807E3A1355C8199413AF8170F0759383CEB03D29B07CE87A9565FC4670E77 |
Malicious: | false |
Reputation: | unknown |
Preview: |