Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://url.us.m.mimecastprotect.com/s/-oP7C9rL1Juk5KJwqcof9CqWq9D?domain=koszielaman.info/

Overview

General Information

Sample URL:https://url.us.m.mimecastprotect.com/s/-oP7C9rL1Juk5KJwqcof9CqWq9D?domain=koszielaman.info/
Analysis ID:1520471

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 3736 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6824 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1876,i,12763167279875868813,11521737880673391862,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 4308 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url.us.m.mimecastprotect.com/s/-oP7C9rL1Juk5KJwqcof9CqWq9D?domain=koszielaman.info/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://10.us-2.isolation.mimecastprotect.com/?sessionID=a6148b01f2f5ae6a6e05HTTP Parser: No favicon
Source: https://10.us-2.isolation.mimecastprotect.com/?sessionID=a6148b01f2f5ae6a6e05HTTP Parser: No favicon
Source: https://10.us-2.isolation.mimecastprotect.com/?sessionID=a6148b01f2f5ae6a6e05HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49794 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: global trafficDNS traffic detected: DNS query: url.us.m.mimecastprotect.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: 10.us-2.isolation.mimecastprotect.com
Source: global trafficDNS traffic detected: DNS query: security-us.mimecast.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49794 version: TLS 1.2
Source: classification engineClassification label: clean0.win@17/33@12/67
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1876,i,12763167279875868813,11521737880673391862,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url.us.m.mimecastprotect.com/s/-oP7C9rL1Juk5KJwqcof9CqWq9D?domain=koszielaman.info/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1876,i,12763167279875868813,11521737880673391862,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
url.us.m.mimecastprotect.com
205.139.111.117
truefalse
    		unknown
    security-us.mimecast.com
    		205.139.110.117
    		truefalse
      		unknown
      www.google.com
      		142.250.185.132
      		truefalse
        		unknown
        10.us-2.isolation.mimecastprotect.com
        		205.139.110.130
        		truefalse
          		unknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://security-us.mimecast.com/mimecast-bi-web-portal/app/bi?info=bTldCcxbCYYJ00pINk88z_VxHo9nx4IN7IWL7KM4GVWFYuTLcJEAnmrGupznTLJr&reason=SessionErrorfalse
            		unknown
            https://10.us-2.isolation.mimecastprotect.com/?sessionID=a6148b01f2f5ae6a6e05false
              		unknown

              World Map of Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public IPs

              IPDomainCountryFlagASNASN NameMalicious
              205.139.111.117
              		url.us.m.mimecastprotect.comUnited States
              		30031MIMECAST-USfalse
              205.139.110.130
              		10.us-2.isolation.mimecastprotect.comUnited States
              		30031MIMECAST-USfalse
              172.217.16.202
              		unknownUnited States
              		15169GOOGLEUSfalse
              1.1.1.1
              		unknownAustralia
              		13335CLOUDFLARENETUSfalse
              172.217.18.14
              		unknownUnited States
              		15169GOOGLEUSfalse
              172.217.18.3
              		unknownUnited States
              		15169GOOGLEUSfalse
              142.250.185.132
              		www.google.comUnited States
              		15169GOOGLEUSfalse
              207.211.31.14
              		unknownUnited States
              		14135NAVISITE-EAST-2USfalse
              205.139.110.117
              		security-us.mimecast.comUnited States
              		30031MIMECAST-USfalse
              142.250.185.227
              		unknownUnited States
              		15169GOOGLEUSfalse
              64.233.167.84
              		unknownUnited States
              		15169GOOGLEUSfalse
              239.255.255.250
              		unknownReserved
              		unknownunknownfalse

              Private

              IP
              192.168.2.16

              General Information

              Joe Sandbox version:41.0.0 Charoite
              Analysis ID:1520471
              Start date and time:2024-09-27 11:21:31 +02:00
              Joe Sandbox product:CloudBasic
              Overall analysis duration:
              Hypervisor based Inspection enabled:false
              Report type:full
              Cookbook file name:defaultwindowsinteractivecookbook.jbs
              Sample URL:https://url.us.m.mimecastprotect.com/s/-oP7C9rL1Juk5KJwqcof9CqWq9D?domain=koszielaman.info/
              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
              Number of analysed new started processes analysed:11
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:0
              Technologies:
              • EGA enabled
              Analysis Mode:stream
              Analysis stop reason:Timeout
              Detection:CLEAN
              Classification:clean0.win@17/33@12/67

              Warnings

              • Exclude process from analysis (whitelisted): svchost.exe
              • Excluded IPs from analysis (whitelisted): 172.217.18.3, 172.217.18.14, 64.233.167.84, 34.104.35.123
              • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
              • Not all processes where analyzed, report is missing behavior information
              • VT rate limit hit for: https://url.us.m.mimecastprotect.com/s/-oP7C9rL1Juk5KJwqcof9CqWq9D?domain=koszielaman.info/

              LLM Input / Output

              InputOutput
              URL: https://10.us-2.isolation.mimecastprotect.com/?sessionID=a6148b01f2f5ae6a6e05 Model: jbxai
              {
"brand":["mimecast"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"continue",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
              URL: https://10.us-2.isolation.mimecastprotect.com/?sessionID=a6148b01f2f5ae6a6e05 Model: jbxai
              {
"brand":["mimicast"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
              URL: https://10.us-2.isolation.mimecastprotect.com/?sessionID=a6148b01f2f5ae6a6e05 Model: jbxai
              {
"brand":["mimicast"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
              URL: https://security-us.mimecast.com/mimecast-bi-web-portal/app/bi?info=bTldCcxbCYYJ00pINk88z_VxHo9nx4IN7IWL7KM4GVWFYuTLcJEAnmrGupznTLJr&reason=SessionError Model: jbxai
              {
"brand":["mimecast"],
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"unknown",
"text_input_field_labels":["unknown"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

              Created / dropped Files

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 08:22:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2673
              Entropy (8bit):3.986488143349959
              Encrypted:false
              SSDEEP:
              MD5:B762F0D056C54B6586803826C97D6E4E
              SHA1:404BBEB1622F6C50DAE648EE321DF305BEBADF1B
              SHA-256:E2D46FC3BED8C79A631F58EFB1A46255550E3884AD1E685F8790472EE3A12651
              SHA-512:C5A0A3C23A6632FFEDB2B70D3A9C35ABF7A3500C60CCA33289E6B1F50C1FB133695B8E99579A306EE9879752437190BD91E50CE572195A9D9B05C12E543DF33B
              Malicious:false
              Reputation:unknown
              Preview:L..................F.@.. ...$+.,....W$.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I;Y.J....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.J....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.J....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.J..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.J...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........#.dO.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 08:22:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2675
              Entropy (8bit):4.001416197639058
              Encrypted:false
              SSDEEP:
              MD5:55E1E8E2FC5BCAA29084353B87B1A615
              SHA1:D412AB05734CEE0A9C73E0FD1B1305508E496A14
              SHA-256:199E81260FDEB6B0E9DED19F5F99D4C753160202150FAAA50AC79E6C64909847
              SHA-512:6E5E55C3EF7387E543AC5C620ADE7D38AF3F708CE2D7ABFAB43236E4416837990F49F9BC441A9A005BB30FD6A928E6D8854CECA48721EA795384C7E15497464C
              Malicious:false
              Reputation:unknown
              Preview:L..................F.@.. ...$+.,....R=......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I;Y.J....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.J....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.J....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.J..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.J...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........#.dO.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2689
              Entropy (8bit):4.009639189310908
              Encrypted:false
              SSDEEP:
              MD5:15576EEA120F08BDBCDF9AC4A6AF1AB1
              SHA1:C90AC92085791718B0F64DBD403F809766CBF558
              SHA-256:BFF4FBCBB6280E4AA533FBF36538C2DA02F9D1E74487AFCA5C8597CE30611E09
              SHA-512:BB265EDAA0AF10A9F8613F85DC4C569101B57B22DDB906BA7812E2C8938C902E9497F6691005B00EC1175B0A79355E02FEA8FF85868099C17075FE4FC49C1756
              Malicious:false
              Reputation:unknown
              Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I;Y.J....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.J....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.J....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.J..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........#.dO.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 08:22:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2677
              Entropy (8bit):4.001023785047418
              Encrypted:false
              SSDEEP:
              MD5:C99900B51C59FF3BDC79D1C8F36C7361
              SHA1:1856DF8E3D6FB6CAB26E72CECCB070B1D5DFF6CF
              SHA-256:3953F74DF1FB3181712B7AE783656781C2BBA23EF7DDFD65F79D77D772DECAB7
              SHA-512:B6F6791B24C4B41099F055A7C53668678A84C1D40EDDE775125E8B8F7537D7D1F3C6353C6F6E47F3568301D4B3B3AB03EF8092BFFA51127A061F3A5DEEC2A19A
              Malicious:false
              Reputation:unknown
              Preview:L..................F.@.. ...$+.,....$.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I;Y.J....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.J....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.J....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.J..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.J...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........#.dO.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 08:22:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2677
              Entropy (8bit):3.9890204714461417
              Encrypted:false
              SSDEEP:
              MD5:F1E6F993945622E3F8A5D8523DDA43A4
              SHA1:3704C93E35E0D32A16AA474576426DEDA948D310
              SHA-256:C877E444DF0ECC267FB0EC73FD6808DE42502756347784C813F99335687BFC77
              SHA-512:503B96379E6988679898878FD1BD47B2FC88065F9BCCC1792581AF3BA465054DB1D08C34AAF0B33DE6334A789DC3290621F39E8FE3F876A370E0DDB7E1C3D787
              Malicious:false
              Reputation:unknown
              Preview:L..................F.@.. ...$+.,.....0.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I;Y.J....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.J....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.J....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.J..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.J...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........#.dO.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Sep 27 08:22:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2679
              Entropy (8bit):3.9989450866006253
              Encrypted:false
              SSDEEP:
              MD5:68485882043665079A8E912A6B4D08D7
              SHA1:229A7166F9D68203A6948B663E00B59414C9B2B6
              SHA-256:45D1286361E8127FDDBF2B34838C433639CF8B318B6CDB09E4074A187062C84E
              SHA-512:6A4880B03FCDB42AE3FFD80352127A5C797C40BBB30EED901455A63FF5D19672640491556705C9C5010242B38BA060ED61636B1E77F3E33362D670228BDA9640
              Malicious:false
              Reputation:unknown
              Preview:L..................F.@.. ...$+.,.....3......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I;Y.J....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V;Y.J....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V;Y.J....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V;Y.J..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V;Y.J...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........#.dO.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              Chrome Cache Entry: 100

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
              Category:downloaded
              Size (bytes):48236
              Entropy (8bit):7.994912604882335
              Encrypted:true
              SSDEEP:
              MD5:015C126A3520C9A8F6A27979D0266E96
              SHA1:2ACF956561D44434A6D84204670CF849D3215D5F
              SHA-256:3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
              SHA-512:02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C
              Malicious:false
              Reputation:unknown
              URL:https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
              Preview:wOF2.......l......D...............................O..B..h?HVAR.x.`?STAT.$'...0+...|.../V........+..2.0..6.6.$..`. ..~......[B4q.....t..P.M_.z...1..R.S*...u.#..R....fR.1.N.v.N.P...;.2........!Z......Qs...5f.G.K.an2&....2...*......C.H.t..N!.....nh.<(.vN.....j.._.L.P.t..Ai.%.............._I.i,..o,C.].H.X9.....a.=N....k.....n.L..k.f.u..{...:.}^\[..~5...Z`...........`!...%4..,...K0..&.a/....P....S....m.Z......u...D.j.F...f.0`I.`.`.h#..)(FQ.F!o$........S.).MV8%Rh...r...x...T]$.=......Y...!.3.&U..."....Q....{.l/0..d..4iJ/..}...3....i[Z..NG.WD...>.[U..Q.h..@m.=..S...1C2...d...<..v.?.q.f..n...OUz.....&Z......Z."..N.....n...9.B..C..W....}...W..6Zs.i.+Z........jB.n..x.8M.....q..@I....-.%..,C,..K..#.2...4)/.v_..x.<....t.....%[.4?.=j.V..jj''..W.u..q....I.L.=......E...\.M.7{.>......W........C.`...,9$......\..o........y...4A..m.P.,X..=?.:................wF`..+.P..........M!.4.......l.>M..t.ff5r..^..Z.g...!fA,hIIQ...e.R>B.AH.VuX..>..\.=.ky...1>C....>C.c.;...6D.

              Chrome Cache Entry: 101

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (65536), with no line terminators
              Category:downloaded
              Size (bytes):1201493
              Entropy (8bit):5.59000011706077
              Encrypted:false
              SSDEEP:
              MD5:7286A248817F8763AD5667AB765AEDA9
              SHA1:C61E2AD02BE80D0655FA97ECAC7BB4B727FD4B83
              SHA-256:5ABBC491AD399C7E9B0483043BBEF6F16D00A033827626937049F069AFDBF6E6
              SHA-512:E6980563D68E2C7402D2A30AC4D5ACF9C89A5F5F04762A520D5CD0FB2FF23940E2864C6B4FBDF36441FCDD9E3B70F504EA8144E680FF2C47E8D79E79A4D637A2
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/mimecast-bi-web-portal/resources/main.a5869a90ea54a11bc8c5.js
              Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[1],{"+s0g":function(e,t,n){!function(e){"use strict";var t="jan._feb._mrt._apr._mei_jun._jul._aug._sep._okt._nov._dec.".split("_"),n="jan_feb_mrt_apr_mei_jun_jul_aug_sep_okt_nov_dec".split("_"),r=[/^jan/i,/^feb/i,/^maart|mrt.?$/i,/^apr/i,/^mei$/i,/^jun[i.]?$/i,/^jul[i.]?$/i,/^aug/i,/^sep/i,/^okt/i,/^nov/i,/^dec/i],o=/^(januari|februari|maart|april|mei|ju[nl]i|augustus|september|oktober|november|december|jan\.?|feb\.?|mrt\.?|apr\.?|ju[nl]\.?|aug\.?|sep\.?|okt\.?|nov\.?|dec\.?)/i;e.defineLocale("nl",{months:"januari_februari_maart_april_mei_juni_juli_augustus_september_oktober_november_december".split("_"),monthsShort:function(e,r){return e?/-MMM-/.test(r)?n[e.month()]:t[e.month()]:t},monthsRegex:o,monthsShortRegex:o,monthsStrictRegex:/^(januari|februari|maart|april|mei|ju[nl]i|augustus|september|oktober|november|december)/i,monthsShortStrictRegex:/^(jan\.?|feb\.?|mrt\.?|apr\.?|mei|ju[nl]\.?|aug\.?|sep\.?|okt\.?|nov\.?|dec\.?)/i,months

              Chrome Cache Entry: 104

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:PNG image data, 1304 x 222, 8-bit/color RGBA, non-interlaced
              Category:downloaded
              Size (bytes):11235
              Entropy (8bit):7.803195778024376
              Encrypted:false
              SSDEEP:
              MD5:819524840D3A1501322C194A34A007AE
              SHA1:9A6D076A7BFC7F23B963EBB3C145FA2F63E1695C
              SHA-256:7C7E0BD9C6285274BC3DF66F24099B55DF0FD8336A87679E5316DA137818CEDE
              SHA-512:092A01B47A6A6DD37CC0C0018B23F6CA68A1B83B879556BDF58E9B98FE1D926E4B482E8319540441243D3FAA623A6F07211820B36947D5B6B785D082BE98594B
              Malicious:false
              Reputation:unknown
              URL:https://10.us-2.isolation.mimecastprotect.com/mimecast-m-white.f7644903.png
              Preview:.PNG........IHDR.............V.l.....sRGB.........gAMA......a.....pHYs..........o.d..+xIDATx^....u.x7.."..y..f...J....54J...J.......P.>.CU....J"*.....1.<$.sb......D.................Z.K.Y..k.}.5...]..f7O9z\...m.......i.....`.i0B.......tO.........#....07.F....`n........4.......i0.....s.`.............M.........#....07.F....`n........4.......i0.....s.Z.:3...Ny..!.......g.;.......c..1....Ni0...........K.:&.;.32.r.4....07.F....`n........4.......i0.....s.`.............M.........#....07.F....`n........4.......i0.....s.`.............M.........#....07.F....`n........4.............f7Hy...a......LH>{...q.[..s..m.........I.n?..r.4....07.F....`n........4.......i0.....s.`.............M.........#....07.F....`n........4.......i0.....s.`.............M.........#....07.F....`n........4.......i0.....s.`.............M........0..nc.n.N~........S*.0|)..../Rn:.u........*..Um3X..Y..i.J...d.>..st*...\.9(.xr...d.......or.q..&.O~..|.:...\.........3...J.dRs...E....%5......M~.a.N.\.C.

              Chrome Cache Entry: 105

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (57597)
              Category:downloaded
              Size (bytes):136751
              Entropy (8bit):5.104532813388684
              Encrypted:false
              SSDEEP:
              MD5:7D471D4BC429BACB88A16820E758A3FA
              SHA1:5498C97D8C8E760C6183B045DD15EC93CDF9DDEA
              SHA-256:13E209363C0DD1C1BA6CA51FF5B2098D85D14B823D349AE779F61CC4A7B5D5BF
              SHA-512:84993A24BC0A76B4C66B72A54AE0F748E692BB3AA5DD6FB6C9A2BDFB3E2C5DE6203E8021B26D5837B17F4F82F473143B805B83DD99A3BA69EEC428702DB8C5EB
              Malicious:false
              Reputation:unknown
              URL:https://10.us-2.isolation.mimecastprotect.com/src.46cd90e5.css
              Preview:.App{font-family:Mier B,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica,Arial,sans-serif}.App-logo{animation:App-logo-spin infinite 20s linear;height:80px}.App-header{background-color:#222;height:150px;padding:20px;color:#fff}.App-intro{font-size:large}@keyframes App-logo-spin{0%{transform:rotate(0deg)}to{transform:rotate(1turn)}}#vncDiv canvas{width:100%}.loader{border:4px solid #f3f3f3;border-top:4px solid #3498db;border-radius:50%;width:40px;height:40px;animation:spin 2s linear infinite;margin-top:80px}@keyframes spin{0%{transform:rotate(0deg)}to{transform:rotate(1turn)}}.loader-wrapper{margin:auto;width:0;padding:10px}.bg-color{background:#fff}.wrapper-container{padding:3rem}.btn-white{background-color:#fff;border:1px solid #b2b2b2!important;border-radius:6px!important}.btn-white:hover{background-color:#f2f2f2}.btn-blue:hover{color:#fff!important}.form-control{border:1px solid #b2b2b2!important;border-radius:6px!important}.btn:focus{outline:none;box-shadow:none}:focus{ou

              Chrome Cache Entry: 107

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:JSON data
              Category:downloaded
              Size (bytes):571
              Entropy (8bit):5.223614476953603
              Encrypted:false
              SSDEEP:
              MD5:FADB8C78D67E3E93465D6CC538631228
              SHA1:3EA9CD2A424D123C5D12EA349F0A9734130C6588
              SHA-256:C76995F1EC2F29D7F1570F48F7A62F92E19D8989C0441750F2759B1734FE097F
              SHA-512:894B62F7A168F46A9B86A4193C8817E160EBC5174FC1A5518EE977785B3F466DB5A5A79DCB9555A7062880B2C9093D7D167786A7621055243B0BED8C93A1BEA4
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/mimecast-bi-web-portal/resources/i18n/en.json
              Preview:{"$I18N_WEB_PORTAL":{"BREADCRUMB":{"APP_NAME":"Mimecast Web Portal","THREAT_DETAILS":"Mimecast Web Porta2"}},"$I18N_WEB_PORTAL_BI_SESSIONERROR":"Sorry, something went wrong","$I18N_WEB_PORTAL_BI_TRY_SUPPORTED_BROWSER":"To view this page securely, please use one of our","$I18N_WEB_PORTAL_BI_SUPPORTED_BROWSER":"supported browsers.","$I18N_WEB_PORTAL_BI_UNSUPPORTEDBROWSERERROR":"Sorry, your browser isn't supported","$I18N_WEB_PORTAL_BI_SESSIONEXPIRE":"Session expired","$I18N_WEB_PORTAL_BI_SESSIONEND":"Session ended","$I18N_WEB_PORTAL_BI_TRY_AGAIN":"Please try again."}

              Chrome Cache Entry: 108

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:downloaded
              Size (bytes):1104
              Entropy (8bit):4.963711945087283
              Encrypted:false
              SSDEEP:
              MD5:8528EB2A238FD6DCFF67D4CAA200E8EE
              SHA1:3AF3AE5FBE884D8DFF00FF3A40FA586C12D67B01
              SHA-256:25CC1F633FFC0DC449D5089E86DA21C44CF09D69722BDE8C06E74F2D41B8F485
              SHA-512:4F2D1B09E9032DC6EC8FEB409931A477321F15DB4A32857218FFC737B672F6E303C8CF74AE9D65DEE81AEAEE3366A4E1467E96A9E5A6E62649B5ED4DE803AAC5
              Malicious:false
              Reputation:unknown
              URL:https://10.us-2.isolation.mimecastprotect.com/bi/v1/sessions/a6148b01f2f5ae6a6e05
              Preview:{. "expiration": 1727429251,. "id": "a6148b01f2f5ae6a6e05",. "properties": {. "clipboardTransferIn": false,. "clipboardTransferOut": false,. "errorTimeout": 10,. "extraBrowserArgs": [. ],. "extraData": {. "originGUID": "req-a79ba13470aaf11a409182d902c46faa". },. "maximumTimeout": 600,. "plugins": [. "/docker/plugins/gen/components/isolation". ],. "processID": "1",. "proxy": "",. "screenResolution": "1024x768",. "scriptProcessID": "0",. "seastarLocation": "https://security-us.mimecast.com/mimecast-bi-web-portal/app/bi?info=bTldCcxbCYYJ00pINk88z_VxHo9nx4IN7IWL7KM4GVWFYuTLcJEAnmrGupznTLJr",. "sessionReadOnly": false,. "timeout": 300,. "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36",. "videoCompressionLevel": "medium",. "videoQualityLevel": "me

              Chrome Cache Entry: 109

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:Unicode text, UTF-8 text, with very long lines (7988)
              Category:downloaded
              Size (bytes):1494369
              Entropy (8bit):5.547176009065058
              Encrypted:false
              SSDEEP:
              MD5:4E8E1C75EF777B438C86B8CDD3B9A45A
              SHA1:99AD5E1A9EAA4626501A334D79D4E15FA5809AAF
              SHA-256:8ECA0E64E2D5523BC3012500B317F561C2CFA190D67EAAA001D6DFAE29C68E1A
              SHA-512:50E092A1A18992C2159B8D43340D134E9F0028901EFD3F8B8BE70ED9DB956694D5133F8EFF91E72EB8698D29D9C40E89AF25E2639C1967CAD5867E31F9B4F2C0
              Malicious:false
              Reputation:unknown
              URL:https://10.us-2.isolation.mimecastprotect.com/src.ec7aaf9d.js
              Preview:parcelRequire=function(e,r,t,n){var i,o="function"==typeof parcelRequire&&parcelRequire,u="function"==typeof require&&require;function f(t,n){if(!r[t]){if(!e[t]){var i="function"==typeof parcelRequire&&parcelRequire;if(!n&&i)return i(t,!0);if(o)return o(t,!0);if(u&&"string"==typeof t)return u(t);var c=new Error("Cannot find module '"+t+"'");throw c.code="MODULE_NOT_FOUND",c}p.resolve=function(r){return e[t][1][r]||r},p.cache={};var l=r[t]=new f.Module(t);e[t][0].call(l.exports,p,l,l.exports,this)}return r[t].exports;function p(e){return f(p.resolve(e))}}f.isParcelRequire=!0,f.Module=function(e){this.id=e,this.bundle=f,this.exports={}},f.modules=e,f.cache=r,f.parent=o,f.register=function(r,t){e[r]=[function(e,r){r.exports=t},{}]};for(var c=0;c<t.length;c++)try{f(t[c])}catch(e){i||(i=e)}if(t.length){var l=f(t[t.length-1]);"object"==typeof exports&&"undefined"!=typeof module?module.exports=l:"function"==typeof define&&define.amd?define(function(){return l}):n&&(this[n]=l)}if(parcelRequire

              Chrome Cache Entry: 110

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:HTML document, ASCII text, with very long lines (2084)
              Category:downloaded
              Size (bytes):3708
              Entropy (8bit):5.2756611016482635
              Encrypted:false
              SSDEEP:
              MD5:CA49A39E72AC31193DB65E4B72E7CDB4
              SHA1:A08EB479137594794687ED93088A660E5720C609
              SHA-256:2AD2FD22CC26E09121C8FDD7985A3DCE344302EC9FC1D3297BCF733DB96F7ED6
              SHA-512:654D039F163C30C3797494940B1C58EFA4B0ADC20E9AF8FD0DF6CF426818B9F91FBF5CC74EB14B9603A4A624C1119026AE020C5BDE39A1FB7C932C717E2E5A4E
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/mimecast-bi-web-portal/app/bi?info=bTldCcxbCYYJ00pINk88z_VxHo9nx4IN7IWL7KM4GVWFYuTLcJEAnmrGupznTLJr&reason=SessionError
              Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="utf-8"/>. <title>Mimecast Browser Isolation</title>. <base href="/mimecast-bi-web-portal/"/>. <meta name="viewport" content="width=device-width, initial-scale=1"/>. <link rel="icon" type="image/x-icon" href="favicon.ico"/>. <link rel="stylesheet" type="text/css" href="/common/default/resources/css/mimecast-app-components.css">. <style>. body {background-color: #fff !important; background-image: none !important;}. </style>. <meta name="apple-mobile-web-app-capable" content="yes">. [if lte IE 10]> <link rel="icon" href="/mimecast-bi-web-portal/resources/images/favicon.ico" /> <![endif]-->. <link rel="shortcut icon" href="/mimecast-bi-web-portal/resources/images/favicon.ico" />. <link rel="apple-touch-icon" sizes="152x152" href="/mimecast-bi-web-portal/resources/images/favicon-mobile.png" />. <link rel="apple-touch-icon-precomposed" sizes="152x152" href="/mimecast-bi-web-por

              Chrome Cache Entry: 111

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (65536), with no line terminators
              Category:downloaded
              Size (bytes):480504
              Entropy (8bit):4.976074876438308
              Encrypted:false
              SSDEEP:
              MD5:D839F7668AEF5B0FE77E4338B228B193
              SHA1:C1EF62615521892BC75E29DF479C81E73D86E0E0
              SHA-256:8B6B98C07A6132164E981CA703705DDCF28973D5C970D0E297C4CC6CB6E1E9C2
              SHA-512:48BB79A36DD65DC2F27A0389A0D10CB5F808DA3F8C9D09F798A975293291613D3F041FA7443A44FC8B50C39737680DAD25BAC35E109363466DE21884DC5BFCD9
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/mimecast-bi-web-portal/resources/styles.a5869a90ea54a11bc8c5.js
              Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[4],{"0Teq":function(n,e,o){"use strict";var t=o("JPst"),a=o.n(t)()(function(n){return n[1]});a.push([n.i,'@charset "UTF-8";\n/**\n Prebuilt: @mimecast-ui/components - Gen2 Theme\n */\n/**\n Bootstrap Default Setup\n\n Every app consuming @mimecast-ui components can import this file or\n implement their version.\n */\n/*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */\nhtml {\n font-family: sans-serif;\n -ms-text-size-adjust: 100%;\n -webkit-text-size-adjust: 100%; }\nbody {\n margin: 0; }\narticle,\naside,\ndetails,\nfigcaption,\nfigure,\nfooter,\nheader,\nhgroup,\nmain,\nmenu,\nnav,\nsection,\nsummary {\n display: block; }\naudio,\ncanvas,\nprogress,\nvideo {\n display: inline-block;\n vertical-align: baseline; }\naudio:not([controls]) {\n display: none;\n height: 0; }\n[hidden],\ntemplate {\n display: none; }\na {\n background-color: transparent; }\na:active,\na:hover {\n outline: 0; }\nabb

              Chrome Cache Entry: 112

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:WebAssembly (wasm) binary module version 0x1 (MVP)
              Category:dropped
              Size (bytes):132979
              Entropy (8bit):5.182757630961125
              Encrypted:false
              SSDEEP:
              MD5:498D2DD44C9FD59639E36BBAABBD6361
              SHA1:98F498C2B10656E80BEA95BCC65AF6C13D3DA9BF
              SHA-256:F05E959033DA0E40F3B91943B3CF5A5119316728BFDC9DAB90E712A2ADED6420
              SHA-512:3D724BA9CB9C2AFB143E8E2F850C8AE965E03CC693DE1A6403502295A93D1B7187D0D92FB5EBCFEF23F31951622138A6D7CF9BC19EFB035C54FEF97ECF9AFC2B
              Malicious:false
              Reputation:unknown
              Preview:.asm.....u.`.......`......`....`...`...`.....`..`.....`....`.......`...........`...........`..........`......`........`.............env.memory.......env.table.p....env.tableBase....env.DYNAMICTOP_PTR....env.STACKTOP....env.abort...env.enlargeMemory...env.getTotalMemory...env.abortOnCannotGrowMemory...env.___setErrNo...env.___syscall140...env.___syscall146...env.___syscall54...env.___syscall6...env._broadwayOnHeadersDecoded...env._broadwayOnPictureDecoded...env._emscripten_memcpy_big...43........................................................#....#......._broadwayCreateStream.;._broadwayExit.8._broadwayGetMajorVersion.7._broadwayGetMinorVersion.6._broadwayInit.9._broadwayPlayStream.:....#.../5.43#!=>!....3......@ .A.j".(..!..@.@ .A.j".(..A.t". .A.j".(..".k".A.J.@ .-..A.t .-..A.tr .-..A.tr .-..r!. .(.."..@ .-..A. .kv . .tr!... .A.J.@ .-.. .(..".A.j".t!. .Axj .j".A.J.@ .!..@ .A.j".-.. .Axj".t .r!. .Axj!. .A.J.. .!.... ..!... .!....... .A.H.@ . .A.j".6.. . .A.q6.. . .M.@ . .(.. .A.vj6...

              Chrome Cache Entry: 72

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (3529), with no line terminators
              Category:dropped
              Size (bytes):3529
              Entropy (8bit):5.469932870701677
              Encrypted:false
              SSDEEP:
              MD5:3628494BB4FB7EA43E6E16CF95D6EA27
              SHA1:32B71FB3B6D35107C5638FCC23486419D769BBD0
              SHA-256:1DE0CEA83F89DFC1AE5FB681558D176925EC12C490D6BBF38EB0C2C81F734FC1
              SHA-512:DFAF017E191EBAE6AC6D0636DCFD3ED809D4A33B34BF9212EC1C85A9FFBE40B1920D163485F606DECCA67A19A5C195A21C66011374EC1FC90E7D8CE60662D671
              Malicious:false
              Reputation:unknown
              Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[5],{tjEG:function(e,t,n){"use strict";n.r(t),n.d(t,"BiModule",function(){return g});var o=n("ofXK"),c=n("2HIq"),r=n("tyNb"),s=n("fXoL"),a=n("tk/3");let i=(()=>{class e{constructor(e){this.http=e}decodeToken(e){return this.http.post("/api/swg/decode-reason",{data:[{token:e}]})}}return e.\u0275fac=function(t){return new(t||e)(s.ac(a.a))},e.\u0275prov=s.Jb({token:e,factory:e.\u0275fac}),e})();var p=n("sYmb");function d(e,t){if(1&e&&(s.Tb(0,"div"),s.Jc(1),s.ic(2,"translate"),s.Tb(3,"a",6),s.Jc(4),s.ic(5,"translate"),s.Sb(),s.Jc(6,"\n"),s.Sb()),2&e){const e=s.hc();s.Ab(1),s.Lc("",s.jc(2,3,"$I18N_WEB_PORTAL_BI_TRY_SUPPORTED_BROWSER"),"\n "),s.Ab(2),s.oc("href",e.SECURE_SUPPORTED_BROWSER_LINK,s.Cc),s.Ab(1),s.Lc(" ",s.jc(5,5,"$I18N_WEB_PORTAL_BI_SUPPORTED_BROWSER"),"")}}function b(e,t){if(1&e&&(s.Tb(0,"p",7),s.Jc(1),s.Sb()),2&e){const e=s.hc();s.Ab(1),s.Kc(e.biUrl)}}function l(e,t){1&e&&(s.Tb(0,"p",8),s.Jc(1),s.ic(2,"translate"),s.Sb()),2&e

              Chrome Cache Entry: 73

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (2299), with no line terminators
              Category:dropped
              Size (bytes):2299
              Entropy (8bit):5.185452418567115
              Encrypted:false
              SSDEEP:
              MD5:415AF8C3DD66BB70DECD2BE3E9271C3A
              SHA1:A06C6822C8D7B4BAE21953BB8BD35657B9482B63
              SHA-256:9DE2B8E43B522B812FDBCC91540DB1FC93320323E8F9F9C3EF39C662E723E032
              SHA-512:3BA2A776BF270797AF6D9C773ECD8D652DE1D6B6FCD3554136A3F58CA4E318CDBBD75E5F63A464F3234EE381A7D0047273678D2D3D69A331F8CB2781C1548C56
              Malicious:false
              Reputation:unknown
              Preview:!function(e){function r(r){for(var n,a,i=r[0],c=r[1],l=r[2],p=0,s=[];p<i.length;p++)a=i[p],Object.prototype.hasOwnProperty.call(o,a)&&o[a]&&s.push(o[a][0]),o[a]=0;for(n in c)Object.prototype.hasOwnProperty.call(c,n)&&(e[n]=c[n]);for(f&&f(r);s.length;)s.shift()();return u.push.apply(u,l||[]),t()}function t(){for(var e,r=0;r<u.length;r++){for(var t=u[r],n=!0,i=1;i<t.length;i++)0!==o[t[i]]&&(n=!1);n&&(u.splice(r--,1),e=a(a.s=t[0]))}return e}var n={},o={0:0},u=[];function a(r){if(n[r])return n[r].exports;var t=n[r]={i:r,l:!1,exports:{}};return e[r].call(t.exports,t,t.exports,a),t.l=!0,t.exports}a.e=function(e){var r=[],t=o[e];if(0!==t)if(t)r.push(t[2]);else{var n=new Promise(function(r,n){t=o[e]=[r,n]});r.push(t[2]=n);var u,i=document.createElement("script");i.charset="utf-8",i.timeout=120,a.nc&&i.setAttribute("nonce",a.nc),i.src=function(e){return a.p+"resources/"+({}[e]||e)+".a5869a90ea54a11bc8c5.js"}(e);var c=new Error;u=function(r){i.onerror=i.onload=null,clearTimeout(l);var t=o[e];if(

              Chrome Cache Entry: 74

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:downloaded
              Size (bytes):4308
              Entropy (8bit):5.1813217233691935
              Encrypted:false
              SSDEEP:
              MD5:0A3FE2F50CEA4DBB97760BFCB9662BF1
              SHA1:E187E4E0BE06D6395BB3C4D84CFF1C6D6597B003
              SHA-256:10DD05008C512B02622F0481F6FEF66E3FCA832B07D3BCF6E4D5D0CF4DF0F136
              SHA-512:6409326035094B19490FB4499D0342DE86B466729714F742D559E6D1BFC616072F34DC8D93A160DF23AF88A39D89AF408C5033433380AE69108C47A46D74261D
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/common/default/resources/css/mimecast-app-components.css
              Preview:@import url('https://fonts.googleapis.com/css?family=Open+Sans:400,600,700');.@import '../mimecast-app-common/assets/css/regular.min.css';.@import '../mimecast-app-common/assets/css/light.min.css';.@import '../mimecast-app-common/assets/css/solid.min.css';../* CSS Reset: https://meyerweb.com/eric/tools/css/reset/ */.html, body, div, span, applet, object, iframe, p, blockquote, pre,.a, abbr, acronym, address, big, cite, code,.del, dfn, em, img, ins, kbd, q, s, samp,.small, strike, strong, sub, sup, tt, var,.b, u, i, center,.dl, dt, dd, ol, ul, li,.fieldset, form, label, legend,.table, caption, tbody, tfoot, thead, tr, th, td,.article, aside, canvas, details, embed,.figure, figcaption, footer, header, hgroup,.menu, nav, output, ruby, section, summary,.time, mark, audio, video {..margin: 0;..padding: 0;..border: 0;..font-size: 100%;..font: inherit;..vertical-align: baseline;.}..span[slot='links-slot'] {. display: none;.}../* TODO: import those styles from @mimecast-ui/components */..cdk-

              Chrome Cache Entry: 75

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:HTML document, ASCII text
              Category:dropped
              Size (bytes):180
              Entropy (8bit):4.755948041571961
              Encrypted:false
              SSDEEP:
              MD5:B574A8D3BC4C6A4FE57E89008E9645A3
              SHA1:471EBF49ADD18D605FD24F188DD460F165DDEF45
              SHA-256:3237A8FE51F94BBF3E3E38E4A8E0DC1A643F5DFB5C49D265A8B456CD646D6FCC
              SHA-512:011CB4A90C3B5A4D467B8765A51121CC2AAE9F5C1B570DC82D73D3B12B32F63928F6BD9BE96C5410212392A13DA287154D729A1E0D21AF3E13CCB07F2DD11224
              Malicious:false
              Reputation:unknown
              Preview:<!DOCTYPE html>.<html>.<head>. <title></title>.</head>.<body>.<h1>Error 404</h1>.<h2>Sorry, page not found.</h2>.<p>We could not find the page you requested.</p>.</body>.</html>

              Chrome Cache Entry: 77

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
              Category:downloaded
              Size (bytes):1150
              Entropy (8bit):3.3389002447758216
              Encrypted:false
              SSDEEP:
              MD5:D87838F40664CA9DCE3E204B0031E176
              SHA1:E41072DE722B2E9CFFF1728A1453EC1C104A8755
              SHA-256:1510EEE37FCF534DD905BEB25D5A24A43C5224465CD1EA067EBDEA8894DA4BD9
              SHA-512:C97075E8CF487659D83FB19458ADE2FD527F919B9E11C7766BDE67C51A406A587B8798BF9C3D0671BF90C63408B3606DCB6D9100CD8D21682630F55BAF6B487C
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/mimecast-bi-web-portal/resources/images/favicon.ico
              Preview:............ .h.......(....... ..... .........................qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.}jV }jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.qiL.qiL.qiL.qiL.qiL.qiL.qiL.}jV.}jV`qiL.qiL.qiL.qiL.qiL.qiL.qiL.}jV0}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.}jV@}jV.}jV }jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.}jV0}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.qiL.}jV0}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV0qiL.}jV0}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.}jV@}jV.}jV0}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.}jV0}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.qiL.}jV0}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV@}jV0qiL.}jV0}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.}jV@}jV.}jV }jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.qiL.}jV0}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}jV.}j

              Chrome Cache Entry: 79

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:HTML document, ASCII text, with very long lines (2084)
              Category:dropped
              Size (bytes):3711
              Entropy (8bit):5.2813948644037705
              Encrypted:false
              SSDEEP:
              MD5:88B3C0D8E74E8177A2BD0868319D1E89
              SHA1:C05901641A88ED5C53B133B57EB37801595BF202
              SHA-256:BE9E09EFDCCAEE617C16D84CF7EAE84CBAED1E7265E3AB7100CF53FD01E61F83
              SHA-512:2885CC03566A52B4051FE59B184B2226ACD31CA14578EDE4FAB567240A145F373755EC378349A4CCB1D129BA2E45554BAFBCA572ABA6F7AEAA234E5A917A3BA9
              Malicious:false
              Reputation:unknown
              Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="utf-8"/>. <title>Mimecast Browser Isolation</title>. <base href="/mimecast-bi-web-portal/"/>. <meta name="viewport" content="width=device-width, initial-scale=1"/>. <link rel="icon" type="image/x-icon" href="favicon.ico"/>. <link rel="stylesheet" type="text/css" href="/common/1.0/resources/css/mimecast-app-components.1.0.18.css">. <style>. body {background-color: #fff !important; background-image: none !important;}. </style>. <meta name="apple-mobile-web-app-capable" content="yes">. [if lte IE 10]> <link rel="icon" href="/mimecast-bi-web-portal/resources/images/favicon.ico" /> <![endif]-->. <link rel="shortcut icon" href="/mimecast-bi-web-portal/resources/images/favicon.ico" />. <link rel="apple-touch-icon" sizes="152x152" href="/mimecast-bi-web-portal/resources/images/favicon-mobile.png" />. <link rel="apple-touch-icon-precomposed" sizes="152x152" href="/mimecast-bi-web-

              Chrome Cache Entry: 80

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:HTML document, ASCII text
              Category:downloaded
              Size (bytes):171
              Entropy (8bit):4.785429170013251
              Encrypted:false
              SSDEEP:
              MD5:5B602725138F57A21CEAAE09E36C9BAC
              SHA1:329213D4810C744D233A2F8185DB7E59B13FDA58
              SHA-256:9A0DB1DD12EE31A24C0D355ED85A4BDDABF557F30981D3C20B1B2AFEA262BE76
              SHA-512:855006F5A597745BC0A52ADFA8355846C33A87D6CF27F8BB388AB5CA9F05F1E20D2884E1411FBB733BD6EFB77229DDB425D618134DDAB8B6F50237EF7DC349B9
              Malicious:false
              Reputation:unknown
              URL:https://10.us-2.isolation.mimecastprotect.com/?sessionID=a6148b01f2f5ae6a6e05
              Preview:<html><head><meta charset="UTF-8"><link rel="stylesheet" href="src.46cd90e5.css"></head><body> <div id="root"></div> <script src="src.ec7aaf9d.js"></script>.</body></html>

              Chrome Cache Entry: 81

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (480), with no line terminators
              Category:downloaded
              Size (bytes):480
              Entropy (8bit):4.909659371467108
              Encrypted:false
              SSDEEP:
              MD5:D021757C05422DEE611F12B2325451AC
              SHA1:D8473216A9E31A5F390F5A57F3FA123ECD1963F0
              SHA-256:B93CAA0B3F148997C8023E57B128AD1562136A366886AE66C37A15145DB6B188
              SHA-512:766A7F02DC3536D3D87EC2F028F28755F5144619A51CBE538BA8E7CA6F97D33A2729D82F3001975FDEAAD36E949550CCDB33C1B5CAD1D014E62D7B5C02F2BE15
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/common/default/resources/mimecast-app-common/assets/css/solid.min.css
              Preview:@font-face{font-family:"Font Awesome 5 Pro";font-style:normal;font-weight:900;font-display:auto;src:url(../webfonts/fa-solid-900.eot);src:url(../webfonts/fa-solid-900.eot?#iefix) format("embedded-opentype"),url(../webfonts/fa-solid-900.woff2) format("woff2"),url(../webfonts/fa-solid-900.woff) format("woff"),url(../webfonts/fa-solid-900.ttf) format("truetype"),url(../webfonts/fa-solid-900.svg#fontawesome) format("svg")}.fa,.fas{font-family:"Font Awesome 5 Pro";font-weight:900}

              Chrome Cache Entry: 82

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (476), with no line terminators
              Category:downloaded
              Size (bytes):476
              Entropy (8bit):4.936386680256815
              Encrypted:false
              SSDEEP:
              MD5:7555BD0B099A19CB7B5DEFFE6200B869
              SHA1:A693F443273E90D17B43651C410740DB5EDE5852
              SHA-256:0A4096ACE947335C95808B941BB3F0F660C690910F4B0CA09EFD49CA6EA1D683
              SHA-512:43EA40C6E5BDA75FBE150E03D3EC1AC28D8B601F46C39D9F5A53F970B9565F113C8A15BD8080DB1755A47D5866D22CFDF4205F5E129C47CC75B4F862DEEB3B0D
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/common/default/resources/mimecast-app-common/assets/css/light.min.css
              Preview:@font-face{font-family:"Font Awesome 5 Pro";font-style:normal;font-weight:300;font-display:auto;src:url(../webfonts/fa-light-300.eot);src:url(../webfonts/fa-light-300.eot?#iefix) format("embedded-opentype"),url(../webfonts/fa-light-300.woff2) format("woff2"),url(../webfonts/fa-light-300.woff) format("woff"),url(../webfonts/fa-light-300.ttf) format("truetype"),url(../webfonts/fa-light-300.svg#fontawesome) format("svg")}.fal{font-family:"Font Awesome 5 Pro";font-weight:300}

              Chrome Cache Entry: 84

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (36973), with no line terminators
              Category:dropped
              Size (bytes):36973
              Entropy (8bit):5.229059511444377
              Encrypted:false
              SSDEEP:
              MD5:0572E08B934C8861D89C97F3FD760DF4
              SHA1:B781F6723EC3A789640A4E9F9108B22C6CEF4684
              SHA-256:A447014340FCF4DE10FCBB0D5E4BEBBD39EBE6018F2B0917520F6CA24152CA25
              SHA-512:33B0CFF56944F38E171AFAA32C744B8AEE8836309A7CDA70F305CBB18E1A49BA40BBE2F95FDD68C4794F45829CB500072915AE593221B7DD25FF6590A24F0678
              Malicious:false
              Reputation:unknown
              Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[2],{2:function(e,t,n){e.exports=n("hN/g")},"hN/g":function(e,t,n){"use strict";n.r(t),n("pDpN")},pDpN:function(e,t,n){"use strict";!function(e){const t=e.performance;function n(e){t&&t.mark&&t.mark(e)}function o(e,n){t&&t.measure&&t.measure(e,n)}n("Zone");const r=e.__Zone_symbol_prefix||"__zone_symbol__";function s(e){return r+e}const a=!0===e[s("forceDuplicateZoneCheck")];if(e.Zone){if(a||"function"!=typeof e.Zone.__symbol__)throw new Error("Zone already loaded.");return e.Zone}class i{constructor(e,t){this._parent=e,this._name=t?t.name||"unnamed":"<root>",this._properties=t&&t.properties||{},this._zoneDelegate=new l(this,this._parent&&this._parent._zoneDelegate,t)}static assertZonePatched(){if(e.Promise!==O.ZoneAwarePromise)throw new Error("Zone.js has detected that ZoneAwarePromise `(window|global).Promise` has been overwritten.\nMost likely cause is that a Promise polyfill has been loaded after Zone.js (Polyfilling Promise api is

              Chrome Cache Entry: 88

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (488), with no line terminators
              Category:downloaded
              Size (bytes):488
              Entropy (8bit):4.895976878119397
              Encrypted:false
              SSDEEP:
              MD5:D58EFAFE99DF6A2934A7F8CF82A2B72D
              SHA1:95B2100229618881FAE2B1ECB0F27BA27AB7D60C
              SHA-256:9A52480FC995AC7346626BA0AFB9871DD5809713C8750800C0FE06036D821035
              SHA-512:C251FABB0F24F05E5FD0A04FE6E033FCB43FB2295439F86DA05ACA4C381BD658E6179AC62FBD08B9C4F016EE5FCF8D934259C12E05FDAE71A82528B9AFE6CE56
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/common/default/resources/mimecast-app-common/assets/css/regular.min.css
              Preview:@font-face{font-family:"Font Awesome 5 Pro";font-style:normal;font-weight:400;font-display:auto;src:url(../webfonts/fa-regular-400.eot);src:url(../webfonts/fa-regular-400.eot?#iefix) format("embedded-opentype"),url(../webfonts/fa-regular-400.woff2) format("woff2"),url(../webfonts/fa-regular-400.woff) format("woff"),url(../webfonts/fa-regular-400.ttf) format("truetype"),url(../webfonts/fa-regular-400.svg#fontawesome) format("svg")}.far{font-family:"Font Awesome 5 Pro";font-weight:400}

              Chrome Cache Entry: 89

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
              Category:dropped
              Size (bytes):24838
              Entropy (8bit):3.3356333300341996
              Encrypted:false
              SSDEEP:
              MD5:FD73A6EB26A08EE46E7FD3CC34E7F6BF
              SHA1:55BBACC4B53578835604E4954CF6BD414ACCB593
              SHA-256:9B2E9A38DA573B5451663EE16C1BAF6C0CE130E784851E71D967F9EF458E3B53
              SHA-512:8F24722B10DDE13FBD8EB94D512AF8993FEC537D024A9A56AA2CF10E92BDB283DB724428ADA581956802ECF1D893278763C1F67310F6E07EF4F72893EB9A6743
              Malicious:false
              Reputation:unknown
              Preview:............ .h...F......... ......... .... .....6...@@.... .(B......(....... ..... ........................."""J"""."""."""."""."""."""."""."""."""."""."""."""."""."""."""J""".""".""".""".""".""".""".""".""".""".""".""".""".""".""".""".""".""".""".&&#...J...I...D..,%..,%...D...I...I.&&#.""".""".""".""".""".""".XO2.tg:.""".A<+...L...L.A<+.""".tg:.XO2.""".""".""".""".""".""".^U4.f\6.""".-+%...M...K.,+%.""".f\6.^U4.""".""".""".""".""".""".F@,...H..q=...P...P...P...P..q=...I.D?,.""".""".""".""".+)$...B...J..R..v?..s>."""."""..s>..u>..S...J...B.+)$."""."""...I.F@,."""...C...L.0.&..W..W.0.&...N...C.""".F@,...I."""."""...K.""".""".i_7...H.HB-...a...a.HB-...J.i_7."""."""...K.""".""".f\6...H.IC-...I...E.@;+.i_7.j_7.@;+...F...J.IC-...H.f\6.""".""".""".30'..{@..V...K..T..}A..}A..T...K..V..y@.30'.""".""".""".""".""".UM1.sg9.""".\S3...I...I.\S3.""".tg:.UM1.""".""".""".""".""".""".bX5.e[6."""."""...K...K.""".""".e[6.bX5.""".""".""".""".""".""".>:*...H.GB-...E.od8.od8...E.GB-...H.>:*.""".""

              Chrome Cache Entry: 92

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (344)
              Category:downloaded
              Size (bytes):58026
              Entropy (8bit):4.492700893618266
              Encrypted:false
              SSDEEP:
              MD5:A8CC955D1E6DE87D21DD1C8CF04B8D7A
              SHA1:C50539FD176B2FE8DEA3EDD4774EDD781113808E
              SHA-256:05E4EA3D281C5EC03EAAA267598356B0A5BAB66C568888422A1064B3587AF2CB
              SHA-512:F070D97E729FF8B7C8EE5DF66BAC96F37C1CC94332A8D8666126FB829A9B0AD49238939A9EAB828EB70966903DF00068E6E3882C5BE81EA7C35BF00FEABAE4DC
              Malicious:false
              Reputation:unknown
              URL:https://10.us-2.isolation.mimecastprotect.com/script/3rd_party/Decoder.js
              Preview:// universal module definition.(function (root, factory) {. if (typeof define === 'function' && define.amd) {. // AMD. Register as an anonymous module.. define([], factory);. } else if (typeof exports === 'object') {. // Node. Does not work with strict CommonJS, but. // only CommonJS-like environments that support module.exports,. // like Node.. module.exports = factory();. } else {. // Browser globals (root is window). root.Decoder = factory();. }.}(this, function () {. . var global;. . function initglobal(){. global = this;. if (!global){. if (typeof window != "undefined"){. global = window;. }else if (typeof self != "undefined"){. global = self;. };. };. };. initglobal();. . . function error(message) {. console.error(message);. console.trace();. };.. . function assert(condition, message) {. if (!condition) {. error(message);. };. };. . . . . va

              Chrome Cache Entry: 93

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:PNG image data, 254 x 120, 8-bit/color RGBA, non-interlaced
              Category:downloaded
              Size (bytes):4228
              Entropy (8bit):7.468692581181979
              Encrypted:false
              SSDEEP:
              MD5:EB9048F8FBF87B993E77B0AB95DAAA60
              SHA1:38B9F52981F1E3E7C0AA3F9C0773D971D28218BC
              SHA-256:35175BBAB647CEC8479F295A98978D170CD7B62E5FD3F7B64DEFAE81B517B16A
              SHA-512:4C4E50D85B3A1F21674CF080DBD3227FBEECA50B1C6B113E1767E8D6AECF666BE65CBC7A86E17C8E9A72A24AFE335C3EB70C392278E31171D90603AD42FC7E3C
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/mimecast-bi-web-portal/resources/images/mimecast-logo.png
              Preview:.PNG........IHDR.......x.......O.....pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmp:CreateDate="2021-10-29T15:56:24+01:00" xmp:ModifyDate="2021-11-02T15:28:31Z" xmp:MetadataDate="2021-11-02T15:28:31Z" dc:format="image/png" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:e59b0272-9f84-d042-b610-49114ee72bcc" xmpMM:DocumentID="xmp.did:0289126f-2158-4f47-aeef-18573cdfc66d" xmpMM:OriginalDocumentID

              Chrome Cache Entry: 95

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:HTML document, ASCII text, with CRLF line terminators
              Category:downloaded
              Size (bytes):571
              Entropy (8bit):4.767305462869379
              Encrypted:false
              SSDEEP:
              MD5:4CAD18786636965B2B1480D90EFCC224
              SHA1:1E77C2EDF0CE134128EB165BC764D7F49CCF6061
              SHA-256:22ADA793F9F0B7AB9B7B0CF9A96C1385A6BDCC9E8F8463BCC49BA48A0CACC9F2
              SHA-512:DD909849B6431F92CF76700E22099D57ACFC3104C41FCA9D113EF1291FDC0648F1F78DFB0612D05A910A0C332B6F3CACE5A3480F9170464F61614A7009C98588
              Malicious:false
              Reputation:unknown
              URL:https://10.us-2.isolation.mimecastprotect.com/bi/v1/
              Preview:<html>..<head><title>404 Not Found</title></head>..<body bgcolor="white">..<center><h1>404 Not Found</h1></center>..<hr><center>nginx/1.14.1</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..

              Chrome Cache Entry: 96

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:Web Open Font Format (Version 2), TrueType, length 117616, version 329.31064
              Category:downloaded
              Size (bytes):117616
              Entropy (8bit):7.998150166898021
              Encrypted:true
              SSDEEP:
              MD5:00D3012700332144CE43A62A3B7EC4F1
              SHA1:49524191161F278C89E03476289F9C2E3415375D
              SHA-256:47C58E41E2F38D9813C39B6641C96E12408522BF774779CB58973F67303875A7
              SHA-512:1012775723FAAD50FEADD45F961CB5F88217FFF42A43EB94644D66C04CAF06BDBCC2D196A8D24F261B5031EE6435394799FAF6653D6EC639C3008197B8C3D5C3
              Malicious:false
              Reputation:unknown
              URL:https://security-us.mimecast.com/common/default/resources/mimecast-app-common/assets/webfonts/fa-solid-900.woff2
              Preview:wOF2.......p.......4.....IyX....................?FFTM....`........$..c.6.$..\..`.. ......<[......$.r...j...{2.M.-{bY.ewA.}.!...<.u......_.,dL...OB..R+.:...V.v...x.p.......JhC).C\..6.}2r8v........9.....-.6Ex.p.....s...gs.....@.#"#"#".!.c..L.A....3DH...W.h.Mtl.L.0..=...1oC...\....L..l)....../r.M[..!6rU....k...={x.'.......0A....Z...}/....w'r..\N.r..A.l.d$...y7.$.[.m...|."-....$[.........!.j/....p..[Lz....t.Uh.'....L...nt=.R...WoI....K.H<..?4#...e..Px..U.qQw..!....V(W...t...."/P...Y&j.Q.9.~...V..~..5.XT..3..~.Y...."...3.C.n+.1o(h.f.....O..t......YU..[.,...g.0.pZ8J.....M..}...=J.7..Nh.9.!...l.`.*......{P.0......0...~..N....D".........r^.h.$B..$.h..h.N.q..6.v...........b.B&UJ"../.l-...0.........XBK.@.......N......*..GfJb.Xwn...u.........k..0.6j....a2.."`.`.6....*.o..F.....o.~20.C4u........a..\.6h...U).......c~....d...........m.U...|a.#...UH...._...*ao....$d#.......RI.&....z.Y..=..a......m.}..|.s.x...7.*.|..o..4..&........n.-.{.f.{.i;..V.............

              Chrome Cache Entry: 97

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines (1572)
              Category:downloaded
              Size (bytes):16791
              Entropy (8bit):5.341211169175881
              Encrypted:false
              SSDEEP:
              MD5:85797B9763526C7B157F499EBE2044A5
              SHA1:E832FDCF940D9BFB2763982C37BF43D83495EA9F
              SHA-256:3FF27E82D78A471905EDF58F54D412011E0F3B07CB596B50D425151E7DF84404
              SHA-512:5F484D35AE3FE1781CAB0BA6502B75C00733494A6DF599500FB5360887B5B5EB72DA69C50FB7F41C95B089BF1DE47B91AD93259114D13FE3831B87A21F31CDDB
              Malicious:false
              Reputation:unknown
              URL:"https://fonts.googleapis.com/css?family=Open+Sans:400,600,700"
              Preview:/* cyrillic-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Open Sans';. font-style: normal;

              Static File Info

              No static file info