Edit tour

Windows Analysis Report
https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/

Overview

General Information

Sample URL:	https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/
Analysis ID:	1522628
Infos:

Detection

HTMLPhisher

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish29

AI detected landing page (webpage, office document or email)

Phishing site or detected (based on various text indicators)

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6340 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7024 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1852,i,15151632708212088530,3997094878592568359,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6652 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_96	JoeSecurity_HtmlPhish_29	Yara detected HtmlPhish_29	Joe Security
dropped/chromecache_117	JoeSecurity_HtmlPhish_29	Yara detected HtmlPhish_29	Joe Security

HTML

Source	Rule	Description	Author	Strings
8.11..script.csv	JoeSecurity_HtmlPhish_29	Yara detected HtmlPhish_29	Joe Security
9.12..script.csv	JoeSecurity_HtmlPhish_29	Yara detected HtmlPhish_29	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected HtmlPhish29

Source: Yara match	File source: 8.11..script.csv, type: HTML
Source: Yara match	File source: 9.12..script.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_96, type: DROPPED
Source: Yara match	File source: dropped/chromecache_117, type: DROPPED

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 2.6	OCR Text: M ETALPACK sri. SHARED A DOCUMENT WITH YOU PDF CLICK HERE TO VIEW YOUR DOCUMENT METALPACK sri. This document has been scanned for viruses by Norton'" AntiVirus Security Standard Software 2024 by
Source: Chrome DOM: 2.7	OCR Text: METALPACK sri. SHARED A DOCUMENT WITH YOU * *Pages 2 PDF CLICK HERE TO VIEW YOUR DOCUMENT METALPACK sri. This document has been scanned for viruses by Norton'V AntiVirus Security Standard Software 2024 by

Source: https://app.pipefy.com/public/form/41kuSg4l

HTTP Parser: Base64 decoded: sv=o365_1_one&rand=NmtDeFk=&uid=USER18092024U19091835

Source: https://app.pipefy.com/public/form/41kuSg4l	HTTP Parser: No favicon
Source: https://app.pipefy.com/public/form/41kuSg4l	HTTP Parser: No favicon
Source: https://app.pipefy.com/public/form/41kuSg4l	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:54227 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:54232 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:54237 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:54305 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: fshjjfetalpacksrlfggghhgfgj.taplink.ws
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: mc.yandex.ru
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: taplink.st
Source: global traffic	DNS traffic detected: DNS query: app.pipefy.com
Source: global traffic	DNS traffic detected: DNS query: pipestyle.staticpipefy.com
Source: global traffic	DNS traffic detected: DNS query: pipeui.staticpipefy.com
Source: global traffic	DNS traffic detected: DNS query: assets.staticpipefy.com
Source: global traffic	DNS traffic detected: DNS query: ws-mt1.pusher.com
Source: global traffic	DNS traffic detected: DNS query: sockjs.pusher.com
Source: global traffic	DNS traffic detected: DNS query: js.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: api-js.mixpanel.com
Source: global traffic	DNS traffic detected: DNS query: app-location.pipefy.com
Source: global traffic	DNS traffic detected: DNS query: newassets.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: api2.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: apm.pipefy.com
Source: global traffic	DNS traffic detected: DNS query: dianemccabe.com

Source: unknown	Network traffic detected: HTTP traffic on port 54282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54304 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54309
Source: unknown	Network traffic detected: HTTP traffic on port 54287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54308
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54307
Source: unknown	Network traffic detected: HTTP traffic on port 54258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54302
Source: unknown	Network traffic detected: HTTP traffic on port 54293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54301
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54300
Source: unknown	Network traffic detected: HTTP traffic on port 54241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54306
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54305
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54304
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54303
Source: unknown	Network traffic detected: HTTP traffic on port 54315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54319
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54318
Source: unknown	Network traffic detected: HTTP traffic on port 54259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54312
Source: unknown	Network traffic detected: HTTP traffic on port 54242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54311
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54317
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54315
Source: unknown	Network traffic detected: HTTP traffic on port 54200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54314
Source: unknown	Network traffic detected: HTTP traffic on port 54316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54320
Source: unknown	Network traffic detected: HTTP traffic on port 54275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54209
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54208
Source: unknown	Network traffic detected: HTTP traffic on port 54264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54324
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54323
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54201
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54200
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54325
Source: unknown	Network traffic detected: HTTP traffic on port 54310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54225 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54210
Source: unknown	Network traffic detected: HTTP traffic on port 54270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54299
Source: unknown	Network traffic detected: HTTP traffic on port 54240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54223 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54297 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54199
Source: unknown	Network traffic detected: HTTP traffic on port 54269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54312 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54238 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54258
Source: unknown	Network traffic detected: HTTP traffic on port 54244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54255
Source: unknown	Network traffic detected: HTTP traffic on port 54221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54260
Source: unknown	Network traffic detected: HTTP traffic on port 54296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54262
Source: unknown	Network traffic detected: HTTP traffic on port 54273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54272
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54271
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54270
Source: unknown	Network traffic detected: HTTP traffic on port 54227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54273
Source: unknown	Network traffic detected: HTTP traffic on port 54255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54261 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54279
Source: unknown	Network traffic detected: HTTP traffic on port 54278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54282
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54287
Source: unknown	Network traffic detected: HTTP traffic on port 54245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54286
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54285
Source: unknown	Network traffic detected: HTTP traffic on port 54302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54239 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54289
Source: unknown	Network traffic detected: HTTP traffic on port 54208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54288
Source: unknown	Network traffic detected: HTTP traffic on port 54222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54294
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54293
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54292
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54291
Source: unknown	Network traffic detected: HTTP traffic on port 54295 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54298
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54297
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54295
Source: unknown	Network traffic detected: HTTP traffic on port 54267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54290
Source: unknown	Network traffic detected: HTTP traffic on port 54307 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54324 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54219
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54214
Source: unknown	Network traffic detected: HTTP traffic on port 54314 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54213
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54212
Source: unknown	Network traffic detected: HTTP traffic on port 54205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54218
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54217
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54221
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54220
Source: unknown	Network traffic detected: HTTP traffic on port 54277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54308 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54237 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54225
Source: unknown	Network traffic detected: HTTP traffic on port 54220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54224
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54223
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54222
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54227
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54226
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54232
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54230
Source: unknown	Network traffic detected: HTTP traffic on port 54272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54235
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54233
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54239
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54237
Source: unknown	Network traffic detected: HTTP traffic on port 54226 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54243
Source: unknown	Network traffic detected: HTTP traffic on port 54271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54242
Source: unknown	Network traffic detected: HTTP traffic on port 54294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54241
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54240
Source: unknown	Network traffic detected: HTTP traffic on port 54210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54260 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54247
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54246
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54245
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54244
Source: unknown	Network traffic detected: HTTP traffic on port 54204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54250
Source: unknown	Network traffic detected: HTTP traffic on port 54299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54254
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54251
Source: unknown	Network traffic detected: HTTP traffic on port 54303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54215 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:54227 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:54232 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:54237 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:54305 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@19/46@68/210

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1852,i,15151632708212088530,3997094878592568359,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1852,i,15151632708212088530,3997094878592568359,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/	LLM: Page contains button: 'VIEW DOCUMENT HERE' Source: '0.1.pages.csv'
Source: https://app.pipefy.com/public/form/41kuSg4l	LLM: Page contains button: 'CLICK HERE TO VIEW YOUR DOCUMENT' Source: '2.4.pages.csv'

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/	1%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
taplink.me	0%	Virustotal	Browse
fshjjfetalpacksrlfggghhgfgj.taplink.ws	1%	Virustotal	Browse
mc.yandex.ru	0%	Virustotal	Browse
a.nel.cloudflare.com	0%	Virustotal	Browse
app.pipefy.com	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse
taplink.st	0%	Virustotal	Browse
pipeui.staticpipefy.com	0%	Virustotal	Browse
pipestyle.staticpipefy.com	0%	Virustotal	Browse
js.hcaptcha.com	0%	Virustotal	Browse
assets.staticpipefy.com	0%	Virustotal	Browse
sockjs.pusher.com	0%	Virustotal	Browse
newassets.hcaptcha.com	0%	Virustotal	Browse
api-js.mixpanel.com	0%	Virustotal	Browse
ws-mt1.pusher.com	0%	Virustotal	Browse
socket-mt1-ingress-1987402783.us-east-1.elb.amazonaws.com	0%	Virustotal	Browse
ingress-sticky-haproxy-mt1-912d8b7308f82d6c.elb.us-east-1.amazonaws.com	0%	Virustotal	Browse

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
pipeui.staticpipefy.com	104.16.117.75	true	false	0%, Virustotal, Browse	unknown
mc.yandex.ru	93.158.134.119	true	false	0%, Virustotal, Browse	unknown
a.nel.cloudflare.com	35.190.80.1	true	false	0%, Virustotal, Browse	unknown
api-js.mixpanel.com	130.211.34.183	true	false	0%, Virustotal, Browse	unknown
app.pipefy.com	104.19.147.54	true	false	0%, Virustotal, Browse	unknown
socket-mt1-ingress-1987402783.us-east-1.elb.amazonaws.com	44.197.17.102	true	false	0%, Virustotal, Browse	unknown
taplink.me	104.21.46.216	true	false	0%, Virustotal, Browse	unknown
pipestyle.staticpipefy.com	104.16.117.75	true	false	0%, Virustotal, Browse	unknown
dianemccabe.com	217.115.114.114	true	false		unknown
taplink.st	104.26.2.150	true	false	0%, Virustotal, Browse	unknown
js.hcaptcha.com	104.19.230.21	true	false	0%, Virustotal, Browse	unknown
apm.pipefy.com	141.148.95.24	true	false		unknown
www.google.com	142.250.186.36	true	false	0%, Virustotal, Browse	unknown
api2.hcaptcha.com	104.19.230.21	true	false		unknown
app-location.pipefy.com	104.19.147.54	true	false		unknown
newassets.hcaptcha.com	104.19.229.21	true	false	0%, Virustotal, Browse	unknown
assets.staticpipefy.com	104.16.117.75	true	false	0%, Virustotal, Browse	unknown
ingress-sticky-haproxy-mt1-912d8b7308f82d6c.elb.us-east-1.amazonaws.com	44.217.82.191	true	false	0%, Virustotal, Browse	unknown
ws-mt1.pusher.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
sockjs.pusher.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
fshjjfetalpacksrlfggghhgfgj.taplink.ws	unknown	unknown	false	1%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Reputation
https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/	true	unknown
https://dianemccabe.com/n/?c3Y9bzM2NV8xX29uZSZyYW5kPU5tdERlRms9JnVpZD1VU0VSMTgwOTIwMjRVMTkwOTE4MzU=N0123N	false	unknown
https://app.pipefy.com/public/form/41kuSg4l	true	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.46	unknown	United States	15169	GOOGLEUS	false
130.211.34.183	api-js.mixpanel.com	United States	15169	GOOGLEUS	false
142.250.186.170	unknown	United States	15169	GOOGLEUS	false
142.250.74.206	unknown	United States	15169	GOOGLEUS	false
104.26.2.150	taplink.st	United States	13335	CLOUDFLARENETUS	false
141.148.95.24	apm.pipefy.com	Sweden	43894	ORCL-LON-OPC1GB	false
142.250.185.202	unknown	United States	15169	GOOGLEUS	false
107.178.240.159	unknown	United States	15169	GOOGLEUS	false
93.158.134.119	mc.yandex.ru	Russian Federation	13238	YANDEXRU	false
44.197.17.102	socket-mt1-ingress-1987402783.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
104.19.230.21	js.hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.19.147.54	app.pipefy.com	United States	13335	CLOUDFLARENETUS	false
142.250.74.195	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
142.250.186.36	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
216.58.206.67	unknown	United States	15169	GOOGLEUS	false
104.21.46.216	taplink.me	United States	13335	CLOUDFLARENETUS	false
104.16.117.75	pipeui.staticpipefy.com	United States	13335	CLOUDFLARENETUS	false
104.19.229.21	newassets.hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
77.88.21.119	unknown	Russian Federation	13238	YANDEXRU	false
44.217.82.191	ingress-sticky-haproxy-mt1-912d8b7308f82d6c.elb.us-east-1.amazonaws.com	United States	14618	AMAZON-AESUS	false
64.233.184.84	unknown	United States	15169	GOOGLEUS	false
217.115.114.114	dianemccabe.com	Ireland	30900	WEBWORLD-AStaWebWorldIrelandIE	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1522628
Start date and time:	2024-09-30 13:50:54 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.phis.win@19/46@68/210

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.163, 64.233.184.84, 142.250.186.46, 34.104.35.123
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information

LLM Input / Output

Input	Output
URL: https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/ Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/ Model: jbxai	{ "brand":["Adobe"], "contains_trigger_text":true, "trigger_text":"You have received 2 new documents from Ruggero Pillan", "prominent_button_name":"VIEW DOCUMENT HERE", "text_input_field_labels":"unknown", "pdf_icon_visible":true, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://app.pipefy.com/public/form/41kuSg4l Model: jbxai	{ "brand":["Norton"], "contains_trigger_text":true, "trigger_text":"CLICK HERE TO VIEW YOUR DOCUMENT", "prominent_button_name":"CLICK HERE TO VIEW YOUR DOCUMENT", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://app.pipefy.com/public/form/41kuSg4l Model: jbxai	{ "brand":["Norton"], "contains_trigger_text":true, "trigger_text":"CLICK HERE TO VIEW YOUR DOCUMENT", "prominent_button_name":"CLICK HERE TO VIEW YOUR DOCUMENT", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 10:51:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.979694147386354
Encrypted:	false
SSDEEP:
MD5:	9DE703C4F5609362247279A794397104
SHA1:	5B8707764F9845BFF4C99C960BB83BA775ACF4C8
SHA-256:	E0823AC5B75919140EB2E9AE9BE646D52180D0B6D48F079CDADD7B75BA66ABFB
SHA-512:	753867D22E58959A35C33B4E733333370464637D94427EAAED7FAFAE6410E15C6EBCC6A445A926E1C7E0DA8FCC24FBE52BF925B80B643CD1A4BD876A8A545C54
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......../...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yc^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ym^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ym^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ym^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yn^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........m.0......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 10:51:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.9929215083712184
Encrypted:	false
SSDEEP:
MD5:	0A7DB24FF3546EB3203B4533883028C6
SHA1:	C3081F26CC69F483CAC48E0435B8AA38F064A4F7
SHA-256:	2EA20799B264AC6570351D22E2B2B97DEED492C4A3DB778DB3ADE86CC063683C
SHA-512:	4487CF0816FB91C8C741281D6630DCCC713632A2DBB1D2C6E58F8284FAE640D046899EA0CED9C80F9543CB0EB600751F8DACEE6D0AA2EA94E94F6A801E789303
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....C.../...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yc^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ym^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ym^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ym^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yn^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........m.0......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.0057741633698765
Encrypted:	false
SSDEEP:
MD5:	4DF9E3F5A86A1AE55B21A9454349F355
SHA1:	0ABC459C81D1FCB9A7DF53A6CD362D92B4A38C76
SHA-256:	06D87F3A7DFBD45ECD9AEA4416567FE091F8F1BC8AB21F79DEC0364B54404320
SHA-512:	4A3C8F9B89226CA67187B6A5A23E5E34CE4C7A299ACFCDFF0A57B804CE805A99A37EEA0B5F7A3239F064F997BA8D4216AF2E249E922B20400AD7C886BF3E0C35
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yc^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ym^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ym^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ym^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........m.0......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 10:51:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.993655025106443
Encrypted:	false
SSDEEP:
MD5:	79CA9F07C5834AB3FEE3918033FE8763
SHA1:	9F1749C1C8653D0F8379325DDE3BA42AC67B563C
SHA-256:	8F19948FBC3DD670FD865C5AA91C7A038DAF74664E18DC55115721714EAC4BC0
SHA-512:	1CD9757334A36D80370CCCC45D0A1F7ECBFA2DABD6D0F2FF7BE27C87FB99064D600AF4DF329E70FA60CBE27FB23C95C2D5213BCC8551311BAC8D87EDB209C2CF
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....o../...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yc^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ym^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ym^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ym^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yn^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........m.0......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 10:51:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9818406644446336
Encrypted:	false
SSDEEP:
MD5:	474D2539FABF6487D145384A56D2FB28
SHA1:	27A13028A8EDEB183F79EB212E5A8CD1563C1770
SHA-256:	FFDC7F306887F09C4050888B78C63080149394EBBC386C16ED332DB3BC9C1618
SHA-512:	3281273E5F2C41B3252E1C468EDBAB293F062243A7B61DD6019C5DF789C6493E7CAB4BA00A547624E0329F8841B21EFAEEF4DBD05291859CB91BA14946757EAD
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......../...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yc^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ym^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ym^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ym^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yn^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........m.0......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Sep 30 10:51:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9916316589944296
Encrypted:	false
SSDEEP:
MD5:	27F9E3C9F9257C111D304E2F64EF7D53
SHA1:	8E1F84DB2C53BD33C1295F6E73C97040E590FE48
SHA-256:	501FC951514903C0C3607120C1B31EC4FFAEA4FCB0EC24D29E0E264C47BB459C
SHA-512:	5B03C41C512E13935ABF17CBE1D06E9356668EE83CAB8866434BE436816972AA6E757E911A10366EBFE751B35413D3A7DEC601FE16BB97901CDE57088D886C13
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....J.../...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yc^....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ym^....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ym^....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ym^..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yn^...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........m.0......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (64024)
Category:	downloaded
Size (bytes):	64076
Entropy (8bit):	5.168837928877373
Encrypted:	false
SSDEEP:
MD5:	EEA9BCC48AF6022049AC7AC3D123E476
SHA1:	0E1D337DB21F28673F9B9600AAEF4969AB381E26
SHA-256:	5068DC0C8CAC19B85816E6F88EA7912CE447692EAE6CF2917D673EAC527C2D22
SHA-512:	CD9E0D4021F6635FB79C939F4D80482A3E1DE10F3528EFC4DDD9BE55A68044473720C15050393647B7AE987CAE7287DFB7A08F781DD3DAD4BD95E4ADB0837371
Malicious:	false
Reputation:	unknown
URL:	https://pipeui.staticpipefy.com/scripts/elastic-apm-rum-v5-16-1.umd.min.js
Preview:	!function(){var t={816:function(t,e,n){var r,i,a;!function(o,s){"use strict";i=[n(170)],void 0===(a="function"==typeof(r=function(t){var e=/(^\|@)\S+\:\d+/,n=/^\sat .(\S+\:\d+\|$native$)/m,r=/^(eval@)?(\[native code\])?$/;function i(t,e,n){if("function"==typeof Array.prototype.map)return t.map(e,n);for(var r=new Array(t.length),i=0;i<t.length;i++)r[i]=e.call(n,t[i]);return r}function a(t,e,n){if("function"==typeof Array.prototype.filter)return t.filter(e,n);for(var r=[],i=0;i<t.length;i++)e.call(n,t[i])&&r.push(t[i]);return r}return{parse:function(t){if(void 0!==t.stacktrace\|\|void 0!==t["opera#sourceloc"])return this.parseOpera(t);if(t.stack&&t.stack.match(n))return this.parseV8OrIE(t);if(t.stack)return this.parseFFOrSafari(t);throw new Error("Cannot parse given Error object")},extractLocation:function(t){if(-1===t.indexOf(":"))return[t];var e=/(.+?)(?:\:(\d+))?(?:\:(\d+))?$/.exec(t.replace(/[]/g,""));return[e[1],e[2]\|\|void 0,e[3]\|\|void 0]},parseV8OrIE:function(e){return i(a(e.st

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (5693)
Category:	downloaded
Size (bytes):	7856
Entropy (8bit):	5.130245560154868
Encrypted:	false
SSDEEP:
MD5:	5499435384295E7165D7DAAD7355BEEE
SHA1:	2F025E8308B85A5AC908A791CBAA0A78E4F3150E
SHA-256:	0AEBB709F4E17C8617DF1E3A2B57DF7DC2E4D1B2D292C6029408BC0A4C4787A0
SHA-512:	7AECEA1B624C2E9F751BB9F85015F82A884690BB0818FE1243CF2499B259125AB8C0AF5B9DA09C77EF8525D33D8FA8B6D62957ACE1C57BD9EC5B19DA20797CD1
Malicious:	false
Reputation:	unknown
URL:	https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/s/js/locales.pages.en.js?1.2.8844
Preview:	/* 1.2.8837 */.window.$app.defineLanguage("en",0,{"..":"Sun","..":"Tue","..":"Yes","..":"Mon","..":"Fri","..":"Sat","..":"Wed","..":"Thu","..":"out of",Email:"Email","...":"pcs.","...":"Days","...":"Name","...":"Code","...":"May","...":"No","...":"Full name","....":"July","....":"June","....":"March","....":"File","....":"Hours","....":"Language",".....":"Address",".....":"Sign in",".....":"Radio button",".....":"Logout",".....":"City",".....":"Total",".....":"Answer",".....":"Rate plan",".....":"Files",".....":"Number","......":"August","......":"April","......":"Question","......":"Zip code","......":"Buy","......":"Minutes","......":"November","......":"Discard","......":"Password","......":"Discount","......":"Status","......":"Country","......":"Products","......":"January",". .....

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16680)
Category:	dropped
Size (bytes):	3506024
Entropy (8bit):	5.593782558439614
Encrypted:	false
SSDEEP:
MD5:	31D57BE9B2305D0D8C8CB6CDBBF2AE12
SHA1:	B52E1ED5B23B5ADE16AEB24708287B891B2835B8
SHA-256:	63202E42AB7D303F2F19EB1661B4A0897DB9C2435CC154F439B5596430541676
SHA-512:	0F62F01E947584A8657F2D27D191BF88D8C81847908342D36F6B835FE9D8F3130A910330650374105C80C5B284BFA62184EB27EBCD386A6B4A374202F1ED4080
Malicious:	false
Reputation:	unknown
Preview:	/!For license information please see 8.93848e74.chunk.js.LICENSE.txt/(this["webpackJsonp@pipefyteam/pipeui"]=this["webpackJsonp@pipefyteam/pipeui"]\|\|[]).push([[8],Array(354).concat([function(e,t,n){"use strict";n.d(t,"c",(function(){return o})),n.d(t,"a",(function(){return i})),n.d(t,"b",(function(){return a}));var r=n(0);function o(e,t,n){let[o,i]=(0,r.useState)(e\|\|t),a=(0,r.useRef)(void 0!==e),s=void 0!==e;(0,r.useEffect)((()=>{let e=a.current;e!==s&&console.warn(`WARN: A component changed from ${e?"controlled":"uncontrolled"} to ${s?"controlled":"uncontrolled"}.`),a.current=s}),[s]);let c=s?e:o,l=(0,r.useCallback)(((e,...t)=>{let r=(e,...t)=>{n&&(Object.is(c,e)\|\|n(e,...t)),s\|\|(c=e)};if("function"===typeof e){console.warn("We can not support a function callback. See Github Issues for details https://github.com/adobe/react-spectrum/issues/2320"),i(((n,...o)=>{let i=e(s?c:n,...o);return r(i,...t),s?n:i}))}else s\|\|i(e),r(e,...t)}),[s,c,n]);return[c,l]}function i(e,t=-1/0,n=1/0){return

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Category:	downloaded
Size (bytes):	704321
Entropy (8bit):	5.431939160707167
Encrypted:	false
SSDEEP:
MD5:	EE359F878C71CF7EC79DD220824C8710
SHA1:	EC1637C150AFDBE4B77A93357EE84D8DCF583333
SHA-256:	6936A0051F6C21CB3E560F4628619A80B6C6DCF16C0AEEDF45D14B8A4B323EB5
SHA-512:	9160DB38FEDFBF3FDECEAE1D9371C7A7E1102B86E0C96BA87203BF0B5D1094FFB4EEB557C8582F6A42F083AA1DDF05AC002ABAE2585C9A631FE74C545E30D3F7
Malicious:	false
Reputation:	unknown
URL:	https://newassets.hcaptcha.com/c/c2e3bd8c1a9aac93490fb6f6645657b5466b5b928b1bcf2109a7a9e1f21e35be/hsw.js
Preview:	var hsw=function vRZR(){"use strict";function A(A,Q,B){return Q<=A&&A<=B}function Q(A){if(void 0===A)return{};if(A===Object(A))return A;throw TypeError("Could not convert argument to dictionary")}var B=function(A){return A>=0&&A<=127},E=-1;function I(A){this.tokens=[].slice.call(A),this.tokens.reverse()}I.prototype={endOfStream:function(){return!this.tokens.length},read:function(){return this.tokens.length?this.tokens.pop():E},prepend:function(A){if(Array.isArray(A))for(var Q=A;Q.length;)this.tokens.push(Q.pop());else this.tokens.push(A)},push:function(A){if(Array.isArray(A))for(var Q=A;Q.length;)this.tokens.unshift(Q.shift());else this.tokens.unshift(A)}};var C=-1;function g(A,Q){if(A)throw TypeError("Decoder error");return Q\|\|65533}function D(A){return A=String(A).trim().toLowerCase(),Object.prototype.hasOwnProperty.call(w,A)?w[A]:null}var w={};[{encodings:[{labels:["unicode-1-1-utf-8","utf-8","utf8"],name:"UTF-8"}],heading:"The Encoding"}].forEach((function(A){A.encodings.forEach((f

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 389 x 260, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	59549
Entropy (8bit):	7.986555864837579
Encrypted:	false
SSDEEP:
MD5:	44431B7D4E90C3B60DD89FBE36DB0CE8
SHA1:	D9B859551C4ED4296D21203843607805F26DD75C
SHA-256:	903F9A6A4B2BA9F986D55FDFB37F5A29DB124BD0458F97A388E1A0559C7B8268
SHA-512:	E03070D62540D9929D46697336421027EB84BF3042B2E627170D0572AC1CFFC18E422FD5A784C9F623080ED7B1590E0CBF17F112D4CFE89E06661E310E66C6C6
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............(5....sRGB....... .IDATx^...\Uv-..."".....BB..h@....+a...........}.u...]...@B#h@.M..SJ......3.HQ....Y..OE.{2N.....^..3.....}....>.-...zE...PU....O.$.......0...X..\|...@.1.G.;.(.`.>."=..O..m._..o..K,.(m..H0(,z....B..t..S......V.<M....y..o.../.^?...?...........o}Tx.3....^..a.>4[1.. ..`..AYV..S..S..l....E"......t....[f.kj.5......9..H...c...#.5..4./..7.....*S..J...`.....A..?..L.2L.rLM.cH.#..{..2..S.,>}I....>..."...?.........G.J..(.7...4Na.......O.3c.@...(S(...e.QUt..KD....w.A0......a.`_o.&..I...n%=.9....l.....c.h`P.@I.Bi1..q.E%.\|....Y..N..N.N+E......wg.....l......4.&G..'.. F....(.Q_2...)..t..La..6.%...'.....;.MNA2..eAN!..5.wF]a$..8..g.n;]./....`.a.p.'..\.$8.qY...f..O.M....w..l..P. .......LQ.)..2.4M0..0....b()AJ.@m7=.3..)%.....9a...r..;...+.........Q...&S..}m..7V2....c...S.z.P...O..\|Q....D.@....viB...O....)...r?...~..f..........S..e....;.AQ...+....C+O}..`%.........x........D./.X...P>D...C.l8.......h.......>R[.....r.r ..P.c.

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	251
Entropy (8bit):	4.894393907556514
Encrypted:	false
SSDEEP:
MD5:	75783A03B9CB78E8D5DE45EB4A9A7A1C
SHA1:	F6B9EBE7918A1E0876630CDD377D2FD1D1605235
SHA-256:	50499BC837766A35BBE8B02625933747150A611BA5996E532F1EC32E48123CA1
SHA-512:	D4DA33682A144BE7B544536A505545E4F2892E46CFD9D7E139645C5F021A1C41A4A22B2786387A9D16D72DFE3D11CC881CAEF3449018809A879FFE5BCE39C95F
Malicious:	false
Reputation:	unknown
URL:	https://app-location.pipefy.com/json/?callback=sendBack
Preview:	sendBack({"ip":"8.46.123.33","country_code":"US","country_name":"United States","region_code":"NY","region_name":"New York","city":"New York","zip_code":"10118","time_zone":"America/New_York","latitude":40.7123,"longitude":-74.0068,"metro_code":501});

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (41625)
Category:	downloaded
Size (bytes):	150357
Entropy (8bit):	5.405136612865824
Encrypted:	false
SSDEEP:
MD5:	F1E1655DC1B6CBDB0354D29980882BB0
SHA1:	F433EF04877CD65555FD9CF56A2A3CD826B00199
SHA-256:	9034A1AD067DA69459A1BAAC888CFDD2C9320148F2546CEC38FFD0DD3347CE5F
SHA-512:	FF0F0E8E41A5D856CCC7FAADC7BD835394538C0B01F62571F38266D12522025FC0FCC611EC5172C327CC950DE1B1099DACC14EBBBE99EBA46D10B939746B0933
Malicious:	false
Reputation:	unknown
URL:	https://js.hcaptcha.com/1/api.js?render=explicit&onload=hcaptchaOnLoad
Preview:	/* https://hcaptcha.com/license */.!function(){"use strict";function e(e){var t=this.constructor;return this.then((function(n){return t.resolve(e()).then((function(){return n}))}),(function(n){return t.resolve(e()).then((function(){return t.reject(n)}))}))}function t(e){return new this((function(t,n){if(!e\|\|"undefined"==typeof e.length)return n(new TypeError(typeof e+" "+e+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var r=Array.prototype.slice.call(e);if(0===r.length)return t([]);var i=r.length;function o(e,n){if(n&&("object"==typeof n\|\|"function"==typeof n)){var a=n.then;if("function"==typeof a)return void a.call(n,(function(t){o(e,t)}),(function(n){r[e]={status:"rejected",reason:n},0==--i&&t(r)}))}r[e]={status:"fulfilled",value:n},0==--i&&t(r)}for(var a=0;a<r.length;a++)o(a,r[a])}))}var n=setTimeout,r="undefined"!=typeof setImmediate?setImmediate:null;function i(e){return Boolean(e&&"undefined"!=typeof e.length)}function o(){}function a(e){if(!(this instanceof

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Category:	downloaded
Size (bytes):	48444
Entropy (8bit):	7.995593685409469
Encrypted:	true
SSDEEP:
MD5:	8E433C0592F77BEB6DC527D7B90BE120
SHA1:	D7402416753AE1BB4CBD4B10D33A0C10517838BD
SHA-256:	F052EE44C3728DFD23ABA8A4567150BC314D23903026FBB6AD089422C2DF56AF
SHA-512:	5E90F48B923BB95AEB49691D03DADE8825C119B2FA28977EA170C41548900F4E0165E2869F97C7A9380D7FF8FF331A1DA855500E5F7B0DFD2B9ABD77A386BBF3
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Preview:	wOF2.......<.......l..............................`...\..p?HVAR.m?MVAR^.`?STAT.N'&..>/l........>....0....6.$.... ........[..A.2v.6......$..e...w"../.L.p:......Tpc..8@.[5......d#d.xw..o.O3-.....%..>...%..)~p.K.J.H..S...s..z..Wa.. 0\..J.....BL;V..-.L...j....^.9..HO l..,..6.v....?....x.....m..;....a![zif...Ur...Q..P.&.I1..:n.p...j~..h...9.!....@.<.bl\|.Y?h..B.j/..rH.S%/~.^D...6..D.4G...y....Y.....=/o..W..5ryo.d?.gA]..?...1V..S......7ZJ...f....mBG[0eW....y..%B}..]? ...,sR<.y~.~.}.%.!..,X.....`...R..^....S.....u.?k.v.k..U.u..M..`!...b!..X)P...y{.........n..T+6...R......L...x}...g...].g"WT.b..h ....X...=;{w...QO.s..w..@.(,..........{.........1..@...(...\.......9..2.h9P.G........K.Dp...F..4W..ui.u...G...s..x7.?..tg..D..O.sA..t.t.4..~..e\...X.....T..kf.qfX..=^_....g"....De...x[J..A..).G.YUhR.....0.l..#&3.'.K.............$I.Pp.../.s.<@...r=..S......d..P.S.B.w.~X..ZK....h J.`A.bv,=.....>1.Ev.^..U.A. ....EU..].........dw..!$.A`..B.._.....Z~..!..J..l]r.m}m..

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5238), with no line terminators
Category:	downloaded
Size (bytes):	5238
Entropy (8bit):	4.77225253486669
Encrypted:	false
SSDEEP:
MD5:	988F1EEE304299F19631CA4ADA248754
SHA1:	D3D5FADCCC4372D7F72BA01834C580B8C65F9051
SHA-256:	DE33C1364C19F40616A47D966C245DED37FA42C18C19FA3DC2E3AA66C9FFCB0E
SHA-512:	1930E0457D5F3C2E79B3FD673C4CABA21B35CC26BDD7C8D41D2C0514C330894C6BA8BCB884B38C18316559D2BE7835F29BD48B0B18F29AD89CAC4634B07E28A4
Malicious:	false
Reputation:	unknown
URL:	https://pipeui.staticpipefy.com/versions/production/public-form/static/css/main.e70d9133.chunk.css
Preview:	@import "https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap";@import "https://assets.staticpipefy.com/fonts/new-order/NewOrder.css";.pp-bg-pipefy{background:#3b5bfd}.pp-bg-pipefy-scale-1{background:#627cfd}.pp-bg-pipefy-scale-2{background:#899dfe}.pp-bg-pipefy-scale-3{background:#b1bdfe}.pp-bg-pipefy-scale-4{background:#304cd0}.pp-bg-pipefy-scale-5{background:#243da3}.pp-bg-pipefy-scale-6{background:#192e77}.pp-color-pipefy{color:#3b5bfd}.pp-color-pipefy-scale-1{color:#627cfd}.pp-color-pipefy-scale-2{color:#899dfe}.pp-color-pipefy-scale-3{color:#b1bdfe}.pp-color-pipefy-scale-4{color:#304cd0}.pp-color-pipefy-scale-5{color:#243da3}.pp-color-pipefy-scale-6{color:#192e77}.pp-ico-color-pipefy:before{color:#3b5bfd}.pp-bg-ruby-red{background:#ec4a2c}.pp-bg-ruby-red-scale-1{background:#f06e56}.pp-bg-ruby-red-scale-2{background:#f49280}.pp-bg-ruby-red-scale-3{background:#f7b7ab}.pp-bg-ruby-red-scale-4{background:#bd3e29}.pp-bg-ruby-red-scale-5{background:#8

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	4057
Entropy (8bit):	4.742159197335882
Encrypted:	false
SSDEEP:
MD5:	1CF0EB7E85EA4D404F9FFA35718A9922
SHA1:	7482D4D2C883CF51113BDD53AAEA37766CA51A37
SHA-256:	1383C32837E4FDD35D6F6284F8E94EE8A426C3CD8D0BFEB48639D6532EBD7225
SHA-512:	572214B9F8EC3ADDF97E2402C7E090DD49D8C4F4071099DFAF088CB5B2C9820E6DB1E351053353B1276C7952627076E744A2F912951CD72105E9AFF297477A81
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang="en">.<head>.<meta charset="utf-8">.<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">.<meta name="viewport" content="width=device-width, initial-scale=1" />.<meta name="robots" content="noarchive">.<title>Page not found</title>.<link rel="preconnect" href="https://fonts.gstatic.com">.<link href="https://fonts.googleapis.com/css2?family=Inter:wght@100;400;500;600;700&display=swap" rel="stylesheet">.<link href="https://assets.staticpipefy.com/fonts/new-order/NewOrder-600.css" rel="stylesheet">.<link ref="preconnect" href="https://pipestyle.staticpipefy.com">.<link ref="preconnect" href="https://pipeui.staticpipefy.com">.<link ref="preconnect" href="https://app-storage-service.pipefy.com">.<link ref="preconnect" href="https://assets.staticpipefy.com">.<style>. * {. -webkit-font-smoothing: antialiased;. padding: 0;. margin: 0;. box-sizing: border-box;. font-family: Inter, sans-serif;. }.. .pp-error-pa

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	2167959
Entropy (8bit):	5.248611151471556
Encrypted:	false
SSDEEP:
MD5:	3FF71A8F9FC2E86F2D9ACF408A8746A2
SHA1:	85C0AA581C742C4F24CB636BB77DEF1E56E4639A
SHA-256:	88AFD069F199AA777621D3D559B501C3434645246CB928483C38270525349448
SHA-512:	8D3433718F03F0942A6549380DAA4635278FB3572BF4ECAA8FAD82174D7EFC2F7EE1A4DEED7EA4D6CFADF649ABD50D9849B61AA560FCF65D8D333A7FD309E94B
Malicious:	false
Reputation:	unknown
URL:	https://assets.staticpipefy.com/v2.60.5/assets/v3/app-core-fcc75ea6c0a38db25354f23b6ab869390c7f4d3d462af5b660d4d17f3cf72022.js
Preview:	function sleepFor(e){return new Promise((t=>setTimeout(t,e)))}async function initPipeUIForm(e,t){let a=0;for(;void 0===window.PipeUI;){if(a>MAX_PUBLIC_FORM_INIT_RETRIES)return void console.error(new Error("PipeUI not found."));console.log(`waiting for PipeUI... (${a++})`),await sleepFor(1e3)}window.PipeUI.initPublicForm(e,t)}function initGlobalModalContainer(e,t){return new Promise((a=>{window.PipeUI.initGlobalModalContainer(e,t),a()}))}!function(e,t){"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,(function(e,t){function a(e){var t=!!e&&"length"in e&&e.length,a=me.type(e);return"function"!==a&&!me.isWindow(e)&&("array"===a\|\|0===t\|\|"number"==typeof t&&t>0&&t-1 in e)}function o(e,t,a){if(me.isFunction(t))return me.grep(e,(function(e,o){return!!t.call(e,o,e)!==a}));if(t.nodeType)return me.grep(e,(functi

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1450
Entropy (8bit):	4.697652926809547
Encrypted:	false
SSDEEP:
MD5:	BB441D35AC2F847A76529CB0D45AAEF5
SHA1:	83BEBF3E34409A081B990185FCDDF1E846C03160
SHA-256:	FE79E92295B76558A0B772B3E150D1EA011740A5F2275CE1B72556287DC4F0C1
SHA-512:	9147A444861069691E956431D58FE5FF6AE3CBBEFBADFBF106D8EEEC15468380581718D4DCA7DBB32DA91DE6886794EBE3F5F661937831CE97FBAF2BC6C4F232
Malicious:	false
Reputation:	unknown
URL:	https://pipestyle.staticpipefy.com/default/images/logo-white.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 216 73" enable-background="new 0 0 216 73"><defs><filter id="a" filterUnits="userSpaceOnUse" x="0" y="0" width="215.1" height="73"><feColorMatrix values="1 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0"/></filter></defs><mask maskUnits="userSpaceOnUse" x="0" y="0" width="215.1" height="73" id="b"><path d="M0 0h215.1v73H0V0z" fill="#fff" filter="url(#a)"/></mask><path d="M96.5 41.7c-1 4.3-4.3 7.7-8.7 8.7-6.3 1.5-12.5-2.5-14-8.7-.4-1.7-.4-3.5 0-5.3 1-4.3 4.3-7.7 8.7-8.7 6.3-1.5 12.5 2.5 14 8.7.4 1.7.4 3.5 0 5.3zm-3-22.4c-11.1-4.3-20 2.4-20 2.4l-1.8-2.4h-8.2V73h9.9V56.1s5.4 4 12.6 4c12.4 0 22.3-10.7 21-23.3-.8-7.8-6.1-14.7-13.5-17.5zM120.9 35c0-.1 2.6-7.4 10.7-7.4 8 0 10.7 7.4 10.7 7.4h-21.4zm10.7-17.3c-11.7 0-21.2 9.5-21.2 21.2s9.5 21.2 21.2 21.2c6.4 0 14.8-3.2 19.2-12.4h-12c-.7.6-1.5 1.1-2.3 1.6-1.4.7-3 1.1-5 1.1-7.3 0-10.2-5.6-10.3-7.2h31.1c.1-1 .3-2.1.4-3.1.7-12.9-9.6-22.4-21.1-22.4zm36.8 1.6v-1.5c.4-7.8 8.1-9.1 9.2-9.2V0c-2.6-.1-19.3 2.4-1

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (618), with CRLF line terminators
Category:	dropped
Size (bytes):	53691
Entropy (8bit):	5.3642387172891235
Encrypted:	false
SSDEEP:
MD5:	F9D3C246A4229365207DEF3633DB291D
SHA1:	CFFFC294D2ECE96C6EA1342E9024C1B62B4C5EB0
SHA-256:	5391257CF6ACBAF585C7552F4C0F19C15C09FA6E94ACAE3F1DB7256594F50AB6
SHA-512:	D91E66D38EC55867C902BE1815D869F953CA9D9D9A3A217C3ECDEE8DE0D4E0F440A560DBC4B470FFD2E41ABDBCBA5DFC74ED32F950B7D358B6F4F02B6DD5401A
Malicious:	false
Reputation:	unknown
Preview:	(function() {..var l=void 0,m=!0,q=null,D=!1;..(function(){function Aa(){function a(){if(!a.yc)la=a.yc=m,ma=D,c.a(F,function(a){a.mc()})}function b(){try{u.documentElement.doScroll("left")}catch(d){setTimeout(b,1);return}a()}if(u.addEventListener)"complete"===u.readyState?a():u.addEventListener("DOMContentLoaded",a,D);else if(u.attachEvent){u.attachEvent("onreadystatechange",a);var d=D;try{d=w.frameElement===q}catch(f){}u.documentElement.doScroll&&d&&b()}c.Pb(w,"load",a,m)}function Ba(){y.init=function(a,b,d){if(d)return y[d]\|\|(y[d]=F[d]=S(a,..b,d),y[d].ha()),y[d];d=y;if(F.mixpanel)d=F.mixpanel;else if(a)d=S(a,b,"mixpanel"),d.ha(),F.mixpanel=d;y=d;1===ca&&(w.mixpanel=y);Ca()}}function Ca(){c.a(F,function(a,b){"mixpanel"!==b&&(y[b]=a)});y._=c}function da(a){a=c.e(a)?a:c.g(a)?{}:{days:a};return c.extend({},Da,a)}function S(a,b,d){var f,h="mixpanel"===d?y:y[d];if(h&&0===ca)f=h;else{if(h&&!c.isArray(h)){o.error("You have already initialized "+d);return}f=new e}f.gb={};f.U(a,b,d);f.people=n

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (31127)
Category:	dropped
Size (bytes):	530299
Entropy (8bit):	5.400107470509381
Encrypted:	false
SSDEEP:
MD5:	094F19D55D347CB3C6D5E428E004FE44
SHA1:	110F9F02C5A3D5A0A5BA7D6CB94F7E6C58BC6054
SHA-256:	6168DF02EC5B707B4541D75EAAA583508A55C36CDE762E29504D06F369AF91E8
SHA-512:	535DAA3CEC530D98421C01772D56A34BC5D9E011D6AFD317D508DEC8D8DFFBB5B59448282F623101F65AABABBF0F0B541B26C6A712F2FBB7CE7D4851A30B6399
Malicious:	false
Reputation:	unknown
Preview:	(this["webpackJsonp@pipefyteam/pipeui"]=this["webpackJsonp@pipefyteam/pipeui"]\|\|[]).push([[5],{1117:function(e,t,r){"use strict";var a=r(1922);class i extends a.Dispatcher{dispatch(e){return super.dispatch(e)}waitFor(e){return super.waitFor(e)}register(e){return super.register(e)}unregister(e){return super.unregister(e)}isDispatching(){return super.isDispatching()}}const n=new i;t.a=n},1120:function(e,t,r){"use strict";var a=r(1921);const i=new(r.n(a).a)(["ADD_CARD","ADD_CONNECTED_CHILD_CARD","ADD_CREATED_CARD","ADD_FIELD_SAVE_ERROR","APP_ATTACHMENT_ADDED","APP_ATTACHMENT_DELETED","CARD_ADD_ATTACHMENT","CARD_CLOSE","CARD_DRAG_END","CARD_DRAG_START","CARD_DROPPED","CARD_DUE_DATE_UPDATED","CARD_OPEN","CARD_UPDATE_LABELS","CHANGE_CURRENT_TAB","CHANGE_PIPE_VIEW","CLEAR_CREATE_CARD_CALLBACK","CLOSE_ALL_SIDEBAR","CLOSE_FILTERS_DISPLAY","CLOSE_INTERVENTION_MODAL","CLOSE_GLOBAL_MODALS","CLOSE_GLOBAL_MODAL","CLOSE_MODALS","CLOSE_PLATFORM_SIDEBAR","COMMENT_CREATED","COMMENT_DELETED","CONFIRM_CAR

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1826)
Category:	downloaded
Size (bytes):	4224
Entropy (8bit):	5.33115726857671
Encrypted:	false
SSDEEP:
MD5:	BA96DE54CFE45BC0CC0842D0BD086C53
SHA1:	A93A44BBBEAF008D6080AB83AE31CCD53CCC1274
SHA-256:	3A06E2E322C14C5F3A0A59A65245E2AB01B3658A59A616B9EA85215F92900D1C
SHA-512:	BE040B68216AD6ECCB2D28EE16A599D8E4B1BAB63D512151ADD15F48F78AA5DCA3EE987869727FB8D75D85C96F50511CF05D049EE5D64169537236CB93543CCD
Malicious:	false
Reputation:	unknown
URL:	https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/
Preview:	<!DOCTYPE html> <html prefix="og: http://ogp.me/ns#" lang="en" data-format-date="m.d.Y" data-format-datetime="m.d.Y H:i"> <head> <title>fshjjfetalpacksrlfggghhgfgj.taplink.ws</title> <meta name=viewport content="width=device-width, user-scalable=no, initial-scale=1, maximum-scale=1, shrink-to-fit=no"/> <meta name=HandheldFriendly content=true> <meta http-equiv=Content-Type content='text/html; charset=utf-8'> <link type='text/css' rel=stylesheet href='/s/css/frontend.css?1.2.8844'> <link rel=icon href="https://taplink.st/a/4/a/5/6/bdba3b.png?1"> <link rel=apple-touch-icon sizes=300x300 href="https://taplink.st/a/4/a/5/6/bdba3b.png?1"/> <link rel=canonical href="https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/"/> <meta name=format-detection content="telephone=no"/> <meta name=referrer content=always> <link rel=image_src href="https://taplink.st/a/4/a/5/6/bdba3b.png?1"/> <meta property="og:type" content=website /> <meta property="og:title" content="fshjjfetalpacksrlfggghhgfg

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	2206993
Entropy (8bit):	5.500518990588695
Encrypted:	false
SSDEEP:
MD5:	8DD53BEEEFF9A5D3ED5EB9688D767CCB
SHA1:	A68D11DF258D70D2D86F1A0C26B1401D251897A8
SHA-256:	3BCC7FB927EA4572F98BEC6335EB0A2D542A22024FF16043810EE8C4A2FCDAA0
SHA-512:	2C9A7DFB3250375E1EFBEC6912DC22FE2E07EB23262D6668BEFB55C8687331DFB8BB0366BC5573E9E8714DE1E6FB2C5AA0F99064F5C0E28E6766341BE5F301BE
Malicious:	false
Reputation:	unknown
Preview:	/!For license information please see 7.66dc3668.chunk.js.LICENSE.txt/(this["webpackJsonp@pipefyteam/pipeui"]=this["webpackJsonp@pipefyteam/pipeui"]\|\|[]).push([[7],[function(e,t,n){"use strict";e.exports=n(569)},function(e,t,n){"use strict";var r=n(8),o=n(43).f,i=n(51),a=n(31),s=n(257),c=n(200),u=n(161);e.exports=function(e,t){var n,l,f,p,d,h=e.target,m=e.global,b=e.stat;if(n=m?r:b?r[h]\|\|s(h,{}):(r[h]\|\|{}).prototype)for(l in t){if(p=t[l],f=e.dontCallGetSet?(d=o(n,l))&&d.value:n[l],!u(m?l:h+(b?".":"#")+l,e.forced)&&void 0!==f){if(typeof p==typeof f)continue;c(p,f)}(e.sham\|\|f&&f.sham)&&i(p,"sham",!0),a(n,l,p,e)}}},function(e,t,n){"use strict";n.r(t),n.d(t,"__extends",(function(){return o})),n.d(t,"__assign",(function(){return i})),n.d(t,"__rest",(function(){return a})),n.d(t,"__decorate",(function(){return s})),n.d(t,"__param",(function(){return c})),n.d(t,"__metadata",(function(){return u})),n.d(t,"__awaiter",(function(){return l})),n.d(t,"__generator",(function(){return f})),n.d(t,"__

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.208966082694623
Encrypted:	false
SSDEEP:
MD5:	89BE93E81169A3478F5B92F3C91AF580
SHA1:	C62E2852B394952919463742831CB4C66CCA1C8B
SHA-256:	77C5F518D3925E0083F47A20572ADB178B2204D07FAA396A2E3B0AFD803155B9
SHA-512:	0F837CB5A3E3C67CFE10B21FB4965A1B39E4C10CEA9137D03A9D5B743B6F36A02CDE5348752D59C0BF28F9CFA0163D99A7767CCE9255500E5C3E15EA1F74C173
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwmD9Y4nmnrwnxIFDVNaR8USBQ2_JFKQ?alt=proto
Preview:	ChIKBw1TWkfFGgAKBw2/JFKQGgA=

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	11300
Entropy (8bit):	5.480452878478793
Encrypted:	false
SSDEEP:
MD5:	EDB1CA86E5FF4B16EF78F4D4A42EB24A
SHA1:	790A23BE4DF887C0F07AC86D1F51584534DC9142
SHA-256:	6D92CF49E785ABAFCC2D4658AB9353ACE723CC85F365C5C8F247177CCE95A696
SHA-512:	7EAE82FFABE8958378234CEC9425B8B142C2BCD2D3F37DB4A0FAC988837B8C4D4C1A37727074CAFFB4F20726DA0C7A86BBC1BC90B25A910F6B688F242263AA83
Malicious:	false
Reputation:	unknown
URL:	https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2JL7SUc.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2ZL7SUc.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	337
Entropy (8bit):	4.842459822695129
Encrypted:	false
SSDEEP:
MD5:	F001E96A05A5E57F0BD73E2BB1F4CD8A
SHA1:	582A1ACBF325441D44FE5DDEB1300CEB4D671685
SHA-256:	386037A3C67FE88E5AD918F78FCE0C55C6CE14199B6B82E5E0BEFCCEA2820141
SHA-512:	B01268E8B7D6D34323FEF49CA84DDE142040FC6CF540000F0B397D12596B37DD4F57ED51ED4587DD6CCA3963E00EC5A3AA039E5F951365A9AF614E2EC8C253D3
Malicious:	false
Reputation:	unknown
URL:	https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/a59b74ca12433979.webmanifest
Preview:	{"name":"Fshjjfetalpacksrlfggghhgfgj.taplink.ws","short_name":"fshjjfetalpacksrlfggghhgfgj","icons":[{"src":"https://taplink.st/a/4/a/5/6/bdba3b.png?1","sizes":"300x300","type":"image/png"}],"theme_color":"#fffaf4","background_color":"#fffaf4","start_url":"https://fshjjfetalpacksrlfggghhgfgj.taplink.ws?from=app","display":"standalone"}

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	downloaded
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	68B329DA9893E34099C7D8AD5CB9C940
SHA1:	ADC83B19E793491B1C6EA0FD8B46CD9F32E592FC
SHA-256:	01BA4719C80B6FE911B091A7C05124B64EEECE964E09C058EF8F9805DACA546B
SHA-512:	BE688838CA8686E5C90689BF2AB585CEF1137C999B48C70B92F67A5C34DC15697B5D11C982ED6D71BE1E1E7F7B4E0733884AA97C3F7A339A8ED03577CF74BE09
Malicious:	false
Reputation:	unknown
URL:	https://dianemccabe.com/n/?c3Y9bzM2NV8xX29uZSZyYW5kPU5tdERlRms9JnVpZD1VU0VSMTgwOTIwMjRVMTkwOTE4MzU=N0123N
Preview:	.

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37130)
Category:	downloaded
Size (bytes):	50738
Entropy (8bit):	5.2668027982853225
Encrypted:	false
SSDEEP:
MD5:	E2E7F7259EF5A3B03498EF6FBAFA28AE
SHA1:	1414EBEE92F8D7C75E953FA2F9E0787083D2AA92
SHA-256:	9D8F6CA64002402C372EF53B8EC7603CCAC2AF8C1567FF56D3AE8658D6C0C71B
SHA-512:	72CCFDF1E9A3C78FE4841EF0C8FBEBADAAEF37ECB27F6D450B92827F659502FDFC4FD0FAA7C8FF7AA6CB99C8FF14233336D1E589B2D22D599E3839E9B2490453
Malicious:	false
Reputation:	unknown
URL:	https://pipeui.staticpipefy.com/versions/production/public-form/static/js/main.7cf07c5d.chunk.js
Preview:	(this["webpackJsonp@pipefyteam/pipeui"]=this["webpackJsonp@pipefyteam/pipeui"]\|\|[]).push([[3],{1110:function(e,n,l){"use strict";l.r(n);var i=l(46),a=(l(570),l(607),l(882),l(917),l(941),l(942),l(943),l(125)),s=l.n(a),p=l(362);const t={"pt-BR":()=>l.e(4).then(l.bind(null,2377)),en:()=>l.e(0).then(l.bind(null,2378)),"en-US":()=>l.e(0).then(l.bind(null,2378)),es:()=>l.e(1).then(l.bind(null,2379))},o=()=>{return e=void 0,n=null,l=function*(){if(!window.I18n)return;const e=window.I18n.locale,n=yield t[e]();window.I18n.translations=Object(p.merge)(window.I18n.translations,{[e]:n.default})},new Promise(((i,a)=>{var s=e=>{try{t(l.next(e))}catch(n){a(n)}},p=e=>{try{t(l.throw(e))}catch(n){a(n)}},t=e=>e.done?i(e.value):Promise.resolve(e.value).then(s,p);t((l=l.apply(e,n)).next())}));var e,n,l};var d=l(69),T=l.n(d),u=l(360),r=l(370);const m=({children:e,language:n})=>{const{isEnabled:l}=Object(r.a)({feature:"use_lumen_fields"});return Object(i.jsx)(u.LumenProvider,{language:n,lumenFeatureToggleLis

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (15522), with no line terminators
Category:	downloaded
Size (bytes):	15522
Entropy (8bit):	4.679139850011621
Encrypted:	false
SSDEEP:
MD5:	45483080F9111A91D30F05F2941271E7
SHA1:	02F7E993BF7B593BEBDD51076816EE5BF94B74BA
SHA-256:	75D9B1BE7330B756864E8C3947BB5EB2E30CBFA4396D0262CCF33991A9331C78
SHA-512:	81A37FF78C87E0E49DFB17926A69E13A2A804FAB7BE87B9F3DF561887A5B89AC2F13219868A9A109064404B257ED4F36F83810169A37C97BE3B2CBBD6B8BB8F1
Malicious:	false
Reputation:	unknown
URL:	https://pipeui.staticpipefy.com/versions/production/public-form/static/css/8.36c7aa08.chunk.css
Preview:	.react-datepicker-popper[data-placement^=bottom] .react-datepicker__triangle,.react-datepicker-popper[data-placement^=top] .react-datepicker__triangle,.react-datepicker__month-read-view--down-arrow,.react-datepicker__month-year-read-view--down-arrow,.react-datepicker__year-read-view--down-arrow{margin-left:-8px;position:absolute}.react-datepicker-popper[data-placement^=bottom] .react-datepicker__triangle,.react-datepicker-popper[data-placement^=bottom] .react-datepicker__triangle:before,.react-datepicker-popper[data-placement^=top] .react-datepicker__triangle,.react-datepicker-popper[data-placement^=top] .react-datepicker__triangle:before,.react-datepicker__month-read-view--down-arrow,.react-datepicker__month-read-view--down-arrow:before,.react-datepicker__month-year-read-view--down-arrow,.react-datepicker__month-year-read-view--down-arrow:before,.react-datepicker__year-read-view--down-arrow,.react-datepicker__year-read-view--down-arrow:before{box-sizing:initial;position:absolute;borde

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	280
Entropy (8bit):	7.1673666562278395
Encrypted:	false
SSDEEP:
MD5:	E8D4D41056BDD865BF9577857996EE45
SHA1:	500033B229A4B595D6F140DA45A7EC8E5161FA3D
SHA-256:	BEBE98B60D4BD218DF9A484DAD74B1A3C453C23199EE7A9FA3D5393AD0D9E319
SHA-512:	25A964943E46C9619E145D9B1E5777C6BCF73AE9807C08A75D9FCA440C4BA9E5A86DADE40BCF50188B2C97718458601F8354E3BB23013767A16A3D778A8E7306
Malicious:	false
Reputation:	unknown
URL:	https://pipestyle.staticpipefy.com/images/public-form/favicon/cropped-pipefy-favicon-2-32x32.png
Preview:	RIFF....WEBPVP8L..../....o...$.....3.P.6......cf.......w).....S.....<sp...m.....r=m.L.n....33.f....#.~;>....RU....@.l.+.{..J...Q.-..\|...u.t/....F+.[........t;.^O<{{%q..\|..E.......KRN.....?....).;V...,._......Eg.....x..NH.wz...j.IY..r..R.\|K*S..~.K.L...37q.3......

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (39933)
Category:	downloaded
Size (bytes):	358369
Entropy (8bit):	5.52539643537815
Encrypted:	false
SSDEEP:
MD5:	92F6F12C84CC92E4F58143EEF4FFE124
SHA1:	BCB87F6A62CCFF2C75568AE74D4E19BC015629EB
SHA-256:	96512AAC90CA9AC3BF2E7B0A855AFC46CABC3C1BAD06FAEF0D44C7DB67281ABD
SHA-512:	2D8FF33547381F5B640BA4B399D3A8A9B7F5028EC474DC9F51E10CB105BF135FAF7318AFD16819C4A79020F097DB24C5AA3E87C4EF1C01417C011ABA3872457B
Malicious:	false
Reputation:	unknown
URL:	https://newassets.hcaptcha.com/captcha/v1/70b4624/static/hcaptcha.html
Preview:	<!DOCTYPE html>.<html lang="en" data-id="hcaptcha-frame-70b4624">.<head>. <title>hCaptcha</title>. <meta charset="utf-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta http-equiv="Content-Security-Policy" content="object-src 'none'; base-uri 'self'; worker-src blob:; script-src 'self' 'unsafe-eval' 'sha256-66UqS9okiSm9hwNFV9WsEL7pp+hVNVyAH1LtDpbfURU=';">. <style type="text/css">*{-webkit-tap-highlight-color:transparent;-webkit-font-smoothing:antialiased}body,html{margin:0;padding:0;font-family:-apple-system,system-ui,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen,Ubuntu,"Helvetica Neue",Arial,sans-serif;overflow:hidden;height:100%;width:100%;background-color:rgba(255,255,255,0);background-color:transparent}fieldset{margin:0;padding:15px 20px;border:none}button:focus,input:focus,select:focus,textarea:focus{outline:0}:focus{border:none;outline:0}textarea{border:none;overflow:auto;outline:0;-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;resize:non

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (56991)
Category:	downloaded
Size (bytes):	57036
Entropy (8bit):	5.130559329360811
Encrypted:	false
SSDEEP:
MD5:	1680419B6708F5D71C06C63A88C229BB
SHA1:	AA2B74A1A4FED444FCBEF50EF3CF56F322E1E178
SHA-256:	4012A7FBF01EC91E788E1184A31A810E9F3D518BC35220F1FD4CF4C8C59C0113
SHA-512:	3590F91CD4A8AEABBE2B891AC18A663CC2C1573F8DFE6638A3644D603E190C9EFD6A8B3FC0D63D268B44346B12A6CEC911D7383B20B810F5592A91323FD976C6
Malicious:	false
Reputation:	unknown
URL:	https://pipestyle.staticpipefy.com/v2-temp/ui-libraries-3.110.6/assets/stylesheets/libs.css
Preview:	/! Pipestyle 3.110.6 (http://pipefy.style).* Pipefy, Inc. (https://pipefy.com)/@charset "UTF-8";/!* GRID by Bootstrap v3.1.1 (http://getbootstrap.com) * Copyright 2011-2014 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)*/.container{margin-right:auto;margin-left:auto;padding-left:15px;padding-right:15px}@media screen and (min-width:768px){.container{width:750px}}@media screen and (min-width:992px){.container{width:970px}}@media screen and (min-width:1200px){.container{width:1170px}}.container-fluid{margin-right:auto;margin-left:auto;padding-left:15px;padding-right:15px}.row{margin-left:-15px;margin-right:-15px}.row:before,.row:after{content:" ";display:table}.col-xs-1,.col-sm-1,.col-md-1,.col-lg-1,.col-xs-2,.col-sm-2,.col-md-2,.col-lg-2,.col-xs-3,.col-sm-3,.col-md-3,.col-lg-3,.col-xs-4,.col-sm-4,.col-md-4,.col-lg-4,.col-xs-5,.col-sm-5,.col-md-5,.col-lg-5,.col-xs-6,.col-sm-6,.col-md-6,.col-lg-6,.col-xs-7,.col-sm-7,.col-md-7,.col-lg-7,.col-x

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (50896), with no line terminators
Category:	downloaded
Size (bytes):	50896
Entropy (8bit):	5.239623153663545
Encrypted:	false
SSDEEP:
MD5:	3F1B87F97823F1E246326F84936AB328
SHA1:	DC940818E4001A35B299FD17AED0CD7B6DFA774E
SHA-256:	4D26A6D3F4CF2F712E5E2B291BFA127AA4CC85C88D1B1E2D34134AE1C45ABF94
SHA-512:	0B1FE0612873A14E5DDB52B39313F3DCCFFCED5C341F4BAC5500ABE449E4C2A09A2DACF8603BA0A94E8B3152816489F80D5DB0BF1AB7BEFCED7E8C66A4B2B19B
Malicious:	false
Reputation:	unknown
URL:	https://assets.staticpipefy.com/v2.60.5/assets/v3/commons-dc8a26472ef80c93d1173780754a6142547ee85f7578612b0c233d5c6b3db808.js
Preview:	$.isBlank=function(e){return!e\|\|""===$.trim(e)},$.getUrlParams=function(){var e=window.location.search;e=e.split("+").join(" ");for(var t,n={},i=/[?&]?([^=]+)=([^&]*)/g;t=i.exec(e);)n[decodeURIComponent(t[1])]=decodeURIComponent(t[2]);return n},function(e){e(document).ready((function(){e(".js-accordion-settings").on("click",(function(t){t.preventDefault();var n=e(".pp-pipe-settings-accordion"),i=e(e(this).data("accordion-settings")),o=n.find('input[type="checkbox"]');n.find(i).slideToggle("fast"),n.toggleClass("is-expanded"),n.hasClass("is-expanded")?o.prop("checked",!0):o.prop("checked",!1)}))}))}(jQuery),function(e){"use strict";function t(t,o){this.element=t,this.settings=e.extend({},i,o),this._defaults=i,this._name=n,this.init()}var n="pipeAccordion",i={toggleClass:"is-expanded",duration:"fast"};e.extend(t.prototype,{init:function(){this.accordion()},accordion:function(){var t=this.settings;e(this.element).on("click",(function(n){n.preventDefault();var i=e(this).parent();i.find(e(t

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 218 x 218, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	40922
Entropy (8bit):	7.982339980880838
Encrypted:	false
SSDEEP:
MD5:	ABF4DDA279EF91D9F679BE54D84BB6F7
SHA1:	3426E5881509CC7A37BBF8D64869330C0B8FC279
SHA-256:	3BF5EB68244A5C6A5B43F9D2AD40697637C7CFE2187A87DCBBB72279021EB1C0
SHA-512:	48F1A98630E4B50C40ADCD30C78D4C965E8F124B4890AC595CEF83F8E8EDFA04914D2F2E7B5845891E5D556870130D4AA4ABE2CC1A82145AA859CDE22A76835F
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............\.....sRGB....... .IDATx^..w..u-.....1...y..N.....).......%y....k......}.s..$.(. ..$..$....b..o.zk....A).IDR..hQ$.....Su.>....VA)......$E.f..Af-,4.~.....Xm.......RP.:?....PV.......#5>...+.\|......<g...&.t..==.x.<._.3..y....n`..:J0......7.m...9....^..u.>4....p....$o........W....Yn(..q.5W...i<7..45X.g.e92.(.my......S\|)..nM.?Z.[5\g.\t...........o.....y.....P0. ..tT"...:.J...Jk.JV.....=.WP.4....d.A=....]..&OC..T..y-...F....%0-...<...........S...r^...;.<]?.@....f.F.#<3........e..b..Ud.V"..f.n.......3...^C..)..F.ju...."...H^.Dvp...#..o..5.V....g.....s......Ef..Y.z.#.2.-.V......"......X...dMp.qS+.l........nq.O..`..K>\|psw....H..RF....G...@q...X.{]...K.W.j........i=E-..9.....4@.....^...q.x..J~.\|.....O=..<S.~Vv%%.0...{...B..7f.>....Q.....;.......6...k.......h.y8...e......K.n.Cp{......E.k.........m.`#ng.Jqc.....3x.S.`.A=7H$..~......3Z.KB......d.....].1..7.GL3G.5n..t..e.$..K>......F...#.Q....!t....."..z}.....jU.G....y3.Tv

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	308
Entropy (8bit):	6.787072611366756
Encrypted:	false
SSDEEP:
MD5:	169D658682B59FC86BEDDDB1BDB0C8DA
SHA1:	94A42DE91D76D8EFB19166C8DFF6E7E7F5CB88E8
SHA-256:	17BBC4E8F18AF96D43EC18D28C90D3F26CB771EA66576441E5E709B4238BF801
SHA-512:	CFA5C5D63E1855120DB8B395A3A275573B1B8C3F2E452C5E37550A218D3BE8C1C5167BA30FE48479A9F8DA8DDD172206899BDEC0DBA95014A7AD5121F4219197
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR... ... .....D......*PLTE...............q........?_....Xt.;[.Gf....C\......IDATx...]n.!..`.P~...v4kk.......#..._.ER..y..4..q.._..jFd..$...`.Ue.F.[.XA}.. "E.).H!.d$M...z/.o..<.IH.......>.).).6P...M0.ux...Tg~....c.`]5.n....o......<....k.P..h.........7.9.....{........Q.Tp.FF....IEND.B`.

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (900), with no line terminators
Category:	downloaded
Size (bytes):	900
Entropy (8bit):	4.797556149231682
Encrypted:	false
SSDEEP:
MD5:	1D7C3B16DFAA55C33F2A5B687CD7064E
SHA1:	6045779762562639C35FAC2101400D394869C80E
SHA-256:	D90BC1B9D29298776938E62A4D77FB568BE2F5D200DA41049339516277286C8F
SHA-512:	4530FA605D2BC3FF0B93B540CD026ED699EFCE78A514150417B20B98D24A4339049E2DBC0F52E55C3DB9FAB134EDBCD2C581071C73A3F23ACD38863D6A14F9CD
Malicious:	false
Reputation:	unknown
URL:	https://assets.staticpipefy.com/fonts/new-order/NewOrder.css
Preview:	@font-face{font-family:new order;font-style:normal;font-weight:300;font-display:swap;src:url(https://assets.staticpipefy.com/fonts/new-order/NewOrder-Light.woff2) format('woff2')}@font-face{font-family:new order;font-style:normal;font-weight:400;font-display:swap;src:url(https://assets.staticpipefy.com/fonts/new-order/NewOrder-Regular.woff2) format('woff2')}@font-face{font-family:new order;font-style:normal;font-weight:500;font-display:swap;src:url(https://assets.staticpipefy.com/fonts/new-order/NewOrder-Medium.woff2) format('woff2')}@font-face{font-family:new order;font-style:normal;font-weight:600;font-display:swap;src:url(https://assets.staticpipefy.com/fonts/new-order/NewOrder-SemiBold.woff2) format('woff2')}@font-face{font-family:new order;font-style:normal;font-weight:700;font-display:swap;src:url(https://assets.staticpipefy.com/fonts/new-order/NewOrder-Bold.woff2) format('woff2')}

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65521)
Category:	downloaded
Size (bytes):	462060
Entropy (8bit):	5.4010342804981875
Encrypted:	false
SSDEEP:
MD5:	B36BB9397467E3F24B0E29183CEA4481
SHA1:	02B0590707BEB83605222D47036A3740736B0D06
SHA-256:	D8CF8723B1CB7CE784EEDED69523BDC2D9A1F456E22FFD9C21C5C3E4CC217D65
SHA-512:	A427AB9C447BC9DFCA4C7BEA9863F2C0F3B255E77D6ADFF7D66C5257894B4C1F85485522DEE5C30DE18335BD9C33E090B9910B7DB665E2DC795BFEA3D1FBB0E9
Malicious:	false
Reputation:	unknown
URL:	https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/s/js/frontend.js?1.2.8844
Preview:	/* 1.2.8844 /.var t,e;function mimetype(e){"use strict";var t=[{file:"image",ext:["jpg","jpeg","png","gif","webp","svg","psd"]},{file:"archive",ext:["zip","7z","rar"]},{file:"pdf",ext:["pdf"]},{file:"video",ext:["mp4","flv","m3u8","ts","3gp","avi","mov","wmv"]},{file:"code",ext:["php","html","css","js","inc","py","xml","json"]},{file:"text",ext:["txt","rtf","pages"]},{file:"music",ext:["mp3","m3u"]},{file:"audio",ext:["mid","aif","wav"]},{file:"chart",ext:["xls","xlsx","numbers"]},{file:"csv",ext:["csv"]},{file:"powerpoint",ext:["pptx","pptm","ppt"]},{file:"word",ext:["doc","docx"]}];let i=e.ext\|\|"file",n=e.filename;if(e.url)try{const i=/\/([^\/]+\.[^\s\?#\/]+)$/i;var s=new URL(e.url),o=s.pathname.match(i);n=o?o[1]:s.hostname}catch(e){}if(n&&!e.ext){o=(n=n.replace(/(\?.\|$)/,"")).lastIndexOf(".");if(-1!=o){var r=n.toLowerCase().substr(o+1);for(let e=0;e<t.length;e++)if(-1!=t[e].ext.indexOf(r)){i=t[e].file;break}}}return"files/"+i}function humanSize(e){if(!e)return e;let t=0;for(;1024<

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	4866
Entropy (8bit):	5.228655056930521
Encrypted:	false
SSDEEP:
MD5:	9B9B20951390D0B1224716D83C97CBA1
SHA1:	35AA7575EDE30D369B19FCAB7ACE23753C21A149
SHA-256:	41DB675D16990E85CB9E9025A0287B1BB29143FD466509C29FA1A9FE02302AFD
SHA-512:	71B4177C97C2AF93C191C9DE9B31F2E39E5BFAF6759C5B0EE2E355A1E6BA3052E40BDF7C3E23E8913F0690D5B221594B20AFDAD0A21DEA8102D40E95C7E8E02E
Malicious:	false
Reputation:	unknown
URL:	https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/s/fonts/google/css/woff2/merriweather.css?1.2.8844
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Merriweather';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(/s/fonts/google/fonts/232.woff2?4) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Merriweather';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(/s/fonts/google/fonts/233.woff2?4) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ vietnamese /.@font-face {. font-family: 'Merriweather';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(/s/fonts/google/fonts/234.woff2?4) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;.}./ latin-ext */.@font-face {. font-family: 'Merriweather';. font-style: normal;. font-weight:

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (9127)
Category:	downloaded
Size (bytes):	16054
Entropy (8bit):	5.126201370189235
Encrypted:	false
SSDEEP:
MD5:	DC18942274A48795D55FE1CA899DC889
SHA1:	28E66C27A60B48E651F483A628065646F29512AC
SHA-256:	B1FE5182D131CF3C3416FCF4B4FCC95E8FDBFA6FCD2353E2950A6B1C59F49DB7
SHA-512:	AA6559229E3A12B3EB9129E13C69B9B18CFA95155D22471BD3AC200BF8925A970BE54ADE68E37CBDB622A9F8E2CB7E53B6685E1B24B40FFE859951DB2A4022CF
Malicious:	false
Reputation:	unknown
URL:	https://app.pipefy.com/public/form/41kuSg4l
Preview:	<!DOCTYPE html>.<html lang="en" class="pp-theme-pipefy pp-public-form-bg">.<head>.<script async>. ;(function(d, s, c) {. var j = d.createElement(s),. t = d.getElementsByTagName(s)[0]. j.src = 'https://pipeui.staticpipefy.com/scripts/elastic-apm-rum-v5-16-1.umd.min.js'. j.async = 1. j.onload = function() {elasticApm.init(c)}. t.parentNode.insertBefore(j, t). })(document, 'script', {. serverUrl: 'https://apm.pipefy.com',. serviceName: 'app-core-rum',. serviceVersion: 'prod-f85d85f5e9333f5aa1ceb6bad8dbccc4900131bb',. environment: 'production',. transactionSampleRate: 0.05. }).</script>.<meta charset="utf-8">.<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">.<meta name="viewport" content="width=device-width, initial-scale=1" />.<meta name="robots" content="noarchive, noindex, nofollow">.<meta name="twitter:card" content="summary_large_image">.<meta name="twitter:image:alt" content="public form image preview">.<meta name="author" content="c

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5384), with no line terminators
Category:	dropped
Size (bytes):	5384
Entropy (8bit):	5.016876292657898
Encrypted:	false
SSDEEP:
MD5:	D99057759AD1DEB2F7F769B968610512
SHA1:	6D47708C2EA230CAC7AC2D4F9DD4A3A60A3824F1
SHA-256:	1A2E9D1046B24AB41F7BC22B41F7439E7268A3F13C51DC5516E7DD7AB0738964
SHA-512:	85FA323A68F52D4B9CCD69AF46EC5B6BF0DDC9F8862C339799E7AC873706A7BC1A156FCB56F6FAA35242FCD247B9037E0FB8CA6162FEFE5EA6E8E59C4FE4B0D6
Malicious:	false
Reputation:	unknown
Preview:	(this["webpackJsonp@pipefyteam/pipeui"]=this["webpackJsonp@pipefyteam/pipeui"]\|\|[]).push([[10],{2276:function(e,t){e.exports=function(e){if(void 0===e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return e},e.exports.__esModule=!0,e.exports.default=e.exports},2277:function(e,t,a){var n=a(2278);e.exports=function(e,t){e.prototype=Object.create(t.prototype),e.prototype.constructor=e,n(e,t)},e.exports.__esModule=!0,e.exports.default=e.exports},2278:function(e,t){function a(t,n){return e.exports=a=Object.setPrototypeOf?Object.setPrototypeOf.bind():function(e,t){return e.__proto__=t,e},e.exports.__esModule=!0,e.exports.default=e.exports,a(t,n)}e.exports=a,e.exports.__esModule=!0,e.exports.default=e.exports},2395:function(e,t,a){"use strict";a.r(t);var n=a(2276),i=a.n(n),r=a(2277),s=a.n(r),o=a(0);var p,h,c="hcaptcha-api-script-id",d="hcaptchaOnLoad",l=new Promise((function(e,t){p=e,h=t})),u=function(e){if(void 0===e&&(e={}),document.getElementById(c))r

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65491)
Category:	downloaded
Size (bytes):	552214
Entropy (8bit):	4.971148318958548
Encrypted:	false
SSDEEP:
MD5:	EB8C97A5A12F295F159EA001B9BBC8E9
SHA1:	A910E4158054B0D648FACD040862A0C5AF5EEC72
SHA-256:	A71BD7E99AA1397F27B789D70000B12C659B3690A0DA7EF5E86E350ECBB2DCCE
SHA-512:	FB58FA5C827085DD0B73BB1279619B79C39E0AF618C557C29EC370109130EE93E58738882D168CBC9DA8BBA3878EAFAA5AFF917B42537CC49A9726F3B8EA8A28
Malicious:	false
Reputation:	unknown
URL:	https://pipestyle.staticpipefy.com/v2-temp/ui-libraries-3.110.6/assets/stylesheets/pipestyle.css
Preview:	/! Pipestyle 3.110.6 (http://pipefy.style).* Pipefy, Inc. (https://pipefy.com)*/@charset "UTF-8";.pp-color-brand-base{color:var(--brand-base)!important}.pp-bg-brand-base{background-color:var(--brand-base)!important}.pp-color-brand-1000{color:var(--brand-1000)!important}.pp-bg-brand-1000{background-color:var(--brand-1000)!important}.pp-color-brand-900{color:var(--brand-900)!important}.pp-bg-brand-900{background-color:var(--brand-900)!important}.pp-color-red-base{color:var(--red-base)!important}.pp-bg-red-base{background-color:var(--red-base)!important}.pp-color-red-1000{color:var(--red-1000)!important}.pp-bg-red-1000{background-color:var(--red-1000)!important}.pp-color-red-900{color:var(--red-900)!important}.pp-bg-red-900{background-color:var(--red-900)!important}.pp-color-red-800{color:var(--red-800)!important}.pp-bg-red-800{background-color:var(--red-800)!important}.pp-color-red-700{color:var(--red-700)!important}.pp-bg-red-700{background-color:var(--red-700)!important}.pp-color-red

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1572)
Category:	downloaded
Size (bytes):	15777
Entropy (8bit):	5.1651432872004275
Encrypted:	false
SSDEEP:
MD5:	D95B0ABA1D3CC78169A43E56F382882B
SHA1:	ACE3DC1930ACD0E13E2FFA2FAD3EFF514D1A322A
SHA-256:	B117637A23B5ABD44A477B9242E8ADF76081DBAB300B9FA139E3EB2455862CFD
SHA-512:	6F6960A2CCFED4806BF42AFE1C743EE11BC04D39BBE7368DF05DBF2492D8F8E0EC2478BA768015FE9E05E5B3F5FC931E78210786B078D8BF599FB16C0F59EFD6
Malicious:	false
Reputation:	unknown
URL:	https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/s/fonts/google/css/woff2/opensans.css?1.2.8844
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: normal;. font-display: swap;. src: url(/s/fonts/google/fonts/269.woff2?4) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: normal;. font-display: swap;. src: url(/s/fonts/google/fonts/270.woff2?4) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: normal;. font-display: swap;. src: url(/s/fonts/google/fonts/271.woff2?4) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 300;. font-stretch: normal;. font-display: swap;. src: url(/s/fonts/google/fonts/27

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	58
Entropy (8bit):	4.288678408771471
Encrypted:	false
SSDEEP:
MD5:	7F46D9DD3CF42147ED6C82BD0930A9A9
SHA1:	8C50A777A818B98427A3EA674ADE9D9C467DC522
SHA-256:	E6A04A4BA424854B7FDEAA135CFC2F75D3B899C1D0B2328E776B0E3D1D20EEE6
SHA-512:	7C93D4A9C2E253FE0DAFDF18B0358ED7D0764D10B2944754A891E4EE0C663CBF6AF39F42D7EDEBCDC20C5BD6CE4816FEF5A571594E43746C223E95EA6DD37A57
Malicious:	false
Reputation:	unknown
URL:	https://pipeui.staticpipefy.com/versions/production/public-form/static/css/publicForm.48c593cf.chunk.css
Preview:	.noty-text-link{font-weight:700;text-decoration:underline}

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	776
Entropy (8bit):	5.789515669292128
Encrypted:	false
SSDEEP:
MD5:	E24923FB65351A8CEBFB5B01BCFF25AE
SHA1:	CDBBF0CD4C948211FD6EF1655D613F4E6909EF74
SHA-256:	BB5489C72D63938DEFAED7089FB15041D785CAF9670689BF6798727CC1606A2C
SHA-512:	3C531E4105A599FAF258210A64D096AC4120135D0F45C896A8E3806B28BECB7505C93327156E852E1A79B7813CBABECF9804DE100CEE2ACC2B1012FE759CEADB
Malicious:	false
Reputation:	unknown
Preview:	{"features":{"enc_get_req":true},"c":{"type":"hsw","req":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmIjowLCJzIjoyLCJ0IjoidyIsImQiOiJlS3FaQ1BZaEtEcjNVZlltQzhhN1dZU2xDQ0tMeGtCVHkrZjFDOWc3dHhkak9LWktITGVteGxlNWxZN1hld0ovdHFoS2lTNlRsTkNrTnB4WjdScUtzMmVieTlJbEM2UUFwS3NUQk1UUzZ0RzJaR2xzRmtUakRXQmt4Yzk0M2NZcUJ5RE9JeC9rOWtEZFlYaENnVTdzTnlHWVd4bnJ1M3ROZHk5eEEwR0xnWWUzTHEwVFdDdDk1SGorQURnbGpDSEFpd21xMG14UVpyMzVUYVUvcVEyRk9MWUNRdDNVcnpzK2diUTJvamp2SlBQaVJuS2d0UkMycDNmTzNxN3ExWk09T082dklENlJ5SjVxV2Y3NiIsImwiOiIvYy9jMmUzYmQ4YzFhOWFhYzkzNDkwZmI2ZjY2NDU2NTdiNTQ2NmI1YjkyOGIxYmNmMjEwOWE3YTllMWYyMWUzNWJlIiwiaSI6InNoYTI1Ni1hVGFnQlI5c0ljcytWZzlHS0dHYWdMYkczUEZzQ3U3ZlJkRkxpa3N5UHJVPSIsImUiOjE3Mjc2OTc0NzMsIm4iOiJoc3ciLCJjIjoxMDAwfQ.NrwcZUv-dDV7s6E-pChOxpweCn40REje09WzzOFaJYI"},"pass":true}

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	239931
Entropy (8bit):	4.885718095804704
Encrypted:	false
SSDEEP:
MD5:	B296B4C75609F7394201AB7706F880E0
SHA1:	E3FD757FF61EC1C23899D001A2020617C3035207
SHA-256:	88125934601427FE82D7B1A96227B38F0A683F35FB338D58F15574AECAB63255
SHA-512:	060880D50A8317ABE8E3B8F69DD6431FFBE710A827CEB0CCFAF33B8803D3E57E1FA684EBB92864FFE3CB8D5B9B08F6EDF1885630CFB037B243C3DDEC565355A4
Malicious:	false
Reputation:	unknown
URL:	https://pipeui.staticpipefy.com/versions/production/public-form/static/js/en-US-translations.e3500772.chunk.js
Preview:	(this["webpackJsonp@pipefyteam/pipeui"]=this["webpackJsonp@pipefyteam/pipeui"]\|\|[]).push([[0],{2378:function(e,t,a){"use strict";a.r(t);const o={_attachments:"Attachments",_move_to_phase:"Move card to phase",accept_invitation:{_submit:"Ok! Continue",_subtitle:"The information below will be essential on many steps on Pipefy!",_title:"Welcome aboard!"},currency_dropdown:{input:{placeholder:"Search..."}},activerecord:{attributes:{card:{all_comments:"All comments",all_emails:"All emails",all_emails_with_attachments:"All emails with attachments",assignees:"Assignees",card_id:"ID",created_at:"Created at",created_by:"Creator",created_on:"Created at",creatorEmail:"Creator email",current_phase:"Current phase",current_phase_public_link:"Current phase public link",due_date:"Due date",expiredAt:"Expired at",expired_at:"Expired at",finished_at:"Finished at",finished_on:"Finished on",id:"ID",labels:"Labels",last_comment:"Last comment",last_comment_at:"Last comment at",last_email:"Last email",last_em

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	315
Entropy (8bit):	5.0572271090563765
Encrypted:	false
SSDEEP:
MD5:	A34AC19F4AFAE63ADC5D2F7BC970C07F
SHA1:	A82190FC530C265AA40A045C21770D967F4767B8
SHA-256:	D5A89E26BEAE0BC03AD18A0B0D1D3D75F87C32047879D25DA11970CB5C4662A3
SHA-512:	42E53D96E5961E95B7A984D9C9778A1D3BD8EE0C87B8B3B515FA31F67C2D073C8565AFC2F4B962C43668C4EFA1E478DA9BB0ECFFA79479C7E880731BC4C55765
Malicious:	false
Reputation:	unknown
URL:	https://dianemccabe.com/favicon.ico
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<p>Additionally, a 404 Not Found.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3679), with no line terminators
Category:	downloaded
Size (bytes):	3679
Entropy (8bit):	5.36125951915093
Encrypted:	false
SSDEEP:
MD5:	CAEEE3CB357AFC2B0652879931CE7087
SHA1:	B6540DB15A4154BBCB6CBF0B0F5E9066510CCB2A
SHA-256:	6D0D6ABA222713BB6986328283769C800CB4BA8E51723F1AA4E22DCFCAE0E770
SHA-512:	4DB77F0D0EFB13A11C98A689B6D8AEB69BD8A3622D82A219AFA5F155E6FA2381DCF6752221B89BB7D914947BE1897E7427DA0DC0E736A980C5CC8B1100C005A5
Malicious:	false
Reputation:	unknown
URL:	https://pipeui.staticpipefy.com/versions/production/public-form/static/js/runtime-main.f91805e4.js
Preview:	!function(e){function t(t){for(var n,o,u=t[0],c=t[1],s=t[2],l=0,p=[];l<u.length;l++)o=u[l],Object.prototype.hasOwnProperty.call(a,o)&&a[o]&&p.push(a[o][0]),a[o]=0;for(n in c)Object.prototype.hasOwnProperty.call(c,n)&&(e[n]=c[n]);for(f&&f(t);p.length;)p.shift()();return i.push.apply(i,s\|\|[]),r()}function r(){for(var e,t=0;t<i.length;t++){for(var r=i[t],n=!0,o=1;o<r.length;o++){var c=r[o];0!==a[c]&&(n=!1)}n&&(i.splice(t--,1),e=u(u.s=r[0]))}return e}var n={},o={6:0},a={6:0},i=[];function u(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,u),r.l=!0,r.exports}u.e=function(e){var t=[];o[e]?t.push(o[e]):0!==o[e]&&{5:1,8:1}[e]&&t.push(o[e]=new Promise((function(t,r){for(var n="static/css/"+({0:"en-US-translations",1:"es-translations",2:"fieldConditions",4:"pt-BR-translations",5:"publicForm"}[e]\|\|e)+"."+{0:"31d6cfe0",1:"31d6cfe0",2:"31d6cfe0",4:"31d6cfe0",5:"48c593cf",8:"36c7aa08",9:"31d6cfe0",10:"31d6cfe0",11:"31d6cfe0"}[e]+".chunk.css",a=u

Static File Info

⊘No static file info

Description:	Adversaries may abuse Internet browser extensions to establish persistent access to victim systems. Browser extensions or plugins are small programs that can add functionality and customize aspects of Internet browsers. They can be installed directly or through a browser's app store and generally have access and permissions to everything that the browser can access.
Tactics:	Persistence
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Process: Process Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 104

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 138

Chrome Cache Entry: 139

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Windows Analysis Report
https://fshjjfetalpacksrlfggghhgfgj.taplink.ws/