Windows Analysis Report
https://forms.office.com/e/qHrQPrc7jb

Overview

General Information

Sample URL:	https://forms.office.com/e/qHrQPrc7jb
Analysis ID:	1522764
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.137
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.137
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic

HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com

Source: global traffic	DNS traffic detected: DNS query: forms.office.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.forms.office.net
Source: global traffic	DNS traffic detected: DNS query: lists.office.com
Source: global traffic	DNS traffic detected: DNS query: c.office.com

Source: chromecache_93.2.dr, chromecache_92.2.dr	String found in binary or memory: https://aka.ms/FormsConsumerElite.
Source: chromecache_75.2.dr, chromecache_72.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/dll-dompurify.min.df1eebc.js.map/099c612d
Source: chromecache_80.2.dr, chromecache_102.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.4815435.js.
Source: chromecache_100.2.dr, chromecache_88.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.fdc36
Source: chromecache_95.2.dr, chromecache_103.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.eca08e1
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.5
Source: chromecache_89.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saverespons
Source: chromecache_87.2.dr, chromecache_76.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.9c1bfed.js.m
Source: chromecache_104.2.dr, chromecache_85.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.c113afa.js
Source: chromecache_73.2.dr, chromecache_86.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.f18b656.js.map/5d
Source: chromecache_91.2.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/0210047ec9bfc37a469971a7de97d39
Source: chromecache_101.2.dr	String found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png
Source: chromecache_101.2.dr	String found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.png
Source: chromecache_101.2.dr	String found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.png
Source: chromecache_95.2.dr, chromecache_103.2.dr	String found in binary or memory: https://contentstorage.onenote.office.net/onenoteltir/permanent-static-resources/immersive-reader-ic
Source: chromecache_82.2.dr, chromecache_74.2.dr	String found in binary or memory: https://endenburg-my.sharepoint.com/personal/slaar_endenburg_nl/_layouts/15/Doc.aspx?sourcedoc=%7B5E
Source: chromecache_82.2.dr, chromecache_74.2.dr	String found in binary or memory: https://forms.office.com/formapi/api/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/users/4ad60603-7a0a-4628-8
Source: chromecache_74.2.dr	String found in binary or memory: https://lists.office.com/Images/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/4ad60603-7a0a-4628-8b94-7f870bb
Source: chromecache_95.2.dr, chromecache_103.2.dr	String found in binary or memory: https://res-1.cdn.office.net/immersivereadersdk/permanent-static-resources/immersive-reader-icon.svg
Source: chromecache_95.2.dr, chromecache_103.2.dr	String found in binary or memory: https://res-1.cdn.office.net/immersivereadersdk/permanent-static-resources/promise-polyfill.min.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@16/52@18/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=2020,i,10439999508010067708,1740729500210645652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forms.office.com/e/qHrQPrc7jb"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=2020,i,10439999508010067708,1740729500210645652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
0.0.0.0	unknown	unknown	unknown	unknown	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.181.228	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.210.172	true
www.google.com	142.250.181.228	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
forms.office.com	unknown	unknown
c.office.com	unknown	unknown
cdn.forms.office.net	unknown	unknown
lists.office.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://forms.office.com/pages/responsepage.aspx?id=sfnCAhX75U64eLYRhd0dyAMG1koKeihGi5R_hwu7qwdUMFhDTjY0Q0lOTkk1MlhSSDNMQVA3UElGUy4u&route=shorturl	false		unknown

ID:	1522764
Product:	CloudBasic
Start time:	16:15:16
Start date:	30.09.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with very long lines (65536), with no line terminators	D90ADAF8CEBAF827A033E93EEF7B9728	A5259BF0E501EA82DAB8821EA1E25809C28512E9	C717BD2C7DE3B702BE9B7A3501E5E1C34FDB6D90563CB1AF3688645FC4C97D80
Chrome Cache Entry: 101	JSON data	4D945878F36DCBBF35C41B5BB6E5513E	786EDE7740452B1C38B1FFA47C28F4E70140EC5F	19DADB739E9886DBDDC79E9E916B753AC53A2C8C1A9560EF14AF28B400C234E0
Chrome Cache Entry: 102	Java source, ASCII text, with very long lines (17610)	7A1CBAE1C97AD1A1E67F351FAF0F81A4	6F024274F89AFC9319DFE7AD9D0F23A48E279DB1	32859A35E0C0F3BC47CCAF2A01830BF7A8C41702C026D0B74FF7E50BC7E6CD51
Chrome Cache Entry: 103	Unicode text, UTF-8 text, with very long lines (56644)	577C26DA9619E67AEC55EA28CF1F15BF	D360C9C0618161983B16C81D1061EE0147DE084A	BA015FC4563C702BF77CD3B9C4952C63B041692B377A88A962A96AB13ED48FFC
Chrome Cache Entry: 104	ASCII text, with very long lines (34044)	C6290B98AACB9BD99FE01B8BDFEE5225	DB72A766279EBDAB4C49424FC0B60D5F05EB1C64	5FD824C4B8BCC0B36276E18719C374F5B44F4DF9EA39666E1DEC13827F9F61A0
Chrome Cache Entry: 71	ASCII text, with very long lines (15299)	A3B1EBE0BE8938EC76AD9CFDA764DF57	B4B3749A456545A3A471A9DA41CDA03BCCCAE327	7B581BDC9767A1A2A6A808C825C6BEB7B46761DF6141B1B6D67B484883E3A0D0
Chrome Cache Entry: 72	ASCII text, with very long lines (16093)	CC672F00BA0081007FF06613F7DD3C91	5896193C3E21362FC5C0FAC4F0A6464B336251D0	7440C1475BE1A61688C1AF01710779C6A6C6BC630F7539525091989001C00626
Chrome Cache Entry: 73	ASCII text, with very long lines (38722)	2FEF82EED21EECEEC14F15E81204FF2D	40742612C36455C734C1D4052BF309F6399AAD9F	8FC30A0F10C4309DE5FDB000AFF75425A4C062B41339AD2A16E6B203A1ECDF19
Chrome Cache Entry: 74	JSON data	85EC786C55D8AEE454315A4FF1DF694A	A232EAAC253CCF8733B498F337D5A0E9C9F6070D	ED11285598A6E56CB612CA703F6609C67FE8D340F72F3D5D0A3B70713ADF5DE0
Chrome Cache Entry: 75	ASCII text, with very long lines (16093)	CC672F00BA0081007FF06613F7DD3C91	5896193C3E21362FC5C0FAC4F0A6464B336251D0	7440C1475BE1A61688C1AF01710779C6A6C6BC630F7539525091989001C00626
Chrome Cache Entry: 76	ASCII text, with very long lines (918)	19F88A9690395484D35F200B1BD999A9	43033D885678C2E3BDCB23070E018E8BDFB55A7F	600C36C9E419E1410A833B42D3257CFC535395253A8DD9F63D6A6AB1ADEB366C
Chrome Cache Entry: 77	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 78	PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced	311274C8C9C66E894F5AFA51FACD72CD	386D1FA0B2924DF2C21545CF2FF1DDE2CD985D33	BC3C029408DAB6B5CB676B990B2E21BDD474E4B2E45DAF87E70210539390BF49
Chrome Cache Entry: 79	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel	9425D8E9313A692BB3F022E8055FAB82	EDDCF3EA767D4C3042D01AC88594D7E795D8615C	F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
Chrome Cache Entry: 80	Java source, ASCII text, with very long lines (17610)	7A1CBAE1C97AD1A1E67F351FAF0F81A4	6F024274F89AFC9319DFE7AD9D0F23A48E279DB1	32859A35E0C0F3BC47CCAF2A01830BF7A8C41702C026D0B74FF7E50BC7E6CD51
Chrome Cache Entry: 81	HTML document, ASCII text, with very long lines (5844), with CRLF line terminators	56F9CD8A07135E776326431C8560F8F2	FCFF27C475A9FB014661B045B59C8BB4799A0392	0E1D105D6EE902B7279AEFD9E8AF21AB3E5D0CF058332A2A0E53A351524C75E6
Chrome Cache Entry: 82	JSON data	85EC786C55D8AEE454315A4FF1DF694A	A232EAAC253CCF8733B498F337D5A0E9C9F6070D	ED11285598A6E56CB612CA703F6609C67FE8D340F72F3D5D0A3B70713ADF5DE0
Chrome Cache Entry: 83	PNG image data, 192 x 192, 8-bit colormap, non-interlaced	4150A5D4F2B0284A9E62D247929DD2AA	97CA2D9ECE8F0855B2A93E6BFDFC4883685C51CB	F058653DCBA7E8B00D4BDB9409E06817F098AB18125CE5A5821520F04030D176
Chrome Cache Entry: 84	PNG image data, 192 x 192, 8-bit colormap, non-interlaced	4150A5D4F2B0284A9E62D247929DD2AA	97CA2D9ECE8F0855B2A93E6BFDFC4883685C51CB	F058653DCBA7E8B00D4BDB9409E06817F098AB18125CE5A5821520F04030D176
Chrome Cache Entry: 85	ASCII text, with very long lines (34044)	C6290B98AACB9BD99FE01B8BDFEE5225	DB72A766279EBDAB4C49424FC0B60D5F05EB1C64	5FD824C4B8BCC0B36276E18719C374F5B44F4DF9EA39666E1DEC13827F9F61A0
Chrome Cache Entry: 86	ASCII text, with very long lines (38722)	2FEF82EED21EECEEC14F15E81204FF2D	40742612C36455C734C1D4052BF309F6399AAD9F	8FC30A0F10C4309DE5FDB000AFF75425A4C062B41339AD2A16E6B203A1ECDF19
Chrome Cache Entry: 87	ASCII text, with very long lines (918)	19F88A9690395484D35F200B1BD999A9	43033D885678C2E3BDCB23070E018E8BDFB55A7F	600C36C9E419E1410A833B42D3257CFC535395253A8DD9F63D6A6AB1ADEB366C
Chrome Cache Entry: 88	ASCII text, with very long lines (65536), with no line terminators	D90ADAF8CEBAF827A033E93EEF7B9728	A5259BF0E501EA82DAB8821EA1E25809C28512E9	C717BD2C7DE3B702BE9B7A3501E5E1C34FDB6D90563CB1AF3688645FC4C97D80
Chrome Cache Entry: 89	ASCII text, with very long lines (32289)	8437E9939F242C6D7EF76F3C5DCBE520	7ED0DE86F92A1EB2C735677B078277D59874B719	518ADCE7E5734D8D5AFA4D26698F42C621ED1D5CE36F7D46999AFF4E307401C3
Chrome Cache Entry: 90	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 91	ASCII text, with very long lines (43627)	F2EEB2627892E1F965D7E7A001CDCE31	9307F51A4D83B12BE7085BA2E21CA62DD4EE9561	AF697F43BBFB036C4FB0D1076726B90B3E9F1D5A308C6BCC03DBDED3F591E80A
Chrome Cache Entry: 92	Unicode text, UTF-8 text, with very long lines (35053), with no line terminators	2260CFACC25DE59539D0B1D7A50F9270	84FECAFAFF77917530F170A1D3EBF70A51A9B7D1	9F00DFD9D0844DEA7FED92119F0E4149C4D6334169704CE875B14C1AC84E6629
Chrome Cache Entry: 93	Unicode text, UTF-8 text, with very long lines (35053), with no line terminators	2260CFACC25DE59539D0B1D7A50F9270	84FECAFAFF77917530F170A1D3EBF70A51A9B7D1	9F00DFD9D0844DEA7FED92119F0E4149C4D6334169704CE875B14C1AC84E6629
Chrome Cache Entry: 94	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel	9425D8E9313A692BB3F022E8055FAB82	EDDCF3EA767D4C3042D01AC88594D7E795D8615C	F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
Chrome Cache Entry: 95	Unicode text, UTF-8 text, with very long lines (56644)	577C26DA9619E67AEC55EA28CF1F15BF	D360C9C0618161983B16C81D1061EE0147DE084A	BA015FC4563C702BF77CD3B9C4952C63B041692B377A88A962A96AB13ED48FFC
Chrome Cache Entry: 96	PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced	311274C8C9C66E894F5AFA51FACD72CD	386D1FA0B2924DF2C21545CF2FF1DDE2CD985D33	BC3C029408DAB6B5CB676B990B2E21BDD474E4B2E45DAF87E70210539390BF49
Chrome Cache Entry: 97	ASCII text, with very long lines (15299)	A3B1EBE0BE8938EC76AD9CFDA764DF57	B4B3749A456545A3A471A9DA41CDA03BCCCAE327	7B581BDC9767A1A2A6A808C825C6BEB7B46761DF6141B1B6D67B484883E3A0D0
Chrome Cache Entry: 98	PNG image data, 2560 x 1440, 8-bit/color RGBA, non-interlaced	66292ED733349A0025751257AE6EBE6B	C6469FC515799B92DB06BB371075B9C4003311FF	5C5653A4DF6DC4340E2FF2CEA5466C0E8002F686D2321DAD65466EA028A391AA
Chrome Cache Entry: 99	PNG image data, 2560 x 1440, 8-bit/color RGBA, non-interlaced	66292ED733349A0025751257AE6EBE6B	C6469FC515799B92DB06BB371075B9C4003311FF	5C5653A4DF6DC4340E2FF2CEA5466C0E8002F686D2321DAD65466EA028A391AA

Windows Analysis Report
https://forms.office.com/e/qHrQPrc7jb

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://forms.office.com/e/qHrQPrc7jb

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://forms.office.com/e/qHrQPrc7jb