Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://forms.office.com/e/qHrQPrc7jb

Overview

General Information

Sample URL:https://forms.office.com/e/qHrQPrc7jb
Analysis ID:1522764
Infos:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

No high impact signatures.

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 1668 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3120 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=2020,i,10439999508010067708,1740729500210645652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6312 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forms.office.com/e/qHrQPrc7jb" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.126.137
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.126.137
Source: unknownTCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknownTCP traffic detected without corresponding DNS query: 217.20.57.34
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficDNS traffic detected: DNS query: forms.office.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: cdn.forms.office.net
Source: global trafficDNS traffic detected: DNS query: lists.office.com
Source: global trafficDNS traffic detected: DNS query: c.office.com
Source: chromecache_93.2.dr, chromecache_92.2.drString found in binary or memory: https://aka.ms/FormsConsumerElite.
Source: chromecache_75.2.dr, chromecache_72.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/dll-dompurify.min.df1eebc.js.map/099c612d
Source: chromecache_80.2.dr, chromecache_102.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.4815435.js.
Source: chromecache_100.2.dr, chromecache_88.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.fdc36
Source: chromecache_95.2.dr, chromecache_103.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.eca08e1
Source: chromecache_71.2.dr, chromecache_97.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.5
Source: chromecache_89.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saverespons
Source: chromecache_87.2.dr, chromecache_76.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.9c1bfed.js.m
Source: chromecache_104.2.dr, chromecache_85.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.c113afa.js
Source: chromecache_73.2.dr, chromecache_86.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.f18b656.js.map/5d
Source: chromecache_91.2.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/0210047ec9bfc37a469971a7de97d39
Source: chromecache_101.2.drString found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png
Source: chromecache_101.2.drString found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.png
Source: chromecache_101.2.drString found in binary or memory: https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.png
Source: chromecache_95.2.dr, chromecache_103.2.drString found in binary or memory: https://contentstorage.onenote.office.net/onenoteltir/permanent-static-resources/immersive-reader-ic
Source: chromecache_82.2.dr, chromecache_74.2.drString found in binary or memory: https://endenburg-my.sharepoint.com/personal/slaar_endenburg_nl/_layouts/15/Doc.aspx?sourcedoc=%7B5E
Source: chromecache_82.2.dr, chromecache_74.2.drString found in binary or memory: https://forms.office.com/formapi/api/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/users/4ad60603-7a0a-4628-8
Source: chromecache_74.2.drString found in binary or memory: https://lists.office.com/Images/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/4ad60603-7a0a-4628-8b94-7f870bb
Source: chromecache_95.2.dr, chromecache_103.2.drString found in binary or memory: https://res-1.cdn.office.net/immersivereadersdk/permanent-static-resources/immersive-reader-icon.svg
Source: chromecache_95.2.dr, chromecache_103.2.drString found in binary or memory: https://res-1.cdn.office.net/immersivereadersdk/permanent-static-resources/promise-polyfill.min.js
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49672
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2
Source: classification engineClassification label: clean0.win@16/52@18/4
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=2020,i,10439999508010067708,1740729500210645652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forms.office.com/e/qHrQPrc7jb"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=2020,i,10439999508010067708,1740729500210645652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    		unknown
    www.google.com
    		142.250.181.228
    		truefalse
      		unknown
      fp2e7a.wpc.phicdn.net
      		192.229.221.95
      		truefalse
        		unknown
        forms.office.com
        		unknown
        		unknownfalse
          		unknown
          c.office.com
          		unknown
          		unknownfalse
            		unknown
            cdn.forms.office.net
            		unknown
            		unknownfalse
              		unknown
              lists.office.com
              		unknown
              		unknownfalse
                		unknown

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://forms.office.com/pages/responsepage.aspx?id=sfnCAhX75U64eLYRhd0dyAMG1koKeihGi5R_hwu7qwdUMFhDTjY0Q0lOTkk1MlhSSDNMQVA3UElGUy4u&route=shorturlfalse
                  		unknown

                  URLs from Memory and Binaries

                  NameSourceMaliciousAntivirus DetectionReputation
                  https://endenburg-my.sharepoint.com/personal/slaar_endenburg_nl/_layouts/15/Doc.aspx?sourcedoc=%7B5Echromecache_82.2.dr, chromecache_74.2.drfalse
                    		unknown
                    https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.eca08e1chromecache_95.2.dr, chromecache_103.2.drfalse
                      		unknown
                      https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.fdc36chromecache_100.2.dr, chromecache_88.2.drfalse
                        		unknown
                        https://lists.office.com/Images/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/4ad60603-7a0a-4628-8b94-7f870bbchromecache_74.2.drfalse
                          		unknown
                          https://aka.ms/FormsConsumerElite.chromecache_93.2.dr, chromecache_92.2.drfalse
                            		unknown
                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.c113afa.jschromecache_104.2.dr, chromecache_85.2.drfalse
                              		unknown
                              https://forms.office.com/formapi/api/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/users/4ad60603-7a0a-4628-8chromecache_82.2.dr, chromecache_74.2.drfalse
                                		unknown
                                https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.9c1bfed.js.mchromecache_87.2.dr, chromecache_76.2.drfalse
                                  		unknown
                                  https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.5chromecache_71.2.dr, chromecache_97.2.drfalse
                                    		unknown
                                    https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/0210047ec9bfc37a469971a7de97d39chromecache_91.2.drfalse
                                      		unknown
                                      https://contentstorage.onenote.office.net/onenoteltir/permanent-static-resources/immersive-reader-icchromecache_95.2.dr, chromecache_103.2.drfalse
                                        		unknown
                                        https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.pngchromecache_101.2.drfalse
                                          		unknown
                                          https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saveresponschromecache_89.2.drfalse
                                            		unknown
                                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/dll-dompurify.min.df1eebc.js.map/099c612dchromecache_75.2.dr, chromecache_72.2.drfalse
                                              		unknown
                                              https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.pngchromecache_101.2.drfalse
                                                		unknown
                                                https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.4815435.js.chromecache_80.2.dr, chromecache_102.2.drfalse
                                                  		unknown
                                                  https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.pngchromecache_101.2.drfalse
                                                    		unknown
                                                    https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.f18b656.js.map/5dchromecache_73.2.dr, chromecache_86.2.drfalse
                                                      		unknown

                                                      World Map of Contacted IPs

                                                      • No. of IPs < 25%
                                                      • 25% < No. of IPs < 50%
                                                      • 50% < No. of IPs < 75%
                                                      • 75% < No. of IPs

                                                      Public IPs

                                                      IPDomainCountryFlagASNASN NameMalicious
                                                      0.0.0.0
                                                      		unknownunknown
                                                      		unknownunknownfalse
                                                      239.255.255.250
                                                      		unknownReserved
                                                      		unknownunknownfalse
                                                      142.250.181.228
                                                      		www.google.comUnited States
                                                      		15169GOOGLEUSfalse

                                                      Private

                                                      IP
                                                      192.168.2.4

                                                      General Information

                                                      Joe Sandbox version:41.0.0 Charoite
                                                      Analysis ID:1522764
                                                      Start date and time:2024-09-30 16:15:16 +02:00
                                                      Joe Sandbox product:CloudBasic
                                                      Overall analysis duration:0h 3m 26s
                                                      Hypervisor based Inspection enabled:false
                                                      Report type:full
                                                      Cookbook file name:browseurl.jbs
                                                      Sample URL:https://forms.office.com/e/qHrQPrc7jb
                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                      Number of analysed new started processes analysed:8
                                                      Number of new started drivers analysed:0
                                                      Number of existing processes analysed:0
                                                      Number of existing drivers analysed:0
                                                      Number of injected processes analysed:0
                                                      Technologies:
                                                      • HCA enabled
                                                      • EGA enabled
                                                      • AMSI enabled
                                                      Analysis Mode:default
                                                      Analysis stop reason:Timeout
                                                      Detection:CLEAN
                                                      Classification:clean0.win@16/52@18/4
                                                      EGA Information:Failed
                                                      HCA Information:
                                                      • Successful, ratio: 100%
                                                      • Number of executed functions: 0
                                                      • Number of non-executed functions: 0

                                                      Warnings

                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                      • Excluded IPs from analysis (whitelisted): 64.233.184.84, 142.250.185.67, 142.250.185.142, 34.104.35.123, 13.107.6.194, 2.21.22.185, 2.21.22.168, 52.111.243.107, 13.74.129.1, 204.79.197.237, 13.107.21.237, 4.175.87.197, 199.232.210.172, 20.50.73.9, 192.229.221.95, 20.3.187.198, 13.69.116.107, 13.95.31.18, 142.250.74.195
                                                      • Excluded domains from analysis (whitelisted): c-msn-com-nsatc.trafficmanager.net, slscr.update.microsoft.com, cdn.forms.office.net.edgesuite.net, clientservices.googleapis.com, clients2.google.com, ocsp.digicert.com, prod.lists.office.com.akadns.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, onedscolprdweu09.westeurope.cloudapp.azure.com, sls.update.microsoft.com, update.googleapis.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, b-0039.b-msedge.net, fs.microsoft.com, accounts.google.com, c-bing-com.dual-a-0034.a-msedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, eu.events.data.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, a1894.dscms.akamai.net, onedscolprdneu01.northeurope.cloudapp.azure.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, c.bing.com, dual-a-0034.a-msedge.net, clients.l.google.com, forms.office.com.b-0039.b-msedge.net, eu-mobile.events.data.microsoft.com
                                                      • Not all processes where analyzed, report is missing behavior information
                                                      • Report size getting too big, too many NtSetInformationFile calls found.
                                                      • VT rate limit hit for: https://forms.office.com/e/qHrQPrc7jb

                                                      Simulations

                                                      Behavior and APIs

                                                      No simulations

                                                      LLM Input / Output

                                                      InputOutput
                                                      URL: https://forms.office.com/pages/responsepage.aspx?id=sfnCAhX75U64eLYRhd0dyAMG1koKeihGi5R_hwu7qwdUMFhDTjY0Q0lOTkk1MlhSSDNMQVA3UElGUy4u&route=shorturl Model: jbxai
                                                      {
"brand":["Microsoft 365"],
"contains_trigger_text":true,
"trigger_text":"Endenburg Event Registratie 21 November 2024",
"prominent_button_name":"Start now",
"text_input_field_labels":["password",
"Report abuse"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                                                      URL: https://forms.office.com/pages/responsepage.aspx?id=sfnCAhX75U64eLYRhd0dyAMG1koKeihGi5R_hwu7qwdUMFhDTjY0Q0lOTkk1MlhSSDNMQVA3UElGUy4u&route=shorturl Model: jbxai
                                                      {
"phishing_score":1,
"brands":"Microsoft 365",
"legit_domain":"office.com",
"classification":"wellknown",
"reasons":["The URL 'forms.office.com' is a subdomain of 'office.com',
 which is a legitimate domain associated with Microsoft 365.",
"Microsoft 365 is a well-known brand,
 and 'office.com' is the correct domain for Microsoft Office services.",
"The presence of input fields such as 'password' and 'Report abuse' is typical for legitimate Microsoft services."],
"brand_matches":[false],
"url_match":false,
"brand_input":"Microsoft 365",
"input_fields":"password,
 Report abuse"}

                                                      Joe Sandbox View / Context

                                                      IPs

                                                      No context

                                                      Domains

                                                      No context

                                                      ASNs

                                                      No context

                                                      JA3 Fingerprints

                                                      No context

                                                      Dropped Files

                                                      No context

                                                      Created / dropped Files

                                                      Chrome Cache Entry: 100

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (65536), with no line terminators
                                                      Category:dropped
                                                      Size (bytes):72660
                                                      Entropy (8bit):5.493154373563818
                                                      Encrypted:false
                                                      SSDEEP:768:HElSRzDRagplyfv1Pn9p3aNRL0+L0Y6Sw0OdqmcaIYiX/l1c/6L+UqR9lx2rryPu:MGfiHo0Z0whikHVvlewmUqp
                                                      MD5:D90ADAF8CEBAF827A033E93EEF7B9728
                                                      SHA1:A5259BF0E501EA82DAB8821EA1E25809C28512E9
                                                      SHA-256:C717BD2C7DE3B702BE9B7A3501E5E1C34FDB6D90563CB1AF3688645FC4C97D80
                                                      SHA-512:1C9CA3FC2CB0DE0FEC88C631B15220A5E9BFBB1167C796AFD44D92539A03EA23C18D4DA789339C328856CE0271CA92ACB42307956D08C0BC5E03EB8E105CC59B
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[451],{1607:function(e,t,n){n.d(t,{p:function(){return o}});var i=n(33377);function o(e){for(var t=[],n=1;n<arguments.length;n++)t[n-1]=arguments[n];for(var o=[],r=0,_=t;r<_.length;r++){var a=_[r];a&&o.push("function"==typeof a?a(e):a)}return 1===o.length?o[0]:o.length?i.T.apply(void 0,o):{}}},3025:function(e,t,n){n.d(t,{n:function(){return _}});var i=n(94335),o=n(75265),r=n(34255);function _(e){var t=o.n.getInstance(),n=(0,r.bz)((0,i.Iy)(),e);if(!t.classNameFromKey(n)){var _=t.getClassName();t.insertRule("@font-face{".concat(n,"}"),!0),t.cacheClassName(_,n,[],["font-face",n])}}},84272:function(e,t,n){n.r(t),n.d(t,{AnimationClassNames:function(){return Q},AnimationStyles:function(){return P},AnimationVariables:function(){return j},ColorClassNames:function(){return be},DefaultEffects:function(){return Se.W},DefaultFontStyles:function(){return J.d},DefaultPalette:function(){return ee.b},EdgeChromiumHighContrastSelector:function

                                                      Chrome Cache Entry: 101

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:downloaded
                                                      Size (bytes):530
                                                      Entropy (8bit):4.860983185588505
                                                      Encrypted:false
                                                      SSDEEP:12:YQkMf5WwJJqjJs1JJ7vIL1JJfde3s+Fwb8:Yaf5WwJJqiJJ7qJJ6snb8
                                                      MD5:4D945878F36DCBBF35C41B5BB6E5513E
                                                      SHA1:786EDE7740452B1C38B1FFA47C28F4E70140EC5F
                                                      SHA-256:19DADB739E9886DBDDC79E9E916B753AC53A2C8C1A9560EF14AF28B400C234E0
                                                      SHA-512:37E16ACE0F5DF65065C150FB05E7968A5B3AA828F66EFDEF29DD78EF4C2D4B29D0C4F81502CDA069F1EFB0B0329FA69BC309579D74A447E2B7FE9E27AC9CCD99
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://forms.office.com/pwa/en-us/app.webmanifest
                                                      Preview:{"lang":"en-us","name":"Microsoft Forms","short_name":"Forms","icons":[{"src":"https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png","sizes":"192x192","type":"image/png"},{"src":"https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-256.png","sizes":"256x256","type":"image/png"},{"src":"https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-512.png","sizes":"512x512","type":"image/png"}],"scope":"/","start_url":"/?pwa=1","display":"minimal-ui","theme_color":"#03787c","background_color":"#ffffff"}

                                                      Chrome Cache Entry: 102

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Java source, ASCII text, with very long lines (17610)
                                                      Category:dropped
                                                      Size (bytes):110658
                                                      Entropy (8bit):5.424597933748236
                                                      Encrypted:false
                                                      SSDEEP:1536:/Cf+ZacM19IMTTYzIX+NeGEAqaM/0D4HcvJaS5V96tL:/CGZSmcTYzI6EVaMJ88S5/yL
                                                      MD5:7A1CBAE1C97AD1A1E67F351FAF0F81A4
                                                      SHA1:6F024274F89AFC9319DFE7AD9D0F23A48E279DB1
                                                      SHA-256:32859A35E0C0F3BC47CCAF2A01830BF7A8C41702C026D0B74FF7E50BC7E6CD51
                                                      SHA-512:7D15A261B69A80E70BE9628839EF9C904AF335347603EA2A299E64F5E3D13EA6C13B0B1D6213EF08188D1140C40AADDAB7AA9E04C9A5D2E26DB3A4217368802D
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[267],{62141:function(n,r,t){t.d(r,{A:function(){return kn}});var e,u=t(86783),i=t(25621),o=t(1880),f=t(38805),c=t(35091),a=t(75072),l=t(8730),v=t(31927),s=t(6845),d=t(46718),p="locale",h="ver",y="name",g=(0,d.oP)({UserExt:[0,"user"],DeviceExt:[1,"device"],TraceExt:[2,"trace"],WebExt:[3,"web"],AppExt:[4,"app"],OSExt:[5,"os"],SdkExt:[6,"sdk"],IntWebExt:[7,"intweb"],UtcExt:[8,"utc"],LocExt:[9,"loc"],CloudExt:[10,"cloud"],DtExt:[11,"dt"]}),m=(0,d.oP)({id:[0,"id"],ver:[1,h],appName:[2,y],locale:[3,p],expId:[4,"expId"],env:[5,"env"]}),S=(0,d.oP)({domain:[0,"domain"],browser:[1,"browser"],browserVer:[2,"browserVer"],screenRes:[3,"screenRes"],userConsent:[4,"userConsent"],consentDetails:[5,"consentDetails"]}),w=(0,d.oP)({locale:[0,p],localId:[1,"localId"],id:[2,"id"]}),C=(0,d.oP)({osName:[0,y],ver:[1,h]}),T=(0,d.oP)({ver:[0,h],seq:[1,"seq"],installId:[2,"installId"],epoch:[3,"epoch"]}),b=(0,d.oP)({msfpc:[0,"msfpc"],anid:[1,"anid"],s

                                                      Chrome Cache Entry: 103

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (56644)
                                                      Category:downloaded
                                                      Size (bytes):426648
                                                      Entropy (8bit):5.665169552590326
                                                      Encrypted:false
                                                      SSDEEP:6144:h7qScw0qCNLesuRspMKR3/4qvwWZTKEqP1JLurqb3N/VkdaBH3HOW9Qxh/c2:tqSv0qCNLexorUNNI6Re8BH3i
                                                      MD5:577C26DA9619E67AEC55EA28CF1F15BF
                                                      SHA1:D360C9C0618161983B16C81D1061EE0147DE084A
                                                      SHA-256:BA015FC4563C702BF77CD3B9C4952C63B041692B377A88A962A96AB13ED48FFC
                                                      SHA-512:42CB423E0BA236C4EEB8555CEBB1728C98462DCB07A2C6FC9A6901C9ADF1478CB223FFA004C55203C25C3E2D83E16A0D30A2408610C643F9DB31BB0080FAC5DE
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.eca08e1.js
                                                      Preview:(self.webpackChunk=self.webpackChunk||[]).push([[579],{60687:function(n,e,t){"use strict";t.d(e,{C6:function(){return i},Cl:function(){return o},YH:function(){return u},aN:function(){return c},sH:function(){return a}});./*! @azure/msal-common v13.3.0 2023-08-24 */./*! *****************************************************************************.Copyright (c) Microsoft Corporation...Permission to use, copy, modify, and/or distribute this software for any.purpose with or without fee is hereby granted...THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH.REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY.AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,.INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM.LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR.OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR.PERFORMANCE OF THIS SOFTWARE..********

                                                      Chrome Cache Entry: 104

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (34044)
                                                      Category:downloaded
                                                      Size (bytes):144193
                                                      Entropy (8bit):5.4399901194393845
                                                      Encrypted:false
                                                      SSDEEP:1536:ltd8NMpyKtmrRWe9/oPlR6SEB1zQ1FOGRhKI907yM12q5qEPwKaiJlgxgMIIed:ltdTy+mboPloENRhL9ded
                                                      MD5:C6290B98AACB9BD99FE01B8BDFEE5225
                                                      SHA1:DB72A766279EBDAB4C49424FC0B60D5F05EB1C64
                                                      SHA-256:5FD824C4B8BCC0B36276E18719C374F5B44F4DF9EA39666E1DEC13827F9F61A0
                                                      SHA-512:31CF4030394BBD5555CC70F9AEC83D6DA481FD3CF62FA9E8DB1B5DA9865BEF0B1E0061E12D63285FDB3A4BBA556435DF210019E007CF749B9A333FA856678CA2
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.c113afa.js
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[231],{8730:function(n,e,t){t.d(e,{A:function(){return w}});var r=t(86783),i=t(25621),u=t(35091),o=t(1880),a=t(38805),f=t(75072),c=t(6817),s=t(98090),l=t(98104),v=t(78984),d=t(82873),m=t(48832),p=500;function b(n,e,t){e&&(0,a.cy)(e)&&e[s.oI]>0&&(e=e.sort((function(n,e){return n[v.Vo]-e[v.Vo]})),(0,a.Iu)(e,(function(n){n[v.Vo]<p&&(0,a.$8)("Channel has invalid priority - "+n[s.Ju])})),n[s.y5]({queue:(0,a.N6)(e),chain:(0,d.PV)(e,t[s.GA],t)}))}var y=t(73214),_=t(62032),h=t(49759),T=function(n){function e(){var t,r,i=n.call(this)||this;function o(){t=0,r=[]}return i.identifier="TelemetryInitializerPlugin",i.priority=199,o(),(0,c.A)(e,i,(function(n,e){n.addTelemetryInitializer=function(n){var e={id:t++,fn:n};return r[s.y5](e),{remove:function(){(0,a.Iu)(r,(function(n,t){if(n.id===e.id)return r[s.Ic](t,1),-1}))}}},n[v.qT]=function(e,t){for(var i=!1,o=r[s.oI],c=0;c<o;++c){var l=r[c];if(l)try{if(!1===l.fn[s.y9](null,[e])){i=!0;break}}

                                                      Chrome Cache Entry: 71

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (15299)
                                                      Category:downloaded
                                                      Size (bytes):15555
                                                      Entropy (8bit):5.47686562483099
                                                      Encrypted:false
                                                      SSDEEP:192:SpWI6coOn7vqp2Fybnmi6llXsqH4BxJNaeuczHYfy9eL9L7zf8aB:SpWI6c2zghH4HJNaeuczHqRb
                                                      MD5:A3B1EBE0BE8938EC76AD9CFDA764DF57
                                                      SHA1:B4B3749A456545A3A471A9DA41CDA03BCCCAE327
                                                      SHA-256:7B581BDC9767A1A2A6A808C825C6BEB7B46761DF6141B1B6D67B484883E3A0D0
                                                      SHA-512:C67DFE3C05680C9F07BD2A8CF0DDA6DA56D3A900DE2D6735788B93E6DA000FDDE8E9B4DCCA2E9B1EFA315EACF555CCDCFA73C7B7A8392116218D460D44C3A8B9
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.532d16c.js
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[294],{44330:function(n,e,r){function t(){return Date.now||(Date.now=function(){return(new Date).getTime()}),Math.floor(Date.now())}r.d(e,{JY:function(){return t}})},96900:function(n,e,r){r.r(e),r.d(e,{BrandingFooter:function(){return C}});var t=r(41827),i=r(92831),o=r(48723),a=r(30062),u=r(97666),c=r(23084),l=r(70574),f=r(98765),s=r(83778),d=r(29383),p=r(38826),$=r(71201),_=r(44695),v=r(6134),m=r(97892),g=r(69455),h=r(18190),w=r(8484),b=r(70918),k=r(6637),y=function(n,e){return function(r,t){var i=t();return r((0,k.X)("Branding.Footer.M365.Click",{isShare:(0,m.Hc)(i),isPreview:(0,m.qx)(i),fullScreen:n,isFormRuntime:(0,b.G1)(i),pageType:e}))}},x=r(38599),L=r(17543),R=r(74371),M=r(32225),S=function(n,e,r,i){var o,u;return[{$r:{background:r,width:"100%","@media print":{background:d.O.$g,color:d.O.$h},paddingTop:0},$a:{width:"100%"},$cL:{width:"100%",lineHeight:"1.3",fontSize:12,color:d.O.$h,marginTop:0,marginBottom:4},$jz:{disp

                                                      Chrome Cache Entry: 72

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (16093)
                                                      Category:dropped
                                                      Size (bytes):38123
                                                      Entropy (8bit):5.308751797569307
                                                      Encrypted:false
                                                      SSDEEP:768:Kqv6dXv8pMh0PcvWVtJIpaf57y3/9g570+7zpbphHUSMKd/FgrLp1pWr0qepjW8e:U8S0PekJKO57y3/9g57tpi9np1ps7
                                                      MD5:CC672F00BA0081007FF06613F7DD3C91
                                                      SHA1:5896193C3E21362FC5C0FAC4F0A6464B336251D0
                                                      SHA-256:7440C1475BE1A61688C1AF01710779C6A6C6BC630F7539525091989001C00626
                                                      SHA-512:702F8992F2EFC036B1D293A6FC689BBBCAC6407D081E723FB7F13634662DD65574824C228F04D997F5DD0B39E9FF06B2E7DE7B8C9E86905C1DAA94254E4E9B70
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:var _dll_dompurify_4ce7410a16ea8d4708eb;(()=>{var t={234:function(t){./*! @license DOMPurify | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/2.2.2/LICENSE */.t.exports=function(){"use strict";function t(t){if(Array.isArray(t)){for(var e=0,n=Array(t.length);e<t.length;e++)n[e]=t[e];return n}return Array.from(t)}var e=Object.hasOwnProperty,n=Object.setPrototypeOf,o=Object.isFrozen,r=Object.freeze,i=Object.seal,s=Object.create,a="undefined"!=typeof Reflect&&Reflect,c=a.apply,l=a.construct;c||(c=function(t,e,n){return t.apply(e,n)}),r||(r=function(t){return t}),i||(i=function(t){return t}),l||(l=function(e,n){return new(Function.prototype.bind.apply(e,[null].concat(t(n))))});var u=T(Array.prototype.forEach),p=T(Array.prototype.pop),d=T(Array.prototype.push),f=T(String.prototype.toLowerCase),m=T(String.prototype.match),h=T(String.prototype.replace),y=T(String.prototype.indexOf),w=T(String.prototype

                                                      Chrome Cache Entry: 73

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (38722)
                                                      Category:dropped
                                                      Size (bytes):491507
                                                      Entropy (8bit):5.476687102069726
                                                      Encrypted:false
                                                      SSDEEP:6144:NaCEfUcvORvALgY1BVupdiyQODXCaWrEzSTME1WgdLmRMvclC:I71qdcBaZIME1BRmRM1
                                                      MD5:2FEF82EED21EECEEC14F15E81204FF2D
                                                      SHA1:40742612C36455C734C1D4052BF309F6399AAD9F
                                                      SHA-256:8FC30A0F10C4309DE5FDB000AFF75425A4C062B41339AD2A16E6B203A1ECDF19
                                                      SHA-512:498C17144C9CBD4BC2AC9E1B586CD003B627C378E549A9218E5DA0578AA46DC40DDC77B4D0DCB3CE887D80ED368F1E7FBE6445FB9C49647DD92DD48176EF86AC
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:!function(){var n,t,r,e,i,o={94335:function(n,t,r){"use strict";function e(n){o!==n&&(o=n)}function i(){return void 0===o&&(o="undefined"!=typeof document&&!!document.documentElement&&"rtl"===document.documentElement.getAttribute("dir")),o}var o;function u(){return{rtl:i()}}r.d(t,{DU:function(){return e},Iy:function(){return u}}),o=i()},75265:function(n,t,r){"use strict";r.d(t,{b:function(){return o},n:function(){return c}});var e,i=r(41827),o={none:0,insertNode:1,appendChild:2},u="undefined"!=typeof navigator&&/rv:11.0/.test(navigator.userAgent),a={};try{a=window||{}}catch(n){}var c=function(){function n(n,t){var r,e,u,a,c,f;this._rules=[],this._preservedRules=[],this._counter=0,this._keyToClassName={},this._onInsertRuleCallbacks=[],this._onResetCallbacks=[],this._classNameToArgs={},this._config=(0,i.Cl)({injectionMode:"undefined"==typeof document?o.none:o.insertNode,defaultPrefix:"css",namespace:void 0,cspSettings:void 0},n),this._classNameToArgs=null!==(r=null==t?void 0:t.classNameT

                                                      Chrome Cache Entry: 74

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:dropped
                                                      Size (bytes):8682
                                                      Entropy (8bit):5.3805489973006315
                                                      Encrypted:false
                                                      SSDEEP:192:A9aqDMFwKEI+8DW6G+/SDWvDP1G+jN2pAG+iCfWQG+/DafC/ozukeeB67LaYY+Tj:gR2/vSMpyUvDMKo/eeUmYY+Tj
                                                      MD5:85EC786C55D8AEE454315A4FF1DF694A
                                                      SHA1:A232EAAC253CCF8733B498F337D5A0E9C9F6070D
                                                      SHA-256:ED11285598A6E56CB612CA703F6609C67FE8D340F72F3D5D0A3B70713ADF5DE0
                                                      SHA-512:565679A431C02676CF5907E3DB4B690588BCF5A33D49124380F06C476EE9AE6E7B3B5438928E9D325BE1814FB669028BDC92C638482A329F3895E887240B3EF4
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:{"responses":null,"form":{"description":"Inschrijving voor de \nEndenburg kennissessie in Rotterdam: Slimme tech als antwoord op de personeelskrapte","onlineSafetyLevel":0,"reputationTier":1,"background":{"altText":"","contentType":"image/png","fileIdentifier":"c53b8111-429b-4f1b-881b-3a0f4121bdd0","originalFileName":"e1852616-0cc2-4728-bf76-992651db5fe5","resourceId":"c3828107-bc36-4c54-a636-fc1113005d55","resourceUrl":"https://lists.office.com/Images/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/4ad60603-7a0a-4628-8b94-7f870bbbab07/T0XCN64CINNI52XRH3LAP7PIFS/c3828107-bc36-4c54-a636-fc1113005d55","height":null,"width":null,"size":null},"header":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"logo":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"tableId":"T0XCN64CINNI52XRH3LAP

                                                      Chrome Cache Entry: 75

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (16093)
                                                      Category:downloaded
                                                      Size (bytes):38123
                                                      Entropy (8bit):5.308751797569307
                                                      Encrypted:false
                                                      SSDEEP:768:Kqv6dXv8pMh0PcvWVtJIpaf57y3/9g570+7zpbphHUSMKd/FgrLp1pWr0qepjW8e:U8S0PekJKO57y3/9g57tpi9np1ps7
                                                      MD5:CC672F00BA0081007FF06613F7DD3C91
                                                      SHA1:5896193C3E21362FC5C0FAC4F0A6464B336251D0
                                                      SHA-256:7440C1475BE1A61688C1AF01710779C6A6C6BC630F7539525091989001C00626
                                                      SHA-512:702F8992F2EFC036B1D293A6FC689BBBCAC6407D081E723FB7F13634662DD65574824C228F04D997F5DD0B39E9FF06B2E7DE7B8C9E86905C1DAA94254E4E9B70
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.df1eebc.js
                                                      Preview:var _dll_dompurify_4ce7410a16ea8d4708eb;(()=>{var t={234:function(t){./*! @license DOMPurify | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/2.2.2/LICENSE */.t.exports=function(){"use strict";function t(t){if(Array.isArray(t)){for(var e=0,n=Array(t.length);e<t.length;e++)n[e]=t[e];return n}return Array.from(t)}var e=Object.hasOwnProperty,n=Object.setPrototypeOf,o=Object.isFrozen,r=Object.freeze,i=Object.seal,s=Object.create,a="undefined"!=typeof Reflect&&Reflect,c=a.apply,l=a.construct;c||(c=function(t,e,n){return t.apply(e,n)}),r||(r=function(t){return t}),i||(i=function(t){return t}),l||(l=function(e,n){return new(Function.prototype.bind.apply(e,[null].concat(t(n))))});var u=T(Array.prototype.forEach),p=T(Array.prototype.pop),d=T(Array.prototype.push),f=T(String.prototype.toLowerCase),m=T(String.prototype.match),h=T(String.prototype.replace),y=T(String.prototype.indexOf),w=T(String.prototype

                                                      Chrome Cache Entry: 76

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (918)
                                                      Category:downloaded
                                                      Size (bytes):1152
                                                      Entropy (8bit):5.363646055902644
                                                      Encrypted:false
                                                      SSDEEP:24:icYJSsfAIMaGn03sJKEDLbRlnMSrDDNGc2b7//8mbqdCu/pb7E6:icvsfAPaGSMKuLFRDRunrbY97V
                                                      MD5:19F88A9690395484D35F200B1BD999A9
                                                      SHA1:43033D885678C2E3BDCB23070E018E8BDFB55A7F
                                                      SHA-256:600C36C9E419E1410A833B42D3257CFC535395253A8DD9F63D6A6AB1ADEB366C
                                                      SHA-512:46DE4DC998602E551ED1E7D5F276DCFA3DCDDF340A6863E2A64E0684500490916AD9430127EC4BD6B3DB1B5E55B31E4B64C498642D055EF7C7DA571961798CEB
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.9c1bfed.js
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[725],{36001:function(r,e,n){n.r(e),n.d(e,{register:function(){return f}});var t=n(41827),i=n(91676),s=n(17891),u=n(75187),c=n(18992),o=n(59198),a=n(98856);function f(r){return(0,t.sH)(this,void 0,void 0,(function(){var e,n;return(0,t.YH)(this,(function(t){switch(t.label){case 0:return t.trys.push([0,5,,6]),(0,a.hN)()?(0,o.K7)("UnregisterServiceWorker")?[4,navigator.serviceWorker.getRegistrations().then((function(r){return Promise.all(r.map((function(r){return r.unregister()})))}))]:[3,2]:[2];case 1:return t.sent(),[2];case 2:return(0,o.K7)("ServiceWorkerEnabled")||"1"===(0,u.Db)().fsw?(e=r?"Business":(0,s.m1)().ring,[4,navigator.serviceWorker.register((0,i.ab)("/sw.js?ring=".concat(e)))]):[3,4];case 3:t.sent(),t.label=4;case 4:return[3,6];case 5:return n=t.sent(),(0,c.O7)("ServiceWorker.Registration.Error",n),[3,6];case 6:return[2]}}))}))}}}]);..//# sourceMappingURL=https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/

                                                      Chrome Cache Entry: 77

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:dropped
                                                      Size (bytes):72
                                                      Entropy (8bit):4.241202481433726
                                                      Encrypted:false
                                                      SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                      MD5:9E576E34B18E986347909C29AE6A82C6
                                                      SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                      SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                      SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                      Chrome Cache Entry: 78

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced
                                                      Category:dropped
                                                      Size (bytes):5895
                                                      Entropy (8bit):7.720248605671278
                                                      Encrypted:false
                                                      SSDEEP:96:n40H7NhvmuFFBL413wHGfZ1rsrohnXcF1BN8+PrfUFd0abvPsrXf:nbRFmuxcJfLrvnXcFjNRUFd00Wv
                                                      MD5:311274C8C9C66E894F5AFA51FACD72CD
                                                      SHA1:386D1FA0B2924DF2C21545CF2FF1DDE2CD985D33
                                                      SHA-256:BC3C029408DAB6B5CB676B990B2E21BDD474E4B2E45DAF87E70210539390BF49
                                                      SHA-512:2117BC16AC878BCC307CEA0DEFA0638800715330E83E9C8C1CAD7398BBF207E9432391B851E004308FB75C20C2D6F587D015FA3FB13F8630FE3E0C7E194979FC
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:.PNG........IHDR.............[.o.....IDATx......U.....xi.#..l.%3J.t.D\If5h.......>.Ft.....].8f..A...(../....D..1b.%.9:1y.LD.3...~Y....?..........(.s....~.nh........................................................................................................................................................................@...6`.W.....z.m..z....@.:.`..e.agn..w[-..}O.L...Gf.h.V....Wlu......n.....ek...z...Z...lu..AMP..@P...........&... ..j..AMP..@P..............3f.X).K._.J..+....d...5A.t..c._...R6K.2....@P.6A=}...'O...WZ[[{....;~..w[..7.x9.....uR~-.....7GB..0a..e?.........S...R&.<..X.2..r..}.>.hii.]......Q.N.iL..]..>y.r.\.."..U.g..A......K....'....q.LP..o..O..-.l...{....{)...+.....\N...9...P.d..+....B.[.Z..d.....e>...#i~%D.8Y&.E...L..M.+..OX..J1...|.do&......9..+8.[......ady...P_.....m.....mA-.P...A......a.e.zW.w..EnbIX.3.j.....k....[..Y...q[.r4...xY.....+w.g....Sk\#F..;9&.....4....f...I.'X....n.r.$.APw.P.A....M..8=..).0_.h./...b.....g......e.S...

                                                      Chrome Cache Entry: 79

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                      Category:dropped
                                                      Size (bytes):7886
                                                      Entropy (8bit):3.973130033666625
                                                      Encrypted:false
                                                      SSDEEP:48:gzeweweQeQeQe2eWe+RjvChvL42Kcb/M96GgEfY86d:pNNttt3X8upiJvQFd
                                                      MD5:9425D8E9313A692BB3F022E8055FAB82
                                                      SHA1:EDDCF3EA767D4C3042D01AC88594D7E795D8615C
                                                      SHA-256:F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
                                                      SHA-512:93B3EB3C4CE385D80D4A8F6902355BBD156AC1AA20B8869AF05C8E714E90E74C5630BB8DE34D5B8FC9F876AC44BE314F3A2A08B3163295ADADBC6DD7B8D23561
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:...... .... .....6......... ............... .h...f...(... ...@..... .........................................................................................................................................................................................................................................................................................................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................ZV..ZV..ZV..ZV..ZV..ZV..ZV..ZV..^Z..pl..pl..pl..pl..................................|x..pl..pl..................................QN..QN..QN..QN..QN..QN..QN..QN..QN..c`..pl..pl..pl..................................|x..pl..pl............

                                                      Chrome Cache Entry: 80

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Java source, ASCII text, with very long lines (17610)
                                                      Category:downloaded
                                                      Size (bytes):110658
                                                      Entropy (8bit):5.424597933748236
                                                      Encrypted:false
                                                      SSDEEP:1536:/Cf+ZacM19IMTTYzIX+NeGEAqaM/0D4HcvJaS5V96tL:/CGZSmcTYzI6EVaMJ88S5/yL
                                                      MD5:7A1CBAE1C97AD1A1E67F351FAF0F81A4
                                                      SHA1:6F024274F89AFC9319DFE7AD9D0F23A48E279DB1
                                                      SHA-256:32859A35E0C0F3BC47CCAF2A01830BF7A8C41702C026D0B74FF7E50BC7E6CD51
                                                      SHA-512:7D15A261B69A80E70BE9628839EF9C904AF335347603EA2A299E64F5E3D13EA6C13B0B1D6213EF08188D1140C40AADDAB7AA9E04C9A5D2E26DB3A4217368802D
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4815435.js
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[267],{62141:function(n,r,t){t.d(r,{A:function(){return kn}});var e,u=t(86783),i=t(25621),o=t(1880),f=t(38805),c=t(35091),a=t(75072),l=t(8730),v=t(31927),s=t(6845),d=t(46718),p="locale",h="ver",y="name",g=(0,d.oP)({UserExt:[0,"user"],DeviceExt:[1,"device"],TraceExt:[2,"trace"],WebExt:[3,"web"],AppExt:[4,"app"],OSExt:[5,"os"],SdkExt:[6,"sdk"],IntWebExt:[7,"intweb"],UtcExt:[8,"utc"],LocExt:[9,"loc"],CloudExt:[10,"cloud"],DtExt:[11,"dt"]}),m=(0,d.oP)({id:[0,"id"],ver:[1,h],appName:[2,y],locale:[3,p],expId:[4,"expId"],env:[5,"env"]}),S=(0,d.oP)({domain:[0,"domain"],browser:[1,"browser"],browserVer:[2,"browserVer"],screenRes:[3,"screenRes"],userConsent:[4,"userConsent"],consentDetails:[5,"consentDetails"]}),w=(0,d.oP)({locale:[0,p],localId:[1,"localId"],id:[2,"id"]}),C=(0,d.oP)({osName:[0,y],ver:[1,h]}),T=(0,d.oP)({ver:[0,h],seq:[1,"seq"],installId:[2,"installId"],epoch:[3,"epoch"]}),b=(0,d.oP)({msfpc:[0,"msfpc"],anid:[1,"anid"],s

                                                      Chrome Cache Entry: 81

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:HTML document, ASCII text, with very long lines (5844), with CRLF line terminators
                                                      Category:downloaded
                                                      Size (bytes):7914
                                                      Entropy (8bit):4.4735908000780045
                                                      Encrypted:false
                                                      SSDEEP:192:SpQxQDWiOYDOBazx3Vg+V77dk7wxQNy5Z3DVSe:SozYDPzx3Vz7dpdZzV7
                                                      MD5:56F9CD8A07135E776326431C8560F8F2
                                                      SHA1:FCFF27C475A9FB014661B045B59C8BB4799A0392
                                                      SHA-256:0E1D105D6EE902B7279AEFD9E8AF21AB3E5D0CF058332A2A0E53A351524C75E6
                                                      SHA-512:E75E2B65828CDE51CA880AEE30A74A3EE04B25B0FC0D2AF5B4BB675B62B592CF12D284771A0CE0A8174295F93C4D9007DA5C407C65229456EC0F1A18A6C8EE28
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://forms.office.com/offline.aspx
                                                      Preview:<!DOCTYPE html>....<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us">..<head>.. <meta charset="utf-8" />.. <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover" />.. <title>Microsoft Forms</title>.. <style>.. * {.. box-sizing: border-box;.. }.... body {.. height: 100vh;.. margin: 0 auto;.. background-color: #f3f2f1;.. font-family: "Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;.. }.... .content-root {.. height: 100%;.. display: flex;.. align-items: center;.. justify-content: center;.. padding: 20px;.. }.... .offline-message {.. max-width: 600px;.. }.... .offline-title {.. font-size: 32px;.. line-height: 40px;.. margin-top: 24px;.. }...

                                                      Chrome Cache Entry: 82

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:downloaded
                                                      Size (bytes):8682
                                                      Entropy (8bit):5.3805489973006315
                                                      Encrypted:false
                                                      SSDEEP:192:A9aqDMFwKEI+8DW6G+/SDWvDP1G+jN2pAG+iCfWQG+/DafC/ozukeeB67LaYY+Tj:gR2/vSMpyUvDMKo/eeUmYY+Tj
                                                      MD5:85EC786C55D8AEE454315A4FF1DF694A
                                                      SHA1:A232EAAC253CCF8733B498F337D5A0E9C9F6070D
                                                      SHA-256:ED11285598A6E56CB612CA703F6609C67FE8D340F72F3D5D0A3B70713ADF5DE0
                                                      SHA-512:565679A431C02676CF5907E3DB4B690588BCF5A33D49124380F06C476EE9AE6E7B3B5438928E9D325BE1814FB669028BDC92C638482A329F3895E887240B3EF4
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://forms.office.com/formapi/api/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/users/4ad60603-7a0a-4628-8b94-7f870bbbab07/light/runtimeFormsWithResponses('sfnCAhX75U64eLYRhd0dyAMG1koKeihGi5R_hwu7qwdUMFhDTjY0Q0lOTkk1MlhSSDNMQVA3UElGUy4u')?$expand=questions($expand=choices)&$top=1
                                                      Preview:{"responses":null,"form":{"description":"Inschrijving voor de \nEndenburg kennissessie in Rotterdam: Slimme tech als antwoord op de personeelskrapte","onlineSafetyLevel":0,"reputationTier":1,"background":{"altText":"","contentType":"image/png","fileIdentifier":"c53b8111-429b-4f1b-881b-3a0f4121bdd0","originalFileName":"e1852616-0cc2-4728-bf76-992651db5fe5","resourceId":"c3828107-bc36-4c54-a636-fc1113005d55","resourceUrl":"https://lists.office.com/Images/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/4ad60603-7a0a-4628-8b94-7f870bbbab07/T0XCN64CINNI52XRH3LAP7PIFS/c3828107-bc36-4c54-a636-fc1113005d55","height":null,"width":null,"size":null},"header":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"logo":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"tableId":"T0XCN64CINNI52XRH3LAP

                                                      Chrome Cache Entry: 83

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 192 x 192, 8-bit colormap, non-interlaced
                                                      Category:dropped
                                                      Size (bytes):1779
                                                      Entropy (8bit):7.589819392147309
                                                      Encrypted:false
                                                      SSDEEP:24:zrait2296479bsDcRYPlA1yx91eaLHto1xrUU5sS8mR3VNADICk1bEk:HhtR9TUiWKaLHtUrt5sS8MAVsh
                                                      MD5:4150A5D4F2B0284A9E62D247929DD2AA
                                                      SHA1:97CA2D9ECE8F0855B2A93E6BFDFC4883685C51CB
                                                      SHA-256:F058653DCBA7E8B00D4BDB9409E06817F098AB18125CE5A5821520F04030D176
                                                      SHA-512:D034378E76D58A899047B4639115102CC8F89AEF3F300DDAF0C0B3EAE40C8381040D1656109632E9095ED3F399218F196087D070C099FD89B9605DFBC34FB585
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:.PNG........IHDR.............e..5....PLTE....pp......@...pp......8...jp...:...lp...6..9......mp...8...kp...6..8...lp.lp7..7...mp...7...lp...7...lp.......lp.lp.lp7......mp...7...lp...6..7...68.;=.@B.AC.IL.NQ.SV.X[.DF.JM.NP.UX.X[.]`._b.ei.fj.hl.il.lp.pt.y}.z}....os.os.rv....uy....hl.x|.{.....{..~..............MP.......sx..............................................ch..........io.......ou... ..!..".."..#..#..#..$..%..%..&..'..'..'..(..(..)..*..*..*..*..+..,..,..,..-........0..0..1..1..2..2..3..3..4..4..4..5..5..6..6..6..6..7..B..b....................1tRNS..... 000@PPP````pp...........................hX....sIDATx....{.E....(.9T@n.V@@"r..jLDR9.TlK...J....J.G-.j...vj..KS...fvwv.......k........n...B.!..B(..xjs.mX.p..W..)..1...I._m..@.2.....0.#..9_.....`[.C..../...q..i............Umd".....b;.[{..H..V..g*\...0T`.z+..X..O._!.....U.F.P)0....X...q....J.q...L....J."....x.....".W}~.Q...b~...,..'.2.#gZU.Q....1gJ7.j..81......K7..?.......i......5......x.o.g...Q..V..SZ.xe-..}..

                                                      Chrome Cache Entry: 84

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 192 x 192, 8-bit colormap, non-interlaced
                                                      Category:downloaded
                                                      Size (bytes):1779
                                                      Entropy (8bit):7.589819392147309
                                                      Encrypted:false
                                                      SSDEEP:24:zrait2296479bsDcRYPlA1yx91eaLHto1xrUU5sS8mR3VNADICk1bEk:HhtR9TUiWKaLHtUrt5sS8MAVsh
                                                      MD5:4150A5D4F2B0284A9E62D247929DD2AA
                                                      SHA1:97CA2D9ECE8F0855B2A93E6BFDFC4883685C51CB
                                                      SHA-256:F058653DCBA7E8B00D4BDB9409E06817F098AB18125CE5A5821520F04030D176
                                                      SHA-512:D034378E76D58A899047B4639115102CC8F89AEF3F300DDAF0C0B3EAE40C8381040D1656109632E9095ED3F399218F196087D070C099FD89B9605DFBC34FB585
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/images/pwa/forms-pwa-logo-192.png
                                                      Preview:.PNG........IHDR.............e..5....PLTE....pp......@...pp......8...jp...:...lp...6..9......mp...8...kp...6..8...lp.lp7..7...mp...7...lp...7...lp.......lp.lp.lp7......mp...7...lp...6..7...68.;=.@B.AC.IL.NQ.SV.X[.DF.JM.NP.UX.X[.]`._b.ei.fj.hl.il.lp.pt.y}.z}....os.os.rv....uy....hl.x|.{.....{..~..............MP.......sx..............................................ch..........io.......ou... ..!..".."..#..#..#..$..%..%..&..'..'..'..(..(..)..*..*..*..*..+..,..,..,..-........0..0..1..1..2..2..3..3..4..4..4..5..5..6..6..6..6..7..B..b....................1tRNS..... 000@PPP````pp...........................hX....sIDATx....{.E....(.9T@n.V@@"r..jLDR9.TlK...J....J.G-.j...vj..KS...fvwv.......k........n...B.!..B(..xjs.mX.p..W..)..1...I._m..@.2.....0.#..9_.....`[.C..../...q..i............Umd".....b;.[{..H..V..g*\...0T`.z+..X..O._!.....U.F.P)0....X...q....J.q...L....J."....x.....".W}~.Q...b~...,..'.2.#gZU.Q....1gJ7.j..81......K7..?.......i......5......x.o.g...Q..V..SZ.xe-..}..

                                                      Chrome Cache Entry: 85

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (34044)
                                                      Category:dropped
                                                      Size (bytes):144193
                                                      Entropy (8bit):5.4399901194393845
                                                      Encrypted:false
                                                      SSDEEP:1536:ltd8NMpyKtmrRWe9/oPlR6SEB1zQ1FOGRhKI907yM12q5qEPwKaiJlgxgMIIed:ltdTy+mboPloENRhL9ded
                                                      MD5:C6290B98AACB9BD99FE01B8BDFEE5225
                                                      SHA1:DB72A766279EBDAB4C49424FC0B60D5F05EB1C64
                                                      SHA-256:5FD824C4B8BCC0B36276E18719C374F5B44F4DF9EA39666E1DEC13827F9F61A0
                                                      SHA-512:31CF4030394BBD5555CC70F9AEC83D6DA481FD3CF62FA9E8DB1B5DA9865BEF0B1E0061E12D63285FDB3A4BBA556435DF210019E007CF749B9A333FA856678CA2
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[231],{8730:function(n,e,t){t.d(e,{A:function(){return w}});var r=t(86783),i=t(25621),u=t(35091),o=t(1880),a=t(38805),f=t(75072),c=t(6817),s=t(98090),l=t(98104),v=t(78984),d=t(82873),m=t(48832),p=500;function b(n,e,t){e&&(0,a.cy)(e)&&e[s.oI]>0&&(e=e.sort((function(n,e){return n[v.Vo]-e[v.Vo]})),(0,a.Iu)(e,(function(n){n[v.Vo]<p&&(0,a.$8)("Channel has invalid priority - "+n[s.Ju])})),n[s.y5]({queue:(0,a.N6)(e),chain:(0,d.PV)(e,t[s.GA],t)}))}var y=t(73214),_=t(62032),h=t(49759),T=function(n){function e(){var t,r,i=n.call(this)||this;function o(){t=0,r=[]}return i.identifier="TelemetryInitializerPlugin",i.priority=199,o(),(0,c.A)(e,i,(function(n,e){n.addTelemetryInitializer=function(n){var e={id:t++,fn:n};return r[s.y5](e),{remove:function(){(0,a.Iu)(r,(function(n,t){if(n.id===e.id)return r[s.Ic](t,1),-1}))}}},n[v.qT]=function(e,t){for(var i=!1,o=r[s.oI],c=0;c<o;++c){var l=r[c];if(l)try{if(!1===l.fn[s.y9](null,[e])){i=!0;break}}

                                                      Chrome Cache Entry: 86

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (38722)
                                                      Category:downloaded
                                                      Size (bytes):491507
                                                      Entropy (8bit):5.476687102069726
                                                      Encrypted:false
                                                      SSDEEP:6144:NaCEfUcvORvALgY1BVupdiyQODXCaWrEzSTME1WgdLmRMvclC:I71qdcBaZIME1BRmRM1
                                                      MD5:2FEF82EED21EECEEC14F15E81204FF2D
                                                      SHA1:40742612C36455C734C1D4052BF309F6399AAD9F
                                                      SHA-256:8FC30A0F10C4309DE5FDB000AFF75425A4C062B41339AD2A16E6B203A1ECDF19
                                                      SHA-512:498C17144C9CBD4BC2AC9E1B586CD003B627C378E549A9218E5DA0578AA46DC40DDC77B4D0DCB3CE887D80ED368F1E7FBE6445FB9C49647DD92DD48176EF86AC
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f18b656.js
                                                      Preview:!function(){var n,t,r,e,i,o={94335:function(n,t,r){"use strict";function e(n){o!==n&&(o=n)}function i(){return void 0===o&&(o="undefined"!=typeof document&&!!document.documentElement&&"rtl"===document.documentElement.getAttribute("dir")),o}var o;function u(){return{rtl:i()}}r.d(t,{DU:function(){return e},Iy:function(){return u}}),o=i()},75265:function(n,t,r){"use strict";r.d(t,{b:function(){return o},n:function(){return c}});var e,i=r(41827),o={none:0,insertNode:1,appendChild:2},u="undefined"!=typeof navigator&&/rv:11.0/.test(navigator.userAgent),a={};try{a=window||{}}catch(n){}var c=function(){function n(n,t){var r,e,u,a,c,f;this._rules=[],this._preservedRules=[],this._counter=0,this._keyToClassName={},this._onInsertRuleCallbacks=[],this._onResetCallbacks=[],this._classNameToArgs={},this._config=(0,i.Cl)({injectionMode:"undefined"==typeof document?o.none:o.insertNode,defaultPrefix:"css",namespace:void 0,cspSettings:void 0},n),this._classNameToArgs=null!==(r=null==t?void 0:t.classNameT

                                                      Chrome Cache Entry: 87

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (918)
                                                      Category:dropped
                                                      Size (bytes):1152
                                                      Entropy (8bit):5.363646055902644
                                                      Encrypted:false
                                                      SSDEEP:24:icYJSsfAIMaGn03sJKEDLbRlnMSrDDNGc2b7//8mbqdCu/pb7E6:icvsfAPaGSMKuLFRDRunrbY97V
                                                      MD5:19F88A9690395484D35F200B1BD999A9
                                                      SHA1:43033D885678C2E3BDCB23070E018E8BDFB55A7F
                                                      SHA-256:600C36C9E419E1410A833B42D3257CFC535395253A8DD9F63D6A6AB1ADEB366C
                                                      SHA-512:46DE4DC998602E551ED1E7D5F276DCFA3DCDDF340A6863E2A64E0684500490916AD9430127EC4BD6B3DB1B5E55B31E4B64C498642D055EF7C7DA571961798CEB
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[725],{36001:function(r,e,n){n.r(e),n.d(e,{register:function(){return f}});var t=n(41827),i=n(91676),s=n(17891),u=n(75187),c=n(18992),o=n(59198),a=n(98856);function f(r){return(0,t.sH)(this,void 0,void 0,(function(){var e,n;return(0,t.YH)(this,(function(t){switch(t.label){case 0:return t.trys.push([0,5,,6]),(0,a.hN)()?(0,o.K7)("UnregisterServiceWorker")?[4,navigator.serviceWorker.getRegistrations().then((function(r){return Promise.all(r.map((function(r){return r.unregister()})))}))]:[3,2]:[2];case 1:return t.sent(),[2];case 2:return(0,o.K7)("ServiceWorkerEnabled")||"1"===(0,u.Db)().fsw?(e=r?"Business":(0,s.m1)().ring,[4,navigator.serviceWorker.register((0,i.ab)("/sw.js?ring=".concat(e)))]):[3,4];case 3:t.sent(),t.label=4;case 4:return[3,6];case 5:return n=t.sent(),(0,c.O7)("ServiceWorker.Registration.Error",n),[3,6];case 6:return[2]}}))}))}}}]);..//# sourceMappingURL=https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/

                                                      Chrome Cache Entry: 88

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (65536), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):72660
                                                      Entropy (8bit):5.493154373563818
                                                      Encrypted:false
                                                      SSDEEP:768:HElSRzDRagplyfv1Pn9p3aNRL0+L0Y6Sw0OdqmcaIYiX/l1c/6L+UqR9lx2rryPu:MGfiHo0Z0whikHVvlewmUqp
                                                      MD5:D90ADAF8CEBAF827A033E93EEF7B9728
                                                      SHA1:A5259BF0E501EA82DAB8821EA1E25809C28512E9
                                                      SHA-256:C717BD2C7DE3B702BE9B7A3501E5E1C34FDB6D90563CB1AF3688645FC4C97D80
                                                      SHA-512:1C9CA3FC2CB0DE0FEC88C631B15220A5E9BFBB1167C796AFD44D92539A03EA23C18D4DA789339C328856CE0271CA92ACB42307956D08C0BC5E03EB8E105CC59B
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.fdc3643.js
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[451],{1607:function(e,t,n){n.d(t,{p:function(){return o}});var i=n(33377);function o(e){for(var t=[],n=1;n<arguments.length;n++)t[n-1]=arguments[n];for(var o=[],r=0,_=t;r<_.length;r++){var a=_[r];a&&o.push("function"==typeof a?a(e):a)}return 1===o.length?o[0]:o.length?i.T.apply(void 0,o):{}}},3025:function(e,t,n){n.d(t,{n:function(){return _}});var i=n(94335),o=n(75265),r=n(34255);function _(e){var t=o.n.getInstance(),n=(0,r.bz)((0,i.Iy)(),e);if(!t.classNameFromKey(n)){var _=t.getClassName();t.insertRule("@font-face{".concat(n,"}"),!0),t.cacheClassName(_,n,[],["font-face",n])}}},84272:function(e,t,n){n.r(t),n.d(t,{AnimationClassNames:function(){return Q},AnimationStyles:function(){return P},AnimationVariables:function(){return j},ColorClassNames:function(){return be},DefaultEffects:function(){return Se.W},DefaultFontStyles:function(){return J.d},DefaultPalette:function(){return ee.b},EdgeChromiumHighContrastSelector:function

                                                      Chrome Cache Entry: 89

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (32289)
                                                      Category:downloaded
                                                      Size (bytes):32551
                                                      Entropy (8bit):5.529720681284112
                                                      Encrypted:false
                                                      SSDEEP:768:rRHpEwMYpleOYXTQEzZHtTTMeZTlo9SnS9yiK:rRiwMYiXXrzz/M0lo9SnS9yj
                                                      MD5:8437E9939F242C6D7EF76F3C5DCBE520
                                                      SHA1:7ED0DE86F92A1EB2C735677B078277D59874B719
                                                      SHA-256:518ADCE7E5734D8D5AFA4D26698F42C621ED1D5CE36F7D46999AFF4E307401C3
                                                      SHA-512:8DD56AC77FA448DBE75274692082FEAFD63C9BAC035E3C238301A3B643B25EB8E1241D58E710B65411ADF49DB629FA477BAEC2D424E6B314AA11FF2D64D7672B
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.b6b67b4.js
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[188],{46887:function(n,e,i){i.d(e,{wh:function(){return o}});var t=i(9468),r=i(891);function o(n){var e=n.redirectURLAfterSignIn,i=n.idp,o=n.origin,a=n.authProvider,d=n.enableEmailHrd,s=void 0===d||d,u=window.location.origin,c=[];if(e){var l=encodeURIComponent(e);c.push("redirecturl=".concat(l))}(0,r.h)(i)||c.push("idp=".concat(i)),(0,r.h)(o)||c.push("origin=".concat(o)),(0,r.h)(a)||c.push("".concat(t.f0,"=").concat(a));var g=c.length?"/?".concat(c.join("&")):"";return s?"".concat(u).concat(g,"#Login=True"):"".concat(u).concat(g)}},26098:function(n,e,i){i.d(e,{v:function(){return r}});var t=i(39980),r=function(n){var e=void 0===n?{}:n,i=e.$sU,r=e.$rd,o=e.$se,a=e.$fJ,d=e.$hH,s=e.$hI,u=e.$ot,c=e.$iU,l=e.$nc,g=e.$kb,f=e.$tN,p=e.$mu,_=e.$js,h=[];return i&&h.push("CollectionId=".concat(i)),r&&h.push("GroupId=".concat(r)),o&&h.push("Token=".concat(o)),c&&h.push("ResponseTime=".concat(c)),a&&h.push("SaveResponseFormId=".concat(a)),

                                                      Chrome Cache Entry: 90

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:JSON data
                                                      Category:dropped
                                                      Size (bytes):72
                                                      Entropy (8bit):4.241202481433726
                                                      Encrypted:false
                                                      SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                      MD5:9E576E34B18E986347909C29AE6A82C6
                                                      SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                      SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                      SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                      Chrome Cache Entry: 91

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (43627)
                                                      Category:downloaded
                                                      Size (bytes):43793
                                                      Entropy (8bit):5.335469772839654
                                                      Encrypted:false
                                                      SSDEEP:768:H/B2Y7cFzx95J8VHrMM9jBxPCwJ/UECg0atkRQlbR6qTwKOyPUXVFVjfqTlg/SKE:H52fx94JDxPCu/Yg0ajb3TfWfA06fe1+
                                                      MD5:F2EEB2627892E1F965D7E7A001CDCE31
                                                      SHA1:9307F51A4D83B12BE7085BA2E21CA62DD4EE9561
                                                      SHA-256:AF697F43BBFB036C4FB0D1076726B90B3E9F1D5A308C6BCC03DBDED3F591E80A
                                                      SHA-512:084539073C4AF612AFEAA2CD752128B0F20E639DBA58271DE41B4F1958860AEEE3D710F76D186F8EA54011C179FC07ED48BB97AC0EA29A80EBD812A31A221453
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://forms.office.com/sw.js?ring=Business
                                                      Preview:!function(){"use strict";var e={124:function(){try{self["workbox:core:6.1.0"]&&_()}catch(e){}},390:function(){try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},568:function(){try{self["workbox:core:6.4.0"]&&_()}catch(e){}},639:function(){try{self["workbox:navigation-preload:6.1.0"]&&_()}catch(e){}},695:function(){try{self["workbox:routing:6.1.0"]&&_()}catch(e){}},818:function(){try{self["workbox:strategies:6.1.0"]&&_()}catch(e){}}},t={};function n(r){var s=t[r];if(void 0!==s)return s.exports;var o=t[r]={exports:{}};return e[r](o,o.exports,n),o.exports}n(124);n(639);function r(){return Boolean(self.registration&&self.registration.navigationPreload)}const s=(e,...t)=>{let n=e;return t.length>0&&(n+=` :: ${JSON.stringify(t)}`),n};class o extends Error{constructor(e,t){super(s(e,t)),this.name=e,this.details=t}}const a={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registration?registration.scope:""},i=e=>[a.prefix

                                                      Chrome Cache Entry: 92

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (35053), with no line terminators
                                                      Category:downloaded
                                                      Size (bytes):35075
                                                      Entropy (8bit):4.78247542504543
                                                      Encrypted:false
                                                      SSDEEP:768:ZpzfymMS/I9ujl4wRsQuhl9/eQ0NR4a9WGYO0qxe1HUUVd2lHE1L4/OrRxk:Z4+A9+46shl9/eQ0NR4a9WGYOLx8HUEg
                                                      MD5:2260CFACC25DE59539D0B1D7A50F9270
                                                      SHA1:84FECAFAFF77917530F170A1D3EBF70A51A9B7D1
                                                      SHA-256:9F00DFD9D0844DEA7FED92119F0E4149C4D6334169704CE875B14C1AC84E6629
                                                      SHA-512:4A7733F93FF56172E4D861A84F3059F2B9C4266989399D3F6D29F16D3B24BF382CA5C0D21E062D9923F487A2A5C870C124041A961134BF35A35ECDFAD3B45939
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-us.e63f4a629.js
                                                      Preview:window.FormsLsMap = (window.FormsLsMap || {});window.FormsLsMap["en-us"]={"mdbicgo":"Required to answer","acmngdo":"This user is not currently restricted from using Microsoft Forms. No further action is needed..","pdnfcop":"Correct","gplbmcp":"Print response","pfjnaob":"Required","dlogacb":"Pause background music","oancfdj":"Play background music","pjgjcee":"Pause live background","dplcjia":"Play live background","giamlmc":"Please select at least {0} options.","ggbmbok":"Please select at most {0} options.","mbpambh":"Please select {0} options.","palclad":"Allow","pefpebc":"Back","ljngmfa":"Cancel","adhcmno":"Close","lelhaog":"Dismiss","lfignjp":",","ekdmdig":"More options","nekefda":"Next","fkcodff":"No","jljijgh":"Points","npbhaja":"Prefill","fookldf":"Preview","nfokege":"Skip","gacoblj":"Yes","glhpeoj":"Copilot Pro","nbfafnl":"Get Copilot Pro","jppmnpa":"Get started with ","jjkafmg":"Supercharge your creativity and productivity with Copilot, your everyday AI companion.","djeklgg":"

                                                      Chrome Cache Entry: 93

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (35053), with no line terminators
                                                      Category:dropped
                                                      Size (bytes):35075
                                                      Entropy (8bit):4.78247542504543
                                                      Encrypted:false
                                                      SSDEEP:768:ZpzfymMS/I9ujl4wRsQuhl9/eQ0NR4a9WGYO0qxe1HUUVd2lHE1L4/OrRxk:Z4+A9+46shl9/eQ0NR4a9WGYOLx8HUEg
                                                      MD5:2260CFACC25DE59539D0B1D7A50F9270
                                                      SHA1:84FECAFAFF77917530F170A1D3EBF70A51A9B7D1
                                                      SHA-256:9F00DFD9D0844DEA7FED92119F0E4149C4D6334169704CE875B14C1AC84E6629
                                                      SHA-512:4A7733F93FF56172E4D861A84F3059F2B9C4266989399D3F6D29F16D3B24BF382CA5C0D21E062D9923F487A2A5C870C124041A961134BF35A35ECDFAD3B45939
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:window.FormsLsMap = (window.FormsLsMap || {});window.FormsLsMap["en-us"]={"mdbicgo":"Required to answer","acmngdo":"This user is not currently restricted from using Microsoft Forms. No further action is needed..","pdnfcop":"Correct","gplbmcp":"Print response","pfjnaob":"Required","dlogacb":"Pause background music","oancfdj":"Play background music","pjgjcee":"Pause live background","dplcjia":"Play live background","giamlmc":"Please select at least {0} options.","ggbmbok":"Please select at most {0} options.","mbpambh":"Please select {0} options.","palclad":"Allow","pefpebc":"Back","ljngmfa":"Cancel","adhcmno":"Close","lelhaog":"Dismiss","lfignjp":",","ekdmdig":"More options","nekefda":"Next","fkcodff":"No","jljijgh":"Points","npbhaja":"Prefill","fookldf":"Preview","nfokege":"Skip","gacoblj":"Yes","glhpeoj":"Copilot Pro","nbfafnl":"Get Copilot Pro","jppmnpa":"Get started with ","jjkafmg":"Supercharge your creativity and productivity with Copilot, your everyday AI companion.","djeklgg":"

                                                      Chrome Cache Entry: 94

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                      Category:downloaded
                                                      Size (bytes):7886
                                                      Entropy (8bit):3.973130033666625
                                                      Encrypted:false
                                                      SSDEEP:48:gzeweweQeQeQe2eWe+RjvChvL42Kcb/M96GgEfY86d:pNNttt3X8upiJvQFd
                                                      MD5:9425D8E9313A692BB3F022E8055FAB82
                                                      SHA1:EDDCF3EA767D4C3042D01AC88594D7E795D8615C
                                                      SHA-256:F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
                                                      SHA-512:93B3EB3C4CE385D80D4A8F6902355BBD156AC1AA20B8869AF05C8E714E90E74C5630BB8DE34D5B8FC9F876AC44BE314F3A2A08B3163295ADADBC6DD7B8D23561
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/images/favicon.ico
                                                      Preview:...... .... .....6......... ............... .h...f...(... ...@..... .........................................................................................................................................................................................................................................................................................................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................ZV..ZV..ZV..ZV..ZV..ZV..ZV..ZV..^Z..pl..pl..pl..pl..................................|x..pl..pl..................................QN..QN..QN..QN..QN..QN..QN..QN..QN..c`..pl..pl..pl..................................|x..pl..pl............

                                                      Chrome Cache Entry: 95

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Unicode text, UTF-8 text, with very long lines (56644)
                                                      Category:dropped
                                                      Size (bytes):426648
                                                      Entropy (8bit):5.665169552590326
                                                      Encrypted:false
                                                      SSDEEP:6144:h7qScw0qCNLesuRspMKR3/4qvwWZTKEqP1JLurqb3N/VkdaBH3HOW9Qxh/c2:tqSv0qCNLexorUNNI6Re8BH3i
                                                      MD5:577C26DA9619E67AEC55EA28CF1F15BF
                                                      SHA1:D360C9C0618161983B16C81D1061EE0147DE084A
                                                      SHA-256:BA015FC4563C702BF77CD3B9C4952C63B041692B377A88A962A96AB13ED48FFC
                                                      SHA-512:42CB423E0BA236C4EEB8555CEBB1728C98462DCB07A2C6FC9A6901C9ADF1478CB223FFA004C55203C25C3E2D83E16A0D30A2408610C643F9DB31BB0080FAC5DE
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:(self.webpackChunk=self.webpackChunk||[]).push([[579],{60687:function(n,e,t){"use strict";t.d(e,{C6:function(){return i},Cl:function(){return o},YH:function(){return u},aN:function(){return c},sH:function(){return a}});./*! @azure/msal-common v13.3.0 2023-08-24 */./*! *****************************************************************************.Copyright (c) Microsoft Corporation...Permission to use, copy, modify, and/or distribute this software for any.purpose with or without fee is hereby granted...THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH.REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY.AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,.INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM.LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR.OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR.PERFORMANCE OF THIS SOFTWARE..********

                                                      Chrome Cache Entry: 96

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced
                                                      Category:downloaded
                                                      Size (bytes):5895
                                                      Entropy (8bit):7.720248605671278
                                                      Encrypted:false
                                                      SSDEEP:96:n40H7NhvmuFFBL413wHGfZ1rsrohnXcF1BN8+PrfUFd0abvPsrXf:nbRFmuxcJfLrvnXcFjNRUFd00Wv
                                                      MD5:311274C8C9C66E894F5AFA51FACD72CD
                                                      SHA1:386D1FA0B2924DF2C21545CF2FF1DDE2CD985D33
                                                      SHA-256:BC3C029408DAB6B5CB676B990B2E21BDD474E4B2E45DAF87E70210539390BF49
                                                      SHA-512:2117BC16AC878BCC307CEA0DEFA0638800715330E83E9C8C1CAD7398BBF207E9432391B851E004308FB75C20C2D6F587D015FA3FB13F8630FE3E0C7E194979FC
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
                                                      Preview:.PNG........IHDR.............[.o.....IDATx......U.....xi.#..l.%3J.t.D\If5h.......>.Ft.....].8f..A...(../....D..1b.%.9:1y.LD.3...~Y....?..........(.s....~.nh........................................................................................................................................................................@...6`.W.....z.m..z....@.:.`..e.agn..w[-..}O.L...Gf.h.V....Wlu......n.....ek...z...Z...lu..AMP..@P...........&... ..j..AMP..@P..............3f.X).K._.J..+....d...5A.t..c._...R6K.2....@P.6A=}...'O...WZ[[{....;~..w[..7.x9.....uR~-.....7GB..0a..e?.........S...R&.<..X.2..r..}.>.hii.]......Q.N.iL..]..>y.r.\.."..U.g..A......K....'....q.LP..o..O..-.l...{....{)...+.....\N...9...P.d..+....B.[.Z..d.....e>...#i~%D.8Y&.E...L..M.+..OX..J1...|.do&......9..+8.[......ady...P_.....m.....mA-.P...A......a.e.zW.w..EnbIX.3.j.....k....[..Y...q[.r4...xY.....+w.g....Sk\#F..;9&.....4....f...I.'X....n.r.$.APw.P.A....M..8=..).0_.h./...b.....g......e.S...

                                                      Chrome Cache Entry: 97

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines (15299)
                                                      Category:dropped
                                                      Size (bytes):15555
                                                      Entropy (8bit):5.47686562483099
                                                      Encrypted:false
                                                      SSDEEP:192:SpWI6coOn7vqp2Fybnmi6llXsqH4BxJNaeuczHYfy9eL9L7zf8aB:SpWI6c2zghH4HJNaeuczHqRb
                                                      MD5:A3B1EBE0BE8938EC76AD9CFDA764DF57
                                                      SHA1:B4B3749A456545A3A471A9DA41CDA03BCCCAE327
                                                      SHA-256:7B581BDC9767A1A2A6A808C825C6BEB7B46761DF6141B1B6D67B484883E3A0D0
                                                      SHA-512:C67DFE3C05680C9F07BD2A8CF0DDA6DA56D3A900DE2D6735788B93E6DA000FDDE8E9B4DCCA2E9B1EFA315EACF555CCDCFA73C7B7A8392116218D460D44C3A8B9
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[294],{44330:function(n,e,r){function t(){return Date.now||(Date.now=function(){return(new Date).getTime()}),Math.floor(Date.now())}r.d(e,{JY:function(){return t}})},96900:function(n,e,r){r.r(e),r.d(e,{BrandingFooter:function(){return C}});var t=r(41827),i=r(92831),o=r(48723),a=r(30062),u=r(97666),c=r(23084),l=r(70574),f=r(98765),s=r(83778),d=r(29383),p=r(38826),$=r(71201),_=r(44695),v=r(6134),m=r(97892),g=r(69455),h=r(18190),w=r(8484),b=r(70918),k=r(6637),y=function(n,e){return function(r,t){var i=t();return r((0,k.X)("Branding.Footer.M365.Click",{isShare:(0,m.Hc)(i),isPreview:(0,m.qx)(i),fullScreen:n,isFormRuntime:(0,b.G1)(i),pageType:e}))}},x=r(38599),L=r(17543),R=r(74371),M=r(32225),S=function(n,e,r,i){var o,u;return[{$r:{background:r,width:"100%","@media print":{background:d.O.$g,color:d.O.$h},paddingTop:0},$a:{width:"100%"},$cL:{width:"100%",lineHeight:"1.3",fontSize:12,color:d.O.$h,marginTop:0,marginBottom:4},$jz:{disp

                                                      Chrome Cache Entry: 98

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 2560 x 1440, 8-bit/color RGBA, non-interlaced
                                                      Category:downloaded
                                                      Size (bytes):150239
                                                      Entropy (8bit):7.772538460398254
                                                      Encrypted:false
                                                      SSDEEP:3072:T92CPZ9SWBGlwhKBjKKZglsPrwJLiPqUYfGCCPTXV5sTXWv27sj5:TM09QGYpriorwJuYfT2XVL2wj5
                                                      MD5:66292ED733349A0025751257AE6EBE6B
                                                      SHA1:C6469FC515799B92DB06BB371075B9C4003311FF
                                                      SHA-256:5C5653A4DF6DC4340E2FF2CEA5466C0E8002F686D2321DAD65466EA028A391AA
                                                      SHA-512:67AB3D75B49427081FC838AE454F3E8F7C1538593B9910FBC69A91161B3A8B87721A4960B489CB6EA7C365EEF29FEC2295DA668B745FDC61D1D26B1FADE36E67
                                                      Malicious:false
                                                      Reputation:low
                                                      URL:https://lists.office.com/Images/02c2f9b1-fb15-4ee5-b878-b61185dd1dc8/4ad60603-7a0a-4628-8b94-7f870bbbab07/T0XCN64CINNI52XRH3LAP7PIFS/c3828107-bc36-4c54-a636-fc1113005d55
                                                      Preview:.PNG........IHDR.....................sRGB.........sBIT....|.d... .IDATx...1J.Q....O+X.".J6..K.*...\..H...6YA..-d.J.?..0..G.Y.}.....f......../....a.efY.=....~....|..4...7.'.s.y...............X...2.?_.........?......b...................-. ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@...

                                                      Chrome Cache Entry: 99

                                                      Download File
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:PNG image data, 2560 x 1440, 8-bit/color RGBA, non-interlaced
                                                      Category:dropped
                                                      Size (bytes):150239
                                                      Entropy (8bit):7.772538460398254
                                                      Encrypted:false
                                                      SSDEEP:3072:T92CPZ9SWBGlwhKBjKKZglsPrwJLiPqUYfGCCPTXV5sTXWv27sj5:TM09QGYpriorwJuYfT2XVL2wj5
                                                      MD5:66292ED733349A0025751257AE6EBE6B
                                                      SHA1:C6469FC515799B92DB06BB371075B9C4003311FF
                                                      SHA-256:5C5653A4DF6DC4340E2FF2CEA5466C0E8002F686D2321DAD65466EA028A391AA
                                                      SHA-512:67AB3D75B49427081FC838AE454F3E8F7C1538593B9910FBC69A91161B3A8B87721A4960B489CB6EA7C365EEF29FEC2295DA668B745FDC61D1D26B1FADE36E67
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:.PNG........IHDR.....................sRGB.........sBIT....|.d... .IDATx...1J.Q....O+X.".J6..K.*...\..H...6YA..-d.J.?..0..G.Y.}.....f......../....a.efY.=....~....|..4...7.'.s.y...............X...2.?_.........?......b...................-. ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@.........................$........... . ..................... H...........A.@.....................@...

                                                      Static File Info

                                                      No static file info

                                                      Network Behavior

                                                      Network Port Distribution

                                                      TCP Packets

                                                      TimestampSource PortDest PortSource IPDest IP
                                                      Sep 30, 2024 16:16:14.314563036 CEST49675443192.168.2.4173.222.162.32
                                                      Sep 30, 2024 16:16:21.191978931 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:21.192023993 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:21.192104101 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:21.192635059 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:21.192646980 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:21.846757889 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:21.851561069 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:21.851578951 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:21.853451967 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:21.853544950 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:21.856127977 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:21.856215954 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:21.908287048 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:21.908308983 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:21.953661919 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:22.683417082 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:22.683469057 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:22.683533907 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:22.688889980 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:22.688920021 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:23.349113941 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:23.349189997 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:23.531332970 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:23.531378984 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:23.531682968 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:23.578360081 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:24.395232916 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:24.439403057 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:24.585374117 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:24.585525036 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:24.585593939 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:24.594269037 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:24.594296932 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:24.594304085 CEST49746443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:24.594310045 CEST44349746184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:24.653947115 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:24.654006958 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:24.654087067 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:24.655101061 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:24.655112982 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:25.291270971 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:25.291347980 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:25.294444084 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:25.294450045 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:25.294765949 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:25.380820990 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:25.466545105 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:25.507405996 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:25.651722908 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:25.651803017 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:25.651865959 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:26.352464914 CEST49758443192.168.2.4184.28.90.27
                                                      Sep 30, 2024 16:16:26.352488041 CEST44349758184.28.90.27192.168.2.4
                                                      Sep 30, 2024 16:16:27.738971949 CEST49672443192.168.2.4173.222.162.32
                                                      Sep 30, 2024 16:16:27.739017963 CEST44349672173.222.162.32192.168.2.4
                                                      Sep 30, 2024 16:16:29.781456947 CEST4972380192.168.2.42.19.126.137
                                                      Sep 30, 2024 16:16:29.788063049 CEST80497232.19.126.137192.168.2.4
                                                      Sep 30, 2024 16:16:29.788110971 CEST4972380192.168.2.42.19.126.137
                                                      Sep 30, 2024 16:16:31.740015030 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:31.740096092 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:31.740339994 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:32.296245098 CEST49739443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:16:32.296262980 CEST44349739142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:16:44.312206030 CEST8049724217.20.57.34192.168.2.4
                                                      Sep 30, 2024 16:16:44.312381029 CEST4972480192.168.2.4217.20.57.34
                                                      Sep 30, 2024 16:16:44.312480927 CEST4972480192.168.2.4217.20.57.34
                                                      Sep 30, 2024 16:16:44.318036079 CEST8049724217.20.57.34192.168.2.4
                                                      Sep 30, 2024 16:17:21.415901899 CEST49799443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:17:21.415941954 CEST44349799142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:17:21.416210890 CEST49799443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:17:21.416445971 CEST49799443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:17:21.416462898 CEST44349799142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:17:22.048806906 CEST44349799142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:17:22.049504995 CEST49799443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:17:22.049525023 CEST44349799142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:17:22.049863100 CEST44349799142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:17:22.050791025 CEST49799443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:17:22.050862074 CEST44349799142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:17:22.095431089 CEST49799443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:17:31.956072092 CEST44349799142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:17:31.956137896 CEST44349799142.250.181.228192.168.2.4
                                                      Sep 30, 2024 16:17:31.956192970 CEST49799443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:17:33.952193022 CEST49799443192.168.2.4142.250.181.228
                                                      Sep 30, 2024 16:17:33.952233076 CEST44349799142.250.181.228192.168.2.4

                                                      UDP Packets

                                                      TimestampSource PortDest PortSource IPDest IP
                                                      Sep 30, 2024 16:16:17.485835075 CEST53559681.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:17.485979080 CEST53604471.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:18.485501051 CEST53623191.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:19.339329004 CEST5636853192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:19.339466095 CEST6125553192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:19.406459093 CEST53612551.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:21.153875113 CEST5771353192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:21.154252052 CEST5583053192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:21.160887003 CEST53577131.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:21.160943031 CEST53558301.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:21.350584984 CEST4942653192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:21.350753069 CEST5984453192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:23.606729031 CEST5416053192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:23.628405094 CEST6002853192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:23.637054920 CEST53600281.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:24.413906097 CEST5397153192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:24.414227009 CEST6527953192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:24.415110111 CEST4935953192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:24.415527105 CEST5925553192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:24.425704002 CEST53592551.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:25.968365908 CEST4921453192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:25.968553066 CEST6217053192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:26.009802103 CEST53621701.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:26.509002924 CEST5226253192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:26.509182930 CEST6192453192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:26.521986961 CEST53619241.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:28.822248936 CEST5873053192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:28.822249889 CEST6086553192.168.2.41.1.1.1
                                                      Sep 30, 2024 16:16:28.862333059 CEST53608651.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:29.799536943 CEST138138192.168.2.4192.168.2.255
                                                      Sep 30, 2024 16:16:35.840763092 CEST53622691.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:16:54.724069118 CEST53615481.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:17:16.919372082 CEST53573871.1.1.1192.168.2.4
                                                      Sep 30, 2024 16:17:17.261476040 CEST53509951.1.1.1192.168.2.4

                                                      DNS Queries

                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                      Sep 30, 2024 16:16:19.339329004 CEST192.168.2.41.1.1.10x2965Standard query (0)forms.office.comA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:19.339466095 CEST192.168.2.41.1.1.10x75cbStandard query (0)forms.office.com65IN (0x0001)false
                                                      Sep 30, 2024 16:16:21.153875113 CEST192.168.2.41.1.1.10x5dcaStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:21.154252052 CEST192.168.2.41.1.1.10x74feStandard query (0)www.google.com65IN (0x0001)false
                                                      Sep 30, 2024 16:16:21.350584984 CEST192.168.2.41.1.1.10x87a6Standard query (0)cdn.forms.office.netA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:21.350753069 CEST192.168.2.41.1.1.10xa487Standard query (0)cdn.forms.office.net65IN (0x0001)false
                                                      Sep 30, 2024 16:16:23.606729031 CEST192.168.2.41.1.1.10xe23cStandard query (0)lists.office.comA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:23.628405094 CEST192.168.2.41.1.1.10x8919Standard query (0)lists.office.com65IN (0x0001)false
                                                      Sep 30, 2024 16:16:24.413906097 CEST192.168.2.41.1.1.10x5146Standard query (0)cdn.forms.office.netA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:24.414227009 CEST192.168.2.41.1.1.10xb0d1Standard query (0)cdn.forms.office.net65IN (0x0001)false
                                                      Sep 30, 2024 16:16:24.415110111 CEST192.168.2.41.1.1.10x9bc5Standard query (0)forms.office.comA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:24.415527105 CEST192.168.2.41.1.1.10xfd54Standard query (0)forms.office.com65IN (0x0001)false
                                                      Sep 30, 2024 16:16:25.968365908 CEST192.168.2.41.1.1.10x3165Standard query (0)c.office.comA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:25.968553066 CEST192.168.2.41.1.1.10x8c17Standard query (0)c.office.com65IN (0x0001)false
                                                      Sep 30, 2024 16:16:26.509002924 CEST192.168.2.41.1.1.10x7e96Standard query (0)lists.office.comA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:26.509182930 CEST192.168.2.41.1.1.10xd029Standard query (0)lists.office.com65IN (0x0001)false
                                                      Sep 30, 2024 16:16:28.822248936 CEST192.168.2.41.1.1.10x56b6Standard query (0)c.office.comA (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:28.822249889 CEST192.168.2.41.1.1.10x9229Standard query (0)c.office.com65IN (0x0001)false

                                                      DNS Answers

                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                      Sep 30, 2024 16:16:19.406116962 CEST1.1.1.1192.168.2.40x2965No error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:19.406459093 CEST1.1.1.1192.168.2.40x75cbNo error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:21.160887003 CEST1.1.1.1192.168.2.40x5dcaNo error (0)www.google.com142.250.181.228A (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:21.160943031 CEST1.1.1.1192.168.2.40x74feNo error (0)www.google.com65IN (0x0001)false
                                                      Sep 30, 2024 16:16:21.358433962 CEST1.1.1.1192.168.2.40x87a6No error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:21.360845089 CEST1.1.1.1192.168.2.40xa487No error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:23.614079952 CEST1.1.1.1192.168.2.40xe23cNo error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:23.637054920 CEST1.1.1.1192.168.2.40x8919No error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:24.423631907 CEST1.1.1.1192.168.2.40x9bc5No error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:24.424850941 CEST1.1.1.1192.168.2.40xb0d1No error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:24.425704002 CEST1.1.1.1192.168.2.40xfd54No error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:24.432213068 CEST1.1.1.1192.168.2.40x5146No error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:26.002927065 CEST1.1.1.1192.168.2.40x3165No error (0)c.office.comc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:26.002927065 CEST1.1.1.1192.168.2.40x3165No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:26.009802103 CEST1.1.1.1192.168.2.40x8c17No error (0)c.office.comc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:26.009802103 CEST1.1.1.1192.168.2.40x8c17No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:26.519627094 CEST1.1.1.1192.168.2.40x7e96No error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:26.521986961 CEST1.1.1.1192.168.2.40xd029No error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:28.699979067 CEST1.1.1.1192.168.2.40x873fNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:28.699979067 CEST1.1.1.1192.168.2.40x873fNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:28.858900070 CEST1.1.1.1192.168.2.40x56b6No error (0)c.office.comc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:28.858900070 CEST1.1.1.1192.168.2.40x56b6No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:28.862333059 CEST1.1.1.1192.168.2.40x9229No error (0)c.office.comc.msn.comCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:28.862333059 CEST1.1.1.1192.168.2.40x9229No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:30.890718937 CEST1.1.1.1192.168.2.40x2a18No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:30.890718937 CEST1.1.1.1192.168.2.40x2a18No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:16:43.202295065 CEST1.1.1.1192.168.2.40xe7a1No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:16:43.202295065 CEST1.1.1.1192.168.2.40xe7a1No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:17:09.854083061 CEST1.1.1.1192.168.2.40x4ce6No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:17:09.854083061 CEST1.1.1.1192.168.2.40x4ce6No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                                                      Sep 30, 2024 16:17:30.027868986 CEST1.1.1.1192.168.2.40x906aNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                                      Sep 30, 2024 16:17:30.027868986 CEST1.1.1.1192.168.2.40x906aNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

                                                      HTTP Request Dependency Graph

                                                      • fs.microsoft.com

                                                      HTTPS Proxied Packets

                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      0192.168.2.449746184.28.90.27443
                                                      TimestampBytes transferredDirectionData
                                                      2024-09-30 14:16:24 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                      Connection: Keep-Alive
                                                      Accept: */*
                                                      Accept-Encoding: identity
                                                      User-Agent: Microsoft BITS/7.8
                                                      Host: fs.microsoft.com
                                                      2024-09-30 14:16:24 UTC465INHTTP/1.1 200 OK
                                                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                      Content-Type: application/octet-stream
                                                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                      Server: ECAcc (lpl/EF70)
                                                      X-CID: 11
                                                      X-Ms-ApiVersion: Distribute 1.2
                                                      X-Ms-Region: prod-neu-z1
                                                      Cache-Control: public, max-age=8953
                                                      Date: Mon, 30 Sep 2024 14:16:24 GMT
                                                      Connection: close
                                                      X-CID: 2


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      1192.168.2.449758184.28.90.27443
                                                      TimestampBytes transferredDirectionData
                                                      2024-09-30 14:16:25 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                      Connection: Keep-Alive
                                                      Accept: */*
                                                      Accept-Encoding: identity
                                                      If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                      Range: bytes=0-2147483646
                                                      User-Agent: Microsoft BITS/7.8
                                                      Host: fs.microsoft.com
                                                      2024-09-30 14:16:25 UTC514INHTTP/1.1 200 OK
                                                      ApiVersion: Distribute 1.1
                                                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                      Content-Type: application/octet-stream
                                                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                      Server: ECAcc (lpl/EF06)
                                                      X-CID: 11
                                                      X-Ms-ApiVersion: Distribute 1.2
                                                      X-Ms-Region: prod-weu-z1
                                                      Cache-Control: public, max-age=25968
                                                      Date: Mon, 30 Sep 2024 14:16:25 GMT
                                                      Content-Length: 55
                                                      Connection: close
                                                      X-CID: 2
                                                      2024-09-30 14:16:25 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                      Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                      Statistics

                                                      CPU Usage

                                                      Click to jump to process

                                                      Memory Usage

                                                      Click to jump to process

                                                      Behavior

                                                      Click to jump to process

                                                      System Behavior

                                                      General

                                                      Target ID:0
                                                      Start time:10:16:10
                                                      Start date:30/09/2024
                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      Wow64 process (32bit):false
                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                                      Imagebase:0x7ff76e190000
                                                      File size:3'242'272 bytes
                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:low
                                                      Has exited:false

                                                      General

                                                      Target ID:2
                                                      Start time:10:16:15
                                                      Start date:30/09/2024
                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      Wow64 process (32bit):false
                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1804 --field-trial-handle=2020,i,10439999508010067708,1740729500210645652,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                      Imagebase:0x7ff76e190000
                                                      File size:3'242'272 bytes
                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:low
                                                      Has exited:false

                                                      General

                                                      Target ID:3
                                                      Start time:10:16:18
                                                      Start date:30/09/2024
                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      Wow64 process (32bit):false
                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forms.office.com/e/qHrQPrc7jb"
                                                      Imagebase:0x7ff76e190000
                                                      File size:3'242'272 bytes
                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:low
                                                      Has exited:true

                                                      Disassembly

                                                      No disassembly