Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA

Overview

General Information

Sample URL:	https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA
Analysis ID:	1523387

Detection

Score:	3
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Form action URLs do not match main URL

HTML body contains low number of good links

HTML body contains password input but no form action

HTML body with high number of large embedded background images detected

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 6296 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6960 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1960,i,9269168430625253991,11769134905540485546,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6604 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare

HTTP Parser: Form action: //translate.googleapis.com/translate_voting?client=te_lib rs-karnobat googleapis

Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare

HTTP Parser: Number of links: 0

Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare

HTTP Parser: Total embedded background img size: 348801

Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare

HTTP Parser: Title: does not match URL

Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare

HTTP Parser: <input type="password" .../> found

Source: https://karnobat-rs.justice.bg/	HTTP Parser: No favicon
Source: https://karnobat-rs.justice.bg/bg/7536	HTTP Parser: No favicon

Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="author".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="author".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="author".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="author".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="author".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="author".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="author".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="author".. found

Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="copyright".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="copyright".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="copyright".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="copyright".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="copyright".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="copyright".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="copyright".. found
Source: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49846 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: cloud.rs-karnobat.org
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: karnobat-rs.justice.bg
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: translate.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49846 version: TLS 1.2

Source: classification engine

Classification label: clean3.win@18/32@16/153

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1960,i,9269168430625253991,11769134905540485546,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1960,i,9269168430625253991,11769134905540485546,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
karnobat-rs.justice.bg	212.122.184.119	true	false		unknown
cloud.rs-karnobat.org	83.228.101.169	true	false		unknown
www3.l.google.com	172.217.16.206	true	false		unknown
maxcdn.bootstrapcdn.com	104.18.10.207	true	false		unknown
www.google.com	142.250.186.132	true	false		unknown
translate.google.com	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare	false		unknown
https://karnobat-rs.justice.bg/bg/7536	false		unknown
https://karnobat-rs.justice.bg/	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
142.250.186.35	unknown	United States		15169	GOOGLEUS	false
142.250.186.46	unknown	United States		15169	GOOGLEUS	false
104.18.10.207	maxcdn.bootstrapcdn.com	United States		13335	CLOUDFLARENETUS	false
216.58.212.138	unknown	United States		15169	GOOGLEUS	false
172.217.16.206	www3.l.google.com	United States		15169	GOOGLEUS	false
142.250.185.234	unknown	United States		15169	GOOGLEUS	false
216.58.206.42	unknown	United States		15169	GOOGLEUS	false
142.250.185.238	unknown	United States		15169	GOOGLEUS	false
142.250.181.234	unknown	United States		15169	GOOGLEUS	false
142.250.185.106	unknown	United States		15169	GOOGLEUS	false
216.58.206.35	unknown	United States		15169	GOOGLEUS	false
142.251.168.84	unknown	United States		15169	GOOGLEUS	false
142.250.181.227	unknown	United States		15169	GOOGLEUS	false
83.228.101.169	cloud.rs-karnobat.org	Bulgaria		8866	BTC-ASBULGARIABG	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
142.250.185.131	unknown	United States		15169	GOOGLEUS	false
212.122.184.119	karnobat-rs.justice.bg	Bulgaria		12564	CMBG-ASBulgarianGovernmentAutonomousSystemBG	false
142.250.186.131	unknown	United States		15169	GOOGLEUS	false
142.250.186.132	www.google.com	United States		15169	GOOGLEUS	false
172.217.18.10	unknown	United States		15169	GOOGLEUS	false
142.250.184.234	unknown	United States		15169	GOOGLEUS	false
172.217.16.132	unknown	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1523387
Start date and time:	2024-10-01 15:02:45 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean3.win@18/32@16/153

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.131, 142.250.185.238, 142.251.168.84, 34.104.35.123
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA

LLM Input / Output

Input	Output
URL: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare Model: jbxai	{ "brand":["Globi"], "contains_trigger_text":true, "trigger_text":"", "prominent_button_name":" ?", "text_input_field_labels":[""], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare Model: jbxai	{ "phishing_score":7, "brands":"unknown", "legit_domain":"unknown", "classification":"unknown", "reasons":["The brand is unknown, making it difficult to associate with a legitimate domain.", "The URL 'cloud.rs-karnobat.org' does not match any well-known or known brand.", "The domain 'rs-karnobat.org' appears to be specific and not associated with any major brand.", "The presence of a non-English input field ('' which means 'Password' in Bulgarian) suggests it might be targeting a specific demographic, but this alone is not enough to determine legitimacy.", "The use of 'cloud' as a subdomain is common and not inherently suspicious, but without a known brand association, it raises concerns."], "brand_matches":[], "url_match":false, "brand_input":"unknown", "input_fields":""}

URL: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare Model: jbxai	{ "brand":["Globi"], "contains_trigger_text":true, "trigger_text":" ?", "prominent_button_name":" ?", "text_input_field_labels":[""], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare Model: jbxai	{ "brand":["Globi"], "contains_trigger_text":true, "trigger_text":"", "prominent_button_name":" ?", "text_input_field_labels":[""], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare Model: jbxai	{ "brand":["Globi"], "contains_trigger_text":true, "trigger_text":" ", "prominent_button_name":"", "text_input_field_labels":[" "], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare Model: jbxai	{ "phishing_score":7, "brands":"unknown", "legit_domain":"unknown", "classification":"unknown", "reasons":["The brand is unknown and cannot be determined from the URL.", "The URL contains a subdomain (cloud) which is common for legitimate services but does not provide enough information to verify legitimacy.", "The main domain (rs-karnobat.org) does not match any well-known or known brand.", "The input field '' (Password) suggests that the site is asking for sensitive information, which is a common tactic in phishing sites."], "brand_matches":[], "url_match":false, "brand_input":"unknown", "input_fields":""}

URL: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare Model: jbxai	{ "phishing_score":7, "brands":"unknown", "legit_domain":"unknown", "classification":"unknown", "reasons":["The brand is unknown and cannot be determined from the URL.", "The URL contains a subdomain (cloud) which is common for legitimate services but does not provide enough information to verify legitimacy.", "The main domain (rs-karnobat.org) does not match any well-known or known brand.", "The input field ' ' (Email address) is a common target for phishing attempts."], "brand_matches":[], "url_match":false, "brand_input":"unknown", "input_fields":" "}

URL: https://karnobat-rs.justice.bg/ Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://cloud.rs-karnobat.org/index.php/s/L3Ss49AjjxwFWSA/authenticate/showshare Model: jbxai	{ "brand":["Globi"], "contains_trigger_text":true, "trigger_text":" . , .", "prominent_button_name":" ?", "text_input_field_labels":[""], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 1 12:03:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.974478696735351
Encrypted:	false
SSDEEP:
MD5:	D5E6D0C5AB74DC8866FAFFD8F0C62F21
SHA1:	06C3D1F5F42992761609C9B80932AA3369E0D624
SHA-256:	3028190B1C7CB688616CA5D5E31CBC045A93022E2A4149975A7C0023B27A18C9
SHA-512:	8F27C2733B5CCB109EC6AD1A1CEC930739CAC43D0438EE5A9D4452F695779B83C59512EBFB40887D63309EED47A33C0A8706FE1CE4856AB0D9EC2201C19A0805
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....6XI....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IAY]h....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VAYih....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VAYih....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VAYih..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VAYjh...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............L.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 1 12:03:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.9898361388525667
Encrypted:	false
SSDEEP:
MD5:	274C4A90DF0FC753C74CCFC45D3E3797
SHA1:	A3DC520331A2A74D70A0A8F84F7FA74A82B7CBD4
SHA-256:	3964D6B2C2FA11DE69FE390250BEE38971B77C1B296FA96CC2A5E2F8C562CA7B
SHA-512:	6A9C8737B1C3104B293214C30D28C4B44E6940E2AC50349E61386EA858F647919DB43F5C34CA2EEEA26FE2245EC466BB1E3B88D08739603F2DECA3384280F30B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....K.MI....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IAY]h....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VAYih....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VAYih....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VAYih..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VAYjh...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............L.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	3.999790009934608
Encrypted:	false
SSDEEP:
MD5:	46575771DC8DD69BE46AF8FB70FD391E
SHA1:	6C56EA7A7F88CB330EDA147A1040E76FFEE789A7
SHA-256:	A8DAB48DE6A6262564F3AD89C66D2A3F5BAD56B66B7BF8829D9E7D2AEEB4577E
SHA-512:	0EF718396900B798012C6AF4BB995C4F7019A1BCD95D270C5BEB050F262BD33E1959CADEB8608AA3218274D721F0B5959A131471ACD8A624491774CED375D8D0
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IAY]h....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VAYih....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VAYih....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VAYih..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............L.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 1 12:03:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9855693206609732
Encrypted:	false
SSDEEP:
MD5:	B8B730C51EA6AC0FFA01026DFFD52C4F
SHA1:	C1A462A3A04139389A116F509143544C203446C2
SHA-256:	83843CAD5D14DE16A5828BF55DC2B97B6B4E766D40237639296B0F1F5BBDCA93
SHA-512:	7F5BD01C91E2AD55B14BB71419348B94CE27784EA347102DBB3F253AD9F39C8A5B23C69AABFDA19DC4F1A021FFD747CA9A084ACAD5D083E6B961AFD3B21267D6
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......GI....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IAY]h....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VAYih....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VAYih....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VAYih..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VAYjh...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............L.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 1 12:03:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9774390979302603
Encrypted:	false
SSDEEP:
MD5:	2EFF5E07439DC3DDB6C26D29CA9006A5
SHA1:	D0F90F59D080238A60422B86C6BEF32E863983B3
SHA-256:	7BCA939FA0E804438D7417DF4A7A414B5F7BDEF31FDEFBAFD20419A9DDB196B7
SHA-512:	82E88A9AE33AB6B1096CF61DE58F325839D634BF82FCCE1D8C1567DE310179140029D77B6164A94185DCE2730CF1CE44141A3AAA2376C413BCF3AFD0ACDFCF6C
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......SI....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IAY]h....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VAYih....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VAYih....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VAYih..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VAYjh...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............L.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 1 12:03:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9868910967810205
Encrypted:	false
SSDEEP:
MD5:	C297549FBB6060C8078E4ACDD213E596
SHA1:	C4A7E3DDC198C585C50C4AD88CA7DB51C7BA2A12
SHA-256:	2E986B56158C1D52A3EF07872B68804810280095D6CAEC77BF1A848089510336
SHA-512:	CF0F51601EF90874F97B4B0C8ADE96D18C18EE736ACFD17322D41BDF22A4599AD743AC307C53F9C2B8B195003479072F850EDAF94C2AED4AB1B570133AC126E8
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......>I....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IAY]h....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VAYih....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VAYih....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VAYih..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VAYjh...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............L.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 175

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3225)
Category:	downloaded
Size (bytes):	3422
Entropy (8bit):	5.007262530405471
Encrypted:	false
SSDEEP:
MD5:	A85843175E0956C822538953E575CFAF
SHA1:	F969690F96478E539D93E90E49DD076F20002C17
SHA-256:	2E8F0150D81ED8A5819C478DE2991AAF9C2438B8D94C311A63C3B9EC5C66D8E8
SHA-512:	0B42F76E6343A01976532E347470798DCB959BCBCED032E1A801F761237C0CAE643861DB499625E1DB6934A3D73EFC9609634F8FB17952CE68246FCAF2246BFA
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/index.php/apps/theming/theme/light-highcontrast.css?plain=1&v=2096ac2e
Preview:	:root { --color-main-background:#ffffff; --color-main-background-rgb:255,255,255; --color-main-background-translucent:rgba(var(--color-main-background-rgb), 1); --color-main-background-blur:#ffffff; --filter-background-blur:none; --gradient-main-background:var(--color-main-background) 0%, var(--color-main-background-translucent) 85%, transparent 100%; --color-background-hover:#f5f5f5; --color-background-dark:#cccccc; --color-background-darker:#cccccc; --color-placeholder-light:#b3b3b3; --color-placeholder-dark:#8c8c8c; --color-main-text:#000000; --color-text-maxcontrast:#000000; --color-text-maxcontrast-default:#6b6b6b; --color-text-maxcontrast-background-blur:#000000; --color-text-light:#000000; --color-text-lighter:#000000; --color-scrollbar:#bfbfbf; --color-error:#D10000; --color-error-rgb:209,0,0; --color-error-hover:#a80000; --color-error-text:#7a0000; --color-warning:#995900; --color-warning-rgb:153,89,0; --color-warning-hover:#754400; --color-warning-text:#573200; --color-succes

Chrome Cache Entry: 176

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	dropped
Size (bytes):	1555
Entropy (8bit):	5.249530958699059
Encrypted:	false
SSDEEP:
MD5:	FBE36EB2EECF1B90451A3A72701E49D2
SHA1:	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
SHA-256:	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
SHA-512:	7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
Malicious:	false
Reputation:	unknown
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

Chrome Cache Entry: 178

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	127959
Entropy (8bit):	4.9863214573373895
Encrypted:	false
SSDEEP:
MD5:	3E59E5C02016233CE5A2769C1B27F0CA
SHA1:	15EC53E649DACE78C70593A761ED39590317CF47
SHA-256:	7C3A3012E5714FA2791C13CEB964BE72DC5B77B97C09ED731D1D4C6B3FAFD8D9
SHA-512:	114399842D9F0A7B9DDF2673FF695DA2DDCF557625E2CF16AE0716B9F9B27803CB0E2EEE502332EAE739DB815C00B26894E1E0A3463E3B66B32AC7901B969DA4
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/core/css/server.css?v=0ac90d3e-4
Preview:	@import"../../dist/icons.css";html,body,div,span,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,code,del,dfn,em,img,q,dl,dt,dd,ol,ul,li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td,article,aside,dialog,figure,footer,header,hgroup,nav,section,main{margin:0;padding:0;border:0;font-weight:inherit;font-size:100%;font-family:inherit;vertical-align:baseline;cursor:default;scrollbar-color:var(--color-border-dark) rgba(0,0,0,0);scrollbar-width:thin}.js-focus-visible :focus:not(.focus-visible){outline:none}.content:not(#content-vue) :focus-visible{box-shadow:inset 0 0 0 2px var(--color-primary-element);outline:none}html,body{height:100%;overscroll-behavior-y:contain}article,aside,dialog,figure,footer,header,hgroup,nav,section{display:block}body{line-height:1.5}table{border-collapse:separate;border-spacing:0;white-space:nowrap}caption,th,td{text-align:left;font-weight:normal}table,td,th{vertical-align:middle}a{border:0;color:var(--color-main-text);

Chrome Cache Entry: 179

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	571
Entropy (8bit):	4.856000505253806
Encrypted:	false
SSDEEP:
MD5:	5FC471A47F1B9ADD0AB882714C9B166C
SHA1:	8F6F2EDEF737C4D1167E1A9529CFB629AD582F1E
SHA-256:	10A16CEE6DE0569C2DA11F7DDE1EFDF2F1970D9C19246715EB62513FEEC04DEE
SHA-512:	F550CAEDBBBEDB0042D82AAB913A3A7B35821E57170397514CC67E8339C383F93E92DC9095A9551472AEC38B4EDF4A1F2069D64803718B10FE024639DB17A993
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/index.php/apps/theming/manifest?v=2096ac2e
Preview:	{"name":"\u0420\u0430\u0439\u043e\u043d\u0435\u043d \u0441\u044a\u0434 \u041a\u0430\u0440\u043d\u043e\u0431\u0430\u0442","short_name":"\u0420\u0430\u0439\u043e\u043d\u0435\u043d \u0441\u044a\u0434 \u041a\u0430\u0440\u043d\u043e\u0431\u0430\u0442","start_url":"https:\/\/cloud.rs-karnobat.org","theme_color":"#0082c9","background_color":"#0082c9","description":"","icons":[{"src":"\/index.php\/apps\/theming\/icon?v=4","type":"image\/png","sizes":"512x512"},{"src":"\/index.php\/apps\/theming\/favicon?v=4","type":"image\/svg+xml","sizes":"16x16"}],"display":"standalone"}

Chrome Cache Entry: 182

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	588
Entropy (8bit):	4.742424014851693
Encrypted:	false
SSDEEP:
MD5:	55DC2A633460B520640A3773844AE081
SHA1:	EA55F798933EE001F7B19FECB032ECD2453C2B80
SHA-256:	56C26DE191EADE7BD3F16A91C44C1DF8342701109E8045E91FA8DCAC110025C8
SHA-512:	0B0CE9CB3C139D906F9169C40CC782DFA7745FB883EEA15090C8CBC535CD68C1A36116E31625FBC9044E8FFDB0FE6BCD74D968140384DC23FDD74332D7E5E07A
Malicious:	false
Reputation:	unknown
URL:	https://karnobat-rs.justice.bg/assets/images/up.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100">. <g fill="none">. <circle cx="50" cy="50" r="50" fill="#5F74AD"/>. <path fill="#FFFFFF" d="M27.4314555,55.9021342 C26.9332205,56.1404205 26.3361521,55.9296905 26.0978658,55.4314555 C25.8595795,54.9332205 26.0703095,54.3361521 26.5685445,54.0978658 L50.0097637,42.8868479 L72.4472136,54.1055728 C72.9411921,54.3525621 73.1414164,54.9532351 72.8944272,55.4472136 C72.6474379,55.9411921 72.0467649,56.1414164 71.5527864,55.8944272 L49.9902363,45.1131521 L27.4314555,55.9021342 Z"/>. </g>.</svg>.

Chrome Cache Entry: 184

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65325)
Category:	downloaded
Size (bytes):	144877
Entropy (8bit):	5.049937202697915
Encrypted:	false
SSDEEP:
MD5:	450FC463B8B1A349DF717056FBB3E078
SHA1:	895125A4522A3B10EE7ADA06EE6503587CBF95C5
SHA-256:	2C0F3DCFE93D7E380C290FE4AB838ED8CADFF1596D62697F5444BE460D1F876D
SHA-512:	93BF1ED5F6D8B34F53413A86EFD4A925D578C97ABC757EA871F3F46F340745E4126C48219D2E8040713605B64A9ECF7AD986AA8102F5EA5ECF9228801D962F5D
Malicious:	false
Reputation:	unknown
URL:	https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Preview:	/!. Bootstrap v4.0.0 (https://getbootstrap.com). * Copyright 2011-2018 The Bootstrap Authors. * Copyright 2011-2018 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). /:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace},::after,::before{box-sizing:border-box}html{font-family:sans

Chrome Cache Entry: 186

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	15406
Entropy (8bit):	3.3517451071278246
Encrypted:	false
SSDEEP:
MD5:	6BEC0A8F0C2AA4EE293A3C60A76B8ADC
SHA1:	BEA68E114F0C57CA3147911C99A988CF8400AD09
SHA-256:	BB8F11B44AE7069B68E63E376A58023CEA98CA463ED7B6836A37E6965BC12DE1
SHA-512:	1179169AEA5CB76C700524BAC4B680654073D2C26200F7187B5C2FA11D0A050F446C00AA171DC01D5E0A4C7D9F04ED951C6D9D595206FD4CA8ABF2A908EC5E58
Malicious:	false
Reputation:	unknown
Preview:	............ .h...6... .... .(.......00.... .h&......(....... ..... ........................................0 . W...Q..............$. . m...#..........................#$.."...!...!. ...";......!...!. .!...".""".......................!...!...!...!. .!....... t .!. .!...!\..........................#....0..!. ."...!...!T..!S.."`..!. .!.!!!.......................!. .". ."...!\......"...!. .". .". .!. ."........................! .". ."...!. . } .". ."...#:.."I . 7!.!6................ . ? . e..![..!. .!...!. ."...!. . W...8........................ ."...!. .!...!\..!s..!. .!...!...!D..!q..#P...................... V .!..."...!. .". ."..."...!...&."."..."p...........................)..!...!...!...!..."...!. ."..."X ?............................ ."~..!. .!...!...!...!...!...!..."Y.. f...................9.. . .!...!... ...!...!...!...!s.."...!...!...................!. ."...!....9...9.."p .!. .!. . ~.."...!...!.***................... . . G..!&..!j..!...!...!....0 .!... f...Z..................

Chrome Cache Entry: 187

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 28 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansLight1.10;1ASC;OpenSans-Lig
Category:	downloaded
Size (bytes):	222236
Entropy (8bit):	6.431386209996534
Encrypted:	false
SSDEEP:
MD5:	9FF12F694E5951A6F51A9D63B05062E7
SHA1:	B08CB587B9A36E3FF85375B990BF09F8B40DEC63
SHA-256:	1C8D3CC6810ECD3623EBFF7D2C3DB1A44024260C5AE662F8166D69B9425828ED
SHA-512:	3D209661AC00306464C67574BCD935A02B6D8C1E975C05CFB2696A07FFF59892CB571DD8068003CCBA12499F8D52DAC5674E68BC134968BC7149F9F8A088CA33
Malicious:	false
Reputation:	unknown
URL:	https://karnobat-rs.justice.bg/assets/styles/fonts/OpenSans-Light.ttf
Preview:	...........0DSIGHE....N....tGDEF.&....J.....GPOS.7.7..J....8GSUB.+=...J.....OS/2..........`cmap............cvt .......,....fpgm~a.....<....gasp...#..Jx....glyf..zU..%0..B.head..F....<...6hhea...$...t...$hmtx>.L ........kernT+.~..h....6loca=Z........Vmaxp.j......... name/......8....post.C.l..$L..&+prep..].......:.........z._.<..........B.......+.........b...........................................................X......./.\...5...........,.......3.......3.....f..................@. [...(....1ASC.@. ...........X ........?..... ...........................+.7.....u.q...{.....-.R.-.=.h.h...o...D...\...........s.......q...^...+...........m...y...o.......L...o...o...o.^.9...q.................j...............o.Z...H.................................\.o.1...........#.3.N...9.....R...........3...X.J.......=.b.......w...w.d.w.f.../.-...............................w.......w.......T...................7.......R...=.T.....H...o...............N.......+.T...!.....P...d...N.u.R...o...\...d.....m.....o

Chrome Cache Entry: 192

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansBold1.10;1ASC;OpenSans-Bold
Category:	downloaded
Size (bytes):	224452
Entropy (8bit):	6.418018034788758
Encrypted:	false
SSDEEP:
MD5:	F5331CB6372B6C0D8BAF2DD7E200498C
SHA1:	8387D4F8E061C264DC3AEBEBE6068B66E45D7C6F
SHA-256:	1B43DE2449D39B65FF6F63315D4AFDA585F72FBBEC2E3D9A56F59DE6C75149D3
SHA-512:	B534A27EE82942784155E087FF2A546AB6EAA7A6CDD1C449687B97DCEE2028D3ABF6F9B0A7459667797DFAEDA30C0342C01DB0F2826F7E80B6B9CCDC9902166A
Malicious:	false
Reputation:	unknown
URL:	https://karnobat-rs.justice.bg/assets/styles/fonts/OpenSans-Bold.ttf
Preview:	...........0DSIG..t:..WP...tGDEF.&....S0....GPOS.7.7..SP...8GSUB.+=...S.....OS/2.m.........`cmap............cvt .-..........fpgm.s.u...<....gasp......S$....glyf......%...K.head.%I....<...6hhea.).R...t...$hmtx$...........kernT+.~..p....6loca..`+.......Vmaxp.5......... nameo)8...'.....post.C.l..,...&+prep...k.................4S_.<..........B.......+.....................................y...............................X......./.\.......................3.......3.....f..................@. [...(....1ASC. . ...........X ........^..... ...................J.u.....+.-...X.5.?...R.!.....R...=.\.?...X.R.?...=.H.u.N.....J...y...N...N...#...d...H...7...H...B.H.u.R.?...X...X...X.....-.f.....`.....w.....{...d.....w.......B...h.P...............^.w.....^.w.H...h.^...).....3.......V.........1.....N.....3.B...J.....L...V.......\...\...\...).....B...q...q.}.....q.......B.....\.......\.......\.y./.B.....................7.'...h...'.R...X.....J.u.......R...q.....h.....j.......d.../...R...X...=...d.....m.\...X

Chrome Cache Entry: 194

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	3849
Entropy (8bit):	5.003420672959397
Encrypted:	false
SSDEEP:
MD5:	77EB666083A821760DADCCE1923146B6
SHA1:	5E06C26177F92B1395600E5D29D7F982519F7894
SHA-256:	F170F03ADF0A7EA9AEE2ACB201A07BFDF44D1B75B008B5CA95683A286A0B859C
SHA-512:	17E779ED6BCDD20331894417DD2F8B6FC92EC8D5AF9AE46DD8CD446B2C39F419A467501671BE490E713B08A4954B0176C3F18EA79400953C5F0AA6A8913D0B0B
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/index.php/apps/theming/theme/dark-highcontrast.css?plain=0&v=2096ac2e
Preview:	[data-theme-dark-highcontrast] {. --color-main-background:#000000;. --color-main-background-rgb:0,0,0;. --color-main-background-translucent:rgba(var(--color-main-background-rgb), 1);. --color-main-background-blur:#000000;. --filter-background-blur:none;. --gradient-main-background:var(--color-main-background) 0%, var(--color-main-background-translucent) 85%, transparent 100%;. --color-background-hover:#212121;. --color-background-dark:#404040;. --color-background-darker:#404040;. --color-placeholder-light:#4d4d4d;. --color-placeholder-dark:#737373;. --color-main-text:#ffffff;. --color-text-maxcontrast:#ffffff;. --color-text-maxcontrast-default:#999999;. --color-text-maxcontrast-background-blur:#ffffff;. --color-text-light:#ffffff;. --color-text-lighter:#ffffff;. --color-scrollbar:#595959;. --color-error:#ff5252;. --color-error-rgb:255,82,82;. --color-error-hover:#ff8585;. --color-error-text:#ffd2d2;. --color-warning:#ffcc00;. --color-warning-rgb:255,204,0;. --c

Chrome Cache Entry: 198

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	5016
Entropy (8bit):	5.057508753647395
Encrypted:	false
SSDEEP:
MD5:	54CFB4AB6DB78D2EEA499AA1E906A204
SHA1:	BC117CA3928D10509D56D14E1CAA29A8A1615F35
SHA-256:	B9DB135DCF413775A35860F0EC8AF3EA18F7493DAFD009A938C9136AEBF6BDFD
SHA-512:	82B85A25A9565B2D1B3009C821EC1112019EED2476F29EBC758F597FDDD903DD04D1E5CC857E6074983B30D30B6D1A59FC16206C11F612F1A1530F465C5A5505
Malicious:	false
Reputation:	unknown
URL:	https://karnobat-rs.justice.bg/assets/js/dtpckr/dtpckr.css
Preview:	.jquery-dtpckr { background:white; border-radius:4px; padding:10px; box-shadow:0 0 2px gray; border:1px solid #ebebeb; overflow:hidden; position:relative; }...jquery-dtpckr-table { width:100%; float:left; zoom:1; }...jquery-dtpckr-item,...jquery-dtpckr-week,..th.jquery-dtpckr-day { text-align:center; line-height:2.6em; }.....jquery-dtpckr-popup { display:none; position:absolute; z-index: 1000; }..../ widths /...jquery-dtpckr-day { width:14.2857%; }...jquery-dtpckr-with-week .jquery-dtpckr-day,...jquery-dtpckr-with-week .jquery-dtpckr-week { width:12.5%; }...jquery-dtpckr-month,...jquery-dtpckr-year { width:33.333%; }..../ styles */...jquery-dtpckr-striped .jquery-dtpckr-odd-row { background:#efefef; }...jquery-dtpckr-item { cursor:pointer; text-shadow:1px 1px 0 white; border-radius:2px; }...jquery-dtpckr-item:hover { background:silver; box-shadow:inset 0 0 3px gray; }...jquery-dtpckr-week { color:gray; }...jquery-dtpckr-day-sat,...jquery-dtpckr-day-sun { color:#8b0000; }...jquery-d

Chrome Cache Entry: 200

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	3785
Entropy (8bit):	4.994861139805785
Encrypted:	false
SSDEEP:
MD5:	9CECD1140413EB4005B4279E95B73EF0
SHA1:	105287B92425870501A678D61687A524BFB7172A
SHA-256:	64FF965B984FF1090B732B85183C0A4413A9FDED309CC3A337D85F0313F2FB0D
SHA-512:	D98236CE094E6F7C760C9A73F14C386523A741DE6D6F8FCC00AE3B40C4C21286EE0C7815B568E136D5847C96166F084E86285AF7FECB403B1393B840A502BA4E
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/index.php/apps/theming/theme/light-highcontrast.css?plain=0&v=2096ac2e
Preview:	[data-theme-light-highcontrast] {. --color-main-background:#ffffff;. --color-main-background-rgb:255,255,255;. --color-main-background-translucent:rgba(var(--color-main-background-rgb), 1);. --color-main-background-blur:#ffffff;. --filter-background-blur:none;. --gradient-main-background:var(--color-main-background) 0%, var(--color-main-background-translucent) 85%, transparent 100%;. --color-background-hover:#f5f5f5;. --color-background-dark:#cccccc;. --color-background-darker:#cccccc;. --color-placeholder-light:#b3b3b3;. --color-placeholder-dark:#8c8c8c;. --color-main-text:#000000;. --color-text-maxcontrast:#000000;. --color-text-maxcontrast-default:#6b6b6b;. --color-text-maxcontrast-background-blur:#000000;. --color-text-light:#000000;. --color-text-lighter:#000000;. --color-scrollbar:#bfbfbf;. --color-error:#D10000;. --color-error-rgb:209,0,0;. --color-error-hover:#a80000;. --color-error-text:#7a0000;. --color-warning:#995900;. --color-warning-rgb:153,89,0;.

Chrome Cache Entry: 201

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	890
Entropy (8bit):	5.046020431568368
Encrypted:	false
SSDEEP:
MD5:	F089960B32898903ACE728FD7E8DF347
SHA1:	C2BF30951FC674103790703045320AC11B801154
SHA-256:	2C7DC2E4C6EEC5D0530EC5524E10B8653C2F9E0E4D6B97B7082A6ED80D032462
SHA-512:	0F57684D47506C05182121BCEA9D97B100C7CA30E00304BEC58887A3B23A79EC189AC19FE978EEDBD6F4B5AB8E78A20986B6B1B5AD4C444A84313EBF9F539FB5
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/index.php/apps/theming/theme/opendyslexic.css?plain=0&v=2096ac2e
Preview:	[data-theme-opendyslexic] {. --font-face:OpenDyslexic, system-ui, -apple-system, "Segoe UI", Roboto, Oxygen-Sans, Cantarell, Ubuntu, "Helvetica Neue", "Noto Sans", "Liberation Sans", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";.}.@font-face {. font-family: "OpenDyslexic";. font-style: normal;. font-weight: 400;. src: url("/apps/theming/fonts/OpenDyslexic-Regular.woff") format("woff"), url("/apps/theming/fonts/OpenDyslexic-Regular.otf") format("opentype"), url("/apps/theming/fonts/OpenDyslexic-Regular.ttf") format("truetype");.}.@font-face {. font-family: "OpenDyslexic";. font-style: normal;. font-weight: 700;. src: url("/apps/theming/fonts/OpenDyslexic-Bold.woff") format("woff"), url("/apps/theming/fonts/OpenDyslexic-Bold.otf") format("opentype"), url("/apps/theming/fonts/OpenDyslexic-Bold.ttf") format("truetype");.}.

Chrome Cache Entry: 207

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	2265
Entropy (8bit):	4.959104009403712
Encrypted:	false
SSDEEP:
MD5:	39C2908427AE1F20EC3F89B247F0C2ED
SHA1:	BA746049015404F40F3EF229EA1554B178796D6E
SHA-256:	46080490220C255860B1EE3ADE6CD892FD960C33A7BDFDC67A54B3A79CD9094A
SHA-512:	F9E9B5C1FFA71806E5ABD9D022516D2DBCE088A29C276A4CEE8CE658C5D113A842F23E47371B45158AD27E3C70F4AADBD3AB38D08752A59AD790F5DFA18EECD8
Malicious:	false
Reputation:	unknown
Preview:	function showEmailAddressPromptForm() {..// Shows email prompt..var emailInput = document.getElementById('email-input-form');..emailInput.style.display="block";...// Shows back button..var backButton = document.getElementById('request-password-back-button');..backButton.style.display="block";...// Hides password prompt and 'request password' button..var passwordRequestButton = document.getElementById('request-password-button-not-talk');..var passwordInput = document.getElementById('password-input-form');..passwordRequestButton.style.display="none";..passwordInput.style.display="none";...// Hides identification result messages, if any..var identificationResultSuccess = document.getElementById('identification-success');..var identificationResultFailure = document.getElementById('identification-failure');..if (identificationResultSuccess) {...identificationResultSuccess.style.display="none";..}..if (identificationResultFailure) {...identificationResultFailure.style.display="none";..}.}..d

Chrome Cache Entry: 209

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	760
Entropy (8bit):	5.015056373080487
Encrypted:	false
SSDEEP:
MD5:	8F8F26869945E55E4768DE3A18E2DA11
SHA1:	7140303864E475F57FBABD35B4C4E8FD670A9531
SHA-256:	AB269CFF2835247754E79FD183D5E4164D5B5C6D2AF8A98BFE4D7E0B39C696BB
SHA-512:	A8E8932C7521CAA254274AA6C34A2DB1E7B24488B3A8F97B167950A7B89355D23E6E7639F8998B08BB49A5F776165A043C75D2DE83809B4E337106ADBFB8084D
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/core/css/publicshareauth.css?v=0ac90d3e-4
Preview:	form fieldset {..display: flex !important;..flex-direction: column;.}..form fieldset > p {..position: relative;.}..#email,.#password {..margin: 5px 0;..padding-right: 45px;..height: 45px;..box-sizing: border-box;..flex: 1 1 auto;..width: 100% !important;..min-width: 0; /* FF hack for to override default value /.}..#password-input-form input[type='submit'],.#email-input-form input[type='submit'],.#email-input-form input[type='submit'].icon-confirm,.#password-input-form input[type='submit'].icon-confirm {..position: absolute;..top: 0px;..right: -5px;..width: 45px !important;..height: 45px;..background-color: transparent !important;.}...warning > .warning {../ Do not use a top margin for warning messages in the warning container. */..margin-top: 0;.}.

Chrome Cache Entry: 212

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1612)
Category:	downloaded
Size (bytes):	222826
Entropy (8bit):	5.688859712488951
Encrypted:	false
SSDEEP:
MD5:	09C0607678FF97449F9EC237E8F06730
SHA1:	626BCD413FE065AA8690A900492B5AC593A0A06F
SHA-256:	3B0A2D22C31A8A8E0614AF96287B3EB5A7A588E74C8F20F95D962762E8843662
SHA-512:	5CD0328D513EF74B23EC55D8D5F75539C4C4BDA7C1A324353379C82D4A1523FEBBBDB06E9E5AEFCC297CDDD0027F6B600DC48D10EC33AB0DE3B273A9781E9025
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/dist/icons.css
Preview:	:root {. --original-icon-add-dark: url(data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHZlcnNpb249IjEuMSIgdmlld0JveD0iMCAwIDE2IDE2IiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjxwYXRoIGQ9Ik05LjAyIDEzLjk4aC0ydi01aC01di0yaDV2LTVoMnY1bDUtLjAyOFY4Ljk4aC01eiIgZmlsbD0iIzAwMDAwMCIvPjwvc3ZnPgo=);. --original-icon-add-white: url(data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHZlcnNpb249IjEuMSIgdmlld0JveD0iMCAwIDE2IDE2IiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjxwYXRoIGQ9Ik05LjAyIDEzLjk4aC0ydi01aC01di0yaDV2LTVoMnY1bDUtLjAyOFY4Ljk4aC01eiIgZmlsbD0iI2ZmZmZmZiIvPjwvc3ZnPgo=);. --original-icon-address-dark: url(data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHZlcnNpb249IjEuMSIgdmlld0JveD0iMCAwIDE2IDE2IiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjxjaXJjbGUgY3g9IjgiIGN5PSI2IiByPSI0IiBmaWxsPSJub25lIiBzdHJva2U9IiMwMDAwMDAiIHN0cm9rZS13aWR0aD0iMiIvPjxwYXRoIGQ9Im00IDloOGwtNCA2eiIgZmlsbD0iIzAwMDAwMCIvPjwvc3ZnPgo=);. --original-icon-address-white:

Chrome Cache Entry: 214

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with CRLF line terminators
Category:	downloaded
Size (bytes):	77856
Entropy (8bit):	5.189315543216487
Encrypted:	false
SSDEEP:
MD5:	3EE4BECEED7AE3C0C152ADE2F45B46BE
SHA1:	0020D0F74963BCBA1CB47E7B6384CB8FDA9BFDAF
SHA-256:	DE7730A3D0C7C90560D39E082F93A450743AE3586BE6A1ED27C76F144C687341
SHA-512:	5EC9BABBE7762331AA3BDF2F7B95902A2732CA9572494076E4F2D74B64C04D9ACA41C6512691E0873D611966198962D4E65B58221AACC80105594CD34929555E
Malicious:	false
Reputation:	unknown
URL:	https://karnobat-rs.justice.bg/assets/js/dtpckr/dtpckr.js
Preview:	/*.. ## dtpckr 0.0.3 ##.. /....(function (factory) {..."use strict";...if (typeof define === 'function' && define.amd) {....define(['jquery'], factory);...}...else if(typeof module !== 'undefined' && module.exports) {....module.exports = factory(require('jquery'));...}...else {....factory(jQuery);...}..}(function ($, undefined) {..."use strict";....(function ($, undefined) {..."use strict";.....// prevent another load? maybe there is a better way?...//if($.dtpckr) { return; }.....// internal variables...var instance_counter = 0;...../... ### dtpckr settings... ... `$.dtpckr.defaults` stores all defaults for the fleetmatics plugin.... ... * `mode` determines the mode of the picker, possible values are _date_, _datetime_, _range_, _rangetime_, _multiple_. Default is _date_... * * `time` controls various time settings if the tree is in _datetime_ or _rangetime_ mode... . `style` determines the control to use for time selection, possible values are _input_, _inputs_, _selec

Chrome Cache Entry: 217

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	90022
Entropy (8bit):	2.477130167861254
Encrypted:	false
SSDEEP:
MD5:	091073E1F6C1DB07F5604274775627B7
SHA1:	7373649731A13901E8EEAAABF97346DDF8BE2683
SHA-256:	A18BEE9D45FDA5D3F5EA156A7038E0C67EC5FAB29D175B7675F72F4541CB0D93
SHA-512:	481E97441B42C8166CF710557AEF93D97E68481E293507BBF7733276A8B3A2DEAE192E8FB11F565DC7D373CF6657186B96C54B4C9DE1822809C4E1999FDB2521
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/index.php/apps/theming/favicon?v=2096ac2e
Preview:	............ .h...F... .... .........@@.... .(B..V......... .(...~W..(....... ..... ...............................................................................................................................................................................................................................................8..:......................................)..................1....................g.................................{..........t.............~..a..........'...................n..q...................n..........+...................y..}............\..........v..........)..%.........m..........h....................!..................)......................................)..,.................................................................................................................

Chrome Cache Entry: 219

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	3843
Entropy (8bit):	4.9904778846176745
Encrypted:	false
SSDEEP:
MD5:	DC6BA7682DFD84239E56D7396CB119AA
SHA1:	6A44152A2FFDDD1CE42776E47811AB2A9202F783
SHA-256:	55AB8F9A09838AF9B6DFD99A57D777DF333A4D1AA2A531B7635948B24BC9DBA7
SHA-512:	3A8CE84678B43BA807AA35A6FE49B1B1111B4F072DC237688418D4883C4AA0A19619A8EF4F893261DFC83C0107AD143C478C158E06E87FE3E0DE17C843371040
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/apps/theming/css/default.css?v=0d6d4ea2-4
Preview:	:root {. --color-main-background: #ffffff;. --color-main-background-rgb: 255,255,255;. --color-main-background-translucent: rgba(var(--color-main-background-rgb), .97);. --color-main-background-blur: rgba(var(--color-main-background-rgb), .8);. --filter-background-blur: blur(25px);. --gradient-main-background: var(--color-main-background) 0%, var(--color-main-background-translucent) 85%, transparent 100%;. --color-background-hover: #f5f5f5;. /** Can be used e.g. to colorize selected table rows /. --color-background-dark: #ededed;. /* This should only be used for elements, not as a text background! Otherwise it will not work for accessibility. /. --color-background-darker: #dbdbdb;. --color-placeholder-light: #e6e6e6;. --color-placeholder-dark: #cccccc;. --color-main-text: #222222;. --color-text-maxcontrast: #6b6b6b;. --color-text-maxcontrast-default: #6b6b6b;. --color-text-maxcontrast-background-blur: #595959;. /* @deprecated use ` --color-main-text` instead */.

Chrome Cache Entry: 220

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (22367), with no line terminators
Category:	downloaded
Size (bytes):	22367
Entropy (8bit):	5.542626302580642
Encrypted:	false
SSDEEP:
MD5:	B0B46B807EEE39AF0AAD8F5FEFC9B3A2
SHA1:	0FB04F15599BC0844063A6AB776C86E73CB9FBFC
SHA-256:	71CA2652E2B3FFD3C0EC966958604714CE6C7AF01D961B44ADC438518EB58CB3
SHA-512:	4EEC49904A5480940124A1C1B9C9DAE764EBB115829CBCE4356E66A1D7F077DFD204A4634B0622FFB14CC6EBFF7062D7F30502BF0BC7D998A1A55FC8C876DA8E
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=QDA/d=0/rs=AN8SPfrycRFEIstD_ODMax_0dvnH_HM3_Q/m=el_main_css
Preview:	.VIpgJd-ZVi9od-ORHb-OEVmcd{left:0;top:0;height:39px;width:100%;z-index:10000001;position:fixed;border:none;border-bottom:1px solid #6B90DA;margin:0;box-shadow:0 0 8px 1px #999}.VIpgJd-ZVi9od-xl07Ob-OEVmcd{z-index:10000002;border:none;position:fixed;box-shadow:0 3px 8px 2px #999}.VIpgJd-ZVi9od-SmfZ-OEVmcd{z-index:10000000;border:none;margin:0}.goog-te-gadget{font-family:arial;font-size:11px;color:#666;white-space:nowrap}.goog-te-gadget img{vertical-align:middle;border:none}.goog-te-gadget-simple{background-color:#FFF;border-left:1px solid #D5D5D5;border-top:1px solid #9B9B9B;border-bottom:1px solid #E8E8E8;border-right:1px solid #D5D5D5;font-size:10pt;display:inline-block;padding-top:1px;padding-bottom:2px;cursor:pointer}.goog-te-gadget-icon{margin-left:2px;margin-right:2px;width:19px;height:19px;border:none;vertical-align:middle}.goog-te-combo{margin-left:4px;margin-right:4px;vertical-align:baseline}.goog-te-gadget .goog-te-combo{margin:4px 0}.VIpgJd-ZVi9od-l4eHX-hSRGPd,.VIpgJd-ZVi9od-

Chrome Cache Entry: 223

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	25247
Entropy (8bit):	7.940646921457256
Encrypted:	false
SSDEEP:
MD5:	A745538BC8819A84F0833BFB853516C6
SHA1:	EB82F7B71073D2FA8D1C30CF5847E85CF44CD21A
SHA-256:	3A6BC7714F26F4BCEEA885AA13AC75BBDBC73D2565DC9D621C643BB67F7FA189
SHA-512:	C0A7AA04C6E4246A4A081DFB7732A485CE30575696D73216758B5262DE8CE2BF0069B6DBBF0F34ED4EEABB3E8C45674F0815F67E2018A3451D78270944D2575A
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.......C......tIME........`.@..a.IDATx...wxd.u.{.O.\.h..l....T.l......=...xt..../.k..8<.,..d.I.%..T.(...3.n..9..Q.\'.....$;...N....1..l..T..^g..6..1:....^`...6....?.l.:.6 .Xa.."..\...Y`.8....u.8...S@..22.v.M..;..0:."........^.vX""M.;.......iF..a..eJ.Vjt."xz..x..@:.DDZP..$p/.0AR...TT(.....?...x....C.....<.....M.\............~..N""Q....\|.....v@.D...1......Ca.#"".......dd..;..)....... K........02\|<.@.....X.x..[.ua.#"".y..0.MF..a...Z+....%(..f...H..E./....;........6.#....EDD.........YK......~.xg...H.\|...#....d-4g.0:..`~..a."""..).....;...\.@0..._.;...i:...G...h.. X..A.=."""k.C..D}.@........;...i9w32\|_.A\..&..c}....."".....ddx".@V*z.@p8.{..{...i.....J..E+....$X....C...y...w32\|&.@.#:....;.......%.(#..;.Ki..`t,....o..EDDd.>...F..a.r!.....]..k.8EDD^...ad....9.3...ht..~4...H4....x.p.op.........C...Y%.Mp...v ..+...k...V...H...!F.sa.......m...V.............i.5..c7..../"

Chrome Cache Entry: 225

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3344), with no line terminators
Category:	downloaded
Size (bytes):	3344
Entropy (8bit):	4.957744508064298
Encrypted:	false
SSDEEP:
MD5:	C3259C5E03CB367756246AA59C81D5F8
SHA1:	86A9BDF11AF122CC4451EDA962E29384579B03AD
SHA-256:	D53BC2D474D390E27AB67CF0B2A2ED71C5891D0C49347EA621AD2509DA9922F8
SHA-512:	FA7596311E7E68E0340C587980D4694CD823A9FF5513616993A892F867BB11FE18CF1F1C35DBEF1C1672795EA5410EE1D70820B0BD7F834A571B36E0D44340C7
Malicious:	false
Reputation:	unknown
URL:	https://cloud.rs-karnobat.org/index.php/apps/theming/theme/default.css?plain=1&v=2096ac2e
Preview:	:root { --color-main-background:#ffffff; --color-main-background-rgb:255,255,255; --color-main-background-translucent:rgba(var(--color-main-background-rgb), .97); --color-main-background-blur:rgba(var(--color-main-background-rgb), .8); --filter-background-blur:none; --gradient-main-background:var(--color-main-background) 0%, var(--color-main-background-translucent) 85%, transparent 100%; --color-background-hover:#f5f5f5; --color-background-dark:#ededed; --color-background-darker:#dbdbdb; --color-placeholder-light:#e6e6e6; --color-placeholder-dark:#cccccc; --color-main-text:#222222; --color-text-maxcontrast:#6b6b6b; --color-text-maxcontrast-default:#6b6b6b; --color-text-maxcontrast-background-blur:#595959; --color-text-light:var(--color-main-text); --color-text-lighter:var(--color-text-maxcontrast); --color-scrollbar:rgba(34,34,34, .15); --color-error:#DB0606; --color-error-rgb:219,6,6; --color-error-hover:#df2525; --color-error-text:#c20505; --color-warning:#A37200; --color-warning-rgb

Chrome Cache Entry: 226

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (617), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	37697
Entropy (8bit):	4.069501506426455
Encrypted:	false
SSDEEP:
MD5:	35A1AEF802B18C7BAD6E86BF95E3C3D3
SHA1:	7E52392227D44AEB0C5AD6FD4F940825A99C8A1E
SHA-256:	B3055169F34CD5A88DEC8608E4B1257057FAAA2ED51169D5E08FDF6DC7FAE4A2
SHA-512:	F8912551DB78C2694BC05E8214FE4185D7ECA8F4ABAF0404B3B126D7DB4717AAA2DEA6554221E1E7D82F967AD01B85F2C2DA3C2967D84E0B85CFDDE269557026
Malicious:	false
Reputation:	unknown
URL:	https://karnobat-rs.justice.bg/
Preview:	<!DOCTYPE html>..<html lang="bg" class="">.. <head>.. <meta charset="UTF-8">.. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. <meta http-equiv="X-UA-Compatible" content="ie=edge">.. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">.. <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>.. <script src="/assets/js/dtpckr/dtpckr.js"></script>.. <link rel="stylesheet" href="/assets/styles/style.css">.. <link rel="stylesheet" href="/assets/js/dtpckr/dtpckr.css">.. <title>....... ... - ........</title>.. </head>.. <body>.. ..<header>.. <div class="container-fluid accessability-wrapper">.. <div class="row">.. <div class="top-menu">..

Chrome Cache Entry: 227

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	6225
Entropy (8bit):	5.976934819783072
Encrypted:	false
SSDEEP:
MD5:	2BD5C073A88B83ED74DB88282A56DDFB
SHA1:	D0EBFC376F8C6A44A8D4CD216817DCD7D0C33650
SHA-256:	AB5C23A05E39DEED14D9D8262B0DCE9F024F86105A27196CAD37D14A3F516E09
SHA-512:	5C6C4A92E93FC0F6A675658CC84F6187FDEBD3EEE94EFD07E24658736CBA598F3BC7156B19834B13FB44C1D43FCB7DF9FCCA7F0A453037E30DA76BA8F4B23B89
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="24" viewBox="0 0 24 24" width="24"><path d="M0 0h24v24H0z" fill="none"/><defs><path d="M21.5 5h-9.17L11 1H2.5C1.68 1 1 1.68 1 2.5v15c0 .83.68 1.5 1.5 1.5h9.17L13 23h8.5c.82 0 1.5-.68 1.5-1.5v-15c0-.83-.68-1.5-1.5-1.5z" id="a"/></defs><clipPath id="b"><use overflow="visible" xlink:href="#a"/></clipPath><g clip-path="url(#b)"><image height="31" opacity=".2" overflow="visible" transform="translate(3 1)" width="29" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB0AAAAfCAYAAAAbW8YEAAAACXBIWXMAAAsSAAALEgHS3X78AAAA GXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAABQBJREFUeNq8V8tu20YUvXdm+LCk RKiMwI1TFEXhVZJd1gW66xekv9DPqPsvXdU/UaDroJskKy+CInCcGpKtFy2SM/f2DEXZia0odtKW AkFJ8zhzzn3S0Ycvps+79EMDbj3Yfgv4EM+XTN/fEOb3Zg3AXmq7j64D5/e/x/EfzZMnX5jx+LFZ LLyp6yNDOzskYb6RubFdpbdvKUl2Jc+d9PvP5dmzUyH6TVoYXQOq+H5g9vb+cONsO9maLpIyyZPU kZNAppmh9Vpg5kSXwCSVJ5/Vi/r8Tl73y2F9ePidJ3oaga+B4vkUgF+6EW1ndz11gvNdDdL1bDN

Chrome Cache Entry: 228

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	19652
Entropy (8bit):	3.711796068342279
Encrypted:	false
SSDEEP:
MD5:	CD623DA8BD50A4FFDA6B33B3A91FF92B
SHA1:	F4FF85A0DBA98CA76E70D3274C0E8FE3A44E8EC7
SHA-256:	456982EB8FB450DEEA3D7CCAEF8BC132F136CD3678DA0CE403721A21697FC9B5
SHA-512:	FCD801D369E30B2C0DB895A13AE1DBAF7452DF59E03D3982209B4F309F2A9087EA96ACFC2EF0B8EE6ABDFAA977B6DE0909BCA9DF1B52700AD4AB52B99333380E
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...Z...Z.....8.A.....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 229

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	842
Entropy (8bit):	5.14843982176647
Encrypted:	false
SSDEEP:
MD5:	1717B4FD7D3FA0779F105D2177041EDE
SHA1:	EA7E685426FE54408D67874D70D76B4F80205273
SHA-256:	CFD8C1C969D1050673C3B4413ED8C94086B0E012659EFE7644E9392E8641101E
SHA-512:	40543C755C6599216D864708AD3E1191B29FF9269F7381BBC88E0C581ABFE73C2ED2A86A033D775C2897CAD0045187C84B3774B33C6267079F5CB3CCBFCE4E77
Malicious:	false
Reputation:	unknown
Preview:	/*. Copyright (c) 2014. * Bjoern Schiessle <schiessle@owncloud.com>. * This file is licensed under the Affero General Public License version 3 or later.. * See the COPYING-README file.. /../. @namespace. * @memberOf OC. */.OC.Encryption = _.extend(OC.Encryption \|\| {}, {..displayEncryptionWarning: function () {...if (!OC.currentUser \|\| !OC.Notification.isHidden()) {....return;...}....$.get(....OC.generateUrl('/apps/encryption/ajax/getStatus'),....function (result) {.....if (result.status === "interactionNeeded") {......OC.Notification.show(result.data.message);.....}....}...);..}.});.window.addEventListener('DOMContentLoaded', function() {..// wait for other apps/extensions to register their event handlers and file actions..// in the "ready" clause.._.defer(function() {...OC.Encryption.displayEncryptionWarning();..});.});.

Static File Info

⊘No static file info