Edit tour

Windows Analysis Report
https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM

Overview

General Information

Sample URL:	https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM
Analysis ID:	1525120

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Detected non-DNS traffic on DNS port

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6856 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 7084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1892,i,8515725477769318463,1126689124154343892,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6636 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.17:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.17:49845 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.17:49846 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.17:49848 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.185:443 -> 192.168.2.17:49853 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 1MB later: 31MB

Source: global traffic

TCP traffic: 192.168.2.17:63232 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13

Source: global traffic	DNS traffic detected: DNS query: zapier.com
Source: global traffic	DNS traffic detected: DNS query: cdn.zapier.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: design-system-bff.zapier.com
Source: global traffic	DNS traffic detected: DNS query: cdn.cookielaw.org
Source: global traffic	DNS traffic detected: DNS query: geolocation.onetrust.com
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: static.ads-twitter.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: cdn.pdst.fm
Source: global traffic	DNS traffic detected: DNS query: analytics.tiktok.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: tracking.g2crowd.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: pixels.spotify.com
Source: global traffic	DNS traffic detected: DNS query: t.co
Source: global traffic	DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.17:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.17:49845 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.17:49846 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.17:49848 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.185:443 -> 192.168.2.17:49853 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@18/60@78/480

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1892,i,8515725477769318463,1126689124154343892,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1892,i,8515725477769318463,1126689124154343892,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Extra Window Memory Injection	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
star-mini.c10r.facebook.com	157.240.253.35	true	false	unknown
d20qeu5vw8i5t2.cloudfront.net	18.245.46.67	true	false	unknown
s.twitter.com	104.244.42.131	true	false	unknown
ax-0001.ax-msedge.net	150.171.28.10	true	false	unknown
platform.twitter.map.fastly.net	146.75.52.157	true	false	unknown
scontent.xx.fbcdn.net	157.240.253.1	true	false	unknown
t.co	172.66.0.227	true	false	unknown
googleads.g.doubleclick.net	142.250.186.34	true	false	unknown
zapier.com	13.33.187.12	true	false	unknown
cdn.pdst.fm	35.244.142.80	true	false	unknown
www.google.com	142.250.184.228	true	false	unknown
tracking.g2crowd.com	104.18.30.176	true	false	unknown
td.doubleclick.net	142.250.186.66	true	false	unknown
design-system-bff.zapier.com	52.87.144.228	true	false	unknown
cdn.cookielaw.org	104.18.86.42	true	false	unknown
geolocation.onetrust.com	172.64.155.119	true	false	unknown
edge-web.dual-gslb.spotify.com	35.186.224.24	true	false	unknown
static.ads-twitter.com	unknown	unknown	false	unknown
www.facebook.com	unknown	unknown	false	unknown
www.linkedin.com	unknown	unknown	false	unknown
connect.facebook.net	unknown	unknown	false	unknown
px.ads.linkedin.com	unknown	unknown	false	unknown
analytics.twitter.com	unknown	unknown	false	unknown
snap.licdn.com	unknown	unknown	false	unknown
cdn.zapier.com	unknown	unknown	false	unknown
analytics.tiktok.com	unknown	unknown	false	unknown
pixels.spotify.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.99	unknown	United States	15169	GOOGLEUS	false
2.18.64.26	unknown	European Union	6057	AdministracionNacionaldeTelecomunicacionesUY	false
2.18.64.220	unknown	European Union	6057	AdministracionNacionaldeTelecomunicacionesUY	false
44.209.38.104	unknown	United States	14618	AMAZON-AESUS	false
146.75.52.157	platform.twitter.map.fastly.net	Sweden	30051	SCCGOVUS	false
13.33.187.12	zapier.com	United States	16509	AMAZON-02US	false
2.18.64.21	unknown	European Union	6057	AdministracionNacionaldeTelecomunicacionesUY	false
157.240.0.6	unknown	United States	32934	FACEBOOKUS	false
142.250.185.163	unknown	United States	15169	GOOGLEUS	false
104.18.32.137	unknown	United States	13335	CLOUDFLARENETUS	false
13.33.187.86	unknown	United States	16509	AMAZON-02US	false
150.171.28.10	ax-0001.ax-msedge.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.87.144.228	design-system-bff.zapier.com	United States	14618	AMAZON-AESUS	false
142.250.184.227	unknown	United States	15169	GOOGLEUS	false
142.250.184.228	www.google.com	United States	15169	GOOGLEUS	false
18.245.46.67	d20qeu5vw8i5t2.cloudfront.net	United States	16509	AMAZON-02US	false
142.250.184.196	unknown	United States	15169	GOOGLEUS	false
142.250.186.34	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
162.159.140.229	unknown	United States	13335	CLOUDFLARENETUS	false
2.18.64.212	unknown	European Union	6057	AdministracionNacionaldeTelecomunicacionesUY	false
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
157.240.0.35	unknown	United States	32934	FACEBOOKUS	false
104.18.30.176	tracking.g2crowd.com	United States	13335	CLOUDFLARENETUS	false
142.250.185.110	unknown	United States	15169	GOOGLEUS	false
104.244.42.131	s.twitter.com	United States	13414	TWITTERUS	false
216.58.206.42	unknown	United States	15169	GOOGLEUS	false
35.186.224.24	edge-web.dual-gslb.spotify.com	United States	15169	GOOGLEUS	false
216.58.206.68	unknown	United States	15169	GOOGLEUS	false
172.64.155.119	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
13.107.42.14	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
18.245.46.71	unknown	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
157.240.253.1	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
64.233.184.84	unknown	United States	15169	GOOGLEUS	false
142.250.184.238	unknown	United States	15169	GOOGLEUS	false
142.250.186.40	unknown	United States	15169	GOOGLEUS	false
35.244.142.80	cdn.pdst.fm	United States	15169	GOOGLEUS	false
157.240.253.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
142.250.186.168	unknown	United States	15169	GOOGLEUS	false
104.18.86.42	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
142.250.186.42	unknown	United States	15169	GOOGLEUS	false
172.66.0.227	t.co	United States	13335	CLOUDFLARENETUS	false
172.217.16.195	unknown	United States	15169	GOOGLEUS	false
142.250.186.66	td.doubleclick.net	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1525120
Start date and time:	2024-10-03 17:57:21 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	21
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@18/60@78/480

Warnings

Exclude process from analysis (whitelisted): TextInputHost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.163, 142.250.184.238, 64.233.184.84, 34.104.35.123, 142.250.185.163, 142.250.186.168, 142.250.186.40, 142.250.186.42
Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, fonts.gstatic.com, www.googletagmanager.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:57:55 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.989453083854241
Encrypted:	false
SSDEEP:
MD5:	C9F4BDE99D4D8BD3644589EB5CDBFA7F
SHA1:	468AC00E892E6D86BDE3189B2353E642A5FE4EC1
SHA-256:	D0B87A5E3FE9B6B10142F1CF354659C468BCABE47F4E0A519DC6DE5850E1913E
SHA-512:	190E98773436FE0DB9663AD2FBE44C3F5CDA7FE5615A4E6ED220874FB3B41CD4FE995E0B4C52F796EB41460E411419F63F0084F91AB8C7A447A9DB16C94981FE
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....9KZ.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY2.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY:.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY:.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY:............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY<............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.#......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:57:54 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.006331129206043
Encrypted:	false
SSDEEP:
MD5:	BDECEDAB57228F0D1CC5197D72F6A9F3
SHA1:	5CF5E4D265CE74CF65C9794329E6278A097CBC27
SHA-256:	CFAACD722312B9C2915F5D1517BF28FDBEA56ED8490E41DB220E9838B224894C
SHA-512:	515F7B41F44C1E43E27F1F9462B56B2BF0E95B72F6E1F17F57BBBA37F8762214255453E4DD57B251D10E53E6C30BDD4C4F1508D196D5C22B0BB025641CA2E084
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......M.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY2.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY:.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY:.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY:............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY<............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.#......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.013541630872554
Encrypted:	false
SSDEEP:
MD5:	3559E5F9CE6074129C8C294FCBEE00AE
SHA1:	1FF56FD0D1D95DA95807981F4D5E374191E748A0
SHA-256:	5186D7D4865E9671EF788E2003A663EEB0A35BDAEE7025A674F617CDFAE31686
SHA-512:	23D0FE7411F6E8FF277DE2E90D3865CF304A82E94D200176C57FC3789618AC94D2F19BCA20BAEE802ED84B9229D8473685AA8D7969B311281FEFDCC1A3E24FD5
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY2.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY:.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY:.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY:............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.#......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:57:54 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	4.00050226715679
Encrypted:	false
SSDEEP:
MD5:	A04875AB533B72969C44E7B8C6C31B8F
SHA1:	05993DC1F86D65AAB86DC12B2CE4E4BB0D3AD32D
SHA-256:	7E20C2D23397E2A61AAFD0DEC4E7AD5EB2AA898B2BE9294B4E573F85C7A85C31
SHA-512:	F8922344062DB2C65E9789241224E984B925BB2C7FCAD000E9579D8E29D0D483036AF5FBEAD70D79D329AC3B51907D4620ECF436E4A9E8A61FB1B31307FA10D7
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....K8G.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY2.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY:.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY:.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY:............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY<............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.#......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:57:55 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.990241667935889
Encrypted:	false
SSDEEP:
MD5:	E88A42A51D14638F41D07DF090C5CF20
SHA1:	B8D39FD239F5FDFF0682D0BCC2AADDAF99C79EA8
SHA-256:	43E3E8521FFEF9811C692AB1A9F5755B0CBCC46A79D804F1A919BB68E58EC380
SHA-512:	142C16128C4ED84E330BB27655FE05728F6039EC6527505FBB53ABA3EF586515EA1D2AE6DF03A335503AEA1D4758A28A1F0B0A65F7AC1F1EAC33B723646B00B5
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....WT.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY2.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY:.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY:.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY:............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY<............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.#......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 14:57:54 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	4.0046105718382545
Encrypted:	false
SSDEEP:
MD5:	5D9F497C353CEC245ED2EF422B419A87
SHA1:	0FDE3074E3B7E33BB1C55AC5A275417F5027CA9C
SHA-256:	6AA1F9E3566EA23792FDE23A1E7B4C920F873B778E12849C94A0749BB440FE36
SHA-512:	F536B469F8051F5EDEC1FCCC93A1529F0905EA530DF77AB7A23E57B3F584FCA2B810B2C281EECBDE2E32AAC489046FB53D62EDEF74658D9A5CE16C8256E11644
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....<.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY2.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY:.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY:.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY:............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY<............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........-.#......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	10237
Entropy (8bit):	4.9812082877063615
Encrypted:	false
SSDEEP:
MD5:	70DBE9E284253F34497B87E52396C9BD
SHA1:	9E7393A118687749B0447B05BC289C387EB49090
SHA-256:	2404737552C7A5B32C94929F0D49D3475ABB00967F837A37761CA082E5B40714
SHA-512:	527D378B9AB30B457806AF05D0C87DD563125B27D3103BA266DC651748A49797E9BF287EE888D9B5AC512808D64BB08B942154D0F3FFC0B32F1D63DBCAF03C14
Malicious:	false
Reputation:	unknown
Preview:	{"status":"success","data":{"topBarMenu":[{"heroArea":{"heading":"Zapier Automation Platform","subheading":"No-code automation across 7,000+ apps","submenu":[{"text":"PRODUCTS","href":null,"submenu":[{"text":"Zaps","href":"/workflows","icon":"miscBoltAltFill","description":"Do-it-yourself automation for workflows","iconBackground":"cream","iconColor":"brand"},{"text":"Tables","href":"/tables","icon":"navTables","description":"Databases designed for workflows","iconBackground":"cream","iconColor":"brand"},{"text":"Interfaces","href":"/interfaces","icon":"navInterfaces","description":"Custom pages to power your workflows","iconBackground":"cream","iconColor":"brand"}]},{"text":"CAPABILITIES","href":null,"submenu":[{"text":"App integrations","description":"Explore 7,000+ app connections","href":"/apps"},{"description":"Cutting-edge AI to upgrade your workflows","href":"/ai","text":"AI automation .."},{"text":"Security","description":"Enterprise-grade security","href":"/security-complian

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 4 icons, -64x-64, 96x96
Category:	dropped
Size (bytes):	57638
Entropy (8bit):	2.5414326358528623
Encrypted:	false
SSDEEP:
MD5:	57DD51D82F74AC066EEB1AFF750838F3
SHA1:	D08AA536DAB1BEC568C5A9A2C2C5774EF28DF255
SHA-256:	733FDD5C9E5B3020CBAE07B0F9F6B0E21653B4975B400F8FE230C2A4E10F931A
SHA-512:	91DE608158E65A73B9AFAEE898978A1A4C97BF58467DED73ABAB036527229229203F5CC58E768EE5C2D1D97C6E27E3A074F2307AF6E6EC95C703313E379FAD3C
Malicious:	false
Reputation:	unknown
Preview:	..............(...F...``.......,..n... ......................h.......(................................................m..........Mt.......7..)S..e...........%v...R......;d.._...y....h..M.......;\|..t....................H..)e...^...G...U.......)..Y...~........t......4Z...e..g...7p...C..F}......u....R..........Wv...[...............i......-y..Ep...L......#X..S........N..l...l....J......@g..+Z...........?...f.......]......0`..]....]......v...F...Hl..."...0...t...O...... T.."a......2j..:n..X~..............w...?t..e...M\|..U....S......A{...........f..m............X...............O.......X..7]..............)r..Qo...........k...T..0e..~...s...Jz...........I..*M..)`..4u..m...d..._................L.......S...q..$j..7g..6{..=~..Fx..r...Px..V....................O......%S..)W../[..;r..}...{...Uy.._\|..V...c....F...L...Y...X......v...J...j............J.......R.......W..&N..$^..............7l......B...Jt..s...Q...[...`........;...C.......N...c......Ip..i...\............................_...P...O...... Z

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	63090
Entropy (8bit):	5.40501972020531
Encrypted:	false
SSDEEP:
MD5:	304AB564B27B510FF3ED71DED9FCAA4F
SHA1:	6452B28808FCDA00EE96E18F642348263011769D
SHA-256:	777B4B4A083FE36AFCA14EDFA9DE06DB28DACFE106659598D9C88F576428E2D1
SHA-512:	F676B02BBAF7F117D40191430B30ACE4F3EE8446E4FBF2DF1B2FFFAAF6BAB0EDCA3F0A90D0D6D2D06D3CA6B2847582AC32D90E232AB95713AB43E2998DD69300
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/otPcCenter.json
Preview:	. {. "name": "otPcCenter",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtcGMtc2RrIiBjbGFzcz0ib3RQY0NlbnRlciBvdC1oaWRlIG90LWZhZGUtaW4iPjxkaXYgcm9sZT0iYWxlcnRkaWFsb2ciIGFyaWEtbW9kYWw9InRydWUiIGFyaWEtZGVzY3JpYmVkYnk9Im90LXBjLWRlc2MiPjwhLS0gQ2xvc2UgQnV0dG9uIC0tPjxkaXYgY2xhc3M9Im90LXBjLWhlYWRlciI+PCEtLSBMb2dvIFRhZyAtLT48ZGl2IGNsYXNzPSJvdC1wYy1sb2dvIiByb2xlPSJpbWciIGFyaWEtbGFiZWw9IkNvbXBhbnkgTG9nbyI+PC9kaXY+PGJ1dHRvbiBpZD0iY2xvc2UtcGMtYnRuLWhhbmRsZXIiIGNsYXNzPSJvdC1jbG9zZS1pY29uIiBhcmlhLWxhYmVsPSJDbG9zZSI+PC9idXR0b24+PC9kaXY+PCEtLSBDbG9zZSBCdXR0b24gLS0+PGRpdiBpZD0ib3QtcGMtY29udGVudCIgY2xhc3M9Im90LXBjLXNjcm9sbGJhciI+PGgyIGlkPSJvdC1wYy10aXRsZSI+WW91ciBQcml2YWN5PC9oMj48ZGl2IGlkPSJvdC1wYy1kZXNjIj48L2Rpdj48YnV0dG9uIGlkPSJhY2NlcHQtcmVjb21tZW5kZWQtYnRuLWhhbmRsZXIiPkFsbG93IGFsbDwvYnV0dG9uPjxzZWN0aW9uIGNsYXNzPSJvdC1zZGstcm93IG90LWNhdC1ncnAiPjxoMyBpZD0ib3QtY2F0ZWdvcnktdGl0bGUiPk1hbmFnZSBDb29raWUgUHJlZmVyZW5jZXM8L2gzPjxkaXYgY2xhc3M9Im90LXBsaS1oZHIiPjxzcGFuIGNsYXNzPSJvdC1saS10aXRsZSI+Q2

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	42
Entropy (8bit):	2.9881439641616536
Encrypted:	false
SSDEEP:
MD5:	D89746888DA2D9510B64A9F031EAECD5
SHA1:	D5FCEB6532643D0D84FFE09C40C481ECDF59E15A
SHA-256:	EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
SHA-512:	D5DA26B5D496EDB0221DF1A4057A8B0285D15592A8F8DC7016A294DF37ED335F3FDE6A2252962E0DF38B62847F8B771463A0124EF3F84299F262ED9D9D3CEE4C
Malicious:	false
Reputation:	unknown
Preview:	GIF89a.............!.......,...........D.;

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	CSV text
Category:	downloaded
Size (bytes):	2357760
Entropy (8bit):	5.492719660617046
Encrypted:	false
SSDEEP:
MD5:	9A7DEA9FF2A8F3A57D1505EEE1318519
SHA1:	0E23F35180CEF747C1D8645C6A897FE56FB157A4
SHA-256:	E8DF774031D08ADA1CF4FEEB4C38CD47A96ED36F050402EE15A87ABC63D9B023
SHA-512:	26F4AB97A1826CCE7A8B441490674FDEE60B2D3795482E94EFAAE992707F363E112E7658FD9AC738B8C11970855D91943B7AE190CA7A5668533D482C81E6388B
Malicious:	false
Reputation:	unknown
URL:	https://zapier.com/generated/global-logos.css
Preview:	.100HiresCLIAPI16x16,.100HiresCLIAPI32x32,.100HiresCLIAPI64x64,.100HiresCLIAPI128x128{background-image:url("https://zapier-images.imgix.net/storage/services/b9fd15afbc9220849fd52a628b87f0c7.128x128.png?auto=format%2Ccompress&ixlib=python-3.0.0&q=50");background-repeat:no-repeat;background-position:center center;}..1SaaSCoCLIAPI16x16,.1SaaSCoCLIAPI32x32,.1SaaSCoCLIAPI64x64,.1SaaSCoCLIAPI128x128{background-image:url("https://zapier-images.imgix.net/storage/services/79eec391abc349efe3c995092bc69a20.128x128.png?auto=format%2Ccompress&ixlib=python-3.0.0&q=50");background-repeat:no-repeat;background-position:center center;}..1stThings1stCLIAPI16x16,.1stThings1stCLIAPI32x32,.1stThings1stCLIAPI64x64,.1stThings1stCLIAPI128x128{background-image:url("https://zapier-images.imgix.net/storage/developer_cli/419bde4b8f613da5738f34ebd96e21f1.128x128.png?auto=format%2Ccompress&ixlib=python-3.0.0&q=50");background-repeat:no-repeat;background-position:center center;}..360DialogCLIAPI16x16,.360DialogCLIAPI

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9217)
Category:	downloaded
Size (bytes):	231864
Entropy (8bit):	5.458039173946496
Encrypted:	false
SSDEEP:
MD5:	40283CFC473AFBE1D4ABBA7E6C809885
SHA1:	8A32CB88D9F537B02582DF17A5BB11C2087937F6
SHA-256:	48BA1993011DB4834882D81B2153753437607292F704A6543D4466C0F6D1372A
SHA-512:	DABD9FD4CC3FB4FF3EBC2C3529E602E91939DDB1F42C2D7E70188DFC3262548922EA45C96691D567F2C777D393B5CE7162B5BD4C2054B33A03856BBEA1C1A0E3
Malicious:	false
Reputation:	unknown
URL:	https://connect.facebook.net/en_US/fbevents.js
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (355)
Category:	downloaded
Size (bytes):	21860
Entropy (8bit):	4.84750265904947
Encrypted:	false
SSDEEP:
MD5:	3D05A1A4286300AC7B35039159C295CE
SHA1:	6DC487DE4FD98D23D038E9FF997C611323222E7E
SHA-256:	8E91B5BD51E0AF4F50D360E5013C8ACA9A938D48ED469B082072AF69D025FB0F
SHA-512:	AF21602648224299033602A49597C297F8E900B1C2BEF74F1EF8DEA7C9B7FDFFA9647B70645E6B1A7115D9DF9E4B5610F7568730521148347974D4DBB2AC4199
Malicious:	false
Reputation:	unknown
URL:	https://cdn.zapier.com/packages/cookie-consent/v1/index.css
Preview:	/. Platform edition!. * Custom styles to override OneTrust's styles. Selectors. * based on what OneTrust provides. All styles have `!important`. * applied to them to override the high specificity of OneTrust's styles.. * ----------------------------------------------------------- */..#onetrust-consent-sdk {. --cookie-consent-color-neutral100: #fffdf9;. --cookie-consent-color-neutral200: #f7f5f2;. --cookie-consent-color-neutral300: #e8e7e4;. --cookie-consent-color-neutral600: #95928e;. --cookie-consent-color-neutral800: #2d2e2e;. --cookie-consent-color-blue: #3d4592;. --cookie-consent-color-acid-wash: #f0f1fa;. --cookie-consent-color-night: #2c3266;. --cookie-consent-color-success: #0f884e;.. --cookie-consent-button-all: unset;. --cookie-consent-button-box-sizing: border-box;. --cookie-consent-button-cursor: pointer;. --cookie-consent-button-display: flex;. --cookie-consent-button-align-items: center;. --cookie-consent-button-justify-content: center;. --cookie-consent

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (724)
Category:	dropped
Size (bytes):	551834
Entropy (8bit):	5.646059185430787
Encrypted:	false
SSDEEP:
MD5:	33AFF52B82A1DF246136E75500D93220
SHA1:	4675754451AF81F996EAB925923C31EF5115A9F4
SHA-256:	B5E8EC5D4DCC080657DEB2D004F65D974BF4EC9E9AA5D621E10749182FFF8731
SHA-512:	2E1BAAE95052737BDB3613A6165589643516A1F4811D19C2F037D426265AA5ADF3C70334C1106B1B0EEF779244389F0D7C8C52B4CD55FCE9BAB2E4FCB0642720
Malicious:	false
Reputation:	unknown
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0././.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT././.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0././. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var z=function(){return[function(v,p,K,u,W,n){if(!((v>>2&(n=[6,"Unknown format requested type for int64",9],n[0])\|\|!U[22](11,this.U(),p)&&this.dispatchEvent("enter")&&this.isEnabled()&&R[23](n[2],this,2)&&R[3](n[0],2,!0,this),v-1)<20&&(v>>1&7)>=4&&(u=new vf,W=R[41](1,p,u,kV,K==p?K:P[8](37,K),5)),v<<1&11))throw Error(n[1]);return W},function(v,p,K,u,W){return((W=[17,7,46],v)<<2&W[1]\|\|(p=function(n){return K.call(p.src,p.listener,n)},K=UJ,u=p),(v-1\|12)<v&&(v-9\|59)>=v)&&(u=M[W[2]](15,p)&&!M[W[2]](13,."iPod")&&!M[W[2]](W[0],K)),((v\|8)&W[1])==1&&(u=p.Y?p.Y:p.I?"application/x-protobuffer":""),u},function(v,p,K,u,W){retu

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	80
Entropy (8bit):	4.33221219626569
Encrypted:	false
SSDEEP:
MD5:	1AE6B27EBA211F4CFCD99B904DA88BB7
SHA1:	53CA38F083C4A21F2EDA633EC304CB4582EDEDA2
SHA-256:	961635B4E9661208EC118D285B3AC1DBF9F3CC96CDDC97F30E55CD2C6566448C
SHA-512:	7DD325AB05B1A419614C2C39224C11E1388F09BCA5EA0F56811E6842B4FB243BCB53AA2BDDE00A94FBC324222B47924152C183337EB390F58C59AC80E89593B6
Malicious:	false
Reputation:	unknown
Preview:	jsonFeed({"country":"US","state":"NY","stateName":"New York","continent":"NA"});

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4869), with no line terminators
Category:	downloaded
Size (bytes):	4869
Entropy (8bit):	5.853311984320957
Encrypted:	false
SSDEEP:
MD5:	6D23A3FE73A64687D09CD231E3559A36
SHA1:	CB726A2E75E47B1DF506A4CCA005A3AA5F4F4723
SHA-256:	65DB15FE95E2B27CE140B4DFDBE2D7A0B34753EF9FFB28DEA25BB0A0660F6828
SHA-512:	95B5DD6269B15C15D185E2911FD02FC101FB44C78FB866107BF482591F6F0BD0A8428699037CDC9337E7FE7A38A70ECA37FD94F572C64226B839B0F867455EB5
Malicious:	false
Reputation:	unknown
URL:	https://googleads.g.doubleclick.net/pagead/viewthroughconversion/780142670/?random=1727971092942&cv=11&fst=1727971092942&bg=ffffff&guid=ON&async=1&gtm=45be4a10v871484082z876103223za201zb76103223&gcd=13r3r3l3l5l1&dma=0&tag_exp=101671035~101747727&u_w=1280&u_h=1024&url=https%3A%2F%2Fzapier.com%2Fmanage%2Fzaps%2F260804844%2Fstop%2F%3Fcheck%3DIjI2MDgwNDg0NCI%3A1sw6GK%3Auv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM&hn=www.googleadservices.com&frm=0&tiba=Stop%20Zap%3F%20-%20Zapbook%20%7C%20Zapier&did=dNzMyY2&gdid=dNzMyY2&npa=0&pscdl=noapi&auid=732045361.1727971091&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d\|\|a!=null){d=v[b];if(d==null)return a[b];d=a[d];return d!==void 0?d:a[b]}} function x(a,b,d){if(b)a:{var c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0&&(a=Math.random()*1E9>>>0,v[c]=p?m.Symbol(c):"$jscp$"+a+"$"+c),h(g,v[c],{co

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (57671), with no line terminators
Category:	dropped
Size (bytes):	57671
Entropy (8bit):	5.406436595808325
Encrypted:	false
SSDEEP:
MD5:	BBBCF811D8437A575D796A4C1E5D4FAD
SHA1:	CCE821AAE4F2B8982D9C08B308FB5306945EA68E
SHA-256:	4D15FF2317E16CCD8CA1D3248FEA7D91130E022369BB032824A84AD9967064DF
SHA-512:	6D0E3E9079DB4C175F0E8EC0279E9A89DF786D226685C0764AB20179D69E19CA269E8CC40646A97D31F95597654EC869472358BB72071011DF3410FC32E501C0
Malicious:	false
Reputation:	unknown
Preview:	!function(){var t={6173:function(t,e,n){var r;t.exports=(r=r\|\|function(t,e){var r;if("undefined"!=typeof window&&window.crypto&&(r=window.crypto),"undefined"!=typeof self&&self.crypto&&(r=self.crypto),"undefined"!=typeof globalThis&&globalThis.crypto&&(r=globalThis.crypto),!r&&"undefined"!=typeof window&&window.msCrypto&&(r=window.msCrypto),!r&&void 0!==n.g&&n.g.crypto&&(r=n.g.crypto),!r)try{r=n(2480)}catch(t){}var i=function(){if(r){if("function"==typeof r.getRandomValues)try{return r.getRandomValues(new Uint32Array(1))[0]}catch(t){}if("function"==typeof r.randomBytes)try{return r.randomBytes(4).readInt32LE()}catch(t){}}throw new Error("Native crypto module could not be used to get secure random number.")},o=Object.create\|\|function(){function t(){}return function(e){var n;return t.prototype=e,n=new t,t.prototype=null,n}}(),a={},c=a.lib={},u=c.Base={extend:function(t){var e=o(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init\|\|(e.init=function(){e.$super.init.apply

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	10152
Entropy (8bit):	5.350550221909678
Encrypted:	false
SSDEEP:
MD5:	692B31F88FF93C52AF07298994F1FA52
SHA1:	55BF1A25255E92ED29C7A8B5C5B3A17DEFC991C3
SHA-256:	E3260DB446188242293E04A658411E44C6175108BC5D8B7E7676E8786D4F0501
SHA-512:	4DDBF8B39FAAAAF25D91C441E5F238C6CE632E491642B4029D252BBC8C96CCE367368D8EB909AF055E1985AA7DF4755F6A87616099BD011A77EF242CB5B246A6
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otFloatingRoundedCorner.json
Preview:	. {. "name": "otFloatingRoundedCorner",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90RmxvYXRpbmdSb3VuZGVkQ29ybmVyIj48ZGl2IGNsYXNzPSJvdC1zZGstY29udGFpbmVyIiByb2xlPSJhbGVydGRpYWxvZyIgYXJpYS1kZXNjcmliZWRieT0ib25ldHJ1c3QtcG9saWN5LXRleHQiPjxkaXYgY2xhc3M9Im90LXNkay1yb3ciPjxkaXYgaWQ9Im9uZXRydXN0LWdyb3VwLWNvbnRhaW5lciIgY2xhc3M9Im90LXNkay10d2VsdmUgb3Qtc2RrLWNvbHVtbnMiPjxkaXYgaWQ9Im9uZXRydXN0LXBvbGljeSI+PGRpdiBjbGFzcz0iYmFubmVyLWhlYWRlciI+PGRpdiBjbGFzcz0iYmFubmVyX2xvZ28iPjwvZGl2PjwvZGl2PjxoMiBpZD0ib25ldHJ1c3QtcG9saWN5LXRpdGxlIj5UaGlzIHNpdGUgdXNlcyBjb29raWVzPC9oMj48ZGl2IGlkPSJvbmV0cnVzdC1wb2xpY3ktdGV4dCI+dGl0bGU8YSBocmVmPSIjIj5wb2xpY3k8L2E+PC9kaXY+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+PC9wPjwvZGl2PjwvZGl2PjwvZGl2PjxkaXYgaWQ9ImJhbm5lci1vcHRpb25zIj48ZGl2IGNsYXNzPSJiYW5uZXItb3B0aW9uIj48YnV0dG9uIGNsYXNzPSJiYW5uZXItb3B0aW9uLWlucHV0IiBhc

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Wed Oct 2 16:50:25 2024, original size modulo 2^32 205787
Category:	downloaded
Size (bytes):	30731
Entropy (8bit):	7.992355855044959
Encrypted:	true
SSDEEP:
MD5:	6255F51831550B7413A2006ECB70A04F
SHA1:	9F909E66766F01C535D7F947E3FD36A7B17DCF69
SHA-256:	83B37F707141B40F514CABBE59BBEFFC9933CEB3B8ECC571221C3ABBE6C28F24
SHA-512:	A11B828246A44B8F3A3338CBEE3B2BEE2BD8956B3D92FD82B2014F3D662426FC23A1A52DCAD9EF57C102E69486E96DE3A61F0E02A0E99C5DC52066FE2A75C105
Malicious:	false
Reputation:	unknown
URL:	https://cdn.zapier.com/zapier/build/legacy-app.35f807ac116c082fe64c.css
Preview:	.....y.f......0.....i.....Kw.[...\|...8.'@.@b.$(..>-F.c...g...k.M.I..@].....u.I.++++++++....X...]]...w...PW.(.9..Y.n...MU..i....~{....c\|..C...9.......\|..q.m...i.>./IV.....9>.y.....9....]..."y.&..:.i\|<......z..e...?...]8...h..O..u^l..?.5..K0...z]N.MY.^..8IJPU.u..n2XfS$`..\|...).O..v.....:.~?..U.?N.}.....G.....:....Oq9]OO.l.........I2-..)...4.@.T..iQ.y..-.`.....9.#>.Yq...uZ....../.i.L..6.h\e..px.+.z.gy.Q_..6.=.N.?....1B..mY@...p...iq...zZ../.....N.}\B.2Ha..q.....>.V.3\|........2;l.uQB...b....eV./N....}..... ....=.........>.O..d.]}.b..g.._....P...Lg..).<>V..}.H8.W6.....v..\|.i.9H)v.....8.1.gI....9.:.......5.......)"q[...."..l.r...7..#..O ...'.X.A...t..JCz....#..._..h].Y.. -rD..........G....a.o.Q3...BQ...n..c...aR.y.L>..<0~.x.?:~h...1.3A.W..?..B.)+:..=.....U........3.....lD .3..Z.(.c.%b....R........B..$<.G....a.y./..N_.....a.".......U..Y..].....`G..Q.P.Wj.Rm...J.VI.*...}R/...&2L.D..M...C..........O[....mK..i.Rs'...P.tr.6S`e.....X

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	115061
Entropy (8bit):	5.044706788252805
Encrypted:	false
SSDEEP:
MD5:	FF568204EECB6E300F4B0E8AB3E66DEF
SHA1:	CB41757C040C12D1746C65C9A60C734C617F8AFF
SHA-256:	E6C7E8238BCFF37DD824CE385FE1C8795D95F51795DDE6522D088DA90E54F83D
SHA-512:	8ABDC9BA82BCF15433CE9FB6A48F9320E866BA4BFACE4D02A2D9D24F63DCE0D9E3D95E0558EEA0B4CF65DFCFC36FA7837A8106CC48028FDF2616BF1FD27B4918
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/consent/c2bc6bc2-2599-4efd-90da-5725af13c244/55b6ee1e-f9e6-480c-a1c3-0be064d44534/en.json
Preview:	{"DomainData":{"pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccloseButtonType":"Icon","pccontinueWithoutAcceptText":"Continue without Accepting","MainText":"Cookies settings","MainInfoText":"When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.","AboutText":"More information","AboutCookiesText":"Your Privacy","Con

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Tue Sep 24 13:12:07 2024, original size modulo 2^32 1092466
Category:	downloaded
Size (bytes):	295441
Entropy (8bit):	7.998088038358962
Encrypted:	true
SSDEEP:
MD5:	C78E1FE9FAE34373213DB87E6C3AE33C
SHA1:	6A5A06087DB8674C88D1C66EA9DF8755937AD08D
SHA-256:	BA23075706689FF023832EA5181B6D15605BB6C06D43C6D84A716CD51DDD96FA
SHA-512:	9DFEEF6F1C46A936C0CBE9EDA05880C7601EF82A85B76FD1EB22DE8E9DE72B0156D9B54F69AF4321D1265BB5FF9A81F36C6381D501A412C6DCF7EED73A951B6A
Malicious:	false
Reputation:	unknown
URL:	https://cdn.zapier.com/zapier/build/app.f0b543781b6a3e7c315f.js
Preview:	.......f....[..7r..Wd^(...E........8.{....-z.Em...n.o.....Z'.13v.H..;...'.D..........._~...O/.../....x\|._.......'.!...?...?.s..o.......a?...?......7..}...._.......K..wx.?}.....x...W.}..Oo............O..O.................W_~.r....O..+.....W.....W.......^...q?}~\|.b........./......7x....~..{.?w.~..=....O...[...o..}.......N.......u......\|........'..K........o?}..../..y-.^.w._...+.9...W.?h....x._.....?...d.....9P...G.../.............?z....{z..w.'..l.._~..N.H{..k_?......co?........w...>......O...................O..............._.........?..._........w/q....7.......\|..a?<}z.......W...O.....?......a?...Go0..................o............../._~._>..x.K..>..of...=.....x.q...WW.S...O...??=.8..~.o.....~K..........'.w/x....7}....~.I............:.7........}..~.CB^\|.....?.........I.........?.......\|......'<.......o.....>}.......`B>~;.>./..n..#"......%F.....v.\|......_.........u......_q.9.....sf...NU.R....nI...%L...~C...c..+......

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	19375
Entropy (8bit):	5.4897525411323915
Encrypted:	false
SSDEEP:
MD5:	F1B3491C86FA3B639753E6A3E201F73C
SHA1:	6034607408139D029C4BC2138519CAAE32C3C669
SHA-256:	01E2C3FA1A28ECDA9851AB600DB9531D13E84C84D2E324C3C423E55B07DC1FBA
SHA-512:	7E5B2682242391AC89AF2AE8DB7CB4248DBB47BCBFB2D9B7A5AB3C35A4095E8331DE0A2533190D958A2659A02A819ED00F814CF4AC4CD3F188471F5D2DB37D06
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css?family=Inter:300,400,600,700,800,300italic,400italic,600italic&display=swap"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Inter';. font-style: italic;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC53FwrK3iLTcvneQg7Ca725JhhKnNqk6L0UUMJng.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Inter';. font-style: italic;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC53FwrK3iLTcvneQg7Ca725JhhKnNqk6L9UUMJng.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Inter';. font-style: italic;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC53FwrK3iLTcvneQg7Ca725JhhKnNqk6L1UUMJng.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Inter';. font-style: italic;. font-weight: 300;. font-dis

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1572)
Category:	downloaded
Size (bytes):	46623
Entropy (8bit):	5.365139895805379
Encrypted:	false
SSDEEP:
MD5:	3CCC664B088F508E3E0B97BCDA8229E9
SHA1:	16B88AC5970E2FA2BD834B2FD86B6AC2FB7BE625
SHA-256:	5F4EBD2AF4DA3B23F27343A50E0FC62A5CF22C850FF50C48A14EF1968BFCE7E6
SHA-512:	8861A05A12367CA3252EBA9E75F3B4DBB8AC4ECAB1B9794971B93843FB3C6E8F395543A726BEEBE7EF448AD378BB9363676484FDF4A6644ECCB2BFD472B09925
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800,300italic,400italic,600italic&display=swap"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	5194
Entropy (8bit):	3.976628767895142
Encrypted:	false
SSDEEP:
MD5:	63E737D3544164D2B7F4FBCA416AC807
SHA1:	030370AA38715E4C41589633F69D0BFE8255D46C
SHA-256:	5FA00D047ACD959697B9D7772C31DCD37BEC33C70C6FBF80AB8316205D1D286D
SHA-512:	31EE1BB536C0E50F5568A415EA3308367BFCFD11D2A6F7DFF1C8E3A982F7BE790C240A603CD4C6E187672824B8E5D07646049A28C6A88A7B001EB9A0142F312B
Malicious:	false
Reputation:	unknown
Preview:	<svg height="16" width="136" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 136 14.6"><defs><clipPath id="a"><path fill="none" d="M53.76 0H136v14.6H53.76z"/></clipPath></defs><path d="M0 12.3V5.59h2.27a2.62 2.62 0 011.29.28 1.83 1.83 0 01.74.77 2.25 2.25 0 01.25 1.07 2.26 2.26 0 01-.25 1.08 1.77 1.77 0 01-.74.77 2.55 2.55 0 01-1.28.29H.66v-.72h1.59a1.81 1.81 0 00.87-.19 1.1 1.1 0 00.48-.5 1.73 1.73 0 00.15-.73A1.66 1.66 0 003.6 7a1.1 1.1 0 00-.48-.5 1.86 1.86 0 00-.88-.18H.81v6zm7.74.1a2.29 2.29 0 01-1.2-.32 2.29 2.29 0 01-.8-.91 3.06 3.06 0 01-.28-1.36 3.07 3.07 0 01.28-1.37 2.14 2.14 0 012-1.24 2.14 2.14 0 012 1.24A3.07 3.07 0 0110 9.81a3.06 3.06 0 01-.29 1.36 2.11 2.11 0 01-2 1.23zm0-.69a1.31 1.31 0 00.85-.27 1.6 1.6 0 00.5-.69 2.9 2.9 0 00.16-.94 2.85 2.85 0 00-.16-.94 1.67 1.67 0 00-.5-.71 1.37 1.37 0 00-.85-.26 1.35 1.35 0 00-.85.26 1.67 1.67 0 00-.5.71 2.85 2.85 0 00-.16.94 2.9 2.9 0 00.16.94 1.6 1.6 0 00.5.69 1.29 1.29 0 00.85.27zm4.43.59l-1.54-5h.82l1.08 3

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	149805
Entropy (8bit):	5.6004134683803555
Encrypted:	false
SSDEEP:
MD5:	5693E74A87CDFE0DD8CF9E97ABC2EC67
SHA1:	0912A92CEBFC4248B4D561F57B32D18135F9AD59
SHA-256:	79951B5BD4D729A2B2F4D380819F2C14BBCF26F21DB56A520189633467766CF4
SHA-512:	B0954FF6229C037AAEC67F6CC91889D3AD1C0D38AC3E53E61F3A98D49379FA43C1FF709C7017459B9BD416BCEB2236D90B24C17E072882C122360069DCD9E0E0
Malicious:	false
Reputation:	unknown
URL:	https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Preview:	!function(){"use strict";function t(){t=function(){return e};var e={},d=Object.prototype,n=d.hasOwnProperty,r="function"==typeof Symbol?Symbol:{},o=r.iterator\|\|"@@iterator",i=r.asyncIterator\|\|"@@asyncIterator",a=r.toStringTag\|\|"@@toStringTag";function $(t,e,d){return Object.defineProperty(t,e,{value:d,enumerable:!0,configurable:!0,writable:!0}),t[e]}try{$({},"")}catch(t){$=function(t,e,d){return t[e]=d}}function u(t,e,d,n){var r=e&&e.prototype instanceof s?e:s,o=Object.create(r.prototype),i=new w(n\|\|[]);return o._invoke=function(t,e,d){var n="suspendedStart";return function(r,o){if("executing"===n)throw new Error("Generator is already running");if("completed"===n){if("throw"===r)throw o;return E()}for(d.method=r,d.arg=o;;){var i=d.delegate;if(i){var a=_(i,d);if(a){if(a===c)continue;return a}}if("next"===d.method)d.sent=d._sent=d.arg;else if("throw"===d.method){if("suspendedStart"===n)throw n="completed",d.arg;d.dispatchException(d.arg)}else"return"===d.method&&d.abrupt("return",d.arg);

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4269)
Category:	dropped
Size (bytes):	282176
Entropy (8bit):	5.547442638519667
Encrypted:	false
SSDEEP:
MD5:	BD053AD7B6E0F9218412BCB86D918E2E
SHA1:	FC8945379DDA9144ABCDA85429706888F8757601
SHA-256:	751450B16EB47E79DAFEE8434C25602DC8744572856594685BE4E6A07687EEF8
SHA-512:	F985B35E9FE94CFD60C42BC215A0EA1F850B763EB0989BE249C666A75421B9D8526CCE3E414172C1F063EEE3E40CCCD1CA8D032F7C4493F7BB88C70683838794
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_ads_datatos","priority":16,"vtp_instanceDestinationId":"AW-780142670","tag_id":113},{"function":"__ogt_dma","priority":6,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":105},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameV

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (25302)
Category:	dropped
Size (bytes):	352745
Entropy (8bit):	5.591360426390254
Encrypted:	false
SSDEEP:
MD5:	7982EFE358048424B801E5C3DD693B31
SHA1:	03033128B0A5DFA0429095CAF382F12AF9D15FB1
SHA-256:	17845CF6065E94C69E5687ED0FFBD82F6FAABB159E88EEFB790087D03DA062DB
SHA-512:	A39D77562D67950FEE8B4AB284128E21249D686E74296929278EA71E9F8F287B2E1BABD8503334A14E29AFF2DC442BF89757F813B543DEC4A5835BA8A5AFB2B0
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"309",. . "macros":[{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"eventLabel"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"pagePath"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"interactionName"},{"function":"__e"},{"function":"__k","vtp_decodeCookie":true,"vtp_name":"OptanonConsent"},{"function":"__jsm","vtp_javascript":["template","(function(){return\"on\"})();"]},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"userId"},{"function":"__awec","vtp_mode":"AUTO","vtp_enableElementBlocking":false},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"QUERY","vtp

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (41169)
Category:	downloaded
Size (bytes):	41172
Entropy (8bit):	5.505998162296305
Encrypted:	false
SSDEEP:
MD5:	0AA5002702487976D570A640C408EBA5
SHA1:	48930F22A2396DF313CCDFCB91CAC20E38F2B06B
SHA-256:	4E8276AEA0A3C7FE3600E6718C7F484D49C347C8D5763D89BE95900D526A14DA
SHA-512:	37A9D609DB21EE1E696CB437C02F0F6410925EB10B6353C0CDF95DB265E342F0BC3D2AE1851D209E4517D978B7CCBE8AD56F98247FA865AE405FAFD4D2E62CDA
Malicious:	false
Reputation:	unknown
URL:	https://snap.licdn.com/li.lms-analytics/insight.min.js
Preview:	!function(){"use strict";function n(n,t,e){return t in n?Object.defineProperty(n,t,{value:e,enumerable:!0,configurable:!0,writable:!0}):n[t]=e,n}var t,e,r,i,o={ADVERTISING:"ADVERTISING",ANALYTICS_AND_RESEARCH:"ANALYTICS_AND_RESEARCH",FUNCTIONAL:"FUNCTIONAL"},a="GUEST",u="MEMBER",c=0,l=1,d=2,s=(n(t={},a,"li_gc"),n(t,u,"li_mc"),t),f=function vr(){var n=arguments.length>0&&arguments[0]!==undefined?arguments[0]:null,t=arguments.length>1&&arguments[1]!==undefined?arguments[1]:null,e=arguments.length>2&&arguments[2]!==undefined?arguments[2]:null,r=arguments.length>3&&arguments[3]!==undefined?arguments[3]:null;for(var i in function(n,t){if(!(n instanceof t))throw new TypeError("Cannot call a class as a function")}(this,vr),n=n\|\|{},this.consentAvailable=!1,this.issuedAt=t,this.userMode=e,this.optedInConsentMap={},o)n[i]=n[i]\|\|c,n[i]!==c&&(this.consentAvailable=!0),this.optedInConsentMap[i]=n[i]===l\|\|n[i]===c&&r===l},v=(e=[o.ADVERTISING,o.ANALYTICS_AND_RESEARCH,o.FUNCTIONAL],r=[c,l,d,c],i=new R

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.577819531114783
Encrypted:	false
SSDEEP:
MD5:	4C8A26E14EDABDD7D6BFBF1472AFC853
SHA1:	F268C3DB54608F753ED9320CB2411B00A40C8D65
SHA-256:	B9224CA870B658AB694ECED1FBB07A971FCE7D0C990E50046929E9968BAF435C
SHA-512:	820B85A739953E8A71E89FEB45BBFB01E2D2F8977D30B0AB11BED28A7CA2B0365595AA7074A3A9780C8DE95E0C8DE839B5C390519F5238E8435F44736CDD497F
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAm4c3igm59VqBIFDaWTNiQ=?alt=proto
Preview:	CgkKBw2lkzYkGgA=

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	168
Entropy (8bit):	4.615403340179613
Encrypted:	false
SSDEEP:
MD5:	DCA719B249A6F44739EF92D63E17279E
SHA1:	603D390329F08CF0E412469F9E849C3A0774DB24
SHA-256:	ECB55489DBC61019C3829FEF70F87BAFBD4431E4BEF5BBA55AB1B60A2811F5ED
SHA-512:	06B592A2893E8BA5CE79AB8CDAAFB6D41B4F81E998DE92AB359E296DC2464CF881BAAA7B53344BF59569B5C6CC0BEEF4C8AC7EF671A53195C44B9485F1A8C2A4
Malicious:	false
Reputation:	unknown
Preview:	{"identity":-1036031243,"is_logged_in":false,"has_signed_up":false,"is_masquerade":false,"masqueraded_staff_customuser_id":null,"current_account_id":null,"switches":{}}

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21778), with no line terminators
Category:	downloaded
Size (bytes):	21778
Entropy (8bit):	4.769188103585108
Encrypted:	false
SSDEEP:
MD5:	73BC4067D312180A1B19A4D883F42D6A
SHA1:	AD328A9A572FBEA43F295E7769835FF08F6FF1FD
SHA-256:	D3F7B0EC4DE079928A999641E781E80F33597A392A561BC460276DFB4EFB6EEC
SHA-512:	20B89462521684C258A8CE15E94DA67182C66397B0DE528357E01294FF06883C1AD96037A9D739E4575DB8722B1A1967578709A0C844CD45A49E6A51E1B6479D
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css
Preview:	#onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:bold;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .onetrust-vendors-list-handler:hover{color:#1f96db}#onetrust-banner-sdk:focus{outline:2px solid #000;outline-offset:-2px}#onetrust-banner-sdk a:focus{outline:2px solid #000}#onetrust-banner-sdk #onetrust-accept-btn-handler,#onetrust-banner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk.ot-bnr-w-logo .ot-bnr-logo{height:64px;width:64px}#onetrust-banner-sdk .ot-tcf2-vendor-count.ot-text-bold{font-weight:bold}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-icon,#ot-sync-ntfy .ot-close-icon{background-size:contain;background-repeat:no-repeat;background-position:center;height:12px;width:12px}#onetrust-banner-sdk .powered-by-logo,#onetrust-banner-sdk .ot-pc-fo

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Category:	downloaded
Size (bytes):	48444
Entropy (8bit):	7.995593685409469
Encrypted:	true
SSDEEP:
MD5:	8E433C0592F77BEB6DC527D7B90BE120
SHA1:	D7402416753AE1BB4CBD4B10D33A0C10517838BD
SHA-256:	F052EE44C3728DFD23ABA8A4567150BC314D23903026FBB6AD089422C2DF56AF
SHA-512:	5E90F48B923BB95AEB49691D03DADE8825C119B2FA28977EA170C41548900F4E0165E2869F97C7A9380D7FF8FF331A1DA855500E5F7B0DFD2B9ABD77A386BBF3
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Preview:	wOF2.......<.......l..............................`...\..p?HVAR.m?MVAR^.`?STAT.N'&..>/l........>....0....6.$.... ........[..A.2v.6......$..e...w"../.L.p:......Tpc..8@.[5......d#d.xw..o.O3-.....%..>...%..)~p.K.J.H..S...s..z..Wa.. 0\..J.....BL;V..-.L...j....^.9..HO l..,..6.v....?....x.....m..;....a![zif...Ur...Q..P.&.I1..:n.p...j~..h...9.!....@.<.bl\|.Y?h..B.j/..rH.S%/~.^D...6..D.4G...y....Y.....=/o..W..5ryo.d?.gA]..?...1V..S......7ZJ...f....mBG[0eW....y..%B}..]? ...,sR<.y~.~.}.%.!..,X.....`...R..^....S.....u.?k.v.k..U.u..M..`!...b!..X)P...y{.........n..T+6...R......L...x}...g...].g"WT.b..h ....X...=;{w...QO.s..w..@.(,..........{.........1..@...(...\.......9..2.h9P.G........K.Dp...F..4W..ui.u...G...s..x7.?..tg..D..O.sA..t.t.4..~..e\...X.....T..kf.qfX..=^_....g"....De...x[J..A..).G.YUhR.....0.l..#&3.'.K.............$I.Pp.../.s.<@...r=..S......d..P.S.B.w.~X..ZK....h J.`A.bv,=.....>1.Ev.^..U.A. ....EU..].........dw..!$.A`..B.._.....Z~..!..J..l]r.m}m..

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	2132
Entropy (8bit):	4.575026415238505
Encrypted:	false
SSDEEP:
MD5:	8F494C21EF4AC8E287CFAB1F010E40EB
SHA1:	F2E1E992B38B5EAF38124144AE5EEE08ED406CD2
SHA-256:	66C105DDB41616AE684324151160905339BC627877128CBDAEB03471526467C6
SHA-512:	CBE76DAD1D2F5CFF452CB0A14427408F2721F3586FE5AC3F4BF0DE3254E864E5171439C85D55CCA6CF707F9158BC817BCA0383C7E35599F58C8AB0B352F7ECAF
Malicious:	false
Reputation:	unknown
Preview:	{"objects": [{"id": 107, "name": "signup-form-button-copy", "interstate": 107, "lane": "control", "is_eligible": false, "is_control": true}, {"id": 37, "name": "no-expired-card-emails", "interstate": 37, "lane": "no-send", "is_eligible": true, "is_control": false}, {"id": 3, "name": "show_zap_recommendations_on_editor", "interstate": 3, "lane": "control", "is_eligible": false, "is_control": true}, {"id": 557, "name": "record-fullstory-session", "interstate": 557, "lane": "control", "is_eligible": true, "is_control": true}, {"id": 173, "name": "facebook-sso", "interstate": 173, "lane": "treatment", "is_eligible": true, "is_control": false}, {"id": 947, "name": "role_based_as_default_popular_zaps_filter", "interstate": 947, "lane": "control", "is_eligible": false, "is_control": true}, {"id": 281, "name": "facebook-sso-app-profiles", "interstate": 281, "lane": "control", "is_eligible": false, "is_control": true}, {"id": 83, "name": "matching-zt-direct-to-editor", "interstate": 83, "lane":

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	7864
Entropy (8bit):	5.005750645837507
Encrypted:	false
SSDEEP:
MD5:	53334AD6F4D875EA32F0D1B75988674B
SHA1:	304CEE96A1D33C273191F56BB273DA1AEA40A09F
SHA-256:	E368D60FD844A1D0C9E4B1C51D326507108EBA97E2AFA17012E4DC11389CDB6B
SHA-512:	3D88EC98D7FD4AC364A289627ADA6915BF58841460071C4D630741FABF90687BF83368F64D3E9DC8FB833B0095DD414772FCE9ABA266B815071B931E3B4684C0
Malicious:	false
Reputation:	unknown
URL:	https://cdn.zapier.com/packages/cookie-consent/v1/index.js
Preview:	const DEFAULT_DOMAIN_SCRIPT_ID = "c2bc6bc2-2599-4efd-90da-5725af13c244";.const shouldLogAsError = (error) => {. if (/loading script/i.test(error)) {. return false;. }. if (. /loading styles/i.test(error) \|\|. /failed to fetch/i.test(error) \|\|. /attempting to fetch/i.test(error). ) {. return false;. }. return true;.};.const buildErrorMessage = (msg = "") => ["cookie-consent", msg].join(" :: ");.const logErrorMessage = (prefix = "", error) => {. if (shouldLogAsError(error)) {. console.error(buildErrorMessage(prefix), error);. } else {. console.warn(buildErrorMessage(prefix), error);. }.};.const readCookie = (name = "") =>. (document.cookie \|\| "").split(/;[\s]*/).reduce((accum, cookie) => {. const indexOfFirstEq = cookie.indexOf("=");. const cName = cookie.slice(0, indexOfFirstEq);. const cValue = cookie.slice(indexOfFirstEq + 1);. accum[decodeURIComponent(cName)] = decodeURIComponent(cValue);. return accum;. }, {})[name];.const trackEvent = (

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	4945
Entropy (8bit):	4.952191778227768
Encrypted:	false
SSDEEP:
MD5:	77D922467CFA75BBC3DFC539E6609C84
SHA1:	E8B045F4075FA42BB487B1BCA9912E96E9C3966E
SHA-256:	CC81A2C9830D277DE4A880D141983C22C5D87C5C4B921011432320661EB5328A
SHA-512:	BE980F9DBBE74D9C29462BE14CEF34564AC10A4A1E7B96ADF61B61312064ABA4501C0ACDA553611571579910C86AE7C6DE8B6B2EC44CF669224ECA2CCB649569
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/consent/c2bc6bc2-2599-4efd-90da-5725af13c244/c2bc6bc2-2599-4efd-90da-5725af13c244.json
Preview:	{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":true,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"202401.1.0","OptanonDataJSON":"c2bc6bc2-2599-4efd-90da-5725af13c244","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","BulkDomainCheckUrl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"1eb94b6b-4cf3-45a4-8dcc-9511ba2b31a6","Name":"GDPR","Countries":["no","de","be","fi","pt","bg","dk","lt","lu","lv","hr","fr","hu","se","si","mc","sk","mf","sm","gb","yt","ie","gf","ee","mq","ch","mt","gp","is","va","it","gr","es","re","at","cy","cz","ax","pl","ro","li","nl"],"States":{},"LanguageSwitcherPlaceholder":{"default":"en"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"GDPR Template","Conditions"

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (22462)
Category:	downloaded
Size (bytes):	22463
Entropy (8bit):	5.308411760782321
Encrypted:	false
SSDEEP:
MD5:	01D681C49BE80A4B603C59E89B87920C
SHA1:	5A75464EF4E504564DB1D39BEBED538F564B770E
SHA-256:	EFAD755939E511F2BC1FEB0D58D6014006E8598A4D431F27A66DD59E14FC19CB
SHA-512:	9579D6E8FFFB1E6D343974693C7AB06A04ACE91FD2D80782E3D3ACE8566C60493FC3AC4FCCECE8A2B79D24ABDC183019D4EF86DEB18FAC86CDF49F24A7B1FDED
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Preview:	var OneTrustStub=function(t){"use strict";var a,o,l=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupubconsent",this.oneTrustIsIABCrossConsentEnableParam="isIABGlobal",this.isStubReady=!0,this.geolocationCookiesParam="geolocation",this.EUCOUNTRIES=["BE","BG","CZ","DK","DE","EE","IE","GR","ES","FR","IT","CY","LV","LT","LU","HU","MT","NL","AT","PL","PT","RO","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.domPurifyScriptName="otDomPurify.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]",this.migratedDomainId="[[NewDomainId]]",this.userLocation={country:"",state:"",stateName:""}};(g=v=v\|\|{})[g.Days=1]="Days",g[g.Weeks=7]="Weeks",g[g.Months=30]="Months",g[g.Years=365]="Years",(g=i=i

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Category:	downloaded
Size (bytes):	48236
Entropy (8bit):	7.994912604882335
Encrypted:	true
SSDEEP:
MD5:	015C126A3520C9A8F6A27979D0266E96
SHA1:	2ACF956561D44434A6D84204670CF849D3215D5F
SHA-256:	3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
SHA-512:	02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Preview:	wOF2.......l......D...............................O..B..h?HVAR.x.`?STAT.$'...0+...\|.../V........+..2.0..6.6.$..`. ..~......[B4q.....t..P.M_.z...1..R.S...u.#..R....fR.1.N.v.N.P...;.2........!Z......Qs...5f.G.K.an2&....2.........C.H.t..N!.....nh.<(.vN.....j.._.L.P.t..Ai.%.............._I.i,..o,C.].H.X9.....a.=N....k.....n.L..k.f.u..{...:.}^\[..~5...Z`...........`!...%4..,...K0..&.a/....P....S....m.Z......u...D.j.F...f.0`I.`.`.h#..)(FQ.F!o$........S.).MV8%Rh...r...x...T]$.=......Y...!.3.&U..."....Q....{.l/0..d..4iJ/..}...3....i[Z..NG.WD...>.[U..Q.h..@m.=..S...1C2...d...<..v.?.q.f..n...OUz.....&Z......Z."..N.....n...9.B..C..W....}...W..6Zs.i.+Z........jB.n..x.8M.....q..@I....-.%..,C,..K..#.2...4)/.v_..x.<....t.....%[.4?.=j.V..jj''..W.u..q....I.L.=......E...\.M.7{.>......W........C.`...,9$......\..o........y...4A..m.P.,X..=?.:................wF`..+.P..........M!.4.......l.>M..t.ff5r..^..Z.g...!fA,hIIQ...e.R>B.AH.VuX..>..\.=.ky...1>C....>C.c.;...6D.

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	371
Entropy (8bit):	4.600540137157355
Encrypted:	false
SSDEEP:
MD5:	97CF0FE353C517CEA6CB3E1F2E7EDFC9
SHA1:	58D8EB24BFD5CA347B6A0A72894E6C8B6EAE198F
SHA-256:	0E0C8CEDB72A7E5A3080203509132486E267E5D1B0C5C6EAE78AC16F7928FF01
SHA-512:	F3D33FE997DC8FDFF9B122C208321F1DB35B2A6C2650C8EAC119A2A20FAE74874691340C3419283AE0914E5405D51E40BF787469B3A7A2B66A81A68B6E2009EB
Malicious:	false
Reputation:	unknown
URL:	https://bat.bing.com/p/action/26116924.js
Preview:	(function(w,d,c,k,a,b,t,e) {.. var cs = d.currentScript;.. if (cs) {.. var uo = cs.getAttribute('data-ueto');.. if (uo && w[uo] && typeof w[uo].setUserSignals === 'function') {.. w[uo].setUserSignals({'co': c, 'kc': k, 'at': a, 'bi': b, 'dt': t, 'ec': e});.. }.. }..})(window, document, 'us', false, false, false, false, false);..

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1434), with no line terminators
Category:	dropped
Size (bytes):	1434
Entropy (8bit):	5.782287307315429
Encrypted:	false
SSDEEP:
MD5:	E7F4945A3458503BDEE0AD9476537604
SHA1:	CD049E2F8F9D05ABC087BBEF7EFEDA01EFB0F3A6
SHA-256:	8AB3BC08E25F6A7E24EF75EE66ED06360BCEEACE487D22822D7724B3F2BBED50
SHA-512:	BD30B50396E0015B723FFD185972E37094A5CFF4A42CB5AE5D439AE3B85F2735F33145B363E2657AC174D66ED2E3F97FC0C2BFC9FDEE6B06C61E5A01FD1CFF34
Malicious:	false
Reputation:	unknown
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('onload');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!=='control_1.1'){d.head.prepend(m)

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	497
Entropy (8bit):	4.684891921463926
Encrypted:	false
SSDEEP:
MD5:	B57C99C9D1E3C50B2114C6DB053D7FF0
SHA1:	ADA8ABFED92BA8A545BBD9D299D74D5972CC4AE8
SHA-256:	691DCDB24853A0F5CE4E6597E5713DEA66799B57FFE2C2A10F28F98E0B569B19
SHA-512:	0DAB6D06F386D922FB28F70F2590D4F9C361E7F4E5D5E581B98E59AAC12B266CBA596FFCCD87203B4330673EE4EC1D459A1ABDFC4B066D243A43B2BF7909F0EE
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg"><path class="ot-floating-button__svg-fill" d="M14.588 0l.445.328c1.807 1.303 3.961 2.533 6.461 3.688 2.015.93 4.576 1.746 7.682 2.446 0 14.178-4.73 24.133-14.19 29.864l-.398.236C4.863 30.87 0 20.837 0 6.462c3.107-.7 5.668-1.516 7.682-2.446 2.709-1.251 5.01-2.59 6.906-4.016zm5.87 13.88a.75.75 0 00-.974.159l-5.475 6.625-3.005-2.997-.077-.067a.75.75 0 00-.983 1.13l4.172 4.16 6.525-7.895.06-.083a.75.75 0 00-.16-.973z" fill="#FFF" fill-rule="evenodd"/></svg>

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (22606), with no line terminators
Category:	downloaded
Size (bytes):	22606
Entropy (8bit):	5.497760912295025
Encrypted:	false
SSDEEP:
MD5:	DFC0039597B19002448BBADEBF545914
SHA1:	A6EB4C3E24CEE7AE0FDB96836AE76A40E3E681D8
SHA-256:	084D22186206FEF9B37EAFE6AE5ACCC013DEEAFF1CBDDC2FCE27F3722254D54B
SHA-512:	D78CCFC54F763858C94FE159C4CC7DA114A1533AE12F7D94DC30110518F6EDA2B8908FD3763F225A1799FDDCCD3CB0EACCF76689E19F1CA0DB6D7A4FC262D544
Malicious:	false
Reputation:	unknown
URL:	https://td.doubleclick.net/td/rul/780142670?random=1727971092942&cv=11&fst=1727971092942&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a10v871484082z876103223za201zb76103223&gcd=13r3r3l3l5l1&dma=0&tag_exp=101671035~101747727&u_w=1280&u_h=1024&url=https%3A%2F%2Fzapier.com%2Fmanage%2Fzaps%2F260804844%2Fstop%2F%3Fcheck%3DIjI2MDgwNDg0NCI%3A1sw6GK%3Auv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM&hn=www.googleadservices.com&frm=0&tiba=Stop%20Zap%3F%20-%20Zapbook%20%7C%20Zapier&did=dNzMyY2&gdid=dNzMyY2&npa=0&pscdl=noapi&auid=732045361.1727971091&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1
Preview:	<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":46656000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"4s732045361.1727971091","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s732045361.1727971091\u0026ig_key=1sNHM3MzIwNDUzNjEuMTcyNzk3MTA5MQ!2sacapFg!3sAAptDV612Kue\u0026tag_eid=44804419","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1sgeLxQg!2sacapFg!3sAAptDV612Kue","1i44804419"],"userBiddingSignals":[["7204397531","963072635","961338646","6640967152","740602062","961339261"],null,1727971094494215],"ads":[{"ren

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2418), with no line terminators
Category:	downloaded
Size (bytes):	2418
Entropy (8bit):	5.316369137121917
Encrypted:	false
SSDEEP:
MD5:	9B576DB11C906A453DB5D3AC0809327A
SHA1:	EB0D4A7D17C8F07073B4341ADEFB8916D9FB6F96
SHA-256:	4ED5BF0C538BA7E084665BB185ED911B7D5CE5F7EB18F5A4220AEB353EA03454
SHA-512:	6BBAA5BB7414D6C660A11328117DA2ECB7E0CB5F7B2AEBF96A175CFCD75937FC363DBB022C31909B4B4923FD7F5B4FA81EBF743841CE6CAB703A82CD86E5A284
Malicious:	false
Reputation:	unknown
URL:	https://tracking.g2crowd.com/attribution_tracking/conversions/1021.js?p=https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM&e=
Preview:	(t=>{t\|\|(t=document.location.href);const n="https://tracking.g2crowd.com",e="",i="1021",o="external",a="",s="",r={allKeys:[],key:"",localStorageKey:"g2tracking",date:((t=new Date)=>(1e4t.getFullYear()+100t.getMonth()+t.getDate()).toString())(),setKey:function(t){this.key=t.map((([t,n])=>n)).join(",").replace(/\s/g,"")},isFresh:function(){return this.refresh(),this.allKeys.includes(this.key)},refresh:function(){try{const t=window.localStorage.getItem(this.localStorageKey);this.allKeys=t&&JSON.parse(t)[this.date]\|\|[]}catch(t){console.warn(t),this.allKeys=[]}},persist:function(){const t=this.isFresh()?this.allKeys:[this.key,...this.allKeys],n=Object.fromEntries([[this.date,t]]);try{window.localStorage.setItem(this.localStorageKey,JSON.stringify(n))}catch(t){console.warn(t)}}};let c=!1,g=!1,w=0;const d=7;function l(t){return t<=1?t:l(t-1)+l(t-2)}function h(n,e=""){const c=window.navigator&&window.navigator.userAgent,g=window.screen&&window.screen.availHeight.toString(),w=[["aid",e],["ua"

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Tue Sep 24 13:12:08 2024, original size modulo 2^32 6678066
Category:	dropped
Size (bytes):	2230571
Entropy (8bit):	7.999548676506121
Encrypted:	true
SSDEEP:
MD5:	32C4068C8DBE96FB11ADDCCAB78213BA
SHA1:	1E74F8AF7D4E4F050163E13DE2C59B4B66D06F9C
SHA-256:	46101643B846F6DEF00FC7F0E0C28B34C3C96FC4077688CC1B77D73DD48BA744
SHA-512:	8F3703E53CD94514A6C41A14F2187EDDA97A66DA78E13887028F47BEEEEF663C6406CAE08BB1E8F4937E1FB94C95FF4488B7956E186361E88F70A028EBA341CD
Malicious:	false
Reputation:	unknown
Preview:	.......f...._..0....s.. ..!.../aI.,.@.a..d.....H2K.......u..3s...w..`.Z]]]]]]]e.Eq....X{.tn~.x.W.=>._8..(.......Z.x.X^w.w.(.m..n.o.....m.D.+..auv?L.<....\.6s.W,?...v...r-a'e.(.k.Ak.......L\k.q.Mwn.2V..4.....$.E...[......>...~..XTw.'... ..%..Z......&....5..uH.bv.&C...v.ZE....G.[iL..N.gy-@.$.._-.`...>..Y.S......].Q?g)~...(...B.qu.V\|.9.N....C.lV.a..G.p.D..u..Xj...h..<....9...0M.$...z.....z'...@.v&0].z--..hA.....sz,.........A..ZZ.....:.Q/..b9w.;...Y..CQ.(;..X...l....Jsb.~A.q+........B?u..(.....g..sV.{..e...'?.2" ....U...?h..+.. h..@.@...jD..e.L..[i..`q.wi..B.g.E..N....OK.;.1...$a?.xs"a........%..}....2....CK...o.{,....,M..y.M...r..N.$.b....0.....{..{).zI?.".9.....mLm.'nv!......i....Q...}.3/{.s..F.G...;.Z.....vl[..\.>...(Ma......0.P...N`K.%.}._`....c..8...d.f.c..z.k.......(.3/..P....VR`..F@b8.d<...I......c\.s....w...}.k=.#.G.Y2<R}.W^..j...S,..(..-.?.D..I.'.r..7..,(.u.r...}7../...-N.J.G(F?&..%.q.....a\AX.I.i..........b"'Yl.G....K..a.jF..

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4871), with no line terminators
Category:	dropped
Size (bytes):	4871
Entropy (8bit):	5.8540814178915515
Encrypted:	false
SSDEEP:
MD5:	971C7963FD89C19E65910971BA23BFF0
SHA1:	AF4223E8012DB5025CF77A9BE584FA0ED7E7938A
SHA-256:	822E2E9FCAB2314579188D7B5F434D22B6B14DB88CB0ABA8CCFD4DAC601F5B25
SHA-512:	924EAF21C95110B97188D7DE8F62181078292857DF24B7875119B0276E57A0BD66C6A8EFF84C284E4B0E39EAF3E8D21AC55B94BCD8032136F0FEB4AD0D4FAC06
Malicious:	false
Reputation:	unknown
Preview:	(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d\|\|a!=null){d=v[b];if(d==null)return a[b];d=a[d];return d!==void 0?d:a[b]}} function x(a,b,d){if(b)a:{var c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0&&(a=Math.random()*1E9>>>0,v[c]=p?m.Symbol(c):"$jscp$"+a+"$"+c),h(g,v[c],{co

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (52360)
Category:	dropped
Size (bytes):	349633
Entropy (8bit):	5.418341643700019
Encrypted:	false
SSDEEP:
MD5:	070C116054140A30A188BC802E8BDBF1
SHA1:	D4E57BB85D8CA74E4FAA0706FBE295C70B77BB64
SHA-256:	F00B02B25D3BE98C97BAC513DFA32828C1816692AB10A25A4BA31B3CC166251E
SHA-512:	2600DEBDBB3B3530ED8F4B8A96D6B581FC71CF0DB6DF26D729011D944BD2130A338162B19356F7B01FC8BEDD0C840A095233901619286360E28CC82519448497
Malicious:	false
Reputation:	unknown
Preview:	!function(){"use strict";function t(){t=function(){return e};var e={},r=Object.prototype,n=r.hasOwnProperty,o="function"==typeof Symbol?Symbol:{},i=o.iterator\|\|"@@iterator",a=o.asyncIterator\|\|"@@asyncIterator",c=o.toStringTag\|\|"@@toStringTag";function u(t,e,r){return Object.defineProperty(t,e,{value:r,enumerable:!0,configurable:!0,writable:!0}),t[e]}try{u({},"")}catch(t){u=function(t,e,r){return t[e]=r}}function l(t,e,r,n){var o=e&&e.prototype instanceof p?e:p,i=Object.create(o.prototype),a=new I(n\|\|[]);return i._invoke=function(t,e,r){var n="suspendedStart";return function(o,i){if("executing"===n)throw new Error("Generator is already running");if("completed"===n){if("throw"===o)throw i;return T()}for(r.method=o,r.arg=i;;){var a=r.delegate;if(a){var c=g(a,r);if(c){if(c===s)continue;return c}}if("next"===r.method)r.sent=r._sent=r.arg;else if("throw"===r.method){if("suspendedStart"===n)throw n="completed",r.arg;r.dispatchException(r.arg)}else"return"===r.method&&r.abrupt("return",r.arg);

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Wed Oct 2 16:50:24 2024, original size modulo 2^32 84309
Category:	downloaded
Size (bytes):	13308
Entropy (8bit):	7.978402447326621
Encrypted:	false
SSDEEP:
MD5:	F7889EB038398784B103FF84A8959E49
SHA1:	A1A83465D2351AF824A1A9CD9AA76E225C89CD33
SHA-256:	F833C5524C360DBF13ECC78226125A0195BC1FD9465B33DFCF2564A4301B83F2
SHA-512:	4BA911F880EC720BCD9D53F28CEFABC229D1B58507520707659C104E035DF886B53C7B83190B952A30B5DA15BD61726D2479CC31A57D6F2FE6FC7ED3CFFF8459
Malicious:	false
Reputation:	unknown
URL:	https://cdn.zapier.com/zapier/build/app.6e044412db8921e93fde.css
Preview:	.....y.f...}k..:........`.l.G..}.....).K..$8w.m.[;...y.....E.HQn..^d.&..2Y,....b../....H?y.....d....{.]U.Y.kN]VW].......&...L.Uw..o..CM..J?.u.\|.......z...}.N.....`e]..&..Ss"......e.;...v....-........u0...S..x......w...k....pu..C...\.(..-w....r..Nu.>N~.,7.,..M.'m...B{M..g..K.._.'....}!.[.7...S].>eY..../.g... ..y.#.8..m.m.OqH..b.Y.!..&{..q.6..v.......-..".b_.....9..e.....C.8Tu.;.X.w..M.\....P7_.)...[..r.b..3._..v...........DZ..."..k&yp.......=]....~.,.......?....e..;..N......{N.;D....W:...I...~....H...J.$....xh.5C..h.Ql..X....}.?\|r....)..aI.....:..-g...UiYK.......[3@ub...=.a....6...6.... ........=..-kv...7.Et.d{.....W.C.....a)y..Bs..j.l".8.J.KK.@f_..l.m>)/}C..f....l_.d.0}dh^..1..!..P.a.l......\..e.B_.5..8,w+....#..E...N44..#..Y....Yw.w.c.?.S./...$...=..g.........b&i/r.....[L..T.9k../...Q...q..`.W.u...-.L.5.X.....R+..H7.rB.J.iBAM>..C.Z-.n.....x,%.....{P.;\|_.....q..{@...NsE.G.d...;j?.P2eM...:y..pK....e.c..(N..k..\|'...D.d[...`.]C ..

Chrome Cache Entry: 190

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Wed Oct 2 16:50:25 2024, original size modulo 2^32 305218
Category:	dropped
Size (bytes):	102118
Entropy (8bit):	7.99695066918958
Encrypted:	true
SSDEEP:
MD5:	A52E1828A4819F31F2EA780C5C7A3639
SHA1:	FDC10ED57E2C2CCD1D2DCE6789C0617E1D4B80E2
SHA-256:	D314FA745A6AF19F1A68FFAE3FC24DE6179E2456939B95F31A2E84E19C8EF267
SHA-512:	7E500DFEC785716A3F5FF68B37440178B4485C5309EC3F7977A4692CBB705762083EA495F100F66DC134E4C49421C87484DD1D762EFE1DEC734FF1939FEEE22C
Malicious:	false
Reputation:	unknown
Preview:	.....y.f....z.F./..y....f.........c..I..N.4..HHDL....VD...g.Ov.o..Ba...g..t[.P.q.j...m6..<..U.7.....8..d.J..j..h....MB..ERm....Oi.......$<.".$....zxXM....E\|..l..L+.....cz^..l.>O..F...>=.?G'.iv..{....d.....$./.d..+..'.n7.)g.YpSM.Y48....kM.N..n......dS=.....sU..3.\|..4n.......x.....y....s.U.&jI..4...sx.......\|..;?..p5ZP....j.+h..@.o....}...9.....Q...t1...(..j.r...Q[}=..~.-z...&.....%...@...].p.<...\'Mfh;.z..@............^.M.x..V>..['.'q..Y0..@.&~..t.VQTRI<h......r_.m........qWn....m.6..k?..k..j..q.<.(..A.?2.....#l...&UT..y6.+ti.o.J.C.aT...JN.Y.WQc..Ao.K.}57..../...y...J..........a.HVI....jZ.f....&q..{..T./.,.?.4..}.._.h..b.t....Z%q..J.R...TZn7...F..3.1..A...g.1qj.......Y.Rv'Op.1.4..,c.y..7.FE.Y.....(.......:...<}..k...T.......@u645Z..7E.U.6..+..]......,w......a..&..._...M\..."..~.*.n..n.@.C.'T.A.U{...z:b..y.+A.4"....Z.....O.R.\. ..A....D.1.vV~p.}.....O.BF..A.....e."zA+5h..A.I......~.......(.._.....R/..........T.T...5...Q.. .........

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:
MD5:	99914B932BD37A50B983C5E7C90AE93B
SHA1:	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
SHA-256:	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
SHA-512:	27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
Malicious:	false
Reputation:	unknown
URL:	https://zapier.com/api/v3/csrf
Preview:	{}

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 244 x 66, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3143
Entropy (8bit):	7.909388996450506
Encrypted:	false
SSDEEP:
MD5:	CAEE52E2AE323D1362414203710E3946
SHA1:	E8F315F0F5461A3D8FC372B475D0F46E2166CAE1
SHA-256:	EEFA9F99418AA6D062753DF48FF5670E63722185CA3F51BA0B522F68B9DD350A
SHA-512:	F2F111571BB7B72D29A5F6601D7971E4518F3A313074CCE27413817F2FCE65E32852454513556A05D681A2CBEDB110014CA867F37AF1123823856F78E29563AA
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/logos/5bf66188-6611-4e37-a86d-72ca67da2a55/018eafa2-45f2-7485-8d48-f86dd2a7708c/3ef7b552-9246-4196-9ab2-5617f2fa2895/zapier-logo.png
Preview:	.PNG........IHDR.......B.....`.......pHYs.................sRGB.........gAMA......a.....IDATx.._r........:M....... ... ..b. .....". ... ....CgZ..r[.!.. [.%....E.gF.#S.I..,..E..SC...m...uK.Z....\|..'']`.....4M[0.\|...g..E?...N..}`.X.......^..}.1Bl.......1..fjC..7......x...f.\.....!^.........f.C.o.?..f..4.4..4.......f..?../....f..?..O.w........Y.Z[..C#B.........fj..u6W.B......s.v,ajI..w)\].._..7.@7./......-..a...=t.P.....\|..=..E...Br9Q......K........R.fQ.!..xO.../C0...:...-....c.5.....th`.:<p.....W~....Z..w.xa....).vt......1.p..y..8.....m)X].B.........r!...\|7......zs..._6.../l.6Bx.a....A9....A.;..h.x.6.....F...}.K.9..7`9.R.]. ../.8....}........6L.C...:t..dA~4...a...."..#.ej.aD...?...%\+.".=...T.j..g....H....a0...w.=..KD..k.!.+......E..[s....0...>42 ....nP.N..`.w.bZ9...n.+....U.h...a.8..A.b..0...P...g..~.....D.....E~G..K....5.v..,......k..cK.b.=....k.....1.E1..~"D.......o....,.r....>~..?ZC.......\+.5f..m...C.......dA...),.(....D....o.<...L..3.

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4269)
Category:	downloaded
Size (bytes):	282159
Entropy (8bit):	5.547384524233132
Encrypted:	false
SSDEEP:
MD5:	E91E918012BCD2C37415823F9C27E12C
SHA1:	69430D9AD9C5FC62ED8390A6BDCF02730230BE2A
SHA-256:	5CAEB7925EBE02DCE0C3D5C704442459171B52CB3571BA06331E98FCB2A1B504
SHA-512:	CB7D7B50CE9770CADE3FF03DDCD4346C896D6186233E0AD8C8E5C48177A99B5B43E0D404F487BBAB7D026A29E01F667E615ECFE1FB0B6301AC69FB4A8EF3C608
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/destination?id=AW-780142670&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_ads_datatos","priority":16,"vtp_instanceDestinationId":"AW-780142670","tag_id":113},{"function":"__ogt_dma","priority":6,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":105},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameV

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (51447)
Category:	downloaded
Size (bytes):	150455
Entropy (8bit):	5.446375997850054
Encrypted:	false
SSDEEP:
MD5:	41539549B1D80009C99AFFF0F308C694
SHA1:	236233954B953629FCA3D4A6547B78E79ADA994D
SHA-256:	227835A536603AB523E9686951496484B4888F1FD8EE4AFA93DC3AFD77204B37
SHA-512:	2B7B8C34908E98F8E2C7B2CC7B8879DDFB32D433E79FDCC430CAD9197D4FEEE902B9C88269FA299714A734F0E9A2821519B2E6F621E004DF659B0D7E992195DE
Malicious:	false
Reputation:	unknown
URL:	https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM
Preview:	.......<!DOCTYPE html>.<html lang="en". xmlns="http://www.w3.org/1999/xhtml". class="home-minimal-html ">. <head>. <meta charset="UTF-8">. . . . . . . . . . . . . <script>. window.dataLayer = window.dataLayer \|\| [];. function gtag() { dataLayer.push(arguments); };. gtag('js', new Date());. gtag('config', 'GTM-K7GFJTV');.</script>.. Google Tag Manager -->.<script>(function(w,d,s,l,i){w[l]=w[l]\|\|[];w[l].push({'gtm.start':.new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],.j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=.'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);.})(window,document,'script','dataLayer','GTM-K7GFJTV');.</script>. End Google Tag Manager -->.. . . . begin olark code -->.<script data-cfasync="false" type='text/javascript'>/<![CDATA[/.// This function wraps the integration code provided by Olark in./

Chrome Cache Entry: 203

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9217)
Category:	dropped
Size (bytes):	238473
Entropy (8bit):	5.452534159990991
Encrypted:	false
SSDEEP:
MD5:	8DDAB43316C640A652A622856ADC9945
SHA1:	30B1348F1A5EEDFB5E3C7D84C250D667FE27C60E
SHA-256:	3AEC128D1BFBCABD5A0ACABA7DA5F82853D86D7154B2A624EC5944D8B87F3BA2
SHA-512:	A428BA57A952616AE431FC8A5D04DE8C51F6EB15ADEFD67ACACE5A7D9115E4B90D4B67BF82DCFB17555EFD687D709B9CBEBE3860CE56980428C54ED21429B9A7
Malicious:	false
Reputation:	unknown
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65451)
Category:	downloaded
Size (bytes):	439374
Entropy (8bit):	5.355350932405715
Encrypted:	false
SSDEEP:
MD5:	89E736FC975EF8CE3895791E82F1478E
SHA1:	8191B7AA3CDC183C26AC8963559802FE3C07F665
SHA-256:	A6E702AA7963CF3425973CA929037DDD53DAF67D0FC6700BD89A585C1AABA2B6
SHA-512:	0F3FAC963F38C17CD6368BB6427511B47229A44403A6994B984EBEB5174F54B0FC74284C11B5A1829D8AC4ADB9542D716191EC0E1D9A0DBCA515FD92C0867EC3
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js
Preview:	/** . * onetrust-banner-sdk. * v202401.1.0. * by OneTrust LLC. * Copyright 2024 . */.!function(){"use strict";var N=function(e,t){return(N=Object.setPrototypeOf\|\|({__proto__:[]}instanceof Array?function(e,t){e.__proto__=t}:function(e,t){for(var o in t)Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o])}))(e,t)};function D(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function o(){this.constructor=e}N(e,t),e.prototype=null===t?Object.create(t):(o.prototype=t.prototype,new o)}var H,F=function(){return(F=Object.assign\|\|function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function R(e,s,a,l){return new(a=a\|\|Promise)(function(o,t){function n(e){try{i(l.next(e))}catch(e){t(e)}}function r(e){try{i(l.throw(e))}catch(e){t(e)}}function i(e){var t;e.done?o(e.value):((t=e.value)instanceof a?t:new a(fun

Chrome Cache Entry: 207

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, last modified: Wed Oct 2 16:50:25 2024, original size modulo 2^32 275602
Category:	downloaded
Size (bytes):	41774
Entropy (8bit):	7.9931544279453846
Encrypted:	true
SSDEEP:
MD5:	98721A5F9D3A5CD1AB03C8CF7D4ECF2D
SHA1:	374B3649A98F8759274AA4E233223E7806CE2210
SHA-256:	1778EE00AEC63767E43BBDD8AF62805E4BCEA3AE5D430C4F6E444322F6CEC580
SHA-512:	14D022F7A7F8271A07D3CAE0D50BA6DD8029B142F1C50CCF7C635122AABEEB5F0D2FA1EAF5490DA2B85CF0A9ECFAA41CD93BFD922D088A67EA102BCF46F8E005
Malicious:	false
Reputation:	unknown
URL:	https://cdn.zapier.com/zapier/build/legacy-view.c63ca9bfbb7c5c89eca3.css
Preview:	.....y.f......8. .Wt.(.r6.e.vfb.3.3...-.p....-.....-.eWU.....S..A.....t..3m2.....`\|....~-...y2..xYU..8..j..u.\.....E}.....y...N...y...d\|..~..F..>....\...<.}&..[...k...):.W.6Y. y.Q^..r...._..\g.8....su\|9.....S..=.l..9.Z....D&&...:......#6..[;q.+...k...J@...k..R.Tdb.]..y[.yq...q}>.."...#....m....c......l...T].9].....fN...y.R$,.6......w].Z<O.d..P.[N~.M..2.Q.........\|..d....Y.J....x......,//.3.!...6}!.`..<;Z.........vv8.d.Y]..,...!dQ...IN#..Q..<.......);j...q.W..\.'.g]..<b#(....;[7d..........\|..a.:j.j.N.~"S8..#>`C...;.W....#W].'...U7W.8x#qd..R.a!..V...{.Z..J?Y....~.)/.G......#<.......p..[hJ..<s.b.1..M.vR..>...Q....)O.V..h.I...MD.)..@....T.....Y..J0.g2..A.x.....d.&..I..uu ....s.h~.^e3...Z.)..9...!./....,.......Nz.zv..mLn.q.K.8/...{{..l.v........./.2....(.Qv..{.b.}4I...W}....8@.@..............D.2.#@.}.BP....k.F.r....@g.NFk.I<..C..>...;..kr......:}...].'.g........N..<./..?..........t.7k......3.4.....o.b.......]..1...s.....{x

Chrome Cache Entry: 208

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	69
Entropy (8bit):	4.057426088150192
Encrypted:	false
SSDEEP:
MD5:	B04CD3F8043EF04F417D4B0E4BCBBC03
SHA1:	88F259A4AE3045409B3657E7D7A791D321BA9DCE
SHA-256:	59E58524340CD7AD353BE010374B124C242FDDE10A0ED41047FE2FD4BB9E5A2E
SHA-512:	A285C493B939D2A165D80F87FC830F5D02AFCC7A8EA1C5CAF9CAA87ABD286F1C98598FFD83023044BDB23D344C60EEF6A6C4BFEDEDD42A4297A0AC09E22FA5B2
Malicious:	false
Reputation:	unknown
URL:	https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Preview:	{"country":"US","state":"NY","stateName":"New York","continent":"NA"}

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5552)
Category:	dropped
Size (bytes):	71477
Entropy (8bit):	5.354663338982465
Encrypted:	false
SSDEEP:
MD5:	9DB4F0346AC3C07897AE038B674BC523
SHA1:	028B4E507373F0DDEF571942E04138C29F3DD9F6
SHA-256:	B1663236BA84A62819B40FB18A56DCF407A23E1EC867DB21CFC5ECF5D0F7F8B1
SHA-512:	E1CA550CACA2ACD71944DD47C7CC6296D748A94E64F4E4E83300BE1EC5E4A2186EC608D2E355B3AFAEE14B5F919EC040E054C3F9D698515ED91EBA8C3C15FA7D
Malicious:	false
Reputation:	unknown
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 211

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (50522), with no line terminators
Category:	downloaded
Size (bytes):	50523
Entropy (8bit):	5.297134171375771
Encrypted:	false
SSDEEP:
MD5:	14272A6CDF99BDC079B8EC8097889F49
SHA1:	2343F9F1D29F3B034F3B8FFB7A92BFFD98A88450
SHA-256:	73AAA4E6BFC1DBED5F3F934710D1ADA545F4068742235E59D0CB74F0EAF0A3C4
SHA-512:	BD83B900ACBFB123F485F46DE1692710B7C77DE90739CA3CFAB7A58CF3B71FCD9D97FCCEC6762528886C57A41F101574209F65B2BEF745613F0BCB7D196200A5
Malicious:	false
Reputation:	unknown
URL:	https://bat.bing.com/bat.js
Preview:	function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"\|\|o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0,enforced:!1};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.uetConfig.cusig={hasLoaded:!1,timeoutId:null,blob:{}};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1711
Entropy (8bit):	4.867755045175147
Encrypted:	false
SSDEEP:
MD5:	5434F6ADD1998C4A1809584B013DE8B3
SHA1:	12B2FAF3D2CC3E85FDC69B18CA1C13620629E149
SHA-256:	D0016BAAD777604253B3BD831825CEED0157A7F6AB0F67AE02A246A30E155ACF
SHA-512:	F58165BF093779C86A894194B754F97BCEF4E76E063FBAB1ECA1A03AF6B1FAAA57B90B204DE063C0C303B68DF7C77ACF42D7297193534E41846BC9439AA5DDEC
Malicious:	false
Reputation:	unknown
Preview:	{"objects":[{"name":"AUD","multiplier":1.47837,"symbol":"$","icon":"Australia","zero_decimal":false},{"name":"BRL","multiplier":5.58564,"symbol":"R$","icon":"Brazil","zero_decimal":false},{"name":"CAD","multiplier":1.3806,"symbol":"$","icon":"Canada","zero_decimal":false},{"name":"CHF","multiplier":0.86563,"symbol":"Fr","icon":"Switzerland","zero_decimal":false},{"name":"DKK","multiplier":6.85178,"symbol":"kr.","icon":"Denmark","zero_decimal":false},{"name":"EUR","multiplier":0.91836,"symbol":".","icon":"EuropeanUnion","zero_decimal":false},{"name":"GBP","multiplier":0.76456,"symbol":".","icon":"GreatBritain","zero_decimal":false},{"name":"HKD","multiplier":7.95938,"symbol":"HK$","icon":"HongKong","zero_decimal":false},{"name":"ILS","multiplier":3.80904,"symbol":".","icon":"Israel","zero_decimal":false},{"name":"INR","multiplier":86.03404,"symbol":".","icon":"India","zero_decimal":false},{"name":"JPY","multiplier":145.92305,"symbol":".","icon":"Japan","zero_decimal":true},{"nam

Chrome Cache Entry: 213

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (25302)
Category:	downloaded
Size (bytes):	352728
Entropy (8bit):	5.591180553250579
Encrypted:	false
SSDEEP:
MD5:	B5CDBA237CFA914AE36160458C745D2E
SHA1:	2F1E860022486E5153F819AAB190D86018F1C9F5
SHA-256:	20FB69274BE8448B22757E0582BF8945B22CA98FB90014599BDE79B6CC4E3802
SHA-512:	931C229061FAD3128E05B0C27042F73B7C62A10F6472D5C88FC91CD4767A4ECA274A1291E8752696ECB130E1B952DE6B8A2D4EB4E76712A0BAB8D0010D1F2C76
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtm.js?id=GTM-K7GFJTV
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"309",. . "macros":[{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"eventLabel"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"pagePath"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"interactionName"},{"function":"__e"},{"function":"__k","vtp_decodeCookie":true,"vtp_name":"OptanonConsent"},{"function":"__jsm","vtp_javascript":["template","(function(){return\"on\"})();"]},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"userId"},{"function":"__awec","vtp_mode":"AUTO","vtp_enableElementBlocking":false},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"QUERY","vtp

Chrome Cache Entry: 214

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (22096), with no line terminators
Category:	dropped
Size (bytes):	22096
Entropy (8bit):	5.1556985111456
Encrypted:	false
SSDEEP:
MD5:	4EDDEEC95AFDA969B3D1B2FB970C1EB1
SHA1:	DA4C64223B6FF380F03AE2506DF526C22A9103D9
SHA-256:	42E2DD427DD9F9D45367C880C68289114B7DE56373FF8BDC664EA0FA3CE77880
SHA-512:	2D431F9BDB08263AB0BC0A596F13E35A136318DA42190EC08712FB1CF963A82EC56FD04231084C876F57853F5930E25F65B1F9D451BDDF140134C7C05F89A0C4
Malicious:	false
Reputation:	unknown
Preview:	(()=>{"use strict";var t={228:t=>{var n=Object.prototype.hasOwnProperty,e="~";function r(){}function o(t,n,e){this.fn=t,this.context=n,this.once=e\|\|!1}function i(t,n,r,i,c){if("function"!=typeof r)throw new TypeError("The listener must be a function");var u=new o(r,i\|\|t,c),a=e?e+n:n;return t._events[a]?t._events[a].fn?t._events[a]=[t._events[a],u]:t._events[a].push(u):(t._events[a]=u,t._eventsCount++),t}function c(t,n){0==--t._eventsCount?t._events=new r:delete t._events[n]}function u(){this._events=new r,this._eventsCount=0}Object.create&&(r.prototype=Object.create(null),(new r).__proto__\|\|(e=!1)),u.prototype.eventNames=function(){var t,r,o=[];if(0===this._eventsCount)return o;for(r in t=this._events)n.call(t,r)&&o.push(e?r.slice(1):r);return Object.getOwnPropertySymbols?o.concat(Object.getOwnPropertySymbols(t)):o},u.prototype.listeners=function(t){var n=e?e+t:t,r=this._events[n];if(!r)return[];if(r.fn)return[r.fn];for(var o=0,i=r.length,c=new Array(i);o<i;o++)c[o]=r[o].fn;return c},u

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Process: OS API Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 137

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 145

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 168

Chrome Cache Entry: 170

Chrome Cache Entry: 173

Chrome Cache Entry: 174

Chrome Cache Entry: 175

Windows Analysis Report
https://zapier.com/manage/zaps/260804844/stop/?check=IjI2MDgwNDg0NCI:1sw6GK:uv5U5bs_AnY16h4uo_BzI3aI4ksuRZ1R0-V1GaGYufM