Edit tour

Windows Analysis Report
https://dormakaba-safelocks.link/Apexx-Calculator

Overview

General Information

Sample URL:	https://dormakaba-safelocks.link/Apexx-Calculator
Analysis ID:	1525238

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 1868 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 4904 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1944,i,9636785370861239824,5136804964622494886,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6404 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dormakaba-safelocks.link/Apexx-Calculator" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/	HTTP Parser: No favicon
Source: https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/	HTTP Parser: No favicon
Source: https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/	HTTP Parser: No favicon
Source: https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.17:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.17:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49769 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.17:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.176:443 -> 192.168.2.17:49772 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: dormakaba-safelocks.link
Source: global traffic	DNS traffic detected: DNS query: dormakaba-safe-locks.convertcalculator.com
Source: global traffic	DNS traffic detected: DNS query: worker.convertstaging.com
Source: global traffic	DNS traffic detected: DNS query: imagedelivery.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.convertcalculator.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.17:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.17:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49769 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.14:443 -> 192.168.2.17:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.176:443 -> 192.168.2.17:49772 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@18/35@22/209

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1944,i,9636785370861239824,5136804964622494886,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://dormakaba-safelocks.link/Apexx-Calculator"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1944,i,9636785370861239824,5136804964622494886,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
a.nel.cloudflare.com	35.190.80.1	true	false	unknown
imagedelivery.net	104.18.2.36	true	false	unknown
worker.convertstaging.com	188.114.96.3	true	false	unknown
dormakaba-safe-locks.convertcalculator.com	76.76.21.123	true	false	unknown
www.google.com	142.250.185.100	true	false	unknown
www.convertcalculator.com	76.76.21.142	true	false	unknown
dormakaba-safelocks.link	52.72.49.79	true	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
52.72.49.79	dormakaba-safelocks.link	United States	14618	AMAZON-AESUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
142.250.186.170	unknown	United States	15169	GOOGLEUS	false
76.76.21.123	dormakaba-safe-locks.convertcalculator.com	United States	16509	AMAZON-02US	false
104.18.2.36	imagedelivery.net	United States	13335	CLOUDFLARENETUS	false
76.76.21.142	www.convertcalculator.com	United States	16509	AMAZON-02US	false
76.76.21.241	unknown	United States	16509	AMAZON-02US	false
216.58.206.67	unknown	United States	15169	GOOGLEUS	false
172.217.18.3	unknown	United States	15169	GOOGLEUS	false
142.250.185.100	www.google.com	United States	15169	GOOGLEUS	false
142.250.185.202	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
188.114.97.3	unknown	European Union	13335	CLOUDFLARENETUS	false
188.114.96.3	worker.convertstaging.com	European Union	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
142.250.184.206	unknown	United States	15169	GOOGLEUS	false
216.58.212.174	unknown	United States	15169	GOOGLEUS	false
142.250.74.195	unknown	United States	15169	GOOGLEUS	false
66.102.1.84	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1525238
Start date and time:	2024-10-03 22:56:10 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://dormakaba-safelocks.link/Apexx-Calculator
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	21
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@18/35@22/209

Warnings

Exclude process from analysis (whitelisted): TextInputHost.exe
Excluded IPs from analysis (whitelisted): 172.217.18.3, 142.250.184.206, 66.102.1.84, 34.104.35.123, 142.250.185.202, 142.250.186.170, 142.250.186.42, 142.250.185.170, 216.58.206.42, 142.250.181.234, 216.58.212.138, 216.58.212.170, 172.217.16.138, 142.250.184.202, 142.250.185.74, 142.250.185.138, 142.250.184.234, 142.250.185.234, 172.217.18.10, 142.250.185.106, 216.58.206.67
Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://dormakaba-safelocks.link/Apexx-Calculator

LLM Input / Output

Input	Output
URL: https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/ Model: jbxai	{ "brand":["dormakaba"], "contains_trigger_text":true, "trigger_text":"See results now!", "prominent_button_name":"See results now!", "text_input_field_labels":["Number of branches or locations currently", "Number of individual locks at each branch location", "Number of employees who need access to open the lock", "Total locksmith visits per month for ALL locations*"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/ Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/ Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"Get your free consultation", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 19:56:41 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.98868502477291
Encrypted:	false
SSDEEP:
MD5:	9D5530D114E5FE91BF4A4AFF95CD502B
SHA1:	C051D2EADB508B788188BD16CEDA536EAEB04232
SHA-256:	D159F7A56B8FCDE4669784FD246EE26260263FF4F601123D6F3596805DEB3341
SHA-512:	0E94E92D86AA5434728C42D0CB17FF4A3AAEA4351F4A43546D103D4BA5A2DFA73CA13560ED17052A0F559E71CF5342F39C393C8BA4C3A37C13A385A886665D18
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,................y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............!.e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 19:56:40 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.999969768769498
Encrypted:	false
SSDEEP:
MD5:	9361ED3E645ECC7AA3A6CC7618586E15
SHA1:	B0FC55306EE812808E5548818E905481D2E2365B
SHA-256:	D8CE09AF96BA7633B31D2CBB1D035D91D68693A824F85F546F935494E8D9F10A
SHA-512:	2A0DDED560AE96E2403848EE76779EA0C2B82E9661D3D5898E8C0DE1CC486B377EF2B388B7CF3C25EAA95DF254BAD06B5D2DBD87E602E2C0D8F7FFF284911FF3
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....sA..........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............!.e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.013437055430332
Encrypted:	false
SSDEEP:
MD5:	3E7FFB2AA338007490D372CE6137B04C
SHA1:	C5773E88C14309C6B8232B82F597A8F86649D1EA
SHA-256:	9DC9340D4BF375FA6692AC75CD44E0FDF2D37905F245E39523176DF3406F76B8
SHA-512:	EC6368040E9F7369EDC37E6C5ED1AD1BD6F927DE4C55AF222F998CC18509DF63066474FC4E2F07349A92BE78E2F3C552E97AFD6A4D949B84693F8558CD9AF05F
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............!.e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 19:56:40 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	4.002879918214874
Encrypted:	false
SSDEEP:
MD5:	76E8F688909AB1DA23C2318D6261CCA5
SHA1:	AB1301FEF949DFC8FFAA6E664AB8D2006F7BE163
SHA-256:	697483BCB049B267A56D436DDB4B71788BCFFE7D3970713FD8BFDB2E9F615980
SHA-512:	82C905CD46BFBB31C2ACD799181194551AC638E1181DEF0E25F273A36790FA97620A3F2641304F7F064821E09391F6A3956DDEC88A80197115DD6A8D06F0C9FC
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....q...........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............!.e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 19:56:40 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9910083680298394
Encrypted:	false
SSDEEP:
MD5:	EFA7FF389770AD350DAC1E988E020C23
SHA1:	D0C4EAE9AD70C68F91D90A649518EF2DCED929B5
SHA-256:	3FBC94FBBDA7BE21C87F349F42E8EE9DC1A0E6D48F7B5A8E61102211027A70E0
SHA-512:	B688ECB87291950C296F72AADFFB8806FBACA966F214D9247000FB103D9A2B8CF63F9E11E1B1CDB98AC99AC995C7012D6218C7B46B51808DA6525B52816EA342
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....,..........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............!.e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 19:56:40 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.9997659655057682
Encrypted:	false
SSDEEP:
MD5:	23D106A527F750E680BD2E5E2D64EE75
SHA1:	74E9FF39F2C245B04478C703B2EBB1F7F3FDEEC6
SHA-256:	FED2D276449A03DC11B8A727883F2C98CBCDA0A6BE9F742D097AF539A987D629
SHA-512:	BE60C9CFAC40733AEF4BCAB5C2F44FAC55362BF2A686AC0E1396B34D9333D9D437F8B9D834DF9847A2D9DA2EC8985794C67591E9655024CAC148BAEA878A342B
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....2.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.ICY......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VCY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VCY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VCY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............!.e.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	15540
Entropy (8bit):	7.969884137791773
Encrypted:	false
SSDEEP:
MD5:	85DF4958D3F6ED18867789F70D1E66D7
SHA1:	935774526F58B794D6E7E468AF706C74E72FBF9E
SHA-256:	0A9B008240866A2689DDB0678721BD2418FDC560FB453BDB80C5F90782754B64
SHA-512:	C31F1DEFD40226CA6D9909F0E7C006656E2FB5FF4A7CADA1E066B8B1ED23501EF5601C2F78746AF38103A90283156C1D84AAE33244EAAC9F70912D3C7251ECD6
Malicious:	false
Reputation:	unknown
URL:	https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1716471110524-am5w98uuLX7YYdg98/public
Preview:	....ftypavif....mif1miaf...hmeta.......!hdlr........pict.................pitm.........,iloc....D...........5.................4U...8iinf..........infe........av01.....infe........av01.....iref........auxl..........iprp....ipco....ispe................av1C.?......pixi............av1C........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....ipma.......................;4mdat......?...2.hf.~-... !`.............>.q...H.LrY.......h.-k{......2.9.i.\...3...-..../S.x.#r..LY./..w..\|n.^z..bm.E......+..j/.\G..>....p'....F.O4T..-....v.^f...J{.x.....".x..d....q.......6.t.~hr..k./+.9.G.h...[...O[.W...:...1k...".q3...H.........%...:..-.....p.p...)...Q..L.62)j....Bz..8S.D.%..J.%.r?v...KXl....p........7i...\|.j..c.2..@.h.}...Fg....a...v.r..F.2.p...-.?._p>V...qpw....... .U.....ev......u4..,..lZ.)...6............Uj..j3..z..Wn...\|.i.e.F.B\....%..G8..H.z.$8..>....:......."!..\..*!2-U.O..........5+.0AwR..qBb...->B....F^v.`.U.......2..y......"e..>G4.N".:.78!..t....m

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	9250
Entropy (8bit):	7.939002264957054
Encrypted:	false
SSDEEP:
MD5:	DC4D7956D51D4A1239EFB67BCA6ED0CB
SHA1:	44AD9A177362AA6603DE8B02A1BBB56BEDFF2829
SHA-256:	1777E2545E93A438123867D13ACC5D451299D0568BBE89A90AA845798255718B
SHA-512:	242FF010467C89EF102C8714053E258447B521E15C252B7E796F14ABF2A73B3454C96D8289D0B90B0B7F1D24D25B206EDA7F43B0CCD0567DC21C8229EA8BA567
Malicious:	false
Reputation:	unknown
URL:	https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1716470379798-35HgeQSuZ4gSn74ke/public
Preview:	....ftypavif....mif1miaf...hmeta.......!hdlr........pict.................pitm.........,iloc....D..................................8iinf..........infe........av01.....infe........av01.....iref........auxl..........iprp....ipco....ispe................av1C.?......pixi............av1C........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....ipma.......................".mdat......?...2.7f.~-... !`......{......>.q...H.LrY...A...v.w......T...y..J#..`.b....6..D.=.o....Q...q&.,...#....m...,.......y..$....E..W..#.(.......K)....\..:....9.6....n.<fI.X...O.......<..'...{.O...\|....'.. .1=i.U...@.d.......q.OF......\|....J..5.r.i..U.$..`".o.4.k..:l.R...../0.Fp..+.V.N...`......f...\...=Lpb.#...!c/..Yt...#:.C....;.Y(W.F0...s.<..5...+5.@....0...X..aH[.....dC...F...&...;"..a.=z..n].P...+.E...t...-mV~..r.+@.G.Z.w...)A..D....K.....M....7+...c.@.lel...})9a..JP...._....3..F.......`...UxG..m.....{A......>j...:...Y]7..'....q.iM!.<...eP..S4.!....q.%...k.

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Category:	downloaded
Size (bytes):	146982
Entropy (8bit):	5.090283309450056
Encrypted:	false
SSDEEP:
MD5:	969B570FC761B042581DF51926C1351C
SHA1:	DFAF0C23B59DC0DC21F67A6BC63B732792118D40
SHA-256:	C85443486B1214A839265EE7FE5E0456DA20561147EA650F5A2256008D847A23
SHA-512:	CA92172400869CAABA49C35CA3483318CAFFEDD199B5FE4372AE38287C8E048499A513ADE18679F98C177412CCAF9A4CA73624AE21A0C4ADE952674F6759C890
Malicious:	false
Reputation:	unknown
URL:	https://worker.convertstaging.com/dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/assets/data.json
Preview:	{"calculator":{"_id":"syv8wsyHKq9R3WYbs","viewBreakDisplayType":"arrows","version":5,"systemOfMeasurement":"imperial","style":{"inputFocusShadowSpread":0,"primaryColor":"#e4002bff","labelTextColor":"#484848ff","fontStyle":"normal","maxWidth":900,"spacing":{"paddingTop":60,"paddingRight":60,"paddingBottom":60,"paddingLeft":60},"inputFocusShadowStyle":"outset","headingOneLineHeightUnit":"px","headingThreeFontWeight":"600","headingFourLineHeight":24,"labelFontSize":16,"headingFiveFontSize":18,"buttonTextColor":"#fefefe","buttonBorderColor":"#000000","buttonFontFamily":"Arial","headingTwoLineHeight":32,"buttonShadowSpread":2,"inputHoverShadowSpread":0,"inputHoverBorderColor":"#a0aec0","buttonFontSizeUnit":"px","inputHoverShadowX":0,"maxWidthUnit":"px","buttonShadowX":0,"inputShadowStyle":"none","headingFourLineHeightUnit":"px","inputHoverShadowY":1,"headingSixFontWeight":"400","buttonShadowY":1,"headingFiveFontSizeUnit":"px","inputBorderRadius":4,"inputHoverBorderWidth":1,"buttonBorderWidt

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	15872
Entropy (8bit):	7.9706941490594705
Encrypted:	false
SSDEEP:
MD5:	B5C1AFD34D51456869993A91656BDD46
SHA1:	5C49A399996D1B612CEE0BFE3F26B7876C9E2A69
SHA-256:	D5DABCE7D4210AA285562F513B921CA0ECE84DFFD0E03DEF1675489F424C157B
SHA-512:	EA659DD7ECD56AFEF32240AB961B330A4D11E4790B1FF3956B24EFBBB81201FB98B07B71AE56C1E8E8AE72031475AC874B52803AA8E12806F01B6C8977D6EE9F
Malicious:	false
Reputation:	unknown
URL:	https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1716471131811-W4pnp5uEimDQiXgyL/public
Preview:	....ftypavif....mif1miaf...hmeta.......!hdlr........pict.................pitm.........,iloc....D...........7.................5....8iinf..........infe........av01.....infe........av01.....iref........auxl..........iprp....ipco....ispe................av1C.?......pixi............av1C........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....ipma.......................<.mdat......?...2.jf.~-... !`......0......>.q...H.LrY.......h.-k{......2.9.i.\...3...-..../S.x.#r..LY./..w..\|n.^z..bm.E......+..j/.\G..>....p'....F.O4T..-....v.^f...J{.x.....".x..d....q.......6.t.~hr..k./+.9.G.h...[...O[.W...:...1k...".q3...H.........%...:..-.....p.p...)...Q..L.62)j....Bz..8S.D.%..J.%.r?v...KXl....p........7i...\|.j..c.2..@.h.}...Fg....a...v.r..F.2.p...-.?._p>V...qpw....... .U.....ev......u4..,..lZ.)...6............Uj..j3..z..Wn...\|.i.e.F.B\....%..G8..H.z.$8..>....:......."!..\..*!2-U.O..........5+.0AwR..qBb...->B....F^v.`.U.......2..y......"e..>G4.N".:.78!..t....m

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	15485
Entropy (8bit):	7.659506840832181
Encrypted:	false
SSDEEP:
MD5:	BB97ADA0A90DE04191B0F88B39FB5619
SHA1:	0AF9D1769D47544B941CDC275A546BA3A0AFA74D
SHA-256:	43377C7802F07613D8D74FC421587D227533CBAE02D40474B3E331C7242A31A3
SHA-512:	CD57AACB47CE84006C1C2BDFA689E2BCFF03F83A42D9C33F04542A7B3511A363610010F83800E97E63D11C7C966EF81E1C701BDAA2C64A0A63E2F549DC8A9B8B
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 25.5 (Windows)" xmp:CreateDate="2024-02-15T11:20:59-05:00" xmp:ModifyDate="2024-05-23T09:16:54-04:00" xmp:MetadataDate="2024-05-23T09:16:54-04:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:2fb1e0fc-dc3d-1a49-878b-c522c1879418" xmpMM:DocumentID="adobe:docid:photoshop:d364a27e-238f-cb4c-8f03-636ff7263df5" xmpMM:OriginalDocumentID="xmp.did:f55a8a

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 7824, version 1.0
Category:	downloaded
Size (bytes):	7824
Entropy (8bit):	7.973973264994348
Encrypted:	false
SSDEEP:
MD5:	AF4D371A10271DAFEB343F1EACE762BC
SHA1:	6D11D743BC3CFB169D70BC86450F18351DC1A905
SHA-256:	60BF0ABA6526436F3930C58C12047687FBB6BFF4DD180CCE4613458ED3439EA2
SHA-512:	98E1D4804A31F0EC40307BB02D7AF0E25E1A01F2D0F69676CD55F97F64A8D50ECFD5BE05525956C4A80BF0D98810BADBB08ACB2927CD78963BCDDE9F96E25BA1
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Preview:	wOF2..............=....?.............................`..T.......6..6.$..h. ..Z....Z0.".8...W..b3..L...P..^.....ZEX..w.a.R...?..~......C`.3f.0.g.j..8"6B.Y.\|.h....%.Y%i.L2..L.'...Ahf.v.......Z.FRQ@B..E.....z.H...6....on..n....3....jz?.c....{J.Yd..T.......o.N../.6..%.@..;..'.N.?......9...S..Ok...."N.I..Zh..tY!._..t.......I....e..R.\|.......Y ...%.BZ..(..A9.T...y.....Ts_n:......o2I[...j....z.x. ....[.a.j^..j..IH....D....g...X\..B..s.a.`...,.l.)a-k@7Pq.,.......C!.\|...\|H.....7S..&...B.H..h..i...0....~..B..l..n.rE.......E..5.XL.d:.cuy..P.l...\|<....B.Qx..%@=..............[..\|P.;f.....z.o...o.Z......3N...}..yv.KOM`...w.V<.................7n..`...H.s...f.{:i....R. .a.&.X..1!....&Y..S..tLY..#.h...!.Fy....91;qi4.+2.?.kBj2;.+...@.MH..^..0&.8...SM.0V....%...@......lHO...]....Z......Je~...:.%..K#z..!A./.51.-..1.ta..8k...c]."."b.B..$+..,..#....x.H..Y...k.I.6....O.AW.....A.;..7.5E..t..*m.P..M.6l..g(0pk(....u.Y...&2.G..d.kE..2.8<.".Mo.....p\[S...Uh+A%.F.][P......r

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	14001
Entropy (8bit):	7.705775798008931
Encrypted:	false
SSDEEP:
MD5:	4C90FF6D82D570542ADC1777338A8E34
SHA1:	C2865E7D40F9D85DF72AFA1462CEB85B3252AA62
SHA-256:	CF951F3A9B42A45A4F114F2CF5F8E50583E4FD15D716275682BFA5E6C8164360
SHA-512:	ED65A7EC15AA0F25527FD52CB3A6091BA1443373EA55BFC46FC2053997E3064BABA054FBD0611AFD172A5D7DAA559EFE582EAE7F0617A42109B0DAEEC2B6FD50
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 25.4 (Windows)" xmp:CreateDate="2024-02-15T11:38:14-05:00" xmp:ModifyDate="2024-05-23T09:17:14-04:00" xmp:MetadataDate="2024-05-23T09:17:14-04:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:a50687b9-5b80-d748-a910-92f8f1c4f2dc" xmpMM:DocumentID="adobe:docid:photoshop:a19cafc1-a142-9244-aba1-f253aaa31553" xmpMM:OriginalDocumentID="xmp.did:3e2716

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3120
Entropy (8bit):	4.76867773890407
Encrypted:	false
SSDEEP:
MD5:	3CB2D424F1081877FA8F811ED11F8FBE
SHA1:	D65FE1B91A6D91FDABE6DF857AFF32A5DD123DD9
SHA-256:	2BDCB9FA5DD542200F23634C45D7AD90D1DBB9252F39CAFCEB81C09FE2383FEE
SHA-512:	02F795E986971635EE0112CEFE37DFC8E46604835E52338A1F472DCC31C001F47D67ED0D068CD781E3CAC3D07DD42CCC064E5EDEA9ED82905145B859C5BFC7D5
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="utf-8"?>.<svg xmlns="http://www.w3.org/2000/svg" id="dorma_x2B_kaba_x5F_4C_x5F_pos" style="enable-background:new 0 0 283.46 30.09;" version="1.1" viewBox="0 0 283.46 30.09" x="0px" y="0px">.<style type="text/css">...st0{fill:#00529C;}...st1{fill:#EE303C;}.</style>.<path class="st0" d="M18.01,8.97c-1.68-1.8-3.96-2.75-6.66-2.75C4.88,6.22,0,11.35,0,18.16c0,6.8,4.88,11.93,11.36,11.93 .c3.36,0,5.06-1.14,6.66-3v2.43h5.42V0h-5.42V8.97z M11.93,24.95c-3.76,0-6.38-2.79-6.38-6.79c0-4,2.62-6.8,6.38-6.8 .c3.76,0,6.38,2.79,6.38,6.8C18.31,22.16,15.69,24.95,11.93,24.95z"/>.<path class="st0" d="M38.56,6.22c-6.95,0-12.19,5.13-12.19,11.94c0,6.8,5.24,11.93,12.19,11.93c6.96,0,12.21-5.13,12.21-11.93 .C50.77,11.35,45.52,6.22,38.56,6.22z M38.56,24.95c-3.84,0-6.63-2.86-6.63-6.79c0-3.94,2.79-6.8,6.63-6.8c3.86,0,6.66,2.86,6.66,6.8 .C45.21,22.09,42.41,24.95,38.56,24.95z"/>.<path class="st0" d="M99.04,6.22c-2.57,0-6,0.66-8.09,3.7c-1.66-2.36-4.41-3.7-7.64-3.7c-1.96,0-4.

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	9
Entropy (8bit):	2.725480556997868
Encrypted:	false
SSDEEP:
MD5:	D71531CCAF0E02DB679345076BA44CE9
SHA1:	A5BE8FA8E7BC168D1275A5459F7F5C4B274255D9
SHA-256:	C1EB22DCF69C5A15B59F3B685B8C7283D9A8B5ACB3A9A9EF1F146837E1E8C713
SHA-512:	C33812747756D2A7CA02BC8FBFD0621F3702C304E0F38ED83873D8E2A47098552FC50FBBE59D43B11ED0113B11F8A44D5BE01A969FB6BD120D2E73BFDA663129
Malicious:	false
Reputation:	unknown
URL:	https://www.convertcalculator.com/api/embed/plan/?calculatorId=syv8wsyHKq9R3WYbs
Preview:	"premium"

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Category:	downloaded
Size (bytes):	15406
Entropy (8bit):	3.8459777441398724
Encrypted:	false
SSDEEP:
MD5:	631DC268D624CA75ED22FD73BAE319E7
SHA1:	BC9913B32BB02768794E4D22096D4E385FAF1CFE
SHA-256:	EE1F1298338FA41E2191CE235095904F29D1679DB479E9F543E14DD9BF769967
SHA-512:	E06D1241BEC45F198FF3C052E52F8199213DDB9EA410AF8A66CCD63B0EED6220A8719BCCD0760001E0D237AC7443B635DC372E9BD442812BD93CC4BC24420EF1
Malicious:	false
Reputation:	unknown
URL:	https://dormakaba-safe-locks.convertcalculator.com/favicon.ico
Preview:	............ .h...6... .... .(.......00.... .h&......(....... ..... ..........................................D/1.C/..D...C...C...D...C/..D/1.........................99..C...D...D...D...D...D...D...D...D...C...99..............99..D...D...D...D...D...D...D...D...D...D...D...D...99..........C...D...D...D...D...D...D...D...D...D...D...D...D...C.......D/1.D...D...aN..........[G..D...P<...........p_..D...D/1.C/..D...R>......q..H3....z..D/........M8..o^....D...C/..D...D.......D...D...T@..R>..hW......D...D...K6..[H..D...D...C...D.....v..D...D...D...D...w....D...D...D...D...D...C...C...D.....u..D...D...D...D...w....D...D...D...D...D...C...D...D.........D...D..._M..Q=..eS......D...D...S?..]J..D...D...C/..D...O:......s..L7....ra..D.........P;..v....D...C/..D/1.D...D...ZG..........XD..D...L7...........o^..D...D/1.....C...D...D...D...D...D...D...D...D...D...D...D...D...C...........99..D...D...D...D...D...D...D...D...D...D...D...D...99..............9

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (32599)
Category:	dropped
Size (bytes):	1379764
Entropy (8bit):	5.628059522839741
Encrypted:	false
SSDEEP:
MD5:	349C6A6E39641D4F5C369CE34743A1D8
SHA1:	08FCEEB1AB3FAF2823B853DC9C422D6C863A2558
SHA-256:	09D35590A6CD320232B35F0BDDC19331E69D599EA8752B777F914E8822443E0F
SHA-512:	5F31A183E49F3E6681CBABEE8C8C3127B74402D452F84566F591619478AFADDAA778B9CFBB620F45CB1B8499516D9C0DFF2C357B3F1206CFD02B17DA840B8808
Malicious:	false
Reputation:	unknown
Preview:	!function(){var e,t,n,r,i,o,a,l,s={9419:function(e,t){"use strict";function n(){return(n=Object.assign\|\|function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var r in n)Object.prototype.hasOwnProperty.call(n,r)&&(e[r]=n[r])}return e}).apply(this,arguments)}function r(){return n.apply(this,arguments)}Object.defineProperty(t,"Z",{enumerable:!0,get:function(){return r}})},3903:function(e,t){"use strict";function n(e){return e&&e.__esModule?e:{default:e}}Object.defineProperty(t,"Z",{enumerable:!0,get:function(){return n}})},387:function(e,t){"use strict";t.Z=function(e,t){if(e&&t){var n=Array.isArray(t)?t:t.split(","),r=e.name\|\|"",i=(e.type\|\|"").toLowerCase(),o=i.replace(/\/.$/,"");return n.some(function(e){var t=e.trim().toLowerCase();return"."===t.charAt(0)?r.toLowerCase().endsWith(t):t.endsWith("/")?o===t.replace(/\/.*$/,""):i===t})}return!0}},7860:function(e,t){var n,r;n=[e,t],void 0!==(r=(function(e,t){"use strict";var n,r,i="function"==typeof Map?new Map:(n=[],r=[]

Chrome Cache Entry: 76

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (55494)
Category:	downloaded
Size (bytes):	183369
Entropy (8bit):	5.60745321937651
Encrypted:	false
SSDEEP:
MD5:	1D3E7347DE1D51A0C62C421097302B14
SHA1:	CE3377F47651E8FAFE85E622A13288ABCD6BD19E
SHA-256:	C4D0813C06F006575BD4B81C621F37238EF9A714C1C7AB0EF3C724C5B08E8AB2
SHA-512:	F76D4966309F9256D0A6588D790BD78425C2466D01842B60845B05807E4964F307C0CCD429B3F31020473A1C4C456644BB316619F0CF8A95DAD898C75777CD25
Malicious:	false
Reputation:	unknown
URL:	https://worker.convertstaging.com/dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/assets/worker.js
Preview:	var tx=Object.create;var Ku=Object.defineProperty;var rx=Object.getOwnPropertyDescriptor;var nx=Object.getOwnPropertyNames;var ox=Object.getPrototypeOf,ix=Object.prototype.hasOwnProperty;var zu=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(n,i)=>(typeof require<"u"?require:n)[i]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var P=(t,n)=>()=>(n\|\|t((n={exports:{}}).exports,n),n.exports);var sx=(t,n,i,s)=>{if(n&&typeof n=="object"\|\|typeof n=="function")for(let u of nx(n))!ix.call(t,u)&&u!==i&&Ku(t,u,{get:()=>n[u],enumerable:!(s=rx(n,u))\|\|s.enumerable});return t};var tt=(t,n,i)=>(i=t!=null?tx(ox(t)):{},sx(n\|\|!t\|\|!t.__esModule?Ku(i,"default",{value:t,enumerable:!0}):i,t));var Rf=P((uT,Lf)=>{var qx=typeof global=="object"&&global&&global.Object===Object&&global;Lf.exports=qx});var uo=P((fT,If)=>{var Wx=Rf(),Gx=typeof self=="object"&&self&&self.Object===Object&&self,$x=Wx\|\|Gx\|\|Functi

Chrome Cache Entry: 80

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	57
Entropy (8bit):	4.291688760972385
Encrypted:	false
SSDEEP:
MD5:	8681F41444EC5DE5F6D1FEBE6300F9D7
SHA1:	E81E964E8BCFCD59F2780CA631646EC9765F2609
SHA-256:	30562844A46BC2155EC095C5B2BC83FB3D02F888FEB72B83F38E16581315470C
SHA-512:	79C0FCE7ABC57423ECAD674045F701EAE75DD34412A12187A9B21745C57939B30F8F917EEA2A1C707538C3F2CD4A8D595A7DE0B8B19B3898007AEEBAF7657205
Malicious:	false
Reputation:	unknown
Preview:	{"status":"error","message":"GET not allowed","code":405}

Chrome Cache Entry: 81

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	17284
Entropy (8bit):	7.82730747471035
Encrypted:	false
SSDEEP:
MD5:	9D4EA315D0011C4C684EB97DAE242B52
SHA1:	A7E2C26FD67B9CA40AA6B5F28857E341B39BDB21
SHA-256:	D651C38BDB518C150A4A56F035806686D8DA056C75DD801C9F8094596CF52A64
SHA-512:	4DCBFF312B530D8BB9583B22B63600A9A2FB1C64A75E2C1DDEE7450FD6435079CF0C95320F55EF6A06834B8BB41A3F3C0829659404E2102F6BE1A97E5BABA304
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 25.4 (Windows)" xmp:CreateDate="2024-02-15T11:25:29-05:00" xmp:ModifyDate="2024-05-23T09:30:29-04:00" xmp:MetadataDate="2024-05-23T09:30:29-04:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:e9a4f505-3f67-414e-aac7-42a0d7ea5a95" xmpMM:DocumentID="adobe:docid:photoshop:3227ef5c-5db1-a44e-a406-24a4e45cdf19" xmpMM:OriginalDocumentID="xmp.did:e29ed6

Chrome Cache Entry: 82

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	10339
Entropy (8bit):	7.61219035078832
Encrypted:	false
SSDEEP:
MD5:	DFE92A44909D902CD34E75E5DC567651
SHA1:	738BAB052CDB9C83FE18311DC42456A6EEF7BFD6
SHA-256:	BBA584DF3699C17AEAEA9D272258644DDCF719FE651BA1793E939F0ED7D16B40
SHA-512:	D558683EE8329F0F8D3E813337716BC386E72D50555F0BB8CFCB7A6F054BB54D5A1A0B520C749CC2B1348EECEE64A815D47130353D23332D4EC573D4E156FC55
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 25.4 (Windows)" xmp:CreateDate="2024-02-15T11:39:35-05:00" xmp:ModifyDate="2024-05-23T09:16:43-04:00" xmp:MetadataDate="2024-05-23T09:16:43-04:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:4c53a296-fe8c-274b-bab6-ae93d0e20b12" xmpMM:DocumentID="adobe:docid:photoshop:adc5e842-f1d7-f947-ad36-f38676266b54" xmpMM:OriginalDocumentID="xmp.did:031ced

Chrome Cache Entry: 83

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	52
Entropy (8bit):	3.8542858719872464
Encrypted:	false
SSDEEP:
MD5:	957E6BD86E7BB8F29D838291B6716401
SHA1:	E721F546D89076F05A71FA0D13DE5DD96F193102
SHA-256:	3DD0C1587475C66B12537772909D9DA3E398E191461527C48B18CA2B692B845B
SHA-512:	19E2A97975F2F7DA2F0144F362FE8AFFF3692D068E39027885D296A4F9AA601E36DB811522C653FA2F9793096B6AC6C815525C82854361DCCBDE35FF3A3772DA
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSJQlPGlMt5zEKrxIFDZFhlU4SBQ2RYZVOEgUNkWGVThIFDZFhlU4=?alt=proto
Preview:	CiQKBw2RYZVOGgAKBw2RYZVOGgAKBw2RYZVOGgAKBw2RYZVOGgA=

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	17907
Entropy (8bit):	7.8365929044167775
Encrypted:	false
SSDEEP:
MD5:	7CE767B4C34CD5CAE4B0F26770FEA049
SHA1:	D0B459ACB77FB177DD8A97847BB11568669F3508
SHA-256:	27BE20ED376A44E777D49B94F8FAAE97084CBCFE931401368E7006FC76EE56E7
SHA-512:	FAE2797E822132F101AB2781D5E707C54C1FF090FB51545D3A107F16320A5CB7B6AC0C64510F5F8BBD3CB191362DF0EA89C11014BECED74D78C5400736C5F752
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 25.4 (Windows)" xmp:CreateDate="2024-02-15T11:25:29-05:00" xmp:ModifyDate="2024-05-23T09:31:10-04:00" xmp:MetadataDate="2024-05-23T09:31:10-04:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:f0113028-f193-0947-9615-346caa964f7c" xmpMM:DocumentID="adobe:docid:photoshop:cc33cf23-f34c-b644-81fb-c8442e217fd3" xmpMM:OriginalDocumentID="xmp.did:e29ed6

Chrome Cache Entry: 85

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	8784
Entropy (8bit):	7.935835102933212
Encrypted:	false
SSDEEP:
MD5:	930A95248C314192EE24CD3310F22610
SHA1:	9FA63E45B33AEBE3B131FD7B22455B2CF210BA2B
SHA-256:	48BFC0280DFD291A97ADC13F65E8AE54018D0ECDBE2F93DE8E8AB1F8378C823B
SHA-512:	F8267E945D8C79A9C751E9632C3441638C74E4335200EF1AC714AE696E3B1455FB5A7132152222A61496C06D5172D264399076967730E3075D43020CCA043CA8
Malicious:	false
Reputation:	unknown
URL:	https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1716471120925-WKxRkfdqcPccCh5Ri/public
Preview:	....ftypavif....mif1miaf...hmeta.......!hdlr........pict.................pitm.........,iloc....D..............................D...8iinf..........infe........av01.....infe........av01.....iref........auxl..........iprp....ipco....ispe................av1C.?......pixi............av1C........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....ipma....................... .mdat......?...2.:f.z-...@!p......\|......>.q...H.LrY.......h.-t...k9Z....q.6.{x.\......#V..".,l....7..3..-..2.K.........fHWj.>.J..Z....r..<.M`........[gN..,..G...H......~... j"G=... .T1...SP.FZ-al...E...g~&.gc..."q........:..s..dE.>o...eaMt..<.~.,.M.....k....A.......^.F.+.v...z.^x........._...1Fc..@y..Sz.o.::.....&....$...q...IQ=.\|Xz.4...1(..2.....p.........)w......0k........Q...F.......)...=..~.G%..P....e\|...V.......F...0...[.ZY0..>.......G.X$...H4G...xK.H.......L._.5V.Y.7.....Qpe.........c..D.C...J...b.k..t.*V...[.......Jp5.......;......@Ox....Wy...%\.........&.........

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 615828, version 1.0
Category:	downloaded
Size (bytes):	615828
Entropy (8bit):	7.999253824042487
Encrypted:	true
SSDEEP:
MD5:	DC5D7AAE5636974D5E7C08E36F659B0A
SHA1:	2393A0677F3662694E4954D4472107ADD4D0AB26
SHA-256:	D2F6430C5B37BF086DABB4C6379AD4BC976047266DA7C008677BB5943BF75CC5
SHA-512:	097D97277BEAC89854F4F058E03F7D694523CA475319D939D572F94D016917216EB71EB671D5222C1B6B2084A411B3A581A58B921FD4C15F92F2D9016058437E
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/materialsymbolsoutlined/v210/kJF4BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p5Y0.woff2
Preview:	wOF2......e.......F...e+.............................`?STAT.D'&..`/\.....\.....$.0..H.6.$..R. ..T...{....... RDw..BJ.M...h....P...t.P..._.J4D..KQ...#r_.T.....t.{f....M.....e...........K....g.v..wa....Z..\|...4.RK..5.Z.....).4.e."...:].#}e.{Pn...#b.D..y5.$:.#.........'.J.'jd^.b..W...:]8N....n.\........r...9Bd...O.'.e.?......}.!{[6"..cD....J.).DB.>\.bO..e.....)..."..aEXi.c....B...=...5.:.O5.]"P.S.h\.?.^....+.......\|F....)...3w...5..c...C&..7...R.#.R..+..........q.9..:<..P..x?.vm.f.a...'....sW.4...M.......%?f.......OP.WlE.@...ya/..yaD..=..F.G500jm_.q...<.r..)}.1c..".8a..Qv......V...C./B8.!.g.g.n.{z..Y...~7...D,...0.^...'5.l.5.D.wF....5.<.Ra~...PU..>6.......Q..T......q4.4.._W..S!..1..#DX.N .F..... gdq6;]._...x..{p.....?^.fP....l......Y]..0....xG.k..y....z.th.q.C.r...G..E..ao.`Q2.+........P#..Y..QH....).m.H.f..,....X.0e..JJv\.S..eE...".lq.~.m;.]...).c T...34E@G.(.E..N.....T.NWS\|.&..5..#....t...-.+.O....)$.0........m.j..........9.a3.y~Bm....Z.Ol.....N...

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (10747)
Category:	downloaded
Size (bytes):	29135
Entropy (8bit):	5.496768426749857
Encrypted:	false
SSDEEP:
MD5:	2F4FA383CAAE30D6C7BDD891FE8DEB84
SHA1:	2468F16816994E5CFB8273236CDE507891387F40
SHA-256:	6426D3B16759A8ABA01CDF19D886C844304C1DBDA0D1B9135E27E7D5E922F2B8
SHA-512:	E53A5D0ABD23FEEE6BD0FB19FFF305A4A6B9F59B05C57CC451C311C37E1C18AE8FC4C0A03885CD2D2D98DEDEDCDFECB4B243AA3B43E5F14FF6279B7C2AA7C811
Malicious:	false
Reputation:	unknown
URL:	https://dormakaba-safe-locks.convertcalculator.com/apexx-ip-calculator/
Preview:	. <!DOCTYPE html>. <html lang="en">. <head>. <meta charset="utf-8" />. <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1.0, user-scalable=no" />. <title>Axessor Apexx IP Calculator</title>.. <meta name="description" content="Transition to Secure Remote Lock Management with Axessor Apexx from dormakaba" />. <meta name="image" content="https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1709762569113-BsoE2nNbvjqN77beT/public" />.. <meta property="og:title" content="Axessor Apexx IP Calculator" />. <meta property="og:description" content="Transition to Secure Remote Lock Management with Axessor Apexx from dormakaba" />. <meta property="og:image" content="https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1709762569113-BsoE2nNbvjqN77beT/public" />.. <meta name="twitter:title" content="Axessor Apexx IP Calculator" />. <meta name="twitter:descripti

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	14668
Entropy (8bit):	7.659565547183798
Encrypted:	false
SSDEEP:
MD5:	049026FD09CBC73FB6462BD6B70EB597
SHA1:	6D0C05174179BABB2BA6CE78439AC6F63AF95AFB
SHA-256:	09B8815139D310A5341B59701EBD5D9A35DFAFA145374AF39C570CC1D00E22F3
SHA-512:	5BF01BA1428281A991019F29576872D90F0047B50E76733BF261C0FD757A71F8A34EFEFD04466642A9E543C7C3239146602A42E0621B14531DC3174140E4E048
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 25.5 (Windows)" xmp:CreateDate="2024-02-15T11:27:55-05:00" xmp:ModifyDate="2024-05-23T09:17:23-04:00" xmp:MetadataDate="2024-05-23T09:17:23-04:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:ed695d1a-1bfd-114b-a104-5e0c7c50ba8c" xmpMM:DocumentID="adobe:docid:photoshop:0e1ac18f-1f76-9045-9fdc-3876addca709" xmpMM:OriginalDocumentID="xmp.did:6d4e55

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	8264
Entropy (8bit):	7.92585197788656
Encrypted:	false
SSDEEP:
MD5:	3C0B5D4B578F995655201EC249BB8974
SHA1:	6588E8322523FE8221869DBF112B095BCDE2E4F5
SHA-256:	57A73565C853CDD8850E1C6789FAE7F2D6FFF43469C164DDD5F53B88ADB6F67F
SHA-512:	96E575AF865B39986C33F73BB74AB631950AD46DDCAEFFAEA1458FCE836FC5BF681FF872999424F7BC27272BE8D28332E3DCC30594E946B9D3B64D35517F8712
Malicious:	false
Reputation:	unknown
URL:	https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1716471097807-eBJuRmeTaXwoyqo8v/public
Preview:	....ftypavif....mif1miaf...hmeta.......!hdlr........pict.................pitm.........,iloc....D............G.....................8iinf..........infe........av01.....infe........av01.....iref........auxl..........iprp....ipco....ispe................av1C.?......pixi............av1C........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....ipma.........................mdat......?...2.5f.v1...`!.......~......>.q..\|BH.LrY.......h.-t...k9Z....q.6.{x.\......!...".,l....7..3..-..2.K.........fHWj.>.J..Z....r..<.M`........[gN..,....,?.e.J...tI.\|....-_....).%.c"@.......oh/(h....&..>).!....E..W.=..X...[.......W.\|...S.p..IB`.8]........Y....j.....^U...Y:J......#.RFZ. .u:t...<..6...U.hT.t.....R.....z...y.I...\|....h=..)..0....Z\|.1.$.a..x%.uA......<..}y..q..1.04+u.`97..B(......}.b.."2$.......'..Vr".t3.....uGQ..`..G........sJ..Z.j.tkC$..7..D...0..8[.....4..o..0..]...........P9.s...'...j.{.d-!...5R(..t......S..Q...:....10......`Uhj.ek..B.y.C....v`

Chrome Cache Entry: 90

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	9160
Entropy (8bit):	7.940272604098686
Encrypted:	false
SSDEEP:
MD5:	D48A97A604F3CCFF0DEBB7314FA6612A
SHA1:	139C7548A035EF2F63BAEE9FF41A88C885129D75
SHA-256:	48292D822BE2A85C4D6DB19F45A097527027E5CB6620E5ADFF0FAB68F1BB02F2
SHA-512:	D25C68D6298C96A98C64E89772B6B7B42F9F9EA7F2947273B4F1AEE38F7EC53DDED43243C869A78572F17B98FC8C00BC7904F223D29D52E9D1FD732C4CCC6708
Malicious:	false
Reputation:	unknown
URL:	https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1716470422544-QWm7etrJYXuQAqKSy/public
Preview:	....ftypavif....mif1miaf...hmeta.......!hdlr........pict.................pitm.........,iloc....D............n...Z.................8iinf..........infe........av01.....infe........av01.....iref........auxl..........iprp....ipco....ispe................av1C.?......pixi............av1C........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....ipma......................."Hmdat......?...2.7f.~-...@!`...........8.>.q..\|BH.LrY.......h.-k{....$.:..S$..%.2......h.-...Q..aj{.9Z.FDaA\....-....k`.x..G.Y..I....2...?....4.:^%L?.j.....B[N..I_jU.w...E#~.....INm..D:.%)-W....L[.nF......x..{..<../j.Z...@.<.Y....n,.N..~......x....,. ......%\x$.WA...p9...>)D.l....#.S.k-El.{(. .V.5....yX.`c....%tKtU?.L....qh}.YP.O...._l.T.-m$...p:.`...D.j\|.Rx...;J_.Z.."eW...,..}<.$.:..K.p.v..`A......E.X..1......Q.!...0..K.;..D..Ag..`...P.m.>Bk...-....E.".......S.%d..q.b.)Y.l...<..Fy.....Mt.K.,3..y.../.)..7.{Q5(.s@...]..4#........ZBq6L.o.@....N.!ri..0cuR.Z...E..O...j..N..4....

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	4804
Entropy (8bit):	7.858597534391227
Encrypted:	false
SSDEEP:
MD5:	57586EB2E95C75D82EB863A185468EBD
SHA1:	7FCB702E354B217814D791099BFEC35EDB460BF7
SHA-256:	99235E3509C01419A445B23AD1D434A98E991A3733F538FD29BB6B5364824F3B
SHA-512:	AEDACA1A5FD9AA064EB4E7270440D7BB5A2467E9BF49414952B4AE10AFFCDEF2421C84F84B06534A5B3D8537FB6D5BE9DF0A300CF5D016506788BB9DD077851C
Malicious:	false
Reputation:	unknown
URL:	https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1716470358124-LA4vJyQRiA3jwv7Gk/public
Preview:	....ftypavif....mif1miaf...hmeta.......!hdlr........pict.................pitm.........,iloc....D..............................>...8iinf..........infe........av01.....infe........av01.....iref........auxl..........iprp....ipco....ispe................av1C.?......pixi............av1C........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....ipma........................Dmdat......?...2..f.n1.... .............^.>.q..\|BH.LrY.........gD...u=...N.Eo,...h...)Q(YF8{....g.\..j...&..4.9..n.......S`.7.../j....sk^.].Zg..v9`/U.]....#..OZTf<K.._.Z.e/r)..n...7mp.O.7...4wk....R.!....C.No.....o...L.V...9...^.Y.Hxw....p.....(.....53 /.1E.C....8.NM.50.J..#Z<.[.q...okx+.\C.K...5./ ....3..B.8....R..0...~.r...B.....J....F.L...o?PMZ........%dw..8..Oy.42..3I.-.dE2.V&\|(........_.....Qx..v.E.r.C.4.?9F&k...tb.v6.4..d..C.D...#.o..........m.)..F$#N.(..M.\|.b..4...B.wI.......xj....*..l.$)..w..?6>l......0.i._......T.U.3.".}..6@..wqi\o[.C.q..ds).+%y......&..t...Tn.r8...K...x

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	5
Entropy (8bit):	2.321928094887362
Encrypted:	false
SSDEEP:
MD5:	68934A3E9455FA72420237EB05902327
SHA1:	7CB6EFB98BA5972A9B5090DC2E517FE14D12CB04
SHA-256:	FCBCF165908DD18A9E49F7FF27810176DB8E9F63B4352213741664245224F8AA
SHA-512:	719FA67EEF49C4B2A2B83F0C62BDDD88C106AAADB7E21AE057C8802B700E36F81FE3F144812D8B05D66DC663D908B25645E153262CF6D457AA34E684AF9E328D
Malicious:	false
Reputation:	unknown
URL:	https://www.convertcalculator.com/api/embed/disabled/?calculatorId=syv8wsyHKq9R3WYbs
Preview:	false

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	13243
Entropy (8bit):	7.6420362171443
Encrypted:	false
SSDEEP:
MD5:	68EF777986A830248510089AEBC6B661
SHA1:	F627C4C7959D30AD88F333C76CE0798F02F6CE09
SHA-256:	A085D92F8422DABA914C13F28632FCD6DE86204677849106407B9B40F3DF4F89
SHA-512:	2B25228CA7D7A0592146EB109675219AD0F7D3FF4A62C190C976BBCB7291AC7E74078EEC9D296F70073A0B44CCC437FFC304AB133FE41CD9212B4A260D40D91F
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 25.4 (Windows)" xmp:CreateDate="2024-02-15T11:32:22-05:00" xmp:ModifyDate="2024-05-23T09:27:48-04:00" xmp:MetadataDate="2024-05-23T09:27:48-04:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:90a89870-26a8-0f49-800e-d457ad3d5843" xmpMM:DocumentID="adobe:docid:photoshop:5be96977-9513-4e4d-bac6-3d45f6291d67" xmpMM:OriginalDocumentID="xmp.did:c90b4d

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	11447
Entropy (8bit):	5.509256407881981
Encrypted:	false
SSDEEP:
MD5:	27A9207A02A236F50633F29810E61667
SHA1:	401A0448204B681D40A58556EDC17A20539A9E96
SHA-256:	1122AE372F9FAAD0733EEB68861EC214DE496B81CAE4EA903BA9D28C58AFF30D
SHA-512:	FC0DB4AF22B4C6DB4BEF4B4234B85110C8816AD41330856C6E70DC2649753F596FD3FB090D1C32DB1C847EC67053825BA6A9FEE963FF01CA71CE55663069A57D
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900\|Material%20Symbols%20Outlined:100,200,300,400,500,600,700,800,900"
Preview:	/* fallback /.@font-face {. font-family: 'Material Symbols Outlined';. font-style: normal;. font-weight: 100;. src: url(https://fonts.gstatic.com/s/materialsymbolsoutlined/v210/kJF4BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p5Y0.woff2) format('woff2');.}./ fallback /.@font-face {. font-family: 'Material Symbols Outlined';. font-style: normal;. font-weight: 200;. src: url(https://fonts.gstatic.com/s/materialsymbolsoutlined/v210/kJF4BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p5Y0.woff2) format('woff2');.}./ fallback /.@font-face {. font-family: 'Material Symbols Outlined';. font-style: normal;. font-weight: 300;. src: url(https://fonts.gstatic.com/s/materialsymbolsoutlined/v210/kJF4BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p5Y0.woff2) format('woff2');.}./ fallback */.@font-face {. font-family: 'Material Symbols Outlined';. font-style: no

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO Media, AVIF Image
Category:	downloaded
Size (bytes):	10101
Entropy (8bit):	7.94373997982108
Encrypted:	false
SSDEEP:
MD5:	C6AC990005BD61D260E673A21914AF3B
SHA1:	869408183470DABAA700A4636DDBDCC3C9C655D0
SHA-256:	6ADB545E93C0851817F8CD40CFF21C38F731859D7B06C8BE7B5212BDE51F69CE
SHA-512:	65316AF22DAD8DB8825FA051D044B794533E686267C945C74BD059A7D83F07CD0E5B836BEEA7D1C463224CF2041F56C36E87924A321CCD19BAE8E5272A9E9E9A
Malicious:	false
Reputation:	unknown
URL:	https://imagedelivery.net/RxM-_yk1wsGjVidUVgzK1A/E4vjC4aDj8NWMLGkb-1716470343469-pqsxMSnbbZXwGf4tp/public
Preview:	....ftypavif....mif1miaf...hmeta.......!hdlr........pict.................pitm.........,iloc....D...........!2...C.................8iinf..........infe........av01.....infe........av01.....iref........auxl..........iprp....ipco....ispe................av1C.?......pixi............av1C........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....ipma.......................%.mdat......?...2.?f.z-...@!p.............>.q...H.LrY.........gD...u=.........^...:.....1&]-.z..\.B..?.,.bAn..."..Hub...C.&....0..D%@.c?..[..nw>.N.bn...Y=...4]....PI.p.5..[..MR..C..z.`^:H......;IB@...z/......~K&.g...l...JA.~.C...U.,8o..O`....... J...y..zm..E..g.4.T6q-.......HTn-h.\|..L...R..C.x.P..a...O..U....$\|3.....J:'!....yw........;$j>..(c..+..n..j>t$............P..3............U.D\..<..Wt...t...v......:?.a`....^\Q...Z.KkY...$..\...X.P..2."..4D..S.K.Q....b.....$..=..M....V.....O.s.....e8-.......\Sm.(,.oUK.U...[....2.U.#i...H..>5.+9.1....aI8.b'..X.Tf......Lma..>E.9B..

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	11261
Entropy (8bit):	7.536286575468149
Encrypted:	false
SSDEEP:
MD5:	A7D04621431545F150B205F5E3788D49
SHA1:	F68CD6DD10FF23C0A88CFD8B630EDAD5B0870B82
SHA-256:	0DACAA5C1E50BBC95F5C251B66D029E13EAEDCB9C6FDF908576B197AD1A9CCF5
SHA-512:	3CC46525AA583518D05DF6FCFA11CB3BB82AC8E04F1216026E4EE9128DD454EF8263D5EEEA8AFC2B3EABE15B63F11C6CB0516F825F06F3CB608357F4A4A92A81
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............x......pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.a6a6396, 2024/03/12-07:48:23 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop 25.4 (Windows)" xmp:CreateDate="2024-02-15T11:32:22-05:00" xmp:ModifyDate="2024-05-23T09:25:53-04:00" xmp:MetadataDate="2024-05-23T09:25:53-04:00" dc:format="image/png" photoshop:ColorMode="3" xmpMM:InstanceID="xmp.iid:a80cf284-037a-b945-a682-3c9e1073fbf5" xmpMM:DocumentID="adobe:docid:photoshop:f9222abd-23a3-de45-b4ee-0d22604356c6" xmpMM:OriginalDocumentID="xmp.did:c90b4d

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://dormakaba-safelocks.link/Apexx-Calculator

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 76

Chrome Cache Entry: 80

Chrome Cache Entry: 81

Chrome Cache Entry: 82

Chrome Cache Entry: 83

Chrome Cache Entry: 84

Chrome Cache Entry: 85

Chrome Cache Entry: 86

Chrome Cache Entry: 87

Chrome Cache Entry: 88

Chrome Cache Entry: 89

Chrome Cache Entry: 90

Chrome Cache Entry: 92

Chrome Cache Entry: 93

Chrome Cache Entry: 94

Chrome Cache Entry: 95

Chrome Cache Entry: 97

Chrome Cache Entry: 99

Static File Info

Windows Analysis Report
https://dormakaba-safelocks.link/Apexx-Calculator