Edit tour

Windows Analysis Report
https://links.twiliocdn.com/ls/click?upn=u001.s8B7Bdj-2BO6qOEbA-2BPKse2Z7fYxO9q1PAYKGQzEiFp-2FQBq-2BFpel8VkcfovM37GnWPMnODh7DjfGMugIPNcd8ltt5eAz3eLThOPRhxCnpkpwSoLZsid6F00t-2FjbyOU-2F93X804pv1CgFCLbmObbTHc4xs2oFf5JAweFiVi0KRXNOqc-3DGElV_ZsZNk9I-2BWKUMcOn-2FYMXK2VNILsetvczk0qkDBnt1Q-2Bg8MpLl8s0WAV-2B

Overview

General Information

Sample URL:	https://links.twiliocdn.com/ls/click?upn=u001.s8B7Bdj-2BO6qOEbA-2BPKse2Z7fYxO9q1PAYKGQzEiFp-2FQBq-2BFpel8VkcfovM37GnWPMnODh7DjfGMugIPNcd8ltt5eAz3eLThOPRhxCnpkpwSoLZsid6F00t-2FjbyOU-2F93X804pv1CgFCLbmO
Analysis ID:	1528321

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6916 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 7140 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1992,i,17230193469261584993,1645474160486249686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6816 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://links.twiliocdn.com/ls/click?upn=u001.s8B7Bdj-2BO6qOEbA-2BPKse2Z7fYxO9q1PAYKGQzEiFp-2FQBq-2BFpel8VkcfovM37GnWPMnODh7DjfGMugIPNcd8ltt5eAz3eLThOPRhxCnpkpwSoLZsid6F00t-2FjbyOU-2F93X804pv1CgFCLbmObbTHc4xs2oFf5JAweFiVi0KRXNOqc-3DGElV_ZsZNk9I-2BWKUMcOn-2FYMXK2VNILsetvczk0qkDBnt1Q-2Bg8MpLl8s0WAV-2BDTdcA1B04hx8sA-2BW0GxVYvh2qVpF6F65Gu9V4sDAY92xxVGKz5-2FPm7g3NnjmMHPLLko1n0yo8zXU96ib-2Fkd2UlSpKM7-2FtLOgBRnY6kYZKdEH0u7WVzj7SB1RusturLTNUo-2Fc2xD3-2Bue1X-2FXpLb7JXVjEC8KMHbkSDIFrk6iWY7B-2FVB2-2FJ2iI-3D" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://support.twilio.com/hc/en-us/articles/360022561474-How-to-Read-the-Twilio-Invoice-CSV-Supplement

HTTP Parser: Base64 decoded: 1728321566.000000

Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49779 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49790 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: links.twiliocdn.com
Source: global traffic	DNS traffic detected: DNS query: support.twilio.com
Source: global traffic	DNS traffic detected: DNS query: static.zdassets.com
Source: global traffic	DNS traffic detected: DNS query: cloud.typography.com
Source: global traffic	DNS traffic detected: DNS query: s3.amazonaws.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: assets.zendesk.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: d3hjue7omxs01q.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: p5.zdassets.com
Source: global traffic	DNS traffic detected: DNS query: twilio.zendesk.com
Source: global traffic	DNS traffic detected: DNS query: s.swiftypecdn.com
Source: global traffic	DNS traffic detected: DNS query: cdn.heapanalytics.com
Source: global traffic	DNS traffic detected: DNS query: heapanalytics.com
Source: global traffic	DNS traffic detected: DNS query: cc.swiftype.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:49779 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49790 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/41@46/99

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1992,i,17230193469261584993,1645474160486249686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://links.twiliocdn.com/ls/click?upn=u001.s8B7Bdj-2BO6qOEbA-2BPKse2Z7fYxO9q1PAYKGQzEiFp-2FQBq-2BFpel8VkcfovM37GnWPMnODh7DjfGMugIPNcd8ltt5eAz3eLThOPRhxCnpkpwSoLZsid6F00t-2FjbyOU-2F93X804pv1CgFCLbmObbTHc4xs2oFf5JAweFiVi0KRXNOqc-3DGElV_ZsZNk9I-2BWKUMcOn-2FYMXK2VNILsetvczk0qkDBnt1Q-2Bg8MpLl8s0WAV-2BDTdcA1B04hx8sA-2BW0GxVYvh2qVpF6F65Gu9V4sDAY92xxVGKz5-2FPm7g3NnjmMHPLLko1n0yo8zXU96ib-2Fkd2UlSpKM7-2FtLOgBRnY6kYZKdEH0u7WVzj7SB1RusturLTNUo-2Fc2xD3-2Bue1X-2FXpLb7JXVjEC8KMHbkSDIFrk6iWY7B-2FVB2-2FJ2iI-3D"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1992,i,17230193469261584993,1645474160486249686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
cdn.heapanalytics.com	18.172.153.90	true	false	unknown
a.nel.cloudflare.com	35.190.80.1	true	false	unknown
twilio.zendesk.com	216.198.54.1	true	false	unknown
external-svc-dal.swiftype.net	169.63.31.198	true	false	unknown
cf.zdassets.com	104.18.70.113	true	false	unknown
links.twiliocdn.com	104.22.59.219	true	false	unknown
heapanalytics.com	54.204.108.254	true	false	unknown
static.zdassets.com	104.18.70.113	true	false	unknown
d3hjue7omxs01q.cloudfront.net	216.137.34.122	true	false	unknown
s3.amazonaws.com	54.231.192.208	true	false	unknown
cdnjs.cloudflare.com	104.17.24.14	true	false	unknown
p5.zdassets.com	104.18.70.113	true	false	unknown
www.google.com	142.250.185.68	true	false	unknown
cloud.typography.com	unknown	unknown	false	unknown
s.swiftypecdn.com	unknown	unknown	false	unknown
assets.zendesk.com	unknown	unknown	false	unknown
cc.swiftype.com	unknown	unknown	false	unknown
support.twilio.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://support.twilio.com/hc/en-us/articles/360022561474-How-to-Read-the-Twilio-Invoice-CSV-Supplement	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
23.201.250.36	unknown	United States	16625	AKAMAI-ASUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
142.250.74.202	unknown	United States	15169	GOOGLEUS	false
142.250.185.68	www.google.com	United States	15169	GOOGLEUS	false
151.101.1.167	unknown	United States	54113	FASTLYUS	false
13.32.27.35	unknown	United States	7018	ATT-INTERNET4US	false
74.125.71.84	unknown	United States	15169	GOOGLEUS	false
44.198.98.199	unknown	United States	14618	AMAZON-AESUS	false
142.250.185.238	unknown	United States	15169	GOOGLEUS	false
104.22.59.219	links.twiliocdn.com	United States	13335	CLOUDFLARENETUS	false
54.204.108.254	heapanalytics.com	United States	14618	AMAZON-AESUS	false
54.231.192.208	s3.amazonaws.com	United States	16509	AMAZON-02US	false
169.63.31.198	external-svc-dal.swiftype.net	United States	36351	SOFTLAYERUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.18.70.113	cf.zdassets.com	United States	13335	CLOUDFLARENETUS	false
216.137.34.122	d3hjue7omxs01q.cloudfront.net	United States	8014	BATELNETBS	false
216.198.54.1	twilio.zendesk.com	United States	7321	LNET-ASNUS	false
216.198.53.1	unknown	United States	7321	LNET-ASNUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
18.172.153.90	cdn.heapanalytics.com	United States	3	MIT-GATEWAYSUS	false
172.217.16.195	unknown	United States	15169	GOOGLEUS	false
151.101.129.167	unknown	United States	54113	FASTLYUS	false

Private

IP
192.168.2.17

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1528321
Start date and time:	2024-10-07 19:18:20 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://links.twiliocdn.com/ls/click?upn=u001.s8B7Bdj-2BO6qOEbA-2BPKse2Z7fYxO9q1PAYKGQzEiFp-2FQBq-2BFpel8VkcfovM37GnWPMnODh7DjfGMugIPNcd8ltt5eAz3eLThOPRhxCnpkpwSoLZsid6F00t-2FjbyOU-2F93X804pv1CgFCLbmObbTHc4xs2oFf5JAweFiVi0KRXNOqc-3DGElV_ZsZNk9I-2BWKUMcOn-2FYMXK2VNILsetvczk0qkDBnt1Q-2Bg8MpLl8s0WAV-2BDTdcA1B04hx8sA-2BW0GxVYvh2qVpF6F65Gu9V4sDAY92xxVGKz5-2FPm7g3NnjmMHPLLko1n0yo8zXU96ib-2Fkd2UlSpKM7-2FtLOgBRnY6kYZKdEH0u7WVzj7SB1RusturLTNUo-2Fc2xD3-2Bue1X-2FXpLb7JXVjEC8KMHbkSDIFrk6iWY7B-2FVB2-2FJ2iI-3D
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	15
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@17/41@46/99

Warnings

Exclude process from analysis (whitelisted): TextInputHost.exe
Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.185.238, 74.125.71.84, 34.104.35.123
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://links.twiliocdn.com/ls/click?upn=u001.s8B7Bdj-2BO6qOEbA-2BPKse2Z7fYxO9q1PAYKGQzEiFp-2FQBq-2BFpel8VkcfovM37GnWPMnODh7DjfGMugIPNcd8ltt5eAz3eLThOPRhxCnpkpwSoLZsid6F00t-2FjbyOU-2F93X804pv1CgFCLbmObbTHc4xs2oFf5JAweFiVi0KRXNOqc-3DGElV_ZsZNk9I-2BWKUMcOn-2FYMXK2VNILsetvczk0qkDBnt1Q-2Bg8MpLl8s0WAV-2BDTdcA1B04hx8sA-2BW0GxVYvh2qVpF6F65Gu9V4sDAY92xxVGKz5-2FPm7g3NnjmMHPLLko1n0yo8zXU96ib-2Fkd2UlSpKM7-2FtLOgBRnY6kYZKdEH0u7WVzj7SB1RusturLTNUo-2Fc2xD3-2Bue1X-2FXpLb7JXVjEC8KMHbkSDIFrk6iWY7B-2FVB2-2FJ2iI-3D

LLM Input / Output

Input	Output
URL: https://support.twilio.com/hc/en-us/articles/360022561474-How-to-Read-the-Twilio-Invoice-CSV-Supplement Model: jbxai	{ "brand":["Twilio"], "contains_trigger_text":true, "trigger_text":"How to Read the Twilio Invoice CSV Supplement", "prominent_button_name":"Download", "text_input_field_labels":["CURRENT BALANCE", "AUTO RECHARGE"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "text":"SUPPORT.TWILIO.COM END OF LIFE NOTICE This site, support.twilio.com, is scheduled to go End of Life on February 27, 2024. All Twilio Support content has been migrated to help twilio.com, where you can continue to find helpful Support articles, API docs, and Twilio blog content, and escalate your issues to our Support team. We encourage you to update your bookmarks and begin using the new site today for all your Twilio Support needs.", "has_visible_qrcode":false}

Input

Output

URL: https://support.twilio.com/hc/en-us/articles/360022561474-How-to-Read-the-Twilio-Invoice-CSV-Supplement Model: jbxai

{
"brand":["Twilio"],
"contains_trigger_text":true,
"trigger_text":"How to Read the Twilio Invoice CSV Supplement",
"prominent_button_name":"Download",
"text_input_field_labels":["CURRENT BALANCE",
"AUTO RECHARGE"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"text":"SUPPORT.TWILIO.COM END OF LIFE NOTICE This site,
 support.twilio.com,
 is scheduled to go End of Life on February 27,
 2024. All Twilio Support content has been migrated to help twilio.com,
 where you can continue to find helpful Support articles,
 API docs,
 and Twilio blog content,
 and escalate your issues to our Support team. We encourage you to update your bookmarks and begin using the new site today for all your Twilio Support needs.",
"has_visible_qrcode":false}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:24 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.988252748424855
Encrypted:	false
SSDEEP:
MD5:	7B8455B17E14714A6734C43F56E4F9E1
SHA1:	DFDB25A13145A0A088DE9C66B540A6F96574D540
SHA-256:	F4A2F0E6BE4831FA69D5EC3BF0AF56051BA0D215C6B971D73553ED60851344CA
SHA-512:	E1C26DC3A132317B6D7D5E33464536F7D7540002AA435D44CBF559567A07AFA90FC59E89D7D3352B958D3084C3200F3B75DD1412B1A084062806818263F9FDD9
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....]7&.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IGYb.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VGYk.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VGYk.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VGYk............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VGYl............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:24 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.003853505506306
Encrypted:	false
SSDEEP:
MD5:	B5659331618C00A08BB73B11C9C8F47F
SHA1:	F2F12A989DB4BAA57A1310B0F9E0BE448F588231
SHA-256:	DE8674A69F593D5E09FE22FAFF9BB618207CB9E308E59DE6FEB2CEFC07AB31AF
SHA-512:	466850C760FB705BE8E94EEFEF9CE926DB2EAEA902094DE05499888D971E7983A2925693CF3A761ACD5BC94B7B71E792F762B7081FF2F5EC167BE81435589FBE
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,................y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IGYb.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VGYk.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VGYk.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VGYk............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VGYl............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.013482548474406
Encrypted:	false
SSDEEP:
MD5:	ECA553C7A6861810A867B7CC41FEE453
SHA1:	2C05F5B93813260225A4368D619F9417382C7FD5
SHA-256:	D21C6850059CE0E8E1E25B19524FDC7D737772808B738FC1AA30E526D48290F1
SHA-512:	8F2837C55EBF3FFAA3AB4934699A48820C94D74D8E4EBFBD96AC6F4EAE9568E323B1FD7D16949BFB598F20578BA2E4C6A6ADEF8AF75C4992417AEA366AB020F9
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IGYb.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VGYk.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VGYk.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VGYk............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:24 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	4.001488932965238
Encrypted:	false
SSDEEP:
MD5:	953C9C0E4C285EF86FEBFE59B3CBB23C
SHA1:	9163D2FFAF801101E9727D68E6D14CE7BF01328F
SHA-256:	6B126FFF94AF854B9EC01C0DB4524E7D01DA7A8C0033071D24700FCD47ED42DC
SHA-512:	4F415197E3DD4E776027F3325968BCF032D67A3A7EBAB30976BB589887BD42A35AB2F2066DBD41CBA171A1B67B960B7B62D1CFE1037928C3ED7B3FD9F504024C
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....5..........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IGYb.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VGYk.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VGYk.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VGYk............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VGYl............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:24 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9910917401853623
Encrypted:	false
SSDEEP:
MD5:	0930717DF059B1258E3666B829C558B9
SHA1:	81C72E6706A2ACC2A2EB5217AA7344C5E7F3C8AC
SHA-256:	871B0B58F35A988C808D1F17025DEC5E4AD7236F7276986651F6C23C127B0E5C
SHA-512:	5BE9CC98A42A47743EBFF5458662D7C7267D6F43072D3EC42A56E06F7E30643E432E189B157A548B0A882155C29D09852DCB455C6EF0FDD06AF84C1FD55D46EC
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....<.!.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IGYb.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VGYk.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VGYk.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VGYk............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VGYl............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 16:19:23 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	4.002943965459331
Encrypted:	false
SSDEEP:
MD5:	4EDD0CC5BF104668DA4CF74A883CB1FA
SHA1:	F57452427E94AF20B7561D2755F4C909C6067923
SHA-256:	84B895E5DDACC1B04638B25EC6618194874C23042621E451F839B6E9A4911FB4
SHA-512:	824993C03C47CC285534A32EA56F913DD795A6B85200A48D9877B1D8D1DA671B46A9BAB6B74AE1FA22847100465E71E2AB493E1C7D79E68435CD09C3DF0B7D4F
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....'..........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IGYb.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VGYk.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VGYk.....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VGYk............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VGYl............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 44624, version 1.0
Category:	downloaded
Size (bytes):	44624
Entropy (8bit):	7.989230910997391
Encrypted:	false
SSDEEP:
MD5:	5ADC1C49BE0325A8CDAC239D1B0B05AD
SHA1:	00F7E7221960EB775C51637E600BC510A62925A8
SHA-256:	2D7CA392D9B45723AF1CD44A9178DB19FD0AF6A7AAA49AFD882E3A472201F7B2
SHA-512:	7D9FF77F3DD9810C6A23F194604FE9603F8D720142E0F26F7C4F942AA929A7A0C263F1C8F66C3145D70007A476920E54B372C3E51D6A41FAA61C4ABA9CF0734B
Malicious:	false
Reputation:	unknown
URL:	https://static.zdassets.com/hc/assets/entypo-cd0cc640c9711149dc484d7c26584704..woff
Preview:	wOFF.......P.......l........................FFTM...l........b.r.GDEF........... .L..OS/2.......H...V7.t.cmap...............cvt ................fpgm............0...gasp................glyf...........c ..head...h...1...6...Whhea...........$....hmtx...........\|....loca.......@...@.."fmaxp....... ... ...Iname.......N...@...Opost...P........!E..prep.......X...X...x.c```d....6...g..nB...\....x.c`d``..b...`b`d`d...,`......R.x.c`d.c.............B3.g0dd..2.13......0N@.k........A............O..?x..}lMw.....w=.5.Too.9..R..v^;:...XL,2,#{.%b.I..N......JX.D6.M.1..f...6..l..e...w~"$.\.d7......\|....S...B..Ia...+.w.U+x=.p.zJh..'..i..8.#..............>.x.z%z=.........C.......w.;...u..+.un.....:y.^W/..&y.5.&o.'.....v+.T.V.G.BU...A.L.U.j..P..\5O-PUj.Z.j.f.K,I.t.Kg...HO.-...>.W..D..@)..2L.e...1R).e.Li..B...h.-....~...k...@.9...6...-..v/.j...n.S.l;.-%......J.@f........6_-VK.rU..U.@B.&.$C....H..ID..{ [.#.AgkO..m9.2.ej.K-..7..n.l...>h.7.5..&g'g%g&_INKV&{'{&3.[.%....?...5.*.

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (8061), with no line terminators
Category:	dropped
Size (bytes):	8061
Entropy (8bit):	5.752762208626125
Encrypted:	false
SSDEEP:
MD5:	F6D20D0C316C2E87BED9BCE3197434C2
SHA1:	CA90ECC53414FAF81855F362BE04370FD1CAA0D5
SHA-256:	B4BFA69712120BD16F5D3E667F7DB718BFE27A093EF476682A7A436FFB841EF7
SHA-512:	81C37AC4C11B3BEFABF1FB7D95D317282AF13CF7496E58A015FFB007BBA16E2234DFE7DC0A5AE1C0D027E01BF07FA70F1369193DC30ED716804DF5346A2B0092
Malicious:	false
Reputation:	unknown
Preview:	window._cf_chl_opt={cFPWv:'g'};~function(V,g,h,i,j,n,o,A){V=b,function(d,e,U,f,C){for(U=b,f=d();!![];)try{if(C=parseInt(U(287))/1(parseInt(U(336))/2)+-parseInt(U(260))/3(-parseInt(U(334))/4)+-parseInt(U(341))/5+parseInt(U(342))/6(parseInt(U(279))/7)+parseInt(U(353))/8(parseInt(U(308))/9)+parseInt(U(345))/10+-parseInt(U(331))/11,C===e)break;else f.push(f.shift())}catch(D){f.push(f.shift())}}(a,232912),g=this\|\|self,h=g[V(276)],i={},i[V(339)]='o',i[V(348)]='s',i[V(306)]='u',i[V(344)]='z',i[V(323)]='n',i[V(309)]='I',j=i,g[V(297)]=function(C,D,E,F,a0,H,I,J,K,L,M){if(a0=V,D===null\|\|D===void 0)return F;for(H=m(D),C[a0(286)][a0(261)]&&(H=H[a0(293)](C[a0(286)][a0(261)](D))),H=C[a0(303)][a0(350)]&&C[a0(289)]?C[a0(303)][a0(350)](new C[(a0(289))](H)):function(N,a1,O){for(a1=a0,N[a1(284)](),O=0;O<N[a1(263)];N[O+1]===N[O]?N[a1(310)](O+1,1):O+=1);return N}(H),I='nAsAaAb'.split('A'),I=I[a0(321)][a0(332)](I),J=0;J<H[a0(263)];K=H[J],L=l(C,D,K),I(L)?(M='s'===L&&!C[a0(316)](D[K]),a0(325)===E+K?G(E+K,L

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32746)
Category:	downloaded
Size (bytes):	426145
Entropy (8bit):	5.3291577416350755
Encrypted:	false
SSDEEP:
MD5:	A526F166335BDF1ED44ECABE7C215FD2
SHA1:	8FE650BDAA560366CE9E618648F45F7363D53E64
SHA-256:	7BC234EB5FAA5F6BC8094E69C8D86C1437B0CE10731B7B4F7A2C9DB308469FF4
SHA-512:	9F6FA3BF8C2B854D6F35BB93707D8AB116EBF05DC25CC28E74A48662634B9750B2F0965CF460F8527B3FD123BE430CBF622C567DADE85DB9EE4445AB7718307A
Malicious:	false
Reputation:	unknown
URL:	https://s.swiftypecdn.com/install/v2/st.js
Preview:	!function(){"use strict";window.__st_moment=window.moment,window.__st_rome=window.rome}(),/!. jQuery JavaScript Library v3.5.1. * https://jquery.com/. . Includes Sizzle.js. * https://sizzlejs.com/. . Copyright JS Foundation and other contributors. * Released under the MIT license. * https://jquery.org/license. . Date: 2020-05-04T22:49Z. */.function(t,e){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=t.document?e(t,!0):function(t){if(!t.document)throw new Error("jQuery requires a window with a document");return e(t)}:e(t)}("undefined"!=typeof window?window:this,function(t,e){"use strict";function n(t,e,n){n=n\|\|St;var i,r,o=n.createElement("script");if(o.text=t,e)for(i in bt)(r=e[i]\|\|e.getAttribute&&e.getAttribute(i))&&o.setAttribute(i,r);n.head.appendChild(o).parentNode.removeChild(o)}function i(t){return null==t?t+"":"object"==typeof t\|\|"function"==typeof t?ft[dt.call(t)]\|\|"object":typeof t}function r(t){var e=!!t&&"length"in t&&t.lengt

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (52402)
Category:	downloaded
Size (bytes):	56029
Entropy (8bit):	5.069639809499417
Encrypted:	false
SSDEEP:
MD5:	5191D4EA06BCC144E6774B0FE859528E
SHA1:	7A01E3DB400832724EA275F32BD2936DA83BA8F5
SHA-256:	BA2D68818246F93903142003B5D0DCF14C8536960078ACCD08F1D5813C61A485
SHA-512:	A8CF2CDC62F938013A055A3C56AC245D79B8EB8B04C4EE0B35BB9D3277BC5A9F434664FC09CAD1B134DEC5DFC543D7CA2C52F499EC04284E6A3FCEB212BD9091
Malicious:	false
Reputation:	unknown
URL:	https://static.zdassets.com/hc/assets/application-a42a464885a505c24ac3b0ab35047489.css
Preview:	:root{--zd-color-black: #000;--zd-color-green-100: #edf8f4;--zd-color-green-200: #d1e8df;--zd-color-green-300: #aecfc2;--zd-color-green-400: #5eae91;--zd-color-green-500: #228f67;--zd-color-green-600: #038153;--zd-color-green-700: #186146;--zd-color-green-800: #0b3b29;--zd-color-grey-100: #f8f9f9;--zd-color-grey-200: #e9ebed;--zd-color-grey-300: #d8dcde;--zd-color-grey-400: #c2c8cc;--zd-color-grey-500: #87929d;--zd-color-grey-600: #68737d;--zd-color-grey-700: #49545c;--zd-color-grey-800: #2f3941;--zd-color-blue-100: #edf7ff;--zd-color-blue-200: #cee2f2;--zd-color-blue-300: #adcce4;--zd-color-blue-400: #5293c7;--zd-color-blue-500: #337fbd;--zd-color-blue-600: #1f73b7;--zd-color-blue-700: #144a75;--zd-color-blue-800: #0f3554;--zd-color-kale-100: #f5fcfc;--zd-color-kale-200: #daeded;--zd-color-kale-300: #bdd9d7;--zd-color-kale-400: #90bbbb;--zd-color-kale-500: #467b7c;--zd-color-kale-600: #17494d;--zd-color-kale-700: #03363d;--zd-color-kale-800: #012b30;--zd-color-red-100: #fff0f1;--zd-co

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (9369)
Category:	downloaded
Size (bytes):	9380
Entropy (8bit):	5.246192322737003
Encrypted:	false
SSDEEP:
MD5:	359C3FCE9769020F14763E4E3615597D
SHA1:	A286AE2741ADCF0274D0129F8704C382B8E47E81
SHA-256:	836316444E9CEDE5CE83CFE98734B9C8AB27192A9634A59B82C118A8E6792037
SHA-512:	4E24FE8D51EA331F73157791CD98361A65C0AAC7C1B2751E792C797D0C4F196E2B200AF11CAF5A8195894819A98DF7AA3559C95C76DB9BB8280A8CCF84E45454
Malicious:	false
Reputation:	unknown
URL:	https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
Preview:	/! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css /html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:bold}dfn{font-style:italic}h1{font-size:2em;margin:.67em 0}mark{background:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sup{top:-0.5em}sub{bottom:-0.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr{box-sizing:content-box;height:0}pre{overflow:auto}code,kbd,pre,samp{font-family:monospace,monospace;font-size:1em}button,input,optgroup,select,textarea{color:inheri

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1564
Entropy (8bit):	4.139523994921488
Encrypted:	false
SSDEEP:
MD5:	2CCC8B213614D0421103B36E58CE5979
SHA1:	4DDCEF0CDDA74D2A7BA1A6399FF05B35DFC36F0E
SHA-256:	CDAE1CEDA4AE6A3DC813500127EE0575F978F5B3191D9B316F4C30B705C9A4A0
SHA-512:	0EE1BFC2DC0857CB433F57BEAB601C1E52CDA476C31014C30C75FA55CE2CC1171418CF9CBB8F57E277F6B5F5BCE3232200E296B1BA84F71E917F6A3E4F7B790D
Malicious:	false
Reputation:	unknown
URL:	https://p5.zdassets.com/hc/theme_assets/831517/200175577/logo-wordmark--white.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="166.2" height="50" viewBox="-313 376 166.2 50"><g fill="#FFF"><path d="M-195.9 385.8h-8.8c-.2 0-.4.2-.4.4v5.1c0 .2.2.4.4.4h8.8c.2 0 .4-.2.4-.4v-5.1c.1-.2-.1-.4-.4-.4zm-.1 7.6h-17c-.2 0-.5.2-.6.4l-2.2 8.3-.1.4-2.6-8.9c-.1-.2-.3-.4-.6-.4h-6.6c-.2 0-.5.2-.6.4l-2.5 8.3-.1.4-.1-.2-1-4.1-1.1-4.1c-.1-.2-.3-.4-.6-.4H-245v-7.2c0-.2-.3-.5-.6-.4l-8.4 2.6c-.3.1-.4.2-.4.4v4.5h-2.2c-.2 0-.4.2-.4.4v6.4c0 .2.2.4.4.4h2.2v7.8c0 5.5 3 8.1 8.5 8.1 2.3 0 4.5-.5 6-1.3v-6.6c0-.3-.3-.4-.5-.4-.9.4-1.6.5-2.4.5-1.5 0-2.3-.6-2.3-2.3v-5.7h4.8c.2 0 .4-.2.4-.4v-5.4l6.3 20.9c.1.2.3.4.6.4h7c.2 0 .5-.2.6-.4l3-9.3 1.5 4.8 1.4 4.4c.1.2.3.4.6.4h7c.2 0 .5-.2.6-.4l6.4-21v21c0 .2.2.4.4.4h8.5c.2 0 .4-.2.4-.4v-21.8c0-.3-.2-.5-.4-.5zm11.2-7.6h-8.5c-.2 0-.4.2-.4.4v29.5c0 .2.2.4.4.4h8.5c.2 0 .4-.2.4-.4v-29.5c0-.2-.2-.4-.4-.4zm11.3 0h-8.8c-.2 0-.4.2-.4.4v5.1c0 .2.2.4.4.4h8.8c.2 0 .4-.2.4-.4v-5.1c.1-.2-.1-.4-.4-.4zm-.1 7.6h-8.5c-.2 0-.4.2-.4.4v21.9c0 .2.2.4.4.4h8.5c.2 0 .4-.2.4-.4v-21.

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1048
Entropy (8bit):	6.616207743795483
Encrypted:	false
SSDEEP:
MD5:	C1662F4109C5D5FCAA59F15E1CE69570
SHA1:	D1B303A0CBC2C2B58CFC1C204DF7DB3AA71D721E
SHA-256:	ED2F558F594604161F2B2A37F5A5A3B198F48FB707F64CFA5C83E5E48A1DA131
SHA-512:	044CF7EC86CC6F2E2D91DEB9CB45DCB9EB25251FCDFA984729B64B51C29B907F8A1FAECA00A218F5AFCC086562CEA2E8923EAE614D53BE3B0424A6A98C0A06B2
Malicious:	false
Reputation:	unknown
URL:	https://support.twilio.com/hc/theming_assets/01HZPBC50YEDHX0JDBHPJWPVPX
Preview:	.PNG........IHDR... ... .....D.......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&..&......P...TtRNS..c.........+.8.._I.-.A................=&!B......[.FD.$ok.jp%"g.fXZ...,/.........L......bKGDU...3....pHYs...H...H.F.k>....tIME.....57......yIDAT8.Si[.0......66.....B../......-&-...O.ai.dI.-.4M7..c1..5X...`..V\|)l;I.`I..Si.b..<...,.z..9..f.."..f@.....6....=.!.".ph],-N]..p~4.......$...b..Z%\..l..f..]..P?.'..[.l..o @.&4.i..>..=....y..........G......uqWn.~...6.rqa....h....g...c...0....9...+N.zp3.O.H.hp;&?..."...=....?..{.....H...y&..!.h.Wh.z.BiS.^.PR...?.....).<.zm....P..L~...R.........................=.,...%tEXtdate:create.2018-06-20T15:53:55+00:00.B.....%tEXtdate:modify.2018-06-20T15:53:55+00:00..>@.

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3712), with no line terminators
Category:	dropped
Size (bytes):	3712
Entropy (8bit):	5.212709096750888
Encrypted:	false
SSDEEP:
MD5:	C3B6AEBB4BB6348BDBC97877D611B398
SHA1:	0BF1D1278DE8F728F01878C5B1C9EBCB8B63F341
SHA-256:	B0A5EDA93203F5017626940664FF4C6885F1989B4DF80EF250567F0808C5CD2D
SHA-512:	533684A7CB43C0D7E5CF6E14584B9402C7283C028C62296EFFD6B476DADC2D723A8031843BD84A433B591B378C32C11CDFCDE8486FCC9F80CD77A7AB890A76EE
Malicious:	false
Reputation:	unknown
Preview:	(()=>{var t={78:(t,e,r)=>{var n=r(427);t.exports=function(t,e){if(!t)throw new Error("Missing elm");var r={};return(e\|\|[]).forEach((function(e){var o="data-"+n(e),i=t.getAttribute(o);/^(true\|false)$/.test(i)&&(i="true"===i),/^\d+$/.test(i)&&(i=parseInt(i,10)),null!==i&&(r[e]=i)})),r}},427:t=>{t.exports=function(t){return(t\|\|"").replace(/([A-Z])/g,(function(t){return"-".concat(t.toLowerCase())}))}},462:t=>{t.exports=function(t){return(t\|\|"").replace(/([A-Z])/g,(function(t){return"_".concat(t.toLowerCase())}))}},54:(t,e,r)=>{function n(t,e){var r=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),r.push.apply(r,n)}return r}function o(t){for(var e=1;e<arguments.length;e++){var r=null!=arguments[e]?arguments[e]:{};e%2?n(Object(r),!0).forEach((function(e){i(t,e,r[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(r)):n(Obje

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4638), with no line terminators
Category:	downloaded
Size (bytes):	4638
Entropy (8bit):	5.117416005091712
Encrypted:	false
SSDEEP:
MD5:	2FEE96FBE415ADE1732DCE6A2043809F
SHA1:	34DDD4841A0B32D6BB6F4189B90B321B905B3A2E
SHA-256:	FD6352884F9B67DE039F766838E02950E4CC1BACF9AF49D167E9E082F95995A7
SHA-512:	AEC09A136856A1589AF234316E44F767E6987C00F7B92A7726BB285598DDAA13287CC00201147FA8BC9E162F244BC7FBBEE07EE7C5CDD0691D75CFCC8844B24D
Malicious:	false
Reputation:	unknown
URL:	https://static.zdassets.com/hc/assets/VoteControls-dbf9ac073b7ad607a81f77355806121f.js
Preview:	"use strict";(self.webpackChunkhelp_center=self.webpackChunkhelp_center\|\|[]).push([[73956],{67219:function(e,t,n){n.r(t),n.d(t,{default:function(){return x}});var a=n(14418),o=n.n(a),i=n(19755),s=n.n(i),r=n(96989),l=n(72316),u=n(33938),c=n(35627),d=n.n(c),h=n(30222),v=n.n(h),p=n(36808),f=n.n(p),g=n(53371),m=l.Model.extend({defaults:{upvote_count:0,vote_count:0,vote_sum:0,value:null,label:"",vote_url:""},constructor:function(){l.Model.apply(this,arguments),this.localStorageSupported=this.isLocalStorageSupported(),this.set({value:this.getVoteDirection()})},vote:function(e){var t=this;return(0,u.Z)(v().mark((function n(){var a,o;return v().wrap((function(n){for(;;)switch(n.prev=n.next){case 0:if(a=t.get("vote_url"),!t.alreadyVoted()){n.next=4;break}return t.fakeVote(e),n.abrupt("return");case 4:return n.next=6,(0,g.RJ)();case 6:o=n.sent,l.$.ajax({url:a,type:"POST",data:{value:e},dataType:"json",beforeSend:function(e){e.setRequestHeader("X-CSRF-Token",o)}}).done((function(e){t.saveVoteLoca

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28214)
Category:	dropped
Size (bytes):	28310
Entropy (8bit):	5.301251788625381
Encrypted:	false
SSDEEP:
MD5:	0951D5D91DBDBAC36286EEEC1EA2A2D6
SHA1:	20A1D5ADBA6605C30CB520FEB8D5D69DEC1CE33E
SHA-256:	D4CDAC1A0DFA4A83C3F4F9D3EF6BC4E4531671938D16B03645AFC795B6F92C5B
SHA-512:	B5D281B1857B6AC1C3377B846316F3E43D719E06F3F76460F24A3C9B774DF1AEC621D040FB1735DEA7FC4C48E01888C19E90D8E12B9DCEB6483E4544CA295CD0
Malicious:	false
Reputation:	unknown
Preview:	/! For license information please see 61618-7a8c9da55fa9f022ca4279f74e1f55b2.js.LICENSE.txt /.(self.webpackChunkhelp_center=self.webpackChunkhelp_center\|\|[]).push([[61618,48684],{90093:function(e,t,n){var r=n(28196);e.exports=r},15684:function(e,t,n){var r=n(19373);e.exports=r},65362:function(e,t,n){var r=n(63383);e.exports=r},73151:function(e,t,n){var r=n(9534);e.exports=r},45012:function(e,t,n){var r=n(23059);e.exports=r},27700:function(e,t,n){n(73381);var r=n(35703);e.exports=r("Function").bind},16246:function(e,t,n){var r=n(7046),o=n(27700),a=Function.prototype;e.exports=function(e){var t=e.bind;return e===a\|\|r(a,e)&&t===a.bind?o:t}},14122:function(e,t,n){e.exports=n(89097)},69447:function(e,t,n){e.exports=n(628)},60269:function(e,t,n){e.exports=n(76936)},84710:function(e,t,n){e.exports=n(14058)},93799:function(e,t,n){e.exports=n(92093)},89097:function(e,t,n){var r=n(90093);e.exports=r},628:function(e,t,n){var r=n(15684);e.exports=r},76936:function(e,t,n){var r=n(65362);e.exports

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Category:	downloaded
Size (bytes):	92460
Entropy (8bit):	5.301101844267614
Encrypted:	false
SSDEEP:
MD5:	06821D0F1E25137C2297502C6CED525D
SHA1:	459FB586F8FC6C7C824E06A4E7B5312622E4BFE9
SHA-256:	E1FC56C5AF917B653BE54D619245C4079C1AFEC0991321F0D358679B1EF529A0
SHA-512:	504D6699839AD90F6316EF9FD8BD72B76784176169EA49BBD8FC33DA380F5D0907D9B0266B4E5A10E15CDE25125824A098BE7E16EE2360ACBA6B2711D14F6EDC
Malicious:	false
Reputation:	unknown
URL:	https://static.zdassets.com/hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js
Preview:	!function(e,t){function n(e,t){return t.toUpperCase()}function r(e){!s.addEventListener&&"load"!==e.type&&"complete"!==s.readyState\|\|(q(),w.ready())}var i,o,a=typeof t,s=e.document,u=e.location,l=e.jQuery,c=e.$,f={},p=[],d="1.9.1",h=p.concat,g=p.push,m=p.slice,y=p.indexOf,v=f.toString,b=f.hasOwnProperty,x=d.trim,w=function(e,t){return new w.fn.init(e,t,o)},T=/[+-]?(?:\d\.\|)\d+(?:[eE][+-]?\d+\|)/.source,N=/\S+/g,C=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,k=/^(?:(<[\w\W]+>)[^>]\|#([\w-]))$/,E=/^<(\w+)\s\/?>(?:<\/\1>\|)$/,S=/^[\],:{}\s]$/,A=/(?:^\|:\|,)(?:\s\[)+/g,j=/\\(?:["\\\/bfnrt]\|u[\da-fA-F]{4})/g,D=/"[^"\\\r\n]*"\|true\|false\|null\|-?(?:\d+\.\|)\d+(?:[eE][+-]?\d+\|)/g,L=/^-ms-/,H=/-([\da-z])/gi,q=function(){s.addEventListener?(s.removeEventListener("DOMContentLoaded",r,!1),e.removeEventListener("load",r,!1)):(s.detachEvent("onreadystatechange",r),e.detachEvent("onload",r))};function M(e){var t=e.length,n=w.type(e);return!w.isWindow(e)&&(!(1!==e.nodeType\|\|!t)\|\|"array"===n\|\|"function"!==n&&(0

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (24274), with no line terminators
Category:	downloaded
Size (bytes):	24274
Entropy (8bit):	5.439783303384432
Encrypted:	false
SSDEEP:
MD5:	E1AE1E8E526E50AC4D8CE91396726097
SHA1:	B125326B96E78802A1AEC6AEBBD69C10266FA9FA
SHA-256:	BD03B0B6236CB66EB345EF4921D76C8D9BE436EA7CC7C89F9E62163C3E0A4A64
SHA-512:	39A15EBA25DF8FAC9053827E54908531B4916B55916528313692A80EC49BA6EB07064B0F1C5D4082491B0660037AA1A1505DCC02E42E65A21691DE3EB0389B3D
Malicious:	false
Reputation:	unknown
URL:	https://static.zdassets.com/hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js
Preview:	(function(t){var e,n,s=Math.round,r={},i="undefined"!=typeof module&&module.exports,a=/^\/?Date$(\-?\d+)/i,o=/(\-)?(?:(\d)\.)?(\d+)\:(\d+)(?:\:(\d+)\.?(\d{3})?)?/,u=/^(-)?P(?:(?:([0-9,.])Y)?(?:([0-9,.])M)?(?:([0-9,.])D)?(?:T(?:([0-9,.])H)?(?:([0-9,.])M)?(?:([0-9,.])S)?)?\|([0-9,.])W)$/,h=/(\[[^\[]\])\|(\$?(Mo\|MM?M?M?\|Do\|DDDo\|DD?D?D?\|ddd?d?\|do?\|w[o\|w]?\|W[o\|W]?\|YYYYY\|YYYY\|YY\|gg(ggg?)?\|GG(GGG?)?\|e\|E\|a\|A\|hh?\|HH?\|mm?\|ss?\|S{1,4}\|X\|zz?\|ZZ?\|.)/g,d=/(\[[^\[]\])\|(\\)?(LT\|LL?L?L?\|l{1,4})/g,c=/\d\d?/,f=/\d{1,3}/,l=/\d{3}/,_=/\d{1,4}/,m=/[+\-]?\d{1,6}/,y=/\d+/,p=/[0-9]['a-z\u00A0-\u05FF\u0700-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+\|[\u0600-\u06FF\/]+(\s?[\u0600-\u06FF]+){1,2}/i,g=/Z\|[\+\-]\d\d:?\d\d/i,w=/T/i,M=/[\+\-]?\d+(\.\d{1,3})?/,D=/^\s*\d{4}-(?:(\d\d-\d\d)\|(W\d\d$)\|(W\d\d-\d)\|(\d\d\d))((T\| )(\d\d(:\d\d(:\d\d(\.\d+)?)?)?)?([\+\-]\d\d:?\d\d\|Z)?)?$/,Y=["YYYY-MM-DD","GGGG-[W]WW","GGGG-[W]WW-E","YYYY-DDD"],k=[["HH:mm:ss.SSSS",/(T\| )\d\d:\d\d:\d\d\.\d{1,3}/],["HH:mm:ss",/(T\| )\d\d:\d\d:\d\d/

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1026 x 594, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	69226
Entropy (8bit):	7.780715872156057
Encrypted:	false
SSDEEP:
MD5:	8D7737E8BA738BCE8504E5B0C6A40A96
SHA1:	AFEE3FA40C4095F1CB5F748337CD8756259248CF
SHA-256:	A516A65D97CA056E25AD5CB1EDE499693D3DC95741606218DE804290BA283A53
SHA-512:	47B0476E8A60A1C708817B41DBC406F78391D893566C0D0F7D6776B80804742FE847009E5D18EC80188B8A8CD0AB176DCD82BE735FED8D527340413D569314C2
Malicious:	false
Reputation:	unknown
URL:	https://support.twilio.com/hc/article_attachments/4405857086107/step1.png
Preview:	.PNG........IHDR.......R.....Y~gx...kiCCPICC Profile..H..W.TS...[........z..W)!...R..!.$......]V...(VtU.EWW@....E........E.M.X....s..o..[f..@..+..:........qi.LR' .:.......$.....e..V.^.........z\|....2..L....q...z.DZ..Q.[M+.(.\...0@.W)p...T.L.nV.$%.!......f..u...B^6....bW1_$.@{..A<!..."....S...b{./....\|3.......!.\n..V...0.L.......K~.\|.-lT.4A.?...)..L..[.....5.}".......<Y....dlX?...........q^l.....Ep ...-..p. 6.x.@.....,......gI.,5..+U.U..'.Mf....8j..V.0).b.....X.. v..&F.uF....:Ry."~k.....P.}.0K..../...m..8.j..@.....v..U..s.....A;....\...pU..S.89Qm.OR.....S$y.j}.R....-!...&...).pq...Y...$U.xq.wt..\|...l...@.[&..r.......R.D....l ..jfpF.rD...........*G....X...d)G..3r.c..A4....Y.!o)..dD.......M1...A...L....zdj.j..a.(b...7...<.>C`s.}q..<.........W.....E%....:...u-2...n.mz.x ..-....8........ .V....;..d....#..Q.0r.....Z.Z^CV....>.X3.......?....a...&.....bg.f..0.#X#v.;..C..ru.zKP..............j.@PT..x.)..RQ...._...#.`........^_...o..8......Q/...

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	37
Entropy (8bit):	3.040403544317301
Encrypted:	false
SSDEEP:
MD5:	3EACD0132310EA44CAD756B378A3BC07
SHA1:	E2216A7E9B73F5CB0279351C78CE61C33475CEA7
SHA-256:	BB229A48BEE31F5D54CA12DC9BD960C63A671F0D4BE86A054C1D324A44499D96
SHA-512:	BD9AB35DDE3A5242B04C159187732E13B0A6DA50DDCFF7015DFB78CDD68743E191EAF5CDDEDD49BEF7D2D5A642C217272A40E5BA603FE24CA676A53F8C417C5D
Malicious:	false
Reputation:	unknown
URL:	https://heapanalytics.com/h?a=1541905715&u=5017184541108585&v=5452069014493274&s=1957014358684023&b=web&tv=4.0&z=0&h=%2Fhc%2Fen-us%2Farticles%2F360022561474-How-to-Read-the-Twilio-Invoice-CSV-Supplement&d=support.twilio.com&t=How%20to%20Read%20the%20Twilio%20Invoice%20CSV%20Supplement%20%E2%80%93%20Twilio%20Support&k=Device%20screen%20resolution&k=1280%20x%201024&k=Inner%20window%20dimensions&k=1280%20x%20907&ts=1728321571014&ubv=117.0.5938.149&upv=10.0.0&sch=907&scw=1280&st=1728321571017&lv=4.23.4&ld=cdn.heapanalytics.com
Preview:	GIF89a.......!.......,...........L..;

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (7997), with no line terminators
Category:	downloaded
Size (bytes):	7997
Entropy (8bit):	5.770155047690787
Encrypted:	false
SSDEEP:
MD5:	2319B1247E9C06E27941D294858FCD70
SHA1:	FE11DD8457EE429321A20866C172592AA4C3B8BE
SHA-256:	5EEB6B282D6B0D4751BA1B5BDE99E8D40541968AA7A44363BE839F634A26CB7D
SHA-512:	CC619E4FCA18D190C3D950A4D3251C1C550A42CE374F741893C040F0FDB7D58BFF4789371D176179AE0BC0B032D01242D63D0CA2D13B68969B2747D6E52E3ADA
Malicious:	false
Reputation:	unknown
URL:	https://support.twilio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Preview:	window._cf_chl_opt={cFPWv:'g'};~function(V,f,g,l,m,n,x,y){V=b,function(c,d,U,B,C){for(U=b,B=c();!![];)try{if(C=-parseInt(U(211))/1(parseInt(U(173))/2)+parseInt(U(135))/3+-parseInt(U(154))/4+-parseInt(U(208))/5(-parseInt(U(206))/6)+parseInt(U(136))/7+-parseInt(U(191))/8+-parseInt(U(157))/9*(parseInt(U(153))/10),d===C)break;else B.push(B.shift())}catch(D){B.push(B.shift())}}(a,650109),f=this\|\|self,g=f[V(218)],l=function(a0,d,B,C){return a0=V,d=String[a0(141)],B={'h':function(D){return null==D?'':B.g(D,6,function(E,a1){return a1=b,a1(144)[a1(169)](E)})},'g':function(D,E,F,a2,G,H,I,J,K,L,M,N,O,P,Q,R,S,T){if(a2=a0,D==null)return'';for(H={},I={},J='',K=2,L=3,M=2,N=[],O=0,P=0,Q=0;Q<D[a2(164)];Q+=1)if(R=D[a2(169)](Q),Object[a2(137)][a2(124)][a2(143)](H,R)\|\|(H[R]=L++,I[R]=!0),S=J+R,Object[a2(137)][a2(124)][a2(143)](H,S))J=S;else{if(Object[a2(137)][a2(124)][a2(143)](I,J)){if(256>J[a2(175)](0)){for(G=0;G<M;O<<=1,E-1==P?(P=0,N[a2(212)](F(O)),O=0):P++,G++);for(T=J[a2(175)](0),G=0;8>G;O=O<<1.37\|T&

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	91625
Entropy (8bit):	5.924031002638035
Encrypted:	false
SSDEEP:
MD5:	5E7DE27995936EC339BD1781A6833A98
SHA1:	9DCD592D3F3B35E4FC77824CC638AA19374312D6
SHA-256:	2552D8D62D9C60F59B3B11A5D083D1EBD090C72DE809FC7C76FB339825302241
SHA-512:	79357D3364CBA534C42470ABBFEDA79BFC42EFA044D141432612CA3B27BB2520EBE1E72929057DA36809FAD37EA5F8FBC330B70DE40AECBEEDB3A103E117EF6E
Malicious:	false
Reputation:	unknown
URL:	https://s.swiftypecdn.com/assets/new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
Preview:	.irs{position:relative;display:block;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.irs-line{position:relative;display:block;overflow:hidden;outline:none !important}.irs-line-left,.irs-line-mid,.irs-line-right{position:absolute;display:block;top:0}.irs-line-left{left:0;width:11%}.irs-line-mid{left:9%;width:82%}.irs-line-right{right:0;width:11%}.irs-bar{position:absolute;display:block;left:0;width:0}.irs-bar-edge{position:absolute;display:block;top:0;left:0}.irs-shadow{position:absolute;display:none;left:0;width:0}.irs-slider{position:absolute;display:block;cursor:default;z-index:1}.irs-slider.type_last{z-index:2}.irs-min{position:absolute;display:block;left:0;cursor:default}.irs-max{position:absolute;display:block;right:0;cursor:default}.irs-from,.irs-to,.irs-single{position:absolute;display:block;top:0;left:0;cursor:default;white-space:nowrap}.irs-grid{position:absolute;display:none;bottom:0;left:0;width:100%;height:20px}.irs-with-grid .irs-grid{

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65435)
Category:	dropped
Size (bytes):	743814
Entropy (8bit):	5.563068942801893
Encrypted:	false
SSDEEP:
MD5:	A5F20A80CC9503739F2F3BA48D143823
SHA1:	49569E4E04FC05AB4EEBB4FD084594486C23411A
SHA-256:	80175912AD4D28A44BC64364196665A874161C901A14741808EC0548A32B1EAE
SHA-512:	EB6C8FB9867017B873F7AC37EE8A9E600F57B74FE771479C5E518695902301BDF4EEC6910E7577B59B1C5FCB39506C3346016E7C1A27CD42D5D68B45B152CEAD
Malicious:	false
Reputation:	unknown
Preview:	/! For license information please see hc_enduser-3dd4f93d9ab8c734ad133b7f68c729c1.js.LICENSE.txt /.!function(){var e,t,n,r,a={38016:function(e,t,n){e.exports=n(66341)},89682:function(e,t){"use strict";function n(e){return JSON.stringify(e.map((function(e){return e&&"object"==typeof e?(t=e,Object.keys(t).sort().map((function(e){var n;return(n={})[e]=t[e],n}))):e;var t})))}t.default=function(e,t){return void 0===t&&(t={}),function(){for(var r,a=[],o=0;o<arguments.length;o++)a[o]=arguments[o];var i=n(a),c=i&&t[i];return c\|\|(c=new((r=e).bind.apply(r,[void 0].concat(a))),i&&(t[i]=c)),c}}},97070:function(e,t,n){"use strict";(t=e.exports=n(89682).default).default=t},78701:function(e,t,n){const r=n(73216),a=n(37566);function o(){if(!(this instanceof o))return new o}function i(e,t){!function(e){const t=a.get().files.intl;t&&!window.Intl?r(t,(function(t){t\|\|Intl.Collator\|\|(Intl.Collator=o),e(t)})):e()}((function(){const n=a.get().files,o=e.split("-")[0],i=n["relative."+("no"===o?"nn":o)]\|\|n["r

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (64244)
Category:	downloaded
Size (bytes):	130095
Entropy (8bit):	5.426398302303113
Encrypted:	false
SSDEEP:
MD5:	F67D63B0CB962FC71DB0180E8011DD16
SHA1:	FB8B751BB9AB0FF8FB0B6ECC1015CCB6A0E86201
SHA-256:	D5F4EC81ACE689DEEE4D72F936146CA35BBD8D2F40BE75BF16E1CFFD7B401F58
SHA-512:	B868E77CD82A2F0735BC4A1FB085A97957D91168648089D25E6DB52322BB471F6A34843DDDA1661D78F5D3B8D5A7D3833AB967D2FC0F1F79F91BCFEC76D1A251
Malicious:	false
Reputation:	unknown
URL:	https://cdn.heapanalytics.com/js/heap-1541905715.js
Preview:	//@preserve v4.23.4+7ce87a6486953.!function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){'undefined'!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:'Module'}),Object.defineProperty(e,'__esModule',{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&'object'==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,'default',{enumerable:!0,value:e}),2&t&&'string'!=typeof e)for(var i in e)r.d(n,i,function(t){return e[t]}.bind(null,i));return n},r.n=function(e){var t=e&&e.__esModule?function t(){return e.default}:function t(){return e};return r.d(t,'a',t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="/js/",r(r.s=15)}([function(e,t,r){"use strict";var n,i,o;Object

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.0950611313667666
Encrypted:	false
SSDEEP:
MD5:	AD4B0F606E0F8465BC4C4C170B37E1A3
SHA1:	50B30FD5F87C85FE5CBA2635CB83316CA71250D7
SHA-256:	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA
SHA-512:	EBFE0C0DF4BCC167D5CB6EBDD379F9083DF62BEF63A23818E1C6ADF0F64B65467EA58B7CD4D03CF0A1B1A2B07FB7B969BF35F25F1F8538CC65CF3EEBDF8A0910
Malicious:	false
Reputation:	unknown
Preview:	GIF89a.............!.......,...........L..;

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.875
Encrypted:	false
SSDEEP:
MD5:	46DF3E5E2D15256CA16616EBFDA5427F
SHA1:	BE8F9B307E458075DA0D43585A05F1D451469182
SHA-256:	AF3248D0B278571EFF9A22F8ED1CEB54B70D202B44FD70ECA4CA13A5771CECC3
SHA-512:	88FBCC0A92317A0BADE7D4B72C023A16792F3728443075BF4B1767C8A55258836B54D56B24EABE36AE4EF240F796B58B8F1EA10C7E3C146BDE89882FC9ADE302
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAl5hinrXdfdrBIFDZFhlU4=?alt=proto
Preview:	CgkKBw2RYZVOGgA=

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Category:	dropped
Size (bytes):	216255
Entropy (8bit):	4.773088811580329
Encrypted:	false
SSDEEP:
MD5:	99B0131B1F198C72C3231A8B78504A0A
SHA1:	ABD96483C023F8EDB017D2606519853CEB04D304
SHA-256:	6D2087146C6EADE7E2485A924831D0681BC9B5386DEEA88BC6FA2D91DE7EC5F8
SHA-512:	EB3DCA34D8A4388D77A439698EB6CEAFEF47F4346B938FC4D3A19F82AFA8695E8969A8B6359EF2E34EBDB45760C0E7F22AB9400C6C0B98B77CF79E1DFA941EB0
Malicious:	false
Reputation:	unknown
Preview:	!function(){window.I18N=window.I18N\|\|{};var e,t={locale:"en-us",direction:"ltr",translations:{"activemodel.attributes.request.anonymous_requester_email":"Anonymous requester email:","activemodel.attributes.request.recaptcha":"Recaptcha:","activemodel.errors.models.topic_form.attributes.base.topic_limit":"You have reached the maximum number of topics for your account: %{topic_limit}","activerecord.attributes.comment.body":"Comment:","activerecord.attributes.community_comment.body":"Comment:","activerecord.errors.format":"%{attribute} %{message}","activerecord.errors.full_messages.format":"%{attribute} %{message}","activerecord.errors.messages.could_not_save":"Could not save file","activerecord.errors.messages.not_an_integer":"must be an integer","activerecord.errors.models.access_policy.attributes.manageable_by.inclusion":"Must be `staff` or `managers`","activerecord.errors.models.access_policy.attributes.viewable_by.inclusion":"Must be `everybody`, `signed_in_users`, or `staff`","activ

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (4627)
Category:	downloaded
Size (bytes):	36011
Entropy (8bit):	5.525685921026189
Encrypted:	false
SSDEEP:
MD5:	34A9837804963FDE7FD0972457D3E894
SHA1:	D091EEFC580F87E658A51320FEB0422CC9764FB8
SHA-256:	224C4088849D1B51052471373F9A5CE018E78CBBC4092B2281D2171CA8D74125
SHA-512:	CC3A915618FDEE01618E9006F28D8831981C286C3FEB998A7B6434A2AC2029D39292E2A481760790A7EE9EDEB3B2D2678ABEE54EADE837A65DF05B4C52D87FD7
Malicious:	false
Reputation:	unknown
URL:	https://support.twilio.com/hc/en-us/articles/360022561474-How-to-Read-the-Twilio-Invoice-CSV-Supplement
Preview:	<!DOCTYPE html>.<html dir="ltr" lang="en-US">.<head>. <meta charset="utf-8" />. v25182 -->... <title>How to Read the Twilio Invoice CSV Supplement – Twilio Support</title>.. <meta name="csrf-param" content="authenticity_token">.<meta name="csrf-token" content="hc:meta:server:qnOznLtJzJMIh2XYDqQqEkuoXcs-DfV5Jx-LxMDnFOdJ3zX7E7MKg07si6OhlFYTMhY8MNy7VgYB2dCT6_qg6w">.. <meta name="description" content="Twilio provides a CSV supplement for our invoices to help users tabulate their monthly data, and analyze trends. Have you ever wondered..." /><meta property="og:image" content="https:/hc/theming_assets/01HZPBC4WS3T3BDFXKQDMP1J2Z" />.<meta property="og:type" content="website" />.<meta property="og:site_name" content="Twilio Support" />.<meta property="og:title" content="How to Read the Twilio Invoice CSV Supplement" />.<meta property="og:description" content="Twilio provides a CSV supplement for our invoices to help users tabulate their monthly data, and analyze trends..Have y

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (497)
Category:	dropped
Size (bytes):	64214
Entropy (8bit):	4.794941574340939
Encrypted:	false
SSDEEP:
MD5:	06DADC6C7364CF7662B03515664BE760
SHA1:	BC7A0B56485797E24E1B2DAE324EBAF6A388536F
SHA-256:	0C1A64732DE92FE691F38055F446C114CBA9DF7E63B2CCC35015E57C7513FC34
SHA-512:	9AC516A0B639306F3AA8239756B2D49E8990718DE42C63A333579D6404439D785EA1494F92ED626C7F56699F18B8CBB61AFF16A151761F45F5E120EC6B890228
Malicious:	false
Reputation:	unknown
Preview:	(function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n\|\|r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){.// Underscore.js 1.8.3.// http://underscorejs.org.// (c) 2009-2015 Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors.// Underscore may be freely distributed under the MIT license...(function() {.. // Baseline setup. // --------------.. // Establish the root object, `window` in the browser, or `exports` on the server.. var root = this;.. // Save the previous value of the `_` variable.. var previousUnderscore = root._;.. // Save bytes in the minified (but no

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	53
Entropy (8bit):	4.181238030958726
Encrypted:	false
SSDEEP:
MD5:	B06B700C38193A22E08298EDEB547C34
SHA1:	D8AD3B49C01BF223887F5470BE05F1E7DD590A7C
SHA-256:	F07BA413781C257BB058ABA6CCCE1B1684451C7C01A6655B3C838B210B00BE16
SHA-512:	5C478CBAD120DA9EF81242D8B2E07079A42B2C5C4A37B3414E253CA61B0624E7E73A94210C0309997EFA8FE2AD8DB534288CC5CDA3BA9D8A82B459814630093B
Malicious:	false
Reputation:	unknown
Preview:	{"error":"InvalidEndpoint","description":"Not found"}

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 450 x 278, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	45330
Entropy (8bit):	7.970147817620487
Encrypted:	false
SSDEEP:
MD5:	2D4B60F636222CD7FAEC8A324BAAF47C
SHA1:	91CC6374286E75326EC3F3740F7E2B0D03459327
SHA-256:	200D84504418FED22D0C8A3362A2AF49F5545C92327D96967448A9F81A963538
SHA-512:	70B0D6B99B9E28D5831CBB6AEA001FE157B22770924097003FEAA3CB914E934ED2DA74A0DCF5058214C1FCB3AF4C2ED3F83C438073AFD956F8BEC708F455E388
Malicious:	false
Reputation:	unknown
URL:	https://support.twilio.com/hc/article_attachments/360033921114/invoiceCSV_07_450.png
Preview:	.PNG........IHDR.............z..+... iCCPDisplay..H..WwT....S.@ .G@J..... ..BH..B.!A...k....].u......XX.\|(.ee]\{..G.......93s.....9..=w.\.%..b.R........@...Np..K.II.........U..p.U .K..H\..$...Ra1@..hS.\.....l'+.J....X....0i...jl..8W...0V.&....@KW P...x..2a...J...D...]. XX ...........=-.N._...W....A..V...........8..+...k...[..I.`..;.J....D.,7!..!@......Y..I..{.....x... "...@.TEi...)P.j>. Q.jp..$Y..,.I..5y...c..FqidJ?'O...@. ....f.u.'.$.....y..(%N.{.. <...P%......y..d5.2-...r.."S...T.. 5F.Ke.K3..5....j..H,K.h..reX.&.B.M..bit.z.......JE.f...B..$M.WreR.Z.M".......B.......N..P .b.j<....@...HA9...b...A...(......+. ..e...Ex...is:.....`:...=i?.?..._...`.0..C.t.Q.)J..... ..( .............W....H..P@..(...J9.c...fb.~...@{.>t..D.....<....7.G...@....B............s..>....O&\|..u../f$B..fR..T.u.:M5S..SG.F..:L5\|.&......%C... ..........j.4....T).......T.$.@....b~.L.6......dfe....<......?.A.}}}.}.z..T.......p.....U.2.......1.`.[8....E B...HD.0.B....L.

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (404)
Category:	downloaded
Size (bytes):	100862
Entropy (8bit):	5.073054207381099
Encrypted:	false
SSDEEP:
MD5:	515C9900EDFB20008917CC0142CB1E22
SHA1:	A893E3304E576EE7F4C880529BBED450E9D45853
SHA-256:	3FB2BBFE483AE745D2983553EBAB8921AFC308D3D8CE945772C1198A9C3345B3
SHA-512:	A2DEF023E791A91FD27293C24D5C01A40EA9DA850736EFDB4C7767072ABD5D33E0132A88DBE80D387B69F2E7AE7B81997E6FD328018F5076BFFD2BB634D8FF3B
Malicious:	false
Reputation:	unknown
URL:	https://s3.amazonaws.com/ahoy-assets.twilio.com/global/stylesheets/help-center-0.0.1.css
Preview:	@charset "UTF-8";./*. Twilio Zendesk Help Center. /./. UIKit Styles. /./ ========================================================================. Component: Base. ========================================================================== /./. * 1. Normalize default `font-family` and set `font-size` to support `rem` units. * 2. Prevents iOS text size adjust after orientation change, without disabling user zoom. * 3. Style. /.html {. / 1 /. font: normal 14px / 20px "Helvetica Neue", Helvetica, Arial, sans-serif;. / 2 /. -webkit-text-size-adjust: 100%;. -ms-text-size-adjust: 100%;. / 3 /. background: #fff;. color: #444; }../. * Removes default margin.. /.body {. margin: 0; }../ Links. ========================================================================== /./. * Remove the gray background color from active links in IE 10.. /.a {. background: transparent; }../. * Improve readability of focused elements when they are also in an active/hover state..

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	17113
Entropy (8bit):	5.591361744596875
Encrypted:	false
SSDEEP:
MD5:	60F65427AFC0E08CFAEE3F918CD2A17D
SHA1:	EF01B71C166F4161BB83815018F51D825DF19D72
SHA-256:	11952632312A6D8317261DD1639AF112391E9B6C83903BCD03D39C129AF4BA64
SHA-512:	F95A1324D6E8CF3E3E7C59A29FF9F80A144FD2D39BE56B94207FF904C1650CF80EC7EEB7CA981F19EC10CF856483FEB064ADEC5978362CFA61B9BB584656EC20
Malicious:	false
Reputation:	unknown
URL:	https://p5.zdassets.com/hc/theme_assets/831517/200175577/highlight.pack.js
Preview:	/! highlight.js v9.1.0 \| BSD3 License \| git.io/hljslicense /.!function(e){"undefined"!=typeof exports?e(exports):(self.hljs=e({}),"function"==typeof define&&define.amd&&define("hljs",[],function(){return self.hljs}))}(function(e){function n(e){return e.replace(/&/gm,"&").replace(/</gm,"<").replace(/>/gm,">")}function t(e){return e.nodeName.toLowerCase()}function r(e,n){var t=e&&e.exec(n);return t&&0==t.index}function a(e){return/^(no-?highlight\|plain\|text)$/i.test(e)}function i(e){var n,t,r,i=e.className+" ";if(i+=e.parentNode?e.parentNode.className:"",t=/\blang(?:uage)?-([\w-]+)\b/i.exec(i))return E(t[1])?t[1]:"no-highlight";for(i=i.split(/\s+/),n=0,r=i.length;r>n;n++)if(E(i[n])\|\|a(i[n]))return i[n]}function o(e,n){var t,r={};for(t in e)r[t]=e[t];if(n)for(t in n)r[t]=n[t];return r}function u(e){var n=[];return function r(e,a){for(var i=e.firstChild;i;i=i.nextSibling)3==i.nodeType?a+=i.nodeValue.length:1==i.nodeType&&(n.push({event:"start",offset:a,node:i}),a=r(i,a),t(i).ma

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	18646
Entropy (8bit):	5.218879860016171
Encrypted:	false
SSDEEP:
MD5:	05DA395012EE64A98551F993B952B0A1
SHA1:	FEA08D94698A947075549AC3E534A3C000AB431E
SHA-256:	2081A693C47F01DFF703B3757CBFE43B48F27936509B266D8E461D8D4B2128BD
SHA-512:	4237C8E0A4316E3B167230551DFF9460E0F61B2411C18154223FD74B327BA192C03EEF55E96EC0AF700684DD17A36B72EC7A8F74BCF13F8889798D91F917780D
Malicious:	false
Reputation:	unknown
URL:	https://s.swiftypecdn.com/install/v2/config/hkxfepiEy5bG65fz8d38.json
Preview:	{"install":{"primary_doc_type":"articles","hooks":{"query_filter":null,"result_clicked_filter":null},"endpoints":{"search":"//search-api.swiftype.com/api/v1/public/installs/hkxfepiEy5bG65fz8d38/search.json","autocomplete":"//search-api.swiftype.com/api/v1/public/installs/hkxfepiEy5bG65fz8d38/suggest.json","track_and_redirect_to_result":"//search-api.swiftype.com/api/v1/public/installs/pc/hkxfepiEy5bG65fz8d38.json","constant_crawl":"//cc.swiftype.com/cc.js?engine_key=WMht-aW2d-X7sPzsjksC"},"web":{"analytics":{"autocomplete":true,"search":true},"dependent_resources":{"stylesheets":["//s.swiftypecdn.com/assets/new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css"],"browser_stylesheets":{"ie7":"//s.swiftypecdn.com/assets/new_embed_ie7-5cad988962a7146c8f0d1dc8b92e995d9104d1152e29751446e17dacf8132320.css","ie8":"//s.swiftypecdn.com/assets/new_embed_ie8-03c400d04d4e8f473947670d38aadfca27d2cd401ea0960f6bc88c491b2e1a9a.css","ie9":"//s.swiftypecdn.com/assets/new_embed_i

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (64729)
Category:	downloaded
Size (bytes):	383893
Entropy (8bit):	6.0168429172321405
Encrypted:	false
SSDEEP:
MD5:	437A0BCFB58A915A3E9FCF993961F7B4
SHA1:	B6763F250811DE02BE1F0D9552834DE0AF2CFA22
SHA-256:	2DEBFB6BD7DA1CCB2C865AF501102EF51DF07B523A54A36995E26A076B86981C
SHA-512:	8B75624BD354B80BEB8595482387E68877F8161B96ABC8B17F3C9509955C5C2D38F543E5DA2E90612033A30C55D54941DB023479E2DB1B030A84201251396979
Malicious:	false
Reputation:	unknown
URL:	https://d3hjue7omxs01q.cloudfront.net/global/fonts/780758/86335F6D1AD0509B2.css
Preview:	./..Copyright (C) 2011-2020 Hoefler & Co...This software is the property of Hoefler & Co. (H&Co)...Your right to access and use this software is subject to the..applicable License Agreement, or Terms of Service, that exists..between you and H&Co. If no such agreement exists, you may not..access or use this software for any purpose...This software may only be hosted at the locations specified in..the applicable License Agreement or Terms of Service, and only..for the purposes expressly set forth therein. You may not copy,..modify, convert, create derivative works from or distribute this..software in any way, or make it accessible to any third party,..without first obtaining the written permission of H&Co...For more information, please visit us at http://typography.com...170211-75037-20200511./..@font-face{ font-family: "Knockout 27 A"; src: url(data:application/x-font-woff2;base64,d09GMk9UVE8AAB8EAA0AAAAAOHAAAB6xAAEzdQAAAAAAAAAAAAAAAAAAAAAAAAAADbNvGh4blx4cgQAGYACHLBEIATYCJAODWAQGBZVyB

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 450 x 248, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	34745
Entropy (8bit):	7.960140962049641
Encrypted:	false
SSDEEP:
MD5:	2724B5A57E24C9D8724D1F0A1594AFD8
SHA1:	AD889143F808111170E0C595B4DF95C769D795CB
SHA-256:	8D02A5BFA48823416D16D890FE95D56EAF6B869F6B1E5901E313C94AE13C5784
SHA-512:	18C65FC693AD41AB09AE66CA9594E2EE1B5808AD624CF36E5DD20AE1E867BD4B157DF556D1071A54D029BD162506BDE9EF10234C8D5F01EDB29AEAB8D0D6F1FE
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............qm... iCCPDisplay..H..WwT....S.@ .G@J..... ..BH..B.!A...k....].u......XX.\|(.ee]\{..G.......93s.....9..=w.\.%..b.R........@...Np..K.II.........U..p.U .K..H\..$...Ra1@..hS.\.....l'+.J....X....0i...jl..8W...0V.&....@KW P...x..2a...J...D...]. XX ...........=-.N._...W....A..V...........8..+...k...[..I.`..;.J....D.,7!..!@......Y..I..{.....x... "...@.TEi...)P.j>. Q.jp..$Y..,.I..5y...c..FqidJ?'O...@. ....f.u.'.$.....y..(%N.{.. <...P%......y..d5.2-...r.."S...T.. 5F.Ke.K3..5....j..H,K.h..reX.&.B.M..bit.z.......JE.f...B..$M.WreR.Z.M".......B.......N..P .b.j<....@...HA9...b...A...(......+. ..e...Ex...is:.....`:...=i?.?..._...`.0..C.t.Q.)J..... ..( .............W....H..P@..(...J9.c...fb.~...@{.>t..D.....<....7.G...@....B............s..>....O&\|..u../f$B..fR..T.u.:M5S..SG.F..:L5\|.&......%C... ..........j.4....T).......T.$.@....b~.L.6......dfe....<......?.A.}}}.}.z..T.......p.....U.2.......1.`.[8....E B...HD.0.B....L.

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (16912)
Category:	dropped
Size (bytes):	17012
Entropy (8bit):	5.548413593965129
Encrypted:	false
SSDEEP:
MD5:	25076D61E519DFB00D02A2CBF3E781D9
SHA1:	CFDFD0E144C1963FAEB5EDC393939C7C4B1C9A18
SHA-256:	B35FAB5F199E74A4833B18A2A09DF358CC2CC136421001616DC1F13D96E63AB3
SHA-512:	3E77D64B83E2894207A2079BC8038D4442967DA0AE0EF53C24CE77B4FE1460B21AF0A95D82C930D4BF4363FBEEB26D101CEFD47FD70C17F3AD13831A9121AEE1
Malicious:	false
Reputation:	unknown
Preview:	/! For license information please see subscribe-862367dd170a14d2aef917fc650f274e.js.LICENSE.txt /.(self.webpackChunkhelp_center=self.webpackChunkhelp_center\|\|[]).push([[56295],{43410:function(e,n,t){"use strict";var r,o=t(67294);function i(){return i=Object.assign\|\|function(e){for(var n=1;n<arguments.length;n++){var t=arguments[n];for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])}return e},i.apply(this,arguments)}n.Z=function(e){return o.createElement("svg",i({xmlns:"http://www.w3.org/2000/svg",width:12,height:12,viewBox:"0 0 12 12"},e),r\|\|(r=o.createElement("path",{fill:"none",stroke:"currentColor",strokeLinecap:"round",strokeLinejoin:"round",strokeWidth:2,d:"M1 7l3 3 7-7"})))}},70486:function(e,n,t){"use strict";t.d(n,{v2:function(){return s.v2},j2:function(){return h},sN:function(){return g},Uk:function(){return w},qy:function(){return E},Cl:function(){return C}});var r=t(41266),o=t(73126),i=t(67294),a=t(45697),c=t.n(a),s=t(80956),u=t(55877),l=t.n(u);function p

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 450 x 178, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	43119
Entropy (8bit):	7.9657162310216805
Encrypted:	false
SSDEEP:
MD5:	6EB2ACF6E28197787326DEAB557F6D06
SHA1:	919B152C7B1061499346E5A8D75A85FBF083BD03
SHA-256:	C5A1DE55E7AECA0AA5EDBA2584CF38181BB4FE59E64A72A5ABDDD68EEE611811
SHA-512:	97E76EF5B6A0D0AFDB8AECF22EC48AE556911EF84F422DC86521E85F0EFA52329CB3D80C0725288619451F4B9F802F410A309EEFD9D83A0138F8C19F5F680957
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.............^/Xg... iCCPDisplay..H..WwT....S.@ .G@J..... ..BH..B.!A...k....].u......XX.\|(.ee]\{..G.......93s.....9..=w.\.%..b.R........@...Np..K.II.........U..p.U .K..H\..$...Ra1@..hS.\.....l'+.J....X....0i...jl..8W...0V.&....@KW P...x..2a...J...D...]. XX ...........=-.N._...W....A..V...........8..+...k...[..I.`..;.J....D.,7!..!@......Y..I..{.....x... "...@.TEi...)P.j>. Q.jp..$Y..,.I..5y...c..FqidJ?'O...@. ....f.u.'.$.....y..(%N.{.. <...P%......y..d5.2-...r.."S...T.. 5F.Ke.K3..5....j..H,K.h..reX.&.B.M..bit.z.......JE.f...B..$M.WreR.Z.M".......B.......N..P .b.j<....@...HA9...b...A...(......+. ..e...Ex...is:.....`:...=i?.?..._...`.0..C.t.Q.)J..... ..( .............W....H..P@..(...J9.c...fb.~...@{.>t..D.....<....7.G...@....B............s..>....O&\|..u../f$B..fR..T.u.:M5S..SG.F..:L5\|.&......%C... ..........j.4....T).......T.$.@....b~.L.6......dfe....<......?.A.}}}.}.z..T.......p.....U.2.......1.`.[8....E B...HD.0.B....L.

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (633), with no line terminators
Category:	downloaded
Size (bytes):	633
Entropy (8bit):	4.8150819489572685
Encrypted:	false
SSDEEP:
MD5:	B3B7672B48FEC21AD76A8CB595294861
SHA1:	AF08974D1915EFA02C76D863850131BC63449128
SHA-256:	653772EB570825033EF90744634D85DFC0A796F598E8BF1615D1F4952E3B7364
SHA-512:	6DE4BFB4351144E1925883BC552D4A679E0679AE18A584647B48D4F10FCB5A3878BCA18C799D509BB3AE592B876A54889E47291D94E2DBF13C6A6577C973772E
Malicious:	false
Reputation:	unknown
URL:	https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.6.0/styles/ocean.min.css
Preview:	.hljs-comment,.hljs-quote{color:#65737e}.hljs-variable,.hljs-template-variable,.hljs-tag,.hljs-name,.hljs-selector-id,.hljs-selector-class,.hljs-regexp,.hljs-deletion{color:#bf616a}.hljs-number,.hljs-built_in,.hljs-builtin-name,.hljs-literal,.hljs-type,.hljs-params,.hljs-meta,.hljs-link{color:#d08770}.hljs-attribute{color:#ebcb8b}.hljs-string,.hljs-symbol,.hljs-bullet,.hljs-addition{color:#a3be8c}.hljs-title,.hljs-section{color:#8fa1b3}.hljs-keyword,.hljs-selector-tag{color:#b48ead}.hljs{display:block;overflow-x:auto;background:#2b303b;color:#c0c5ce;padding:0.5em}.hljs-emphasis{font-style:italic}.hljs-strong{font-weight:bold}

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	725
Entropy (8bit):	5.4358343438472625
Encrypted:	false
SSDEEP:
MD5:	1E0F9AD5B9AEFE07B6EB01B3935CCC97
SHA1:	D9D44121106B0EC46CC9E399B7F2969B3F6B9407
SHA-256:	B5093CF7A830588E7AC610EA4417510F559EA687AA252D15FD855FF3ECEF80B7
SHA-512:	5E1FFF48C5A0EEC2A1D4BFE2EFB37DEB3830AC9672184A4D585A08640511403FE2B537FC16CA3FD3E7DC6007524D8782860F3AD3B08968466AA5E4A0034FE470
Malicious:	false
Reputation:	unknown
URL:	https://p5.zdassets.com/hc/theme_assets/831517/200175577/icon-search.svg
Preview:	<?xml version="1.0" encoding="utf-8"?>.. Generator: Adobe Illustrator 18.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->..<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">..<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"... width="18px" height="18px" viewBox="0 0 18 18" enable-background="new 0 0 18 18" xml:space="preserve">..<g id="XMLID_703_">...<circle id="XMLID_706_" fill="none" stroke="#000000" stroke-miterlimit="10" cx="10.9" cy="7.1" r="4"/>...<line id="XMLID_704_" fill="none" stroke="#000000" stroke-miterlimit="10" x1="6.4" y1="11.6" x2="3.1" y2="14.9"/>..</g>..</svg>..

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (404)
Category:	downloaded
Size (bytes):	101705
Entropy (8bit):	5.080637528095955
Encrypted:	false
SSDEEP:
MD5:	71A8F420CA52C758DA82C534495717FF
SHA1:	B473936868FA8F590622E95610209120FE4973E2
SHA-256:	ED298ED198D4C9C57CD83C171A53FB84C5668CE20811AAD5D10207305AFDE936
SHA-512:	7417C93F695703FAA71485136344DBCC98880C747F6056088C6953093E4DDE28487F557BC716663A968446885E3067BFC2FC62A367E380A7A6052F9D87FB9959
Malicious:	false
Reputation:	unknown
URL:	https://support.twilio.com/hc/theming_assets/5194/2715136/style.css?digest=26357467973147
Preview:	@charset "UTF-8";..#teconsent {..position: fixed;..z-index: 1000;..bottom: 0;..right: 0;.}../*. Twilio Zendesk Help Center. /./. UIKit Styles. /./ ========================================================================. Component: Base. ========================================================================== /./. * 1. Normalize default `font-family` and set `font-size` to support `rem` units. * 2. Prevents iOS text size adjust after orientation change, without disabling user zoom. * 3. Style. /.html {. / 1 /. font: normal 14px / 20px "Helvetica Neue", Helvetica, Arial, sans-serif;. / 2 /. -webkit-text-size-adjust: 100%;. -ms-text-size-adjust: 100%;. / 3 /. background: #fff;. color: #444; }../. * Removes default margin.. /.body {. margin: 0; }../ Links. ========================================================================== /./. * Remove the gray background color from active links in IE 10.. /.a {. background: transparent; }../. * Improve read

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 119

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 133

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 149

Chrome Cache Entry: 93

Chrome Cache Entry: 96