Edit tour

Windows Analysis Report
http://scare.me

Overview

General Information

Sample URL:	http://scare.me
Analysis ID:	1531681

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

HTML body contains low number of good links

HTML title does not match URL

Invalid T&C link found

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 5856 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6868 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2000,i,3008722575519205305,8913222086572417486,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6368 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://scare.me" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.scare.me/

HTTP Parser: Number of links: 0

Source: https://www.scare.me/

HTTP Parser: Title: ScareMe does not match URL

Source: https://www.scare.me/	HTTP Parser: Invalid link: Help Center
Source: https://www.scare.me/	HTTP Parser: Invalid link: Terms of Use
Source: https://www.scare.me/	HTTP Parser: Invalid link: Privacy
Source: https://www.scare.me/	HTTP Parser: Invalid link: Legal Notices

Source: https://www.scare.me/

HTTP Parser: No <meta name="author".. found

Source: https://www.scare.me/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49749 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: scare.meConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/css/2.679831fc.chunk.css HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://scare.me/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/js/2.660b81c6.chunk.js HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://scare.me/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/js/main.a21bcba0.chunk.js HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://scare.me/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/js/2.660b81c6.chunk.js HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/js/main.a21bcba0.chunk.js HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/misc/Home_Banner.jpg HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://scare.me/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/branding/scare_logo.png HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://scare.me/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/misc/home-tv.jpg HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://scare.me/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/misc/home-mobile.jpg HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://scare.me/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/misc/home-imac.jpg HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://scare.me/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/branding/scare_logo.png HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/misc/home-tv.jpg HTTP/1.1Host: scare.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: scare.me
Source: global traffic	DNS traffic detected: DNS query: www.scare.me
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49749 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@17/29@10/114

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2000,i,3008722575519205305,8913222086572417486,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://scare.me"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2000,i,3008722575519205305,8913222086572417486,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
marine-mockingbird-rh8xccb5u2m5r6n6glo766k7.herokudns.com	3.220.57.224	true	false	unknown
scare.me	52.20.78.240	true	false	unknown
www.google.com	142.250.186.68	true	false	unknown
www.scare.me	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
http://scare.me/images/branding/scare_logo.png	false	unknown
https://www.scare.me/	false	unknown
http://scare.me/static/js/main.a21bcba0.chunk.js	false	unknown
http://scare.me/images/misc/home-imac.jpg	false	unknown
http://scare.me/static/js/2.660b81c6.chunk.js	false	unknown
http://scare.me/images/misc/home-tv.jpg	false	unknown
http://scare.me/images/misc/home-mobile.jpg	false	unknown
http://scare.me/static/css/2.679831fc.chunk.css	false	unknown
http://scare.me/	false	unknown
http://scare.me/images/misc/Home_Banner.jpg	false	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.68	www.google.com	United States	15169	GOOGLEUS	false
142.250.185.99	unknown	United States	15169	GOOGLEUS	false
142.250.186.67	unknown	United States	15169	GOOGLEUS	false
142.250.186.78	unknown	United States	15169	GOOGLEUS	false
142.250.185.67	unknown	United States	15169	GOOGLEUS	false
142.250.185.78	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
173.194.76.84	unknown	United States	15169	GOOGLEUS	false
142.250.185.234	unknown	United States	15169	GOOGLEUS	false
172.217.18.3	unknown	United States	15169	GOOGLEUS	false
216.58.206.42	unknown	United States	15169	GOOGLEUS	false
142.250.181.234	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
3.220.57.224	marine-mockingbird-rh8xccb5u2m5r6n6glo766k7.herokudns.com	United States	14618	AMAZON-AESUS	false
52.20.78.240	scare.me	United States	14618	AMAZON-AESUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1531681
Start date and time:	2024-10-11 15:55:18 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://scare.me
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean2.win@17/29@10/114

Warnings

Exclude process from analysis (whitelisted): svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.67, 142.250.186.78, 173.194.76.84, 34.104.35.123, 142.250.185.234, 142.250.185.67, 142.250.181.234, 142.250.185.99, 216.58.206.42, 216.58.212.138, 142.250.184.202, 142.250.185.138, 142.250.185.170, 172.217.18.106, 142.250.185.106, 142.250.186.170, 142.250.185.74, 142.250.186.74, 142.250.184.234, 142.250.185.202, 216.58.206.74, 142.250.186.138
Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://scare.me

LLM Input / Output

Input	Output
URL: https://www.scare.me/ Model: jbxai	{ "brands":["SCARE.ME"], "text":"Unlimited movies, TV shows, and more. Watch anywhere. Cancel anytime. Ready to watch? Enter your email to create or restart your membership. Email address Get Started", "contains_trigger_text":true, "trigger_text":"Unlimited movies, TV shows, and more. Watch anywhere. Cancel anytime.", "prominent_button_name":"Get Started", "text_input_field_labels":["Email address"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.scare.me/ Model: jbxai	{ "phishing_score":3, "brands":"SCARE.ME", "legit_domain":"scare.me", "classification":"unknown", "reasons":["The brand name 'SCARE.ME' is not widely recognized or associated with any well-known brand.", "The URL 'www.scare.me' matches the brand name exactly, which is a positive indicator.", "The domain extension '.me' is legitimate but can sometimes be used for personal or niche sites, which requires caution.", "There are no obvious misspellings or suspicious elements in the URL.", "The presence of an email address input field is common, but without further context, it does not indicate phishing."], "brand_matches":[true], "url_match":true, "brand_input":"SCARE.ME", "input_fields":"Email address"}

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 12:55:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.984660939420075
Encrypted:	false
SSDEEP:
MD5:	CC09CD75C3B5CEA9096AF7A705C290F9
SHA1:	7DA75C08AA59838E68BC15CED2897DF8744948B6
SHA-256:	30247827BC2D5C8ECE46E9422278F6FC95AF8B5C934EC6E5287AB413F5BA185C
SHA-512:	01D1F0FF16DC2D0C2341F3709D3047412416CF8841A64C261DC07742343B5AC52AC246457CD4BB07344F2782E8960DA8D263AAFB0184B9B762BE59FCD294501F
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....zE....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IKY.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VKY.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VKY.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VKY.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VKY.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............2"......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 12:55:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.9992434328092274
Encrypted:	false
SSDEEP:
MD5:	FAF0EE5967C5E00280DEA171EDC21682
SHA1:	F3D56BAA9D1D07B4E3E23DEBE05D7E45CF74F3DA
SHA-256:	226EA0772AF26C310413BCC2E2F793E6F277B2F03EADC321BA7E4CC9247170D3
SHA-512:	726DD643183A318419AF485F5EDA30A7675BEC660302CEED4A6CBF33794141F7DBFF6876673119CCF10BD059021378AC6987CD60366137AAAF54426373806D64
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....^nE....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IKY.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VKY.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VKY.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VKY.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VKY.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............2"......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.0077301122258
Encrypted:	false
SSDEEP:
MD5:	977056EC1314B28B3B61CF11289A434D
SHA1:	C54175C79D5D831137D278C63253259D16B817C7
SHA-256:	CBC17E0B4B7924CB00DEAECB75846511FE082A0F54A66F0347C47D756BA1C4DD
SHA-512:	5942683036ED0B0A990DE216B2780B1A743B699A27377FF7753550E989BD86918CED045BBD627834A6EB947ABBFDA1695745C0EFD4E01E85B25020120CE1C764
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IKY.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VKY.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VKY.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VKY.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............2"......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 12:55:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.997003639861665
Encrypted:	false
SSDEEP:
MD5:	13A6B273BE8D509F5D6C597E0BEA59D3
SHA1:	F2DE1F83816C3EB441D7AED5C006FFD398305142
SHA-256:	137E2437BE79B6B9CAFE91CB175EAE5FD2585C9E9D7312E7016029F24BAD7868
SHA-512:	5D8F2515FEB0BCE87D3F03BCD5C8803B00E2C89219ED332525BD4DF075CBDD71B28C669AF2497418BD2351DCD9D1431863A97198A2731984B7CBA375AAE144AC
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....DhE....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IKY.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VKY.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VKY.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VKY.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VKY.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............2"......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 12:55:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9848587834641784
Encrypted:	false
SSDEEP:
MD5:	B90A942DF0FDA663A28DFED65BE0615B
SHA1:	AF5D87A8C74802C1218BEEB9369213B0E21A3AE2
SHA-256:	5EB5D1416396B80E9BA4AF4665B0D9BFDB8800F537366483D31B78FC402A0D21
SHA-512:	D34D3D0E7FAE937B7C1F856CDF86122A7C457761D337FB2D70A1EC33D24E16BD916E0A74ADC15E66BE1520B96CA64C46C6042FCE564C184FA092397B4D61112D
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....ytE....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IKY.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VKY.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VKY.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VKY.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VKY.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............2"......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 11 12:55:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.994081069807847
Encrypted:	false
SSDEEP:
MD5:	6827AA9DB784797505557EA454839488
SHA1:	052BFE2AF6BD5C54074AEE4FE1EFE2E0CC01F5B7
SHA-256:	F1A6A261DE681FB142D1E69BD2D5C667A733D55E04385206D5AAA6A2DDA9F767
SHA-512:	0F044708C14C084222BCD2C662A14234F59344FF71DDE50917CA744A48EC530964BF1A0EC25A8DCC4BDB0A988468CB71354C31A893572130B128EAF3ADE62CDB
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......`E....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IKY.n....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VKY.n....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VKY.n....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VKY.n..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VKY.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............2"......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (2860), with no line terminators
Category:	downloaded
Size (bytes):	2860
Entropy (8bit):	5.30195524885642
Encrypted:	false
SSDEEP:
MD5:	8E3BE7DAE6C5E2D5C67DFDA1CAB25AF2
SHA1:	751092747FA4A224BDC570D7481F4D232F5FFB5C
SHA-256:	C8B1CA980A59249FF4759C5775A54DF67A2C74493F26FBBFAE9BA6B14EECE9E0
SHA-512:	7C0F936BD0196183B340FB7EED4E17984C979DAE4D988B43D0E12E227C63C55F087E4E3C053442A9AF4BFD5D89C0D076533450F95621559B1DEF7D623BD09D2E
Malicious:	false
Reputation:	unknown
URL:	https://www.scare.me/
Preview:	<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/images/branding/scare_icon.png"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="apple-mobile-web-app-title" content="Scare"><meta name="application-name" content="Scare"><meta name="msapplication-TileColor" content="#da532c"><meta name="theme-color" content="#ffffff"><meta name="description" content="A Screaming Horror Service to Scare.Me"/><link rel="apple-touch-icon" sizes="180x180" href="/images/branding/scare_icon.png"><link rel="icon" type="image/png" sizes="32x32" href="/images/branding/scare_icon.png"><link rel="icon" type="image/png" sizes="16x16" href="/images/branding/scare_icon.png"><link rel="manifest" href="/manifest.json"/><link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5"><link rel="preconnect" href="https://fonts.gstatic.com"><link href="https://fonts.googleapis.com/css2?family=Arimo:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,7

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	229204
Entropy (8bit):	5.609565574736805
Encrypted:	false
SSDEEP:
MD5:	33198D56C285081628DAE479A5B29902
SHA1:	37227CAD93B737ED09B3DB0E5098A32E09AE745F
SHA-256:	EF4684DD59F20C4ED0D4123A567DB3E2979274485545B4DC37563537AE5E3361
SHA-512:	02633A8B1FEADA9166661C781E1C8B44DF412243115F17E3E44AE51767693AEFCEEBF2AB45C2D47376BEEA0C5BE857E5F52333C0DA0DD81A80403A4BB36387BA
Malicious:	false
Reputation:	unknown
Preview:	(this.webpackJsonpscare=this.webpackJsonpscare\|\|[]).push([[0],{166:function(e,t){},179:function(e,t,n){"use strict";n.r(t);var o=n(3),i=n.n(o),s=n(43),r=n.n(s),a=(n(112),n(9)),l=n(33),c=n(19),d=n(36),A=n(4),v=n(7),j=n(6),m=j.b.div.withConfig({displayName:"feature__Inner",componentId:"sc-7r3omc-0"})(["display:flex;align-items:center;justify-content:space-between;flex-direction:",";max-width:68rem;margin:auto;padding:5rem 2rem;text-align:center;@media (max-width:1000px){flex-direction:column;padding:2rem;}"],(function(e){return e.direction})),u=j.b.div.withConfig({displayName:"feature__Container",componentId:"sc-7r3omc-1"})([""]),p=j.b.div.withConfig({displayName:"feature__Item",componentId:"sc-7r3omc-2"})(["display:flex;border-bottom:0.5rem solid #222;color:#fff;"]),b=j.b.div.withConfig({displayName:"feature__Panel",componentId:"sc-7r3omc-3"})(["width:50%;@media (max-width:1000px){width:100%;}"]),h=j.b.h1.withConfig({displayName:"feature__Title",componentId:"sc-7r3omc-4"})([""]),f=j.b.h

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 20040, version 1.0
Category:	downloaded
Size (bytes):	10284
Entropy (8bit):	7.975248682531697
Encrypted:	false
SSDEEP:
MD5:	469EAAA01299C1F212BCA76E00ABD2E6
SHA1:	749195D8A040F5A963DDCD4BA66CFFB662C5818B
SHA-256:	1E22E5CA1E8049A54AD941B20982E0567E62A32820C4CED13A5EDFB3AB2768C2
SHA-512:	7226DFEFCF6B6F9C8E8BAE6C97414EC433311DF69E8A3D1668E4A90AC9CF0B42BC714C17F27034F1649EB4AE1E1C1586D4B12C5F0A812309ED6FB5C197258EB7
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Preview:	wOF2......NH.......D..M..............................p..>?HVAR...`?STATV.../8....,....f.0.z.6.$..H. .....+...wx...'.v...5....6..0.u.....d..+.........e...P...y'.....MX. 8. ...X.n..d::...mN\|9(......qY.44x.....t..\|.16..&.....'.A..<....."..,.i.._.r.....A..y..3..`\|.8.U`...Q.Z...T...FdU5..e....v.NFw..:.C......MN....y.....A...9.Um..m.fQL,..?.....D...US&.zo.....:.....3..].o.`..)$.G..x.3.S;.$...NX..8.X>.-,..>..O]...e) .\|..{.I.T)/..?~lB\.B.....F...;-..Jo@H.E}Uu.UF..!.`...(..;.....s.........8...Nb.K.~..\hd......C........Z6On.A..}...hz..h....Q.6q:....$$!.@. 5hn....V...FMd.....r..eJ..s...?....n.yr. .K..L.t..L....P.....].c.VSt.../...P...@.....#....C>\~.F.....(!(.@J...u....@n..Dm..,.i<..NjrRO.&rfS...o[{...N...\|^...%a..........3.W.....$....Y....r.AJg..d......q.5......p...b=.-..'.7Ig....)..rH).e{.._...t....:A....8..v......(7.n.....\.Q..S5..S......t.6q.@.,c.....0.0..C;.7......i.k^.P.(q.+..>Q*....P.g..9 @.d.........#..".....yg![oe}$f=.........7.8.8..c.z..tzU......)rT4

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 27 x 61, 16-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	1348
Entropy (8bit):	7.770669843628846
Encrypted:	false
SSDEEP:
MD5:	B70C5CF4CF553E89487241D176CC7E9E
SHA1:	3D66DDA610D708C4161E7DC51133CD22934C84EE
SHA-256:	325DC82A84043860A5310D5950CA6D4341D005A9D81F1A95211618C1E744A71B
SHA-512:	141BD7F67AA1DC175A2071DB912FF8A6826BF2A42B37F0AB5C44C15AE8169BD6758C555CD808456059F3E5858052E21ED50C0A76F521DB40251EC477B5B348EB
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.......=........=....bKGD.......X......IDATh..[HTA.......].2.(..\|....W......T(.....EEED..T`DAbw...T.4+.....V.-X.=\|.c...93sv.......9.......v..I%...\...3..9..x@.........s..q.\|.F.E.1c.g......Zq..[.........z.x{.....N.jC.M`k+X]m.>...../^.'Nt.a3.v.......mc..`MMx..i.v.....0.c.../^.11....m..2..>....a.:z...50.l..jU..jO.. ...cyyj.....9~1......_..77..t}..K0=]..w.......k.%$.mm .I..@...{bs..........@.(gM3f.fl.d.........3...<.^............{W...(.S.pi.n.....F..W...g.1j.^..1f..r.1f.:s..>...c.".a7....};...d..j.tg.Q{....flpPM..7..Xw7...$....5K.B.....u.Y..<.....:U..?...}...p..g.q8.x......j.4.d.p..g.r...K..k...~5.&'........G.... ....Kj.@........\|....]........{ ....j...M^.].@U.........J0J.D......G..)S.5Jq..m....+-v..p.FP.n....f..H.1...p.r....\...y.4....]..`5.......Z.E7%............d.)/7..-xp....^p.~..5.[W#.r......;..j*.....MK..>Tk....I.ot."3..........9..\|n.....c..~...-...BPU...70F.8.:=..?.r.VV..&...A.i/1......gH...\..Yc\|E..+g....11

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 1932345
Category:	downloaded
Size (bytes):	527170
Entropy (8bit):	7.9992511835256
Encrypted:	true
SSDEEP:
MD5:	E83C9ED130C33147F0508BFF8A1990ED
SHA1:	91E53BBB70AFA4AFC47F874AC0F47B0AB0A0DE31
SHA-256:	88AC94E753A429217E61053A58CED1DB7914C5B5E55225F1FD07F32109336AF8
SHA-512:	151A4BA5AFFADFFF401970A970060BE39A80DB3124495D72CBC149E5374251DCBA13B18DDDEA115B2E74D15788AE84D7D8384E9332A72CCC07CDBE654D342781
Malicious:	false
Reputation:	unknown
URL:	http://scare.me/static/js/2.660b81c6.chunk.js
Preview:	............[.H.0...+..."....#DF.!..0.@......+.6.`K.I....o.U...dHfw.s...y&Xj.guuuUuU....8.M...RV..Q.L.,...l..HJ.........`.1.....i...a....d........q.g....4.f. H._..X\...l.....v.....j37s#..c.Y..2..5.;s.1.3..b_2..S.U1.1a.<.j...r.i..D..c#c..2[`d..A......YgA.L+..\|S... .......a...#.....3..;6....#z.F.0...?2./.8.........Y.L.....+.M.l.le....I.<T7..{e..DT....C4.....8b.v...}....\|a.Zp...t6..?......qn...O..mE.#6....OM......w.w!...g.....v...1....I-.u.#.....HY.1..8{....b..+......2..,..,...G....XCe...ba~..jc..:E...-.ds.q...G...%.Cc.L&6R..u.]F}?.?....Yw-.#.i..c...l}=.O&..d.$..E.v..{I......5AKk.PkV..hnt..n....Y-..b..2..N.....r. ...k.\|.L....G.cI.z..0..Z..H....^G........c9.........[n....\|.,mLXt..;.~..uGf.i..\|......OW......@@.t..l6y...U5.....$.....M..a_...&...d.}9.....E.I.g.....p.`..9...aD37,.?..^..w....7.h*...;.~"A..x.n!l.g.A.D-.i/..%.....a)>.x....@....). ....n\.u7....n..lL.+.t..A....i9z...9...w.F.H..........$......#g?....F...........S.F..8..

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=479, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=301], progressive, precision 8, 301x479, components 3
Category:	dropped
Size (bytes):	100478
Entropy (8bit):	7.908350865668682
Encrypted:	false
SSDEEP:
MD5:	7B2EE0F82101E3FE7D7292B23D19C2AB
SHA1:	D7F88EB8E9CE28BF3C73A92B6C3AC363B6E12BC6
SHA-256:	FD7DFF93AEA7D01717B6E167D560534F621C233A05CFB266D6F373FA37FBA646
SHA-512:	27BC683488FA49514BE8F277A1547B86C09C38C7439CC0E568048F2C74E977F5DE72D79BBD84F38C17B3A3434B443530F88D90E425B3991A3246E8A555729016
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*...............-.......................................................................................(...........1.....!.....2..........i.............$............'.......'.Adobe Photoshop 21.1 (Macintosh).2021:06:06 22:19:31..............0231.......................-...........................................r...........z.(.........................................H.......H..........Adobe_CM......Adobe.d...................................................................................................................................................e.."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..I%)$.IJI$.R.I$...I%)$.IJI$.S......sn!.......`..............j.....s..e

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 229204
Category:	dropped
Size (bytes):	53633
Entropy (8bit):	7.994276907049963
Encrypted:	true
SSDEEP:
MD5:	64A821BEF64AF22CDBB2FBED19C130D2
SHA1:	A779DFF292C99108BBEAC3C92025B4F32834D5FE
SHA-256:	9E5A97C60F683B813B098BE528B80075BB2F87A5ADB30DC89694A1430C4A2C9B
SHA-512:	FB440F562E358C959186BF2BC2C00FD87AF7191FF7C7276D3EEB012745494B88407C2BC133BD3A912EA53BF1B76834DD39CD3ABC263F0F76B53F9A60BE13CC80
Malicious:	false
Reputation:	unknown
Preview:	...........}.{..._Q8s<. .^.a\|..$^b.....A"......Uu....-...w..f2.H.R]]]][W....Fg.w...5q..c4.....M-N..0..k..T..l..V.3m+oh......v".4K}.M]Cq=..z.]...=uw.;...UU3.V.....s.^8.jz3o...Y..U.FX..t..j=\|.T..VT..\|l..=\|..q..)..Yqnz.....S.t'#}q...F.o...1...,.prZ..Ol...^#.v.[N..w......cU......U0=c.6.P.pv.g........p.}F.cxs.v.V.g:.AM#..v..can..acs.1....L..O={w..z.5h......z.W ..........).J.....k..c+h.4......R...pa)F1...(...E....4L.)&s.Tm......mV.......:....F.H...#....R...Bl..~....tV..J........F...9....s.jC.........R.j!....J.6......wi.u.r..07...1..c.dd..]..(....Tm@.2.,3?...nRx"....BF......B..........F.........v.}.>>D...].E).....yM....&..4.y....YQW.[..].............4.......v.{.O~?.h....2.K.Jy....b.r.<G.@..w!.w......C.4:....t?Y.{..W.._..g...^...I..u....jP.%P..".\..i....a..........q.<..20z..5u3+W..t4....].......:[u...3..(u.7..k.._.B.b=.?.P'..*.L.A..<.c...o.e...q....5..!......c...O8.J.........>$.=.\.$7&h.v.._I.U.N0.7d..r....t&.D....

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=640], progressive, precision 8, 640x480, components 3
Category:	downloaded
Size (bytes):	179016
Entropy (8bit):	7.9512816528706765
Encrypted:	false
SSDEEP:
MD5:	193C9A7AF024FB5427CB55E768AB51E0
SHA1:	B4C50D30B9C9BF7F80DAD2066B8611E0067B6914
SHA-256:	74532D6C42455AEA0FD5D917982F3245C22A066CE8F42AE0257F22223F5DF854
SHA-512:	E7FDF91241D425AD5C3EB7B833A816723A37F5C62E1693A13931F91CA7255F94DBF3C15801E187F2DE256165796CF43C78E516A7A275AAECF61DF07162934134
Malicious:	false
Reputation:	unknown
URL:	https://www.scare.me/images/misc/home-imac.jpg
Preview:	.....WExif..MM.*.......................................................................................................(...........1.....!.....2..........i.............$............'.......'.Adobe Photoshop 21.1 (Macintosh).2021:06:06 23:06:49..............0231...................................................................r...........z.(.........................................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................x...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..I%)8c..&.zWM.....o.....h..~..IN......%......u.8c..Z.........p..z

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1843)
Category:	downloaded
Size (bytes):	1892
Entropy (8bit):	4.979785703031889
Encrypted:	false
SSDEEP:
MD5:	7F1B6EF037F9DFB914322DB4DD473480
SHA1:	10405D6810B10143041BC12567B194B7C8DEF320
SHA-256:	99CDF7734B9BAEC74E3C53BDDFDA3C002DED5FC082BF6E8851CB6261C8B8C307
SHA-512:	44ADDB29A149C3F26415D3F607819D0E0290835E1810E764B358E1BE44E3F6DDC85AABD63759AF39620AF1B7A293CA51A1C982F4FBD75F9E6CB50764E49AEE58
Malicious:	false
Reputation:	unknown
URL:	https://www.scare.me/static/css/2.679831fc.chunk.css
Preview:	/! normalize.css v8.0.1 \| MIT License \| github.com/necolas/normalize.css /html{line-height:1.15;-webkit-text-size-adjust:100%}body{margin:0}main{display:block}h1{font-size:2em;margin:.67em 0}hr{box-sizing:content-box;height:0;overflow:visible}pre{font-family:monospace,monospace;font-size:1em}a{background-color:transparent}abbr[title]{border-bottom:none;text-decoration:underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace,monospace;font-size:1em}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{font-family:inherit;font-size:100%;line-height:1.15;margin:0}button,input{overflow:visible}button,select{text-transform:none}[type=button],[type=reset],[type=submit],button{-webkit-appearance:button}[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[ty

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=434, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=640], progressive, precision 8, 640x434, components 3
Category:	dropped
Size (bytes):	137485
Entropy (8bit):	7.9342598804180575
Encrypted:	false
SSDEEP:
MD5:	913D5EF8B39F7855B9A2BB59293DB2E9
SHA1:	AB40569016B31A13294B265F4DA7CE82EEA7E6C6
SHA-256:	F3526C4E7CED7AD724AE242ED6B8AD09E7D27857D20AC7C255657633597A0A6A
SHA-512:	99A1AF94A394BCBFEC90DFFED016C0589A01D42776D161656B41E6E6D6AE393331AFB9EBF39D0C50C8E394D7F9F55F8C8AC36B285CAFE41BC8A068B803563C2A
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*.......................................................................................................(...........1.....!.....2..........i.............$............'.......'.Adobe Photoshop 21.1 (Macintosh).2021:06:06 22:14:35..............0231...................................................................r...........z.(.................................e.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................m...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..I%)$\|lV..9...KZ$.Iv..........s.o....J.h..jKr..y.X.u{.... C.f..eXo.>..

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 625 x 225, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	20096
Entropy (8bit):	7.970002553199309
Encrypted:	false
SSDEEP:
MD5:	098DC8A7E75EF73B2D006561CEA85039
SHA1:	646E38895B0DC631E04261002445A03B42D9B2B0
SHA-256:	238FEFB0207F880EBD3EDE83E84C19C9D3E951E68D6373B248FC88CC3826C158
SHA-512:	50450FB4C71ABAC89CCCEEF6EFC38B8AE7DA0E57D7CF3C9D2215D7C24B2CECE5C20014D187E4C574D2611C7CA3F54560ADF933F5C376A39DBFA3C2992A378CC5
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...q..........t.R.. .IDATx.....U...5..^I.BH..........."......X.+..D... E.RBo.BBzH.IhI ..~..lx..NN....3..<..!...3....+C%x.s.R.$.I....h...FD;..:"ZLD/..&"j..@..A0...wv8S..}A..D.....ND...zo..&.. .D.8A...D....KD...EDt9.=!. ..`.....Qg":..~JDSC..D.."z\. ...I.pj..q!..!.K....b/"...NN.M..A..#.T!.L"...............4.. ...O..V.%..b.p9z..;J.&A....b..iCy..$.......Z. ...D.. .&.#NH.'..u...d..u..J..A.F.8!M..oY'.k.4..S..[..A.t.KaC-DW{.Q_"..oJ=.;...fW..q..I.OD....""z.zr..6r.hT..v+.5.Q..i..5......Q.<.. ..q.S...D4......(.........D.......B..p.A...j.q!...C.E.}9.m....qS....-..S...D....A..F..{k.>A..F\.....&..A.+,+..ODt?..l.B.k.!...B=....d...a......K...0.^.'R....Ly...^. ......u...>JD.`............v%...T.W...\[.... .2..9.......R ...m"zM.v. ..q.;..~@D{0..>"..D4...[.$..#t_.b.<.....=HSp.e..E...D....F.. ...G1#.......:.9f ..+...h....Gx..CH.&....2....]./......s..... 8.mO.J8.\.j~..a..C...&.'Qi..S.m...=..G.*R...nv....A..k..3..J.xL..I...;WB\.>.9h.).$.9.+

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1125, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1125, components 3
Category:	downloaded
Size (bytes):	729308
Entropy (8bit):	7.978328603148224
Encrypted:	false
SSDEEP:
MD5:	F2775AADB3C6B70E08FC76DC620E7D52
SHA1:	4F7EBACAE8F1B1E70D2BA54441A89EBC7F3F3361
SHA-256:	28B4B8792F251F2FB13E56DC94866131D5428919858916BE5F82C6A3262BE9C5
SHA-512:	78C9496032F719AA181224C4C50BEF8851703F75EDB11EA56D97767E48FA894A5BBE28F36A2011B4E55E56C82C2D13B3F3499AA6195E5F1375E1E6EEF914B203
Malicious:	false
Reputation:	unknown
URL:	http://scare.me/images/misc/Home_Banner.jpg
Preview:	......Exif..MM.*...........................e...........................................................................(...........1.....!.....2..........i.............$............'.......'.Adobe Photoshop 21.1 (Macintosh).2021:06:06 19:09:02..............0231..................................e...............................r...........z.(.................................].......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................Z...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?......Z.......q.....;.cl....c?.=O4..>.=..F.x/?C...noNv.^..Ak...nw..v

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	3.950212064914748
Encrypted:	false
SSDEEP:
MD5:	C3F64CB2A8B00CBBC30CE2908208A29D
SHA1:	E4AA7CAB67F4CF5FA52371DDC25A75AAFD4D0CCC
SHA-256:	391601283994BCD9486160BF8A5637410D280E1BDDD3AEF5428454976E193E81
SHA-512:	6CCBC26128FE65D6D313B965DA3D2E201D506442D0036404ABB490BE0FC99B3A0FDB611269B932DBA7F3A621E11F79ED213D2B11D487EE39C54A17D97A823552
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwmmedvwRJwPHRIFDZFhlU4SBQ2RYZVO?alt=proto
Preview:	ChIKBw2RYZVOGgAKBw2RYZVOGgA=

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=479, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=301], progressive, precision 8, 301x479, components 3
Category:	downloaded
Size (bytes):	40880
Entropy (8bit):	7.700600181093599
Encrypted:	false
SSDEEP:
MD5:	121ADB58CE9BDC68784ABB72C3946181
SHA1:	DD44BD5940B4DE6C31117C427B03950EEA55FEAA
SHA-256:	73A8E43DF0E74440D63D4D31DE15BE4596F169D7525DDBD7665918B64239D5D4
SHA-512:	CB6F99E1D682EBDC89EDAEEF1BB3E39AE045AFEDFDD600035534035E5CF744259BC05967E5938120A448D0BA376587F367E28B4725F88B38E3EF201C6C903C42
Malicious:	false
Reputation:	unknown
URL:	http://scare.me/images/misc/home-mobile.jpg
Preview:	......Exif..MM.*...............-.......................................................................................(...........1.....!.....2..........i.............$............'.......'.Adobe Photoshop 21.1 (Macintosh).2021:06:06 22:19:31..............0231.......................-...........................................r...........z.(.........................................H.......H..........Adobe_CM......Adobe.d...................................................................................................................................................e.."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..I%)$.IJI$.R.I$...I%)$.IJI$.S......sn!.......`..............j.....s..e

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 1892
Category:	downloaded
Size (bytes):	820
Entropy (8bit):	7.728123801206354
Encrypted:	false
SSDEEP:
MD5:	388BC91EA7F11061A3809C1927C7F1C0
SHA1:	837C90D39ED36F38ACB38185DE06DBFC810DFC45
SHA-256:	1CFBCB36A203026FDFB614FA07E49C097C237CD6FF8194755EE26B7287242C4A
SHA-512:	7420D925F22EA24808E8E68761D773A6170E493870EC5EBB25AA38F4899EAA32BD2FABD522E9D62D83C674C35B79AEE184F31B32FD636D2821E3EF0980F8948E
Malicious:	false
Reputation:	unknown
URL:	http://scare.me/static/css/2.679831fc.chunk.css
Preview:	...........UK..0...+...U.....#......cO.S.d;......l...q.j....qVWo.c.fJ.....<.g.l..I.}..\|..L.<U2.M.q.W..U,..qW.:j.i.. .:.M........$.>...._M@.z..+.8...J...4...28...P.o.z.....t>9g.w..uW.....,ME9..z.U>.X...\|..>. ....0&-...@.568.!....E7.;...o+o.#.vo=...t.X.cE...........A.VSc..C....Y..PL....r8.<..y@\N19tE.........V.[..t[.40..........`......O._...9 .......B..)....-X.>...N."..M_.sG......C..`.iW4.aRi\.S.b.K1%...Bf.Wij.2....._.vV.i....&.X....$Q.V.........1.O.....;..O.K{..s....@G.2..D.....D..~...y.v.>&~mx=..1!.E[.......t.vD..8AY...=Mt........{WJP.+.Gp...M........T`..S1..>..........j......2...j...+C....[a..$.Y...X..4J^..".YLH.x..K.L...=.......4dR..G.......Z@=...B.....$b........5....\.a..cJ..4NY&..f..#...../>,....V.S....Z....x@S..g..fu.......aed..................f........Gd...

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 192 x 192, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	937
Entropy (8bit):	7.417151977225366
Encrypted:	false
SSDEEP:
MD5:	964FB6E004654A3E21E1AFC7481FC075
SHA1:	BEEB04E064D73D89BE16BE7D85B12723C31AA4F8
SHA-256:	335453ACB79D462F303EEE7AA274C21E8CAA78102223A675A55FE8339950984D
SHA-512:	BE04E65BB4C87BA3A07B8A43100E34D3FFA26C7759EFEAB3E5BCDB7DD6FAA70141C7BDDB3809B27CE5C36DA735EF3B975C698068241D427E71CF5BBB9AFC88AF
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............q4....gAMA......a.....sRGB........$PLTELiq..................................:W.....tRNS...MB.0e...[.'....IDATx....K.Q....5...%..-..K..s.b.k4.K.,.@..TzhO...o.&..".Z%...!y.\CZ.....\|....O.owg.!.'%%%%5.Uy=..._F\.s=.....~....^..P@k.(b....,.u....Y...%.....h`1.....d.@'...9...~..T....T.....~...n.8.~..Z...Pb....../....n.......E.'.7G...?.n..@./.8%.E..........ZL...@.Q..xp`..l...... .....@...S.l.;;.N..mlwM.....tvM.0.@g4.]....5]\|.`.1...."...{....T......'..q....p.....:......%HH...Q%.....&.r..,..\|.N....g..p...{I..k...=(0p....._......>E?.....z)........nK(..H..t.Skj.$*q.....^....N.u..m..=...Pa....-.K.b..r.....Q..........4..4xN..7.t....3\c.UV...H..I..F}.H..kB......X..E.........M..U...@....@....@..n...B...................<Spj.f../t...\...$v,..4....]...p#V.N....;JIIII..o?z........WzTXtRaw profile type iptc..x.....qV((.O..I.R..#..c..#.K.... D.4.d.#.T ...........H.J.....t.B5.....IEND.B`.

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65462)
Category:	downloaded
Size (bytes):	1932345
Entropy (8bit):	5.282879190489236
Encrypted:	false
SSDEEP:
MD5:	478ED86510B51B36EF4E1A79D3F64C3A
SHA1:	B5364E3BB6C089EF1B34413623D5409C7BFD13DF
SHA-256:	A836D73283CCB63AF2573B6F2A86771804BD73EB64D48B78916C4F81F4DBCE15
SHA-512:	3785B04622C3A92584CA5B7F0CD117D341131264E3601CD2506C1ACD978FD30EA13FAB07B83C6FF0A20629520E82DCA93F679D209AF88FF6310B68AF33B1EF82
Malicious:	false
Reputation:	unknown
URL:	https://www.scare.me/static/js/2.660b81c6.chunk.js
Preview:	/! For license information please see 2.660b81c6.chunk.js.LICENSE.txt /.(this.webpackJsonpscare=this.webpackJsonpscare\|\|[]).push([[2],[function(e,t,n){"use strict";n.r(t),n.d(t,"__extends",(function(){return i})),n.d(t,"__assign",(function(){return o})),n.d(t,"__rest",(function(){return a})),n.d(t,"__decorate",(function(){return s})),n.d(t,"__param",(function(){return u})),n.d(t,"__metadata",(function(){return c})),n.d(t,"__awaiter",(function(){return l})),n.d(t,"__generator",(function(){return h})),n.d(t,"__createBinding",(function(){return f})),n.d(t,"__exportStar",(function(){return d})),n.d(t,"__values",(function(){return p})),n.d(t,"__read",(function(){return m})),n.d(t,"__spread",(function(){return g})),n.d(t,"__spreadArrays",(function(){return y})),n.d(t,"__spreadArray",(function(){return v})),n.d(t,"__await",(function(){return b})),n.d(t,"__asyncGenerator",(function(){return _})),n.d(t,"__asyncDelegator",(function(){return w})),n.d(t,"__asyncValues",(function(){return T})),n.

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 20040, version 1.0
Category:	downloaded
Size (bytes):	20040
Entropy (8bit):	7.988990656521094
Encrypted:	false
SSDEEP:
MD5:	A61C670A24D6794A95A9712F0D12B656
SHA1:	C9B3114B27790109EC51508F51F1A033CCFE0812
SHA-256:	A4F5230D39A7A21971FE62CCDE2443345638D2BEAA369B752820390A687B91B6
SHA-512:	2D546BA3334476E0E3607AEC60B7FAEC310DF853866DB8ECFFD79136AAAB58860696797E193DBF531AB7E79EE10FCB8EE72B344C7D83E4553EF1A8BD4462D6C0
Malicious:	false
Reputation:	unknown
URL:	https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Preview:	wOF2......NH.......D..M..............................p..>?HVAR...`?STATV.../8....,....f.0.z.6.$..H. .....+...wx...'.v...5....6..0.u.....d..+.........e...P...y'.....MX. 8. ...X.n..d::...mN\|9(......qY.44x.....t..\|.16..&.....'.A..<....."..,.i.._.r.....A..y..3..`\|.8.U`...Q.Z...T...FdU5..e....v.NFw..:.C......MN....y.....A...9.Um..m.fQL,..?.....D...US&.zo.....:.....3..].o.`..)$.G..x.3.S;.$...NX..8.X>.-,..>..O]...e) .\|..{.I.T)/..?~lB\.B.....F...;-..Jo@H.E}Uu.UF..!.`...(..;.....s.........8...Nb.K.~..\hd......C........Z6On.A..}...hz..h....Q.6q:....$$!.@. 5hn....V...FMd.....r..eJ..s...?....n.yr. .K..L.t..L....P.....].c.VSt.../...P...@.....#....C>\~.F.....(!(.@J...u....@n..Dm..,.i<..NjrRO.&rfS...o[{...N...\|^...%a..........3.W.....$....Y....r.AJg..d......q.5......p...b=.-..'.7Ig....)..rH).e{.._...t....:A....8..v......(7.n.....\.Q..S5..S......t.6q.@.,c.....0.0..C;.7......i.k^.P.(q.+..>Q*....P.g..9 @.d.........#..".....yg![oe}$f=.........7.8.8..c.z..tzU......)rT4

Chrome Cache Entry: 91

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1125, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1125, components 3
Category:	downloaded
Size (bytes):	1523316
Entropy (8bit):	7.9850584579336905
Encrypted:	false
SSDEEP:
MD5:	3FB72CDB263F88244466302884EAB20F
SHA1:	7FD07FFBB6FD6834D3DDE361A4AB983B6DF4C986
SHA-256:	5B95C1763906B7FC24289D9D0C615F47D1C29B0D1AB7154E40235306C1B818C1
SHA-512:	E4F6AC073F62529C3A55304DD28358BFC95DCF2CF194832BE382947C885E088CD44DA30D97413521971BD032203B6A24C8954FD32218271AB823A5FC6F369962
Malicious:	false
Reputation:	unknown
URL:	https://www.scare.me/images/misc/Home_Banner.jpg
Preview:	......Exif..MM.*...........................e...........................................................................(...........1.....!.....2..........i.............$............'.......'.Adobe Photoshop 21.1 (Macintosh).2021:06:06 19:09:02..............0231..................................e...............................r...........z.(.................................].......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................Z...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?......Z.......q.....;.cl....c?.=O4..>.=..F.x/?C...noNv.^..Ak...nw..v

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=640], progressive, precision 8, 640x480, components 3
Category:	downloaded
Size (bytes):	40772
Entropy (8bit):	7.670481249066534
Encrypted:	false
SSDEEP:
MD5:	EED3EEF1843D1DE16ED6CCC2E267338F
SHA1:	7A99BB1C706AC0FD393E50C4EFAFA381C7FA198B
SHA-256:	4B4D93CF4A8BC6068151D507A457CEE08EE1873F42284EFF0CEA149D1CAB9E50
SHA-512:	236EC3A9AC6D5495831DDC67BCC6EE34B4ECD300BB3E9C141AF040289699AF4A716D1194C34BE1E4E3678587B6B93BFD4E10BAED25DEC1BCBAB20A458B478715
Malicious:	false
Reputation:	unknown
URL:	http://scare.me/images/misc/home-imac.jpg
Preview:	.....WExif..MM.*.......................................................................................................(...........1.....!.....2..........i.............$............'.......'.Adobe Photoshop 21.1 (Macintosh).2021:06:06 23:06:49..............0231...................................................................r...........z.(.........................................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................x...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..I%)8c..&.zWM.....o.....h..~..IN......%......u.8c..Z.........p..z

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	20700
Entropy (8bit):	5.423039009039121
Encrypted:	false
SSDEEP:
MD5:	D3B37B27DA986B575A4B90BC4F873EB5
SHA1:	FEBC777F50553A666DB53CA00BB1590CC0E86166
SHA-256:	06584FCC763C562A4FB53C7B44991101BB615F5C29EDA64D33FE71F101DC5E3D
SHA-512:	A397B152BA69E88198F8ED1938D85718AE587A3E298238A47091AB33CB367F66F4B5EC147300DEE1D19E536C557BF1BF2BC111A3D4179C078760E9F53747AC10
Malicious:	false
Reputation:	unknown
URL:	"https://fonts.googleapis.com/css2?family=Arimo:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Arimo';. font-style: italic;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9C5kiK-u.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Arimo';. font-style: italic;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9CdkiK-u.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Arimo';. font-style: italic;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/arimo/v29/P5sCzZCDf9_T_10c9C9kiK-u.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Arimo';. font-style: italic;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/ari

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 2860
Category:	downloaded
Size (bytes):	1307
Entropy (8bit):	7.869592329496756
Encrypted:	false
SSDEEP:
MD5:	014D766EE1398F18AE8DF36FE75996D9
SHA1:	E495B76F1372E55472EC9491926F200ADD5C456A
SHA-256:	A4793CDEC1C19304A48E13443E5A30341497BCD90B1F9BB96E2C0E8161EF652E
SHA-512:	8AD4BAFEB8C9B86A73C4573CBB15CA67977D362522F86C18585A428F788F81130C5AEDBA75956F43DE63267C5F6DD9A7368D3139F140ECBE369AD62C9F023478
Malicious:	false
Reputation:	unknown
URL:	http://scare.me/
Preview:	...........Vmo.6..+....JS...m...e(Pt@.e0...N....H.....(.5M.bX.H.....=.........r....g .Z..T.{........ca...u...P....B.k..........l.4\.B.R.s...m...vx........6....B.GQ.... r.v.".p..!BI`....4...^.\|=.r....N...."..N.....^...=...w...6'F?...b.....j../U...\.....x..._.....1.....m.[0>9..A.(...\|..q..a....eav=z....{.}....^c.\|1~.......Sv._`k.D...l..zg...\....J...1l.RP.._R... .H..r....... ?.X9..I..H..+.pr..zo....+....k....%r/..W#j=..K../#.~4...e.....u.g.<.....\|..#o..i...l.......3..~{.i...J.......Y..U...(\|.4...R...}}....@....A........V...6.B...`8+.C ....;x...v...U..xbH6.u`b.;m..n.E$...G.R.+[....4lD,./..S.j.i..]"..7..ey....h.}.../.....0nM.-.X..D...E.Y...../K._........2.!.(..a....G.!.Q.cTS..4..V.tq.'S..5h;.....%..y.~.......2...f..1.F.8u....Ql0..eS>s{=...N../...cz^b.bT...UK.o....d..&cI-Z`r...e.v...h..&.-i='....R..Bg..._Sx.3.N{_..m...9.ddw8.l...7.2.....Zb.....d[Ik.D.a........./.......B...Nm....... ....m.-..vZ.a.z.".0_...n..R.(....[g..~.(z...u.r%[...

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	356
Entropy (8bit):	4.843428306866978
Encrypted:	false
SSDEEP:
MD5:	20311258AC4BAD70650D685DC0C52B61
SHA1:	740F729E63E4912E778D921E7D80640007E30CA1
SHA-256:	482067A696C68E2F84A8F0CA9AD25354D38A380DC0C62140846424CA3F9E90CC
SHA-512:	F409FEDD4EF8A567D8B76DB30C69BA83D42160E51BD8779977B1287F663974FDFD7559F920E87DD843264C188CBCBAE85C355CEFDB29F870B034A8F84A782B45
Malicious:	false
Reputation:	unknown
URL:	https://www.scare.me/manifest.json
Preview:	{.."name": "Scare",.."short_name": "Scare",.."icons": [...{...."src": "/android-chrome-192x192.png",...."sizes": "192x192",...."type": "image/png"...},...{...."src": "/android-chrome-256x256.png",...."sizes": "256x256",...."type": "image/png"...}..],.."start_url": ".",.."theme_color": "#000000",.."background_color": "#000000",.."display": "standalone".}.

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://scare.me

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 84

Chrome Cache Entry: 87

Chrome Cache Entry: 88

Chrome Cache Entry: 89

Chrome Cache Entry: 91

Chrome Cache Entry: 92

Chrome Cache Entry: 95

Chrome Cache Entry: 98

Chrome Cache Entry: 99

Static File Info

Windows Analysis Report
http://scare.me