Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9

Overview

General Information

Sample URL:https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9
Analysis ID:1541345

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Detected non-DNS traffic on DNS port
Stores files to the Windows start menu directory

Classification

  • System is w10x64_ra
  • chrome.exe (PID: 6232 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 6456 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=1912,i,12145924224827037070,7150069701810401989,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • chrome.exe (PID: 7132 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:61655 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:61665 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:61666 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:61667 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:61669 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.159.71:443 -> 192.168.2.17:61668 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.209.154:443 -> 192.168.2.17:61673 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.17:61650 -> 1.1.1.1:53
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: global trafficDNS traffic detected: DNS query: deltack-my.sharepoint.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49676 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49691 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61666
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61667
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61668
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61669
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61667 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61665
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61655 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61651 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49691
Source: unknownNetwork traffic detected: HTTP traffic on port 61666 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61670
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61671
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61672
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61673
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61675
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61665 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 61669 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61670 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61655
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61651
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownNetwork traffic detected: HTTP traffic on port 61668 -> 443
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:61655 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:61665 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:61666 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.17:61667 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:61669 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.159.71:443 -> 192.168.2.17:61668 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.209.154:443 -> 192.168.2.17:61673 version: TLS 1.2
Source: classification engineClassification label: clean1.win@22/19@6/130
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=1912,i,12145924224827037070,7150069701810401989,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=1912,i,12145924224827037070,7150069701810401989,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder
1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
dual-spo-0005.spo-msedge.net
13.107.136.10
truefalse
    unknown
    www.google.com
    216.58.206.36
    truefalse
      unknown
      deltack-my.sharepoint.com
      unknown
      unknownfalse
        unknown
        NameMaliciousAntivirus DetectionReputation
        https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9false
          unknown
          • No. of IPs < 25%
          • 25% < No. of IPs < 50%
          • 50% < No. of IPs < 75%
          • 75% < No. of IPs
          IPDomainCountryFlagASNASN NameMalicious
          142.250.185.99
          unknownUnited States
          15169GOOGLEUSfalse
          34.104.35.123
          unknownUnited States
          15169GOOGLEUSfalse
          1.1.1.1
          unknownAustralia
          13335CLOUDFLARENETUSfalse
          13.107.136.10
          dual-spo-0005.spo-msedge.netUnited States
          8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
          2.23.209.56
          unknownEuropean Union
          1273CWVodafoneGroupPLCEUfalse
          216.58.206.78
          unknownUnited States
          15169GOOGLEUSfalse
          2.23.209.29
          unknownEuropean Union
          1273CWVodafoneGroupPLCEUfalse
          216.58.206.36
          www.google.comUnited States
          15169GOOGLEUSfalse
          142.250.181.238
          unknownUnited States
          15169GOOGLEUSfalse
          64.233.167.84
          unknownUnited States
          15169GOOGLEUSfalse
          239.255.255.250
          unknownReserved
          unknownunknownfalse
          IP
          192.168.2.17
          192.168.2.5
          Joe Sandbox version:41.0.0 Charoite
          Analysis ID:1541345
          Start date and time:2024-10-24 17:59:38 +02:00
          Joe Sandbox product:CloudBasic
          Overall analysis duration:
          Hypervisor based Inspection enabled:false
          Report type:full
          Cookbook file name:defaultwindowsinteractivecookbook.jbs
          Sample URL:https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9
          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
          Number of analysed new started processes analysed:20
          Number of new started drivers analysed:0
          Number of existing processes analysed:0
          Number of existing drivers analysed:0
          Number of injected processes analysed:0
          Technologies:
          • EGA enabled
          Analysis Mode:stream
          Analysis stop reason:Timeout
          Detection:CLEAN
          Classification:clean1.win@22/19@6/130
          • Exclude process from analysis (whitelisted): TextInputHost.exe
          • Excluded IPs from analysis (whitelisted): 142.250.185.99, 142.250.181.238, 64.233.167.84, 34.104.35.123, 2.23.209.29, 2.23.209.11, 2.23.209.56, 2.23.209.46, 2.23.209.5, 2.23.209.53, 2.23.209.42, 2.23.209.27
          • Excluded domains from analysis (whitelisted): 193287-ipv4v6e.farm.dprodmgd105.sharepointonline.com.akadns.net, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net
          • Not all processes where analyzed, report is missing behavior information
          • VT rate limit hit for: https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9
          InputOutput
          URL: https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9 Model: claude-3-haiku-20240307
          ```json
          {
            "contains_trigger_text": true,
            "trigger_text": "Se ha quitado el acceso a este documento. Pngase en contacto con la persona que lo comparti con usted.",
            "prominent_button_name": "GO BACK TO SITE",
            "text_input_field_labels": "unknown",
            "pdf_icon_visible": false,
            "has_visible_captcha": false,
            "has_urgent_text": false,
            "has_visible_qrcode": false
          }
          URL: https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9 Model: claude-3-haiku-20240307
          ```json
          {
            "brands": []
          }
          URL: https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9 Model: claude-3-haiku-20240307
          ```json
          {
            "contains_trigger_text": true,
            "trigger_text": "Se ha quitado el acceso a este documento. Pngase en contacto con la persona que lo comparti con usted.",
            "prominent_button_name": "TECHNICAL DETAILS",
            "text_input_field_labels": "unknown",
            "pdf_icon_visible": false,
            "has_visible_captcha": false,
            "has_urgent_text": true,
            "has_visible_qrcode": false
          }
          URL: https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9 Model: claude-3-haiku-20240307
          ```json
          {
            "brands": []
          }
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:00:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2677
          Entropy (8bit):3.9923522097970556
          Encrypted:false
          SSDEEP:
          MD5:08ACA3F4AD5D0C86F3D8274AFBCE0613
          SHA1:8CB78A812979C993921EA4E35F2CA8F3AF41C791
          SHA-256:9A7143240EC8531E3C259EB2A16D1F946E7825085A90912C66E951E656DE4EF6
          SHA-512:473DE9C24F83E87D85010EB0B865EBA0D20A8E3A660314625491C57EFA2FE6161DB6F63F803A4074235DA32E30BF11223BB40B4DCF96386C025751685D403FD5
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,....a''.-&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXY{.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~G......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:00:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2679
          Entropy (8bit):4.008567362274843
          Encrypted:false
          SSDEEP:
          MD5:2F090069E86B2ADB031B8E4E94A73991
          SHA1:3FE385D71A210B097AFBC9FAA46F8BD31BB9BC55
          SHA-256:2160FA3FB6B07BF515DE8275DB023368448F604776E9FB11E77509DD877950C9
          SHA-512:110EFB427E62B4B75243B9DE7BEE68F54B678A7AE1661FD4EDEF0FBEC181B482104FBA4CCC1A08EA62F15813F97C34E976FB7368E35FAD2E0EAFC454735553D0
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,....c...-&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXY{.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~G......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2693
          Entropy (8bit):4.018659908988365
          Encrypted:false
          SSDEEP:
          MD5:5B89FBD67003367075D60F3BBDF4FF98
          SHA1:E12D1CE2C6E3CBF9C0303920971F8998A7B12D18
          SHA-256:E09E0D2786DC3E033607F930E5716000B81D3A579E499E02D7F22FB15A90D3E4
          SHA-512:C4435A6E0C61FDC6BAFCBB74ADD687606EC07FCFCDEE70ED476CB6425C2D34F28808184079750DFC700930847EC5423901BC47E958DEBF3FEC35AB0F21A23495
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXY{.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~G......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:00:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2681
          Entropy (8bit):4.007648263141608
          Encrypted:false
          SSDEEP:
          MD5:317C20BC4C68B7E1A5BFCF50F210761D
          SHA1:57293285EE528A4E6B7090222E42D2B136C3E7C7
          SHA-256:3DE5BC39850BBEC5A8B4F9FB0916C10DDDDDC5202CE0202A742AAD8D2C5C964F
          SHA-512:AA10420D13B0830DABE24A8D5CE613713BA66DBBCD66796E62763E1E0136A76D17021E96E3170DC86EF4073DBCBEBD32A61DDEBEBD06E78DE13AE9CD937A9394
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,........-&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXY{.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~G......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:00:11 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2681
          Entropy (8bit):3.999097698437852
          Encrypted:false
          SSDEEP:
          MD5:3B424A588A4D6AE127B9773A19AD67A2
          SHA1:165FFDD75B635B99F96AFD7EBF5146AE3D7E773C
          SHA-256:3BEA45369B669A05667DBB3CFAEA5A3C6C56A0C014150E45A1FBC74FB9F4AF37
          SHA-512:50C518770154A2BB16A7F56851ECF7847B689E284C363EDDC574ED3A7F7FD97C35B51D266AF2EF820AFCBC6ECBE0A9504A0E8952D325700273B861860A13E91E
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,.....[!.-&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXY{.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~G......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:00:10 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2683
          Entropy (8bit):4.002615176656694
          Encrypted:false
          SSDEEP:
          MD5:8E9A306602D604774B04C471742C9C3A
          SHA1:02553C82CA74D0EDC813EAC34774CB5582A56853
          SHA-256:25D17AC813C066CF6962B8734A220A6418A85B7D0853F8310847C330E5CCFBE0
          SHA-512:E795B79C879EC747108E332E8F4DD4C82F2F2182082964900A7910D83AEC612AC47A77E7C9E306185A3D892B7915958771C6B81B2AC374F02271074099A7D1A1
          Malicious:false
          Reputation:unknown
          Preview:L..................F.@.. ...$+.,........-&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IXY{.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VXY......M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VXY.............................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VXY.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~G......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 102804
          Category:downloaded
          Size (bytes):25609
          Entropy (8bit):7.992070293592458
          Encrypted:true
          SSDEEP:
          MD5:B62553925BD98826C60457D2EB6B9A46
          SHA1:84DBBB6D9B36A587C21B5A56B1D9E587E33BA943
          SHA-256:C58166FE4DF4BA8F25A960C21451EAF841D97F6F552F104E43431C9DB1C2E2CC
          SHA-512:7B6872144AE308224FF671A1EC63F040A40115888790CF6834AD85D517471CE5DAD3EC297EE751FB196B55118A181017151F7F06FCE0F2F26FF94E8EEC070033
          Malicious:false
          Reputation:unknown
          URL:https://deltack-my.sharepoint.com/ScriptResource.axd?d=O_wLqf9LCnycbE1_IXwMYFnVC82_gAd7OLY-uP1vd-nKbv_GR52LQzybn_TAkM7pz9Xeu6GDRTxdI6TSw8XbX9zra4c8QdUppRfygHB12_3dETvfeK5us9RrLkO7KpGMYHFKwdQHj-Pwvedy0i0QFH6iWOMZ70BTmDbdOdkqgziPoujgHqn8hm-Pl9OY1mcf0&t=ffffffffb201fd3f
          Preview:............r.I.(.>f..d..B6. )U/.(....mGRuw.... I..B..X...<.O..p}.=#.P.>s.Y...D,..........................'.......;.'..2.Uu5.C..%..v.M&;T...u1.T.=...m....'_z.......4.&?~.__....".db00..IR..|.(tj6+.y.$.L.$..."..FIx3+..tG%.7...N.'..........A9....9;.O...j...Y|8.........LW........h&.%WW...|\.Q..Tr....$\..?-&....}O...w..$R}....W.k.+.._..q...P..dR......`^.j]0.L..9......)...."...I....,.K..j...`1.a9-.`..-p..O..t...|Bo..Uu.~.t...uB9S.J.o..Fe<.....A.SM.....d>.].HO..Qx...ao....a.J..h6K..q7.N.n'..Ga78....v..n...>..0.I.X?...$=...x..H*..&.V.+.h..GyTJ....AT...x.Jl..*.X..t.H4...$9..^u....r9rq3.._..a...^I.{{.Ch....@.l.....@..BW.[..8~6.U3].I#....8....H`...4..I..6...I...Q1...W^]>...P.KJ.L......A...>.@hf.M...RP..)m.F...Wp{.!.R.".j.....!soO..]k...a."eo.S,...G|n.|!F[..O../.aR...$.\..4.N.-p1..}...2...r\a[`e.E..{H..?.....J.ak.Y...P......DP.d.?...<..Y.8....%d...@..e.....exc..g...b.....<z....7*8!...n..wG0.C..f..Y5....qE..p....2.rH-..r.S........q..R.$Q^q....!....
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with CRLF line terminators
          Category:downloaded
          Size (bytes):622
          Entropy (8bit):5.030708856292114
          Encrypted:false
          SSDEEP:
          MD5:B45EDFC9FCDB690CCDA004A8483955E0
          SHA1:BAEDF73329EABB32504CAC640538EE3B6B31819F
          SHA-256:E817BF53005172205995AA07E0021BD8254A0204A1177E925F365E838C32D069
          SHA-512:E2709C77BA686FC58FE528EC2C2CEB6B9C84D045018D77FB9B376359F204FB6B889910B6748C978B4FF9712A7611342DF3C8C59711AA42090219DEC0C83778D2
          Malicious:false
          Reputation:unknown
          URL:https://deltack-my.sharepoint.com/_layouts/15/1033/styles/error.css?rev=tF7fyfzbaQzNoASoSDlV4A%3D%3DTAG304
          Preview:/* _lcid="1033".._LocalBinding */..#ms-error-header..{..margin:118px 0px 16px;..min-height:50px;..}..#ms-error-gobackcont..{..margin-top:28px;..}..#ms-accessDenied-reqDialog..{..max-width:100%;..}..#ms-error-body..{..background-size:auto;..overflow:auto;..width:830px;..margin-right:auto;..margin-left:auto;..}...ms-error-returnLink..{..line-height:19px;..vertical-align:middle;..}...ms-error-detailsFold..{..padding-top:42px;..}...ms-error-techMsg..{..padding-top:28px;..}...ms-error-groupJoinPanel..{..margin-top:15px;..}...ms-error-groupProfileText..{..margin-top:17px;..}...ms-error-separator..{..margin:34px 0px;..}..
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (456), with no line terminators
          Category:downloaded
          Size (bytes):456
          Entropy (8bit):5.223800250608757
          Encrypted:false
          SSDEEP:
          MD5:2D85B24F0BF993958DB2E45FE35FC670
          SHA1:206C0A5E72EA01BE0223EFB664DF773DEF5FF2A2
          SHA-256:44F925782AAC2BE5DFEA82C67F66E07C70814EF0A9658DD9D5B466D02AF40871
          SHA-512:47A70B33471233E4F512B829E7DB9EAAC348D92F3164041E8F6F74B0583DC7AAE75EDB9C3FE04481F54C267C89DE7917CA374BC8E88EFB1B28E4E8FF7B2FE311
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25402.12010/blank.js
          Preview:function $_global_blank(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["blank.js"]={version:{rmj:16,rmm:0,rup:25402,rpr:12010}};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_blank.js");typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkEnd_blank.js")}function ULSaew(){var a={};a.ULSTeamName="Microsoft SharePoint Foundation";a.ULSFileName="blank.commentedjs";return a}$_global_blank();
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
          Category:downloaded
          Size (bytes):7886
          Entropy (8bit):3.9482833105763633
          Encrypted:false
          SSDEEP:
          MD5:0B60F3C9E4DA6E807E808DA7360F24F2
          SHA1:9AFC7ABB910DE855EFB426206E547574A1E074B7
          SHA-256:ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
          SHA-512:1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
          Malicious:false
          Reputation:unknown
          URL:https://deltack-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
          Preview:...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (35238), with no line terminators
          Category:downloaded
          Size (bytes):35238
          Entropy (8bit):5.390650418562352
          Encrypted:false
          SSDEEP:
          MD5:C637DE6889D81964119BA1FD124E2454
          SHA1:5DB2B1681BE6FF9A7B26E269CD80D817D41A01BE
          SHA-256:18E8366C8C5590C3D056BA6CA9691B7471D6970EE00D0E22A4B68E517B54F087
          SHA-512:78288767F08DB38F6DC8C366546CECC05DF35C25BCD898B94DCCC5ECCB3ACD7807817BAF813BCA11F4CCAC169A980E4F10EBF4334000C4D2D0F74DCC30BB36EE
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25402.12010/theming.js
          Preview:var Theming={__namespace:true};Theming_module_def();function Theming_module_def(){Theming.ApplyThemeToCss=tb;Theming.ReplaceCssTextForElement=J;Theming.ThemeInfo=E;Theming.ImageProcessor=R;Theming.Colors={Color:a,ColorApplication:x,HslColor:h};function cb(d,c,e){for(var b=true,a=0;a<c.length;a++)if(d.charCodeAt(e+a)!==c.charCodeAt(a)){b=false;break}return b}var c={text:0,comment:1,string:2,url:3,right_par:4,font_family:5,rgb:6,rgba:7,colon:8,semicolon:9,right_curly:10,color:11};function d(a,b){this.kind=a;this.text=b}function Db(b){var e,a,g,f,l="*/",u="url(",i=")",j="font-family",t="rgb(",s="rgba(",o="#",w=":",y=";",x="}",k=new d(c.text,"");if(!Boolean(b))b="";a=0;f=b.length;m.prototype={kind:0,text:"",getToken:function(){return null}};function m(){}var r={"/":{},"'":{},'"':{},"#":{},")":new d(c.right_par,")"),";":new d(c.semicolon,";"),":":new d(c.colon,":"),"}":new d(c.right_curly,"}"),u:{getToken:q},f:{getToken:n},r:{getToken:p}};function h(c){var a=b.indexOf(")",c);if(a<0)a=f;retu
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with CRLF line terminators
          Category:downloaded
          Size (bytes):341640
          Entropy (8bit):5.323824143161735
          Encrypted:false
          SSDEEP:
          MD5:60D616F369EE7A89402E0C5BCBDB9621
          SHA1:58C9819F0FA356CEAC42F354D7160F5E9F7F6EC8
          SHA-256:97B3125C7F35F7F420FA4EF619D606A74EF0A68E7623C8D5C8956986E7DF7337
          SHA-512:31F3609614C01810829A643CC7EF9099D642EF741CD9BDEE0CEE3CB2558B1E38B52A2C38E63F877262C64F3EE4D738DE744CD8EE961BD509444CC8A68B162463
          Malicious:false
          Reputation:unknown
          URL:https://deltack-my.sharepoint.com/_layouts/15/1033/styles/corev15.css?rev=YNYW82nueolALgxby9uWIQ%3D%3DTAG304
          Preview:/* _lcid="1033".._LocalBinding */..body,...ms-core-defaultFont,..#pageStatusBar,..#hybridTooltipStatusBar,...ms-status-msg,...js-callout-body..{../* [ReplaceFont(themeFont:"body")] */ font-family:"Segoe UI","Segoe",Tahoma,Helvetica,Arial,sans-serif;..font-size:13px;..}..body,...ms-core-defaultFont,...js-callout-body..{../* [ReplaceColor(themeColor:"BodyText")] */ color:#444;..}...ms-core-defaultFont..{..font-weight:normal;..text-decoration:none;..white-space:normal;..word-break:normal;..line-height:normal;..}..body..{..margin:0px;..overflow:hidden;../* [ReplaceColor(themeColor:"PageBackground")] */ background-color:#fff;..background-size:cover;..background-repeat:no-repeat;..}..html > .ms-core-needIEFilter..{../* [ReplaceBGImage] */ -ms-filter:"progid:DXImageTransform.Microsoft.AlphaImageLoader(src='about:blank',sizingMethod='scale');";..}...ms-backgroundImage..{../* [ReplaceBGImage] */ background-image:url();..}..#s4-ribbonrow..{..position:relative;..}..#s4-workspace..{..overflow:auto
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (65536), with no line terminators
          Category:dropped
          Size (bytes):340993
          Entropy (8bit):5.442851349018635
          Encrypted:false
          SSDEEP:
          MD5:29AF3C7C57B2694A50BB7629E3F4127E
          SHA1:519855F9057CF5BB0605F7619DD6318785A0FDB4
          SHA-256:30F67DA92999C59A1C4B90740064506565DCF89917D06B703C56A98304A7E79F
          SHA-512:8FD415163DCB52A32997D101E87444FD80A9327055EE4D24A67B67323B82FF666C562B5A38B1A4795F410CE732D5D01B5DE89EDD8B6BB9E8F44EB07BA14109F4
          Malicious:false
          Reputation:unknown
          Preview:function $_global_init(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["init.js"]={version:{rmj:16,rmm:0,rup:25402,rpr:12010}};if(-1!=navigator.userAgent.indexOf("ProfilerMark")&&"function"==typeof msWriteProfilerMark)spWriteProfilerMark=function(a){window.msWriteProfilerMark(a)};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_init.js");if(typeof OffSwitch=="undefined"){OffSwitch={__namespace:true};OffSwitch_module_def()}if(typeof RuntimeErrors=="undefined"){RuntimeErrors={__namespace:true};RuntimeErrors_module_def()}if(typeof Verify=="undefined"){Verify={__namespace:true};Verify_module_def()}if(typeof Define=="undefined"){Define={__namespace:true};Define_module_def()}if(typeof BrowserDetection=="undefined"){BrowserDetection={__namespace:true};BrowserDetection_module_def()}(function(){b.prototype={firefox:undefined,firefox36up:undefined,firefox3up:undefined,firefox4up:undefined,ie:undefined,ie55up:undefined,ie5up:undefined,ie7down:undefi
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with CRLF line terminators
          Category:dropped
          Size (bytes):23063
          Entropy (8bit):4.7535440881548165
          Encrypted:false
          SSDEEP:
          MD5:90EA7274F19755002360945D54C2A0D7
          SHA1:647B5D8BF7D119A2C97895363A07A0C6EB8CD284
          SHA-256:40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
          SHA-512:7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
          Malicious:false
          Reputation:unknown
          Preview:function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (65536), with no line terminators
          Category:downloaded
          Size (bytes):186722
          Entropy (8bit):5.127936869447186
          Encrypted:false
          SSDEEP:
          MD5:2DE2482829622DE740DB42E04CBCD047
          SHA1:2A88D65A01BDA232B97B24163F66BA7F90A63386
          SHA-256:947D9E7117E8528021EC98FBBD6FE75A4D393A699DFFFFB3A2803EAE42845CEB
          SHA-512:35A2B88CF1FD1505BAD30CF68FB235ED5E5029D4824EC8586452A53E820563229AEA06156B46702C5046DC4BCE0046DFC74E934E215BFDD040B2715D298E8886
          Malicious:false
          Reputation:unknown
          URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.25402.12010/1033/strings.js
          Preview:var Strings; if (Strings === undefined) { Strings=new Object(); }Strings.CMS=function(){};Strings.CMS.L_SelectAllAltKey_TEXT="false";Strings.CMS.L_SpellCheckKey_VALUE="0x76";Strings.CMS.L_Callout_Usage_Count="<p>{0}</p>view||<p>{0}</p>views";Strings.CMS.L_NoElementStylesWereRemoved_TEXT="The selection did not contain any instances of element styles to remove.";Strings.CMS.L_DecWidthAltKey_TEXT="false";Strings.CMS.L_ExpandedTagNameH4="Heading 4";Strings.CMS.L_DecWidthShiftKey_TEXT="true";Strings.CMS.L_EditImageRenditionsAction="Edit Renditions";Strings.CMS.L_TabBackKey_TEXT="N";Strings.CMS.L_SvrBusySpellchecker_TEXT="The spell checking server was busy";Strings.CMS.L_RemoveLinkShiftKey_TEXT="false";Strings.CMS.L_Show_TEXT="Show";Strings.CMS.L_Title_TEXT="Title:";Strings.CMS.L_ShowSpecific_TEXT="Show the selected item in navigation";Strings.CMS.L_DecHeightShiftKey_TEXT="true";Strings.CMS.L_ChangeColumnWidthAndRowHeightKey_TEXT="W";Strings.CMS.L_UnlinkToolTip_TEXT="Remove Hyperlink";Strin
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 40329
          Category:downloaded
          Size (bytes):9984
          Entropy (8bit):7.979200972475404
          Encrypted:false
          SSDEEP:
          MD5:027A7D52E1CEED8AEF7DC13505B81D36
          SHA1:33CF0BCE6A4C8B44B4A80B3116C978C12EE93FD0
          SHA-256:29061464FB6FCE2326B952EACAA95C3C6183BFEA74C3851390E9838720D372A6
          SHA-512:FCDDEBF6DE759B5079E7DF2432771A866DE1824B119AD8CB3BAE11F9FAA060B943D52F121E4C63E7E20D43F31B2220C1D4E9C24A20004C4B061CD1A0A5EE5AC9
          Malicious:false
          Reputation:unknown
          URL:https://deltack-my.sharepoint.com/ScriptResource.axd?d=Xf_-nZAn9bFU2HVpw1D5KQUpz7fr0MJWFrn1UIe6mDinvUpfgcEbGiZJakTmxGws8oQxCq6z08boGjdSZB03kKWlUoxkOZ97Q_u1Z2lW3Jx2Nq7NV1DVr0YLU0iGJG-UtbM-Z_sDLwNvyzYzQBVPFHyjbilXat0YrLF8nJHQFUNoxJn-sODFrWkFNi7VcfFs0&t=ffffffffb201fd3f
          Preview:...........}ks.H......@a{ebU......h.^.._a..3!k...HB....m.%....?i..e..U@.........wefefefU........O.....?8).we:...?x..eQ.....EQ.:-.`p.e.^....b.W..X.........UQ.......,...4.jV~..tQ........`......Y..,.]........sR..E...M....\.c>H5.t......xW.jt.?6?.c(..`_....B.G..'.<.1.c....o...yZ..cZ.a=K+....l.l...EQ..4.=......L_..Z..4gYuQ|._!]m1.`Q.uQ....)..=..|.....2.8G."XY.......]c..*|xT....3@..?..Zm..E.'..*......2..E gy..<(.Z...8XY..4O2....U...4.0..5.W!}x._i.`.T,.V.G...b/.t..j>...<.((....,."Uo5X}.@QE.b.khU.h...>...Q~=.k.?.....o.0k........GM..X......P^G....=..<fY.U..S....K....H..9:*......'...J=).O....#G[m...30k...j.2+.im.(Km3.uxv._.pT.4.>..f.-..UZ.=e...C....._5..xR.:..\U..jR. .....9A..1:1.......a..2...U......YTP..`...l0.9.t.}.'.p.c3q.. {m.,...G1..".L.Aj@.D.h.p......fZ{...eYB......1.Ep.b&..% .c.._i9.).,.eD.'...`.E.i..M3#+6...9+....B..NYB..%..8..?....zv.r..XP..W.../+..e.N........Z..i..... ....4I..iR...8+.>....k...N?....MA.....uU...&...Xyb..u*..H....%.
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:HTML document, ASCII text, with very long lines (64257), with CRLF, LF line terminators
          Category:downloaded
          Size (bytes):264154
          Entropy (8bit):4.94216927341389
          Encrypted:false
          SSDEEP:
          MD5:FFCD1DA99B9D5EC90807BFC945798C84
          SHA1:5AE513646A92ADCF5185C93E6023A74E223C9B52
          SHA-256:187C699A4A570531937A8B14D38002C78B616084BEDC1B9C3A2F453A526387D5
          SHA-512:3126872FF78C4F7B50E5C8F920C1447F86AA67C7C24A3C6206D52B92D7A9E35C70CB78EC7C581B8985A869974FD3F51F2163D68FB0CE9059563F8990CC16CD14
          Malicious:false
          Reputation:unknown
          URL:https://deltack-my.sharepoint.com/:f:/g/personal/mchinchilla_ddelta_us/EraWdZ3RJF5GuC5_d3lUF9UBP4icmwaaFrWAStDUd-THMQ?e=5%3aAREp34&at=9
          Preview:..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN".."http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta http-equiv="X-UA-Compatible" content="IE=8"/><meta name="ROBOTS" content="NOHTMLINDEX" /><title>......Error....</title><link id="CssLink-de0f1f6ea21e42eebaaa792ccb5697ed" rel="stylesheet" type="text/css" href="/_layouts/15/1033/styles/corev15.css?rev=YNYW82nueolALgxby9uWIQ%3D%3DTAG304"/>.<link id="CssLink-ae2179d81b2548e99f86f09529422e6f" rel="stylesheet" type="text/css" href="/_layouts/15/1033/styles/error.css?rev=tF7fyfzbaQzNoASoSDlV4A%3D%3DTAG304"/>.<style id="SPThemeHideForms" type="text/css">body {opacity:0 !important}</style><script type="text/javascript">// <![CDATA[ ...var _initGlobalSnapShot = {};try { if (O
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (65536), with no line terminators
          Category:dropped
          Size (bytes):511765
          Entropy (8bit):5.440735520027972
          Encrypted:false
          SSDEEP:
          MD5:8F5007B6B74A8C8543367E784CF04536
          SHA1:8DBB67E474B18B84AF0922EEF28422EC5DC655F0
          SHA-256:B4F509031F727F85C858F0FF75CA011C21BC5DF819F611C2916B59EDE5279AD0
          SHA-512:9CA7394679AD854B36EA7652668C6CA276B71A41A24A01714F5E6DBD210953A4DF3A7975B580C00B0A4312FAAD05EE2F1213DD2ED6D347DF6B46D8DF4A5C6A52
          Malicious:false
          Reputation:unknown
          Preview:function $_global_core(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["core.js"]={version:{rmj:16,rmm:0,rup:25402,rpr:12010}};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_core.js");SPAnimation={};SPAnimation.g_Curves=new Array(7);SPAnimation.g_Curves[0]=new SPCurve(0,0,0,0,0,0);SPAnimation.g_Curves[1]=new SPCurve(1,1,0,0,0,0);SPAnimation.g_Curves[2]=new SPCurve(2,2,0,0,0,0);SPAnimation.g_Curves[3]=new SPCurve(3,3,.1,.9,.2,1);SPAnimation.g_Curves[4]=new SPCurve(4,3,.42,0,1,1);SPAnimation.g_Curves[5]=new SPCurve(5,3,0,0,.58,1);SPAnimation.g_Curves[6]=new SPCurve(6,3,.42,0,.58,1);SPKeyFrame.prototype={type:0,curveID:0,startTime:0,endTime:0,startValue:0,endValue:0,relativeTo:0,operationType:0};SPAnimation.Attribute={PositionX:1,PositionY:2,Height:3,Width:4,Opacity:5};SPAnimation.ID={Basic_Show:0,Basic_SlowShow:1,Basic_Fade:2,Basic_Move:3,Basic_Size:4,Content_SlideInFadeInRight:5,Content_SlideInFadeInRightInc:6,Content_SlideOutFadeOutRigh
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines (23437), with CRLF line terminators
          Category:dropped
          Size (bytes):23594
          Entropy (8bit):5.107347306409284
          Encrypted:false
          SSDEEP:
          MD5:964FCB2BAF87049DC68975291AE89431
          SHA1:D0CD8C989D44BC531472B632868D3FB2DE4B3184
          SHA-256:B8F7BD568E379502CF0C00027581D2761C7DC14B166F5D25FC048A0B56B7BFBB
          SHA-512:03CB58D197A776F9C315C2A14B9C034D88C7B7E9F4247C5698396F4FE7363A22FC2042A24C02A245C7E035DD2862F88E8EF46A7E5A269EDC2B69E39752A52987
          Malicious:false
          Reputation:unknown
          Preview:var Strings; if (Strings === undefined) { Strings=new Object(); }Strings.STS=function(){};Strings.STS.L_NewTab="New tab";Strings.STS.L_CalloutLastEditedNameAndDate="Changed by ^1 on ^2";Strings.STS.L_CalloutSourceUrlHeader="Location";Strings.STS.L_SPDiscBestUndo="Remove best reply";Strings.STS.L_SPClientManage="manage";Strings.STS.L_SPAddNewWiki="new Wiki page";Strings.STS.L_SPCategorySortRecent="Recent";Strings.STS.L_ViewSelectorTitle="Change View";Strings.STS.L_SPDiscNumberOfLikes="{0} likes||{0} like||{0} likes";Strings.STS.L_Timeline_DfltViewName="Timeline";Strings.STS.L_TimelineToday="Today";Strings.STS.L_SPDiscNoPreviewAvailable="No preview available for this reply";Strings.STS.L_NODOCView="There are no documents in this view.";Strings.STS.L_SPBlogPostAuthorCategories="by {0} in {1}";Strings.STS.L_SPBlogsNoItemsInCategory="There are no posts in this category.";Strings.STS.L_QRCodeDescription="Scan this QR code with your phone or tablet to open {0}";Strings.STS.L_RelativeDateTime
          No static file info