Edit tour

Windows Analysis Report
https://developmentltd.online/

Overview

General Information

Sample URL:	https://developmentltd.online/
Analysis ID:	1542022

Detection

Captcha Phish

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected Captcha Phish

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Suspicious form URL found

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6816 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 7044 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1912,i,15525816531777963710,8902145854844525634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 2752 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://developmentltd.online/" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
0.0..script.csv	JoeSecurity_CaptchaPhish	Yara detected Captcha Phish	Joe Security

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

Yara detected Captcha Phish

Source: Yara match

File source: 0.0..script.csv, type: HTML

Source: https://developmentltd.online/ebanking/pages/customerlogin.php

HTTP Parser: Number of links: 0

Source: https://developmentltd.online/ebanking/pages/customerlogin.php

HTTP Parser: Title: Invalid Login does not match URL

Source: https://developmentltd.online/ebanking/pages/customerlogin.php	HTTP Parser: Form action: https://developmentltd.online/ebanking/pages/customerindex.php
Source: https://developmentltd.online/ebanking/pages/customerlogin.php	HTTP Parser: Form action: https://developmentltd.online/ebanking/pages/customerindex.php

Source: https://developmentltd.online/ebanking/pages/customerlogin.php

HTTP Parser: <input type="password" .../> found

Source: https://developmentltd.online/ebanking/pages/customerlogin.php	HTTP Parser: No favicon
Source: https://developmentltd.online/ebanking/pages/customerlogin.php	HTTP Parser: No favicon

Source: https://developmentltd.online/ebanking/pages/customerlogin.php	HTTP Parser: No <meta name="copyright".. found
Source: https://developmentltd.online/ebanking/pages/customerlogin.php	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.31.67:443 -> 192.168.2.17:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.31.67:443 -> 192.168.2.17:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.141:443 -> 192.168.2.17:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49785 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 24MB later: 31MB

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.13
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: developmentltd.online
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: use.typekit.net
Source: global traffic	DNS traffic detected: DNS query: www.google.co.uk
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: static.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: static.ads-twitter.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: vars.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: script.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: img.youtube.com
Source: global traffic	DNS traffic detected: DNS query: www.developmentbank.wales
Source: global traffic	DNS traffic detected: DNS query: developmentbank.wales
Source: global traffic	DNS traffic detected: DNS query: ampcid.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749

Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.17:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.31.67:443 -> 192.168.2.17:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.126.31.67:443 -> 192.168.2.17:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.23.209.141:443 -> 192.168.2.17:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.17:49785 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@19/39@62/206

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1912,i,15525816531777963710,8902145854844525634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://developmentltd.online/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1912,i,15525816531777963710,8902145854844525634,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	1 Extra Window Memory Injection	1 Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 Extra Window Memory Injection	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Protocol Impersonation	Traffic Duplication	Data Destruction

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
star-mini.c10r.facebook.com	157.240.251.35	true	false	unknown
ampcid.google.com	142.250.184.206	true	false	unknown
developmentltd.online	78.46.40.242	true	false	unknown
platform.twitter.map.fastly.net	199.232.188.157	true	false	unknown
vars.hotjar.com	18.66.147.29	true	false	unknown
stats.g.doubleclick.net	74.125.71.157	true	false	unknown
www.developmentbank.wales	51.141.97.243	true	false	unknown
scontent.xx.fbcdn.net	157.240.251.9	true	false	unknown
googleads.g.doubleclick.net	142.250.184.194	true	false	unknown
script.hotjar.com	13.33.187.19	true	false	unknown
developmentbank.wales	51.141.97.243	true	false	unknown
www.google.co.uk	142.250.185.163	true	false	unknown
www.google.com	142.250.186.132	true	false	unknown
static-cdn.hotjar.com	18.66.102.106	true	false	unknown
ytimg.l.google.com	142.250.186.110	true	false	unknown
use.typekit.net	unknown	unknown	false	unknown
www.facebook.com	unknown	unknown	false	unknown
static.ads-twitter.com	unknown	unknown	false	unknown
img.youtube.com	unknown	unknown	false	unknown
px.ads.linkedin.com	unknown	unknown	false	unknown
connect.facebook.net	unknown	unknown	false	unknown
static.hotjar.com	unknown	unknown	false	unknown
snap.licdn.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://developmentltd.online/ebanking/pages/customerlogin.php	false		unknown
https://developmentltd.online/developmentbank.wales/index.html	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.217.16.200	unknown	United States	15169	GOOGLEUS	false
142.250.185.67	unknown	United States	15169	GOOGLEUS	false
142.250.186.78	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
78.46.40.242	developmentltd.online	Germany	24940	HETZNER-ASDE	false
108.177.15.84	unknown	United States	15169	GOOGLEUS	false
142.250.186.163	unknown	United States	15169	GOOGLEUS	false
216.58.206.78	unknown	United States	15169	GOOGLEUS	false
142.250.185.234	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.174	unknown	United States	15169	GOOGLEUS	false
51.141.97.243	www.developmentbank.wales	United Kingdom	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.142	unknown	United States	15169	GOOGLEUS	false
142.250.186.110	ytimg.l.google.com	United States	15169	GOOGLEUS	false
142.250.186.100	unknown	United States	15169	GOOGLEUS	false
142.250.186.40	unknown	United States	15169	GOOGLEUS	false
216.58.212.163	unknown	United States	15169	GOOGLEUS	false
142.250.184.206	ampcid.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1542022
Start date and time:	2024-10-25 12:59:25 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://developmentltd.online/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	20
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@19/39@62/206

Warnings

Exclude process from analysis (whitelisted): TextInputHost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.67, 142.250.185.142, 108.177.15.84
Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, clientservices.googleapis.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://developmentltd.online/

LLM Input / Output

Input	Output
URL: https://developmentltd.online/developmentbank.wales/index.html Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Apply now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://developmentltd.online/developmentbank.wales/index.html Model: claude-3-haiku-20240307	```json { "contains_trigger_text": true, "trigger_text": "Complete sign up", "prominent_button_name": "unknown", "text_input_field_labels": [ "First name", "Last name", "Business name", "Email address" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://developmentltd.online/developmentbank.wales/index.html Model: claude-3-haiku-20240307	```json { "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Apply now", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://developmentltd.online/developmentbank.wales/index.html Model: claude-3-haiku-20240307	```json { "brands": [ "Banc" ] }
	```json { "brands": [ "Banc" ] }
URL: https://developmentltd.online/developmentbank.wales/index.html Model: claude-3-haiku-20240307	```json { "brands": [ "Banc" ] }
	```json { "brands": [ "Banc" ] }
URL: https://developmentltd.online/developmentbank.wales/index.html Model: claude-3-haiku-20240307	```json { "brands": [ "Banc" ] }
	```json { "brands": [ "Banc" ] }
URL: https://developmentltd.online/ebanking/pages/customerlogin.php Model: claude-3-haiku-20240307	```json { "contains_trigger_text": true, "trigger_text": "Customer Login", "prominent_button_name": "LOGIN", "text_input_field_labels": [ "Username", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false }

URL: https://developmentltd.online/ebanking/pages/customerlogin.php Model: claude-3-haiku-20240307	```json { "brands": [] }
	```json { "brands": [] }

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 10:00:04 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.985008660436713
Encrypted:	false
SSDEEP:
MD5:	6520FEAC33FA49C5C81DF54DC983C8D4
SHA1:	67CE39E67642FD66CF0848DE806A57131AC0240D
SHA-256:	53A23689FC8239545CDA72374FB3AD51F19FF3C8538E870602928266434CDD99
SHA-512:	66837E6E417DB764F90F5F0E5709ED75CC7226CD6BF00587A8E0EC4BDB54DFCF3879F9B2DAAA8402A06B39D16954FCB8DFFFCD7DE349B1F927C28C82EC7BD1ED
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.... ....&......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IYYuW....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VYY.X....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VYY.X....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VYY.X...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VYY.X...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (45343)
Category:	dropped
Size (bytes):	478767
Entropy (8bit):	5.57484135286223
Encrypted:	false
SSDEEP:
MD5:	810F114036BB90D1119FE50E3EA4C94F
SHA1:	7DAA93C18872432E9BF36908A74BE160B3D69A2B
SHA-256:	4A5579BF05138ED82D62DA6406CCB8E92AC80B8573D9E2CDA4E374054245F172
SHA-512:	7E9F144F099796B5C74B9E0320925E4BCAE8BB97327F420484CF9119D115267541B4F77E50627571CDB89A8281D64B276DD622AAC639255D1F42D9363982BB61
Malicious:	false
Reputation:	unknown
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"132",. . "macros":[{"function":"__e"},{"function":"__cid"},{"function":"__u","convert_case_to":1,"vtp_stripWww":true,"vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__dbg"},{"function":"__v","vtp_setDefaultValue":false,"vtp_dataLayerVersion":2,"vtp_name":"pageEnvironment"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_name":"visitorType"},{"function":"__jsm","vtp_javascript":["template","(function(){return!1})();"]},{"function":"__jsm","vtp_javascript":["template","(function(){return!0})();"]},{"function":"__smm","vtp_setDefaultValue":true,"vtp_input":["macro",5],"vtp_defaultValue":["macro",6],"vtp_map":["list",["map","key","administrator","value",["macro",7]],["map","key","editorial","value",["macro",7]]]},{"func

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65362)
Category:	dropped
Size (bytes):	260830
Entropy (8bit):	5.273644767850667
Encrypted:	false
SSDEEP:
MD5:	42CAAF6F0DF7EC1F5AB9BFFCBA480D16
SHA1:	9873F97BEA17996CAA3F25FDCB85C792C09391F6
SHA-256:	7B1036890BB92ED47F7BDD3B103E5E78DC198B54E32FB3D7510894C65E54051D
SHA-512:	D1E5A6A086963045AE4B8C107794BC94B11B271A7EAE26FF8F469E71512233A9B93C28EC11C4B8C35A3DE55FB850AC7A958B279C138A9BD7C41A05BD31B1AFCF
Malicious:	false
Reputation:	unknown
Preview:	/* @license MIT https://raw.githubusercontent.com/jquery/jquery/3.7.1/LICENSE.txt /./! jQuery v3.7.1 \| (c) OpenJS Foundation and other contributors \| jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n\|\|C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]\|\|t.getAttri

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Category:	dropped
Size (bytes):	82523
Entropy (8bit):	7.9290250099055095
Encrypted:	false
SSDEEP:
MD5:	EA7CEFE504ED2A96076E7A8EB28C8F17
SHA1:	5A3D61AC4EBFED039A2D9024C132F00683C577CE
SHA-256:	F1EA172BA6C852E4428C8456CD08F488BFD456620AECFF92CE242F28B2831CA6
SHA-512:	7D90A2C6CEE2AA1CA3270D88898B9F7F2DA76BF00400849BB6B6FBDFC49FE4BAE0DD4FA8418017FE336991D6CEF3DDE108E137C5C604BE377D27110717018B43
Malicious:	false
Reputation:	unknown
Preview:	......JFIF...........................................................................................................................................................".........................................Z..........................!..1A.."Q.2a#BRq.3br..$4C...%Sc.Ds....&5ETdt.....V..........................................2.......................!1.AQ."aq..2..B....R...#b............?......................TDG;\...O..G(.jU.DA....A..`.?M{..l.=.#.t.....^...{w.0/D/...%.i.k.K\........@ .M/Q...2........b..kr.h.........o.5...1.m.DZdDD.D@DD.D@DX._x.......q..Pj[o.%..!a...-on..2.....4c1e.V#%u.i...^...'......9..w..i/.<^.f9....]...w.r..Z...A..41.:!...@,\...N..fNw..F....C..A<........K.DYhBU.......t.e.J"."".!E..B..(..X.(..R.......!.kZ\.9.MkZ;....=v.'..lU.?R.Vg..R.v.c..`&.A~.s.Z#q..2Kv.4.CX\CZ.'./.1..Q.}......3,O.=...s..{..c...Q..W.......z.k.7.e...*..p.[^.9....................;.f\|.....a....$..O..\|...7_}b.w.....;....X.~..y.gO.....S..?m..a....`....YXW..1.,>\|.Lb.;.>..

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1152x500, components 3
Category:	downloaded
Size (bytes):	94188
Entropy (8bit):	7.973912484623285
Encrypted:	false
SSDEEP:
MD5:	FF46FF16356058266FDFB08CD0940021
SHA1:	863AC8187FFDE1F8239DFE653C204028FB7E23AB
SHA-256:	2EBBA842A1D7E9CB4AA82B6D478709DA8AC4A354B7AE537E2E3D1344DAA0786F
SHA-512:	C40DEF4CABF67975FCC284226FF3FE826455021678ABC35C71828B50A70827B436C249F5B81590610C766B89AD5F0CB0E1FC45867805B086092A562366239DFC
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/developmentbank.wales/sites/default/files/styles/paragraph_banner/public/2023-02/10.11.22%20mh%20Ground%20Cardiff%20%20DBW%20274f23.jpg?h=d63a24d6&itok=2wtpq5Zq
Preview:	......JFIF.....`.`.....;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.-.T.wH.....Z..4.>....'.x...\|.._ .:..Q.3.^.....=.3.....X.].D=J..\|.NR\.d...z..Gen.R.\c.h.. .p3[(..09..a1..X.M2.$...B.f1.y....P..l.4.?..._C....{...).QE..QE..QE..QE..QE..QE..QE..V/.\|S.xWN7............x......A.y_.:)r...a.k..{[.C....pe......Q.S.c.^6..c~...Vq..j..Os......i.FmX)P.(c...d....,3..v..E.^.U.;N

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 13768, version 1.0
Category:	downloaded
Size (bytes):	13768
Entropy (8bit):	7.9859280258522105
Encrypted:	false
SSDEEP:
MD5:	43DCA5F329F5A932B3CB5A69F9B48F3B
SHA1:	AF124F7BA4B625B69F9DFC8821CC3AA9F6AE4C6F
SHA-256:	0D1FCD33D270A8E9A9A3442B0F1182CAEA7CD4300A0094A4D4D99A812C0320CF
SHA-512:	85D84C22B986087823983B57492039ECA00DDF52515801A61EAC5D08283F46C7BFC19E332A9146E44AE1753ED25F4A69A7DF5D81D3F22F0166323E86F66C377C
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/use.typekit.net/af/be28cc/00000000000000007735a54a/30/le003?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Preview:	wOF2OTTO..5.......Q0..5m..........................b?DYNAy..?GDYN.......>.`..n.6.$..d....<. .1PuDW;i......M.../....?...q.$.'..-...)..`.L...[..~.N.;}+....[.U`t....c.&~.G...4......H7@<}...t=6......S.....u....b.i...f.L.j1/....w.Gd[-....:&.....s...L..]...N...\.........2....y..f........6]....$.X...<.M..;.s.H....v...]:AO..\I....G..sDPFp.s.2.\ ..\PA..T.....i.............KE.m...N\t.Z..n.>.9....V&.....7=....iw.{W7....2.B. o..FE.0.......H...r.<..d.C5`....h.]OPDI.H$..[S..P.V.ic....;e...l.>R2.h9......8...GW..(..,..(..zw....Qf...P....l)....fPK..k....Kk+K[]m.........^T.........o...nU..)....n........."Y..P_.Q.(..45-.j..B..,./W.+..j.E.F..eW-.fu...].ra.....{ds....P.DPD.z..ECE.D.D/D?E....A.Dq..D<N.B.A.M.L.Z.F.V.N.+../Y&.-9!9)9+.y'E..i.t.t.t........9...]@....A>(....4.)`..............9..:..H....:.xX....j.X8.....Z..n...Qx.>...;....&ZJ...t.ZA[...#...2....qb...vg.O.....W..]...e. }+..p.Pa....J6..$m.pj.X5}....e.G..F.[6x.{d...S...p...ug.[....#...M......c.Q.v...

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (28924)
Category:	downloaded
Size (bytes):	29087
Entropy (8bit):	4.757071795675552
Encrypted:	false
SSDEEP:
MD5:	06D7D3816CDBBBF87F68CB6FA78CBC3A
SHA1:	C5AE60F166D4DB479418997AD8722679E7A56D42
SHA-256:	67B1EDE58A7642370469BE78867CF4547C73A58E9853F7F6540223ECCCB198F0
SHA-512:	E5EAC764829F4EB3085329550F0953190811132330FDADF6CCE435F352BD241D212ED7680333884758C9D0D179B5923EFDC9A3787775A6C751C8F1FF63C977F4
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/ebanking/vendor/font-awesome/css/font-awesome.min.css
Preview:	/!. Font Awesome 4.6.3 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont5b62.eot?v=4.6.3');src:url('../fonts/fontawesome-webfontd41d.eot?#iefix&v=4.6.3') format('embedded-opentype'),url('../fonts/fontawesome-webfont5b62.woff2?v=4.6.3') format('woff2'),url('../fonts/fontawesome-webfont5b62.woff?v=4.6.3') format('woff'),url('../fonts/fontawesome-webfont5b62.ttf?v=4.6.3') format('truetype'),url('../fonts/fontawesome-webfont5b62.svg?v=4.6.3#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 29676, version 1.0
Category:	downloaded
Size (bytes):	29676
Entropy (8bit):	7.991083641559934
Encrypted:	true
SSDEEP:
MD5:	39B0C2ECBC3C8EEF6165B4D77711A862
SHA1:	4BA3530EC843221281670C63DA387629EBA08C75
SHA-256:	0216C8DC29523E3FF49D1831D3CA3631EB225F80924B590C890C3B24228C7ABA
SHA-512:	B618D319E1F837F07E5D4BDADB2D20F9EC9AE1836CB082BD7B290C5B6BDE536D223882AA1DBBA2AEB0ED28D1DCE3779B94ECAD8A9961BC6C125C657EDE35ED2F
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/use.typekit.net/af/ac6334/000000000000000000012059/27/le196?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Preview:	wOF2......s...........s\|........................?DYNA.b?GDYN.Y..r..x.`..`.......s.....t..~..\|..6.$..t. ..'..N.T.2....8........>,#jR....^..MU...~..?..........l..\|....&.fr`'U\2Y.S.E..X_.KM.U.\....o.e.w[..tK...-.,...\|.ed\4.......@e.[W..o....N.s.$..ME..P....T@..}:.o..r."....+.x...V...[..d.[.Bv.M.!.B.....y43.,.Q..w..'.ipes2............pE...w..=...b.Cb..#;!.v.b1......K..U.H.!\|...9..I..#...G.AB X.......k1-x..G....(=.^.5..z..3.]{...o..?..`..(....$mZ.....LW.h..}s...n;.Z...J=..M.s_HB.<L.x.<.ln..z...w.tb..wZ.r.9$.A...0..h.XY..,.1./..].Z..;.....q...... T..=................8....<....../.....A.L$...\.O>\|...:...f..%.......R..y...v..,=...I.........A..o.i++...hy.D.%.....;..L#.s..h....................X.......w.....IL.bQ.).oy..l.r"...,.j.g0..)"..(...j....B.fc.k.Ri...:#g.8~/....J.r)RT.Jx.._.d..%.$........3{N.R......-.:.......~f........Yv.PU.....K...>....z.C.3`P.......s.............\|.............+.y.m..R.Gb[h i..R#/".!..1?.jV."j.9y.....`l.MT.....Xi<..X

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (592)
Category:	downloaded
Size (bytes):	77647
Entropy (8bit):	5.232389308288208
Encrypted:	false
SSDEEP:
MD5:	91A028FC1856308566BE29663213CEE0
SHA1:	04FE0A755868614FDF77C47EA3A33484DC18488D
SHA-256:	03958B2A6713602F07957ECE23825F49C4E107278893B827384AFD1EA3DD1ABD
SHA-512:	40609C882305210A84917A88EE16CA6907698420954BCAB5334768A096683BEE728FA857869F9F998488BA3550EDA537B005CBE071093BF7753CA0C692078C32
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/ebanking/css/adminnine_classic.css
Preview:	/------------------------------------------------------------------.[Master Stylesheet]..Project:.Admin9.Version:.1.0.Last change:.1/10/16 .Autor: Maxartkiller..-------------------------------------------------------------------/../*------------------------------------------------------------------..[Table of contents]..1. background color and font colors.2. border color .3. Font color.4. page wrappers and misc elements.5. Borders.6. inputs and buttons.7. Modal block.8. Dropwon block.9. Progress bar style.10. Range slider style.11. Navigation style.12. Navigation menu style.13. sidebar style.14. siderbar user profile.15. Social Profile css.16. Recently connected heading.17. paragraph heading.18. Data tables.19. tables.20. Paginations.21. Circle buttons.22. Panel wells.23. accordian box.24. chat box.25. Timeline blocks.26. Friend list .27. Testimonials .28. Morris js .29. Search global.30. Mailbox.31. Map.32. user list.33. user profile.34. todo list.35. Switch.36. Comments.37. Full

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32065)
Category:	dropped
Size (bytes):	83614
Entropy (8bit):	5.372209971562545
Encrypted:	false
SSDEEP:
MD5:	ED9CC403240D6BB8795D9DAB787BB992
SHA1:	A7505476A2AF3A88F0745B4A772BA44052AB6B2C
SHA-256:	82C0E95421976376332A5C09DDA6AD817660A852770F73F70992B47B6C49FAAF
SHA-512:	F4B98F2DA18EBA3724ECAF6A29034A965037407169601CB0CBF300017EE9A21FF75F14E86ACDC48F1FDE54E88DE060F06D5A539EAD7904AF13FCEB8E95294337
Malicious:	false
Reputation:	unknown
Preview:	/! jQuery v2.1.0 \| (c) 2005, 2014 jQuery Foundation, Inc. \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k="".trim,l={},m=a.document,n="2.1.0",o=function(a,b){return new o.fn.init(a,b)},p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};o.fn=o.prototype={jquery:n,constructor:o,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=o.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return o.each(this,a,b)},map:function(a){return this.pushStack(o.map(this,function(b,c){return a.call(b,c,b)}

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	7213
Entropy (8bit):	4.0117156825914
Encrypted:	false
SSDEEP:
MD5:	B5EB6BF968CBD0545602DE87B8895FC4
SHA1:	2C24C67E16E56B23A3810F1060BBAD9A155CD013
SHA-256:	C198A8DC03430A17E471FC29E90FF3A9B2B237ECA255892C8AE77B6CE6602ED5
SHA-512:	84991542AB51285975580BA5D9A0EA151F7FEA2599C3B970FDB93F8E3F56F7389C82C4A28EB1ABA889024E68206892895A97F790C7B1B54B72777A33D1706E6E
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/developmentbank.wales/themes/banc_2022/img/logo/logo-invert.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="130" height="51.539" viewBox="0 0 130 51.539">. <g>. <path fill="rgb(255,255,255)" fill-rule="evenodd" d="M26.00750732 40.92480469c0 4.82250976-3.30770874 10.0065918-11.04373169 10.0065918H0v-34.9963379h13.89315796c6.2612915 0 10.28134155 3.75830078 10.28134155 9.03808594 0 2.5900879-1.01644897 6.09472656-4.83239746 7.26293945 4.478302.7607422 6.66540527 4.72265625 6.66540527 8.68457032v.00415039zM13.48907471 22.17919922H7.07781982v7.67016601h6.41125489c2.24124145 0 3.6159668-1.47167968 3.6159668-3.86206054 0-2.1328125-1.12060547-3.80810547-3.6159668-3.80810547zm5.3948059 18.03051758c0 2.33642578-1.62887573 4.46899414-4.93655395 4.46899414H7.07363892v-8.93823242h6.97366333c3.36184692 0 4.83657837 2.28662109 4.83657837 4.46923828z"/>. <path fill="rgb(255,255,255)" fill-rule="evenodd" d="M53.03561401 27.2097168h-6.66955566v3.15136718c-1.57885742-2.4362793-4.63244629-3.75830078-7.68600464-3.75830078-6.81951904 0-11.60610962 5.13012696-

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65359)
Category:	downloaded
Size (bytes):	103811
Entropy (8bit):	5.333435614444549
Encrypted:	false
SSDEEP:
MD5:	81F94A32C81F8DCE47DA898ABBE9AA6A
SHA1:	4B6FA33E2CEAE104562ED4FF46367879FD75EC9F
SHA-256:	E688B01C80A57B4C9346764237665E26D200AC7A77D3C08AED561BA18F0535EF
SHA-512:	79F01C8D8A184F4B17C5046DC46637EC22989AAB0554E230300A5A11BAF126BE11C2A5551B0F28F8B7E1FFEE7D4D4D3BFACB999F5056AB87C39797DD83208D93
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/cdn.jsdelivr.net/gh/RobinHerbots/Inputmask%405.0.8/dist/jquery.inputmask.min.js
Preview:	/!. dist/jquery.inputmask.min. * https://github.com/RobinHerbots/Inputmask. * Copyright (c) 2010 - 2023 Robin Herbots. * Licensed under the MIT license. * Version: 5.0.8. */.!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t(require("jquery"));else if("function"==typeof define&&define.amd)define(["jquery"],t);else{var i="object"==typeof exports?t(require("jquery")):t(e.jQuery);for(var a in i)("object"==typeof exports?exports:e)[a]=i[a]}}("undefined"!=typeof self?self:this,(function(e){return function(){"use strict";var t={3046:function(e,t,i){var a;Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0,i(7149),i(3194),i(9302),i(4013),i(3851),i(219),i(207),i(5296);var n=((a=i(2394))&&a.__esModule?a:{default:a}).default;t.default=n},8741:function(e,t){Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var i=!("undefined"==typeof window\|\|!window.document\|\|!window.document.createElement);t.default=i},3976:function(e,t,i){Object

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	5
Entropy (8bit):	1.5219280948873621
Encrypted:	false
SSDEEP:
MD5:	83D24D4B43CC7EEF2B61E66C95F3D158
SHA1:	F0CAFC285EE23BB6C28C5166F305493C4331C84D
SHA-256:	1C0FF118A4290C99F39C90ABB38703A866E47251B23CCA20266C69C812CCAFEB
SHA-512:	E6E84563D3A55767F8E5F36C4E217A0768120D6E15CE4D01AA63D36AF7EC8D20B600CE96DCC56DE91EC7E55E83A8267BADDD68B61447069B82ABDB2E92C6ACB6
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/p.typekit.net/pb77d.css?s=1&k=atd4dgy&ht=tk&f=13464.13466.13468.13470.13472.13474.24349.24352.24354.24355.43307.43309.43311&a=87685242&app=typekit&e=css
Preview:	/**/.

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 24524, version 1.0
Category:	downloaded
Size (bytes):	24524
Entropy (8bit):	7.990417789555177
Encrypted:	true
SSDEEP:
MD5:	79D16CC972DA47337BC3DB34E4CDF6C0
SHA1:	AAD564816B1615C247873440B0877C801F5A3533
SHA-256:	5377C8DD26BD86CCC5D988D7CCA29047CF64F0A6F0ABBD6214A0585EC822D5BC
SHA-512:	2E459BD5B76F3B5326369840BD7191178B12B9C1EC6DAB305C3291A8B3B0BFFAF8A5A8848B99EDBBB5826706D9808FF03C7362776B640160B940B89C6D5BF54B
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/use.typekit.net/af/89d02c/000000000000000077359fb7/30/l3eab?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Preview:	wOF2OTTO.._........`.._p...........................i?DYNA.b?GDYN.u.....0.`..p.6.$..h....E. .t.u...j.".I=...ubpS5 ...o........s./NM...r.#.tD..?.VEr%;iv.D..<....g.{.p........F.6".X..b..AH..Nq.0.P0...F...:....9..m.&.).M..^..q..0)>U.&L.,............sP.=C......T.$KA..(.Q..8.H.PA...#...5.U7Ro.{kx.....9?...2...%.6.9U5...-x0.:P3I...7......9iO.ME..Jq......6q\....4d:eW.....u...L..t...pE.........)t..".......u...@..C...e.l.X....f.p+e#.q3q]....i..K.s8....J.. P.].\t.J....w.>....EP..e\$O...sJ.Bp.oF...G....T.T.r....E.@8.v.u..]^..C..+<n..S)....H..&CM..#i......_.#F....I6.f,..t.53.3..(S..\|.&........sG.......~o.i....;.<....6-.ti.!..F.......y.P.........n7t.A.........3...1h.Z.V..Yt.:....C7...#.9....}.~C.1.;..{.x..........\|......._..6.3.2.O..A2r<9.\K.!/...d=.t7..".O.....Dz....N..O...[.c...........7ke..$6..d.....4v>.....d..............\|.........r~.....?....=.......&x.=.%.a.I.y.U.m.C.s.[.g.O..9..9...{.577>.zK..A.......P...L.Ri..Qp5.T .J..R.H...i).@.J..Kr.. .H.fDuRM...

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	dropped
Size (bytes):	34494
Entropy (8bit):	3.978145153775195
Encrypted:	false
SSDEEP:
MD5:	90FA2D8D0272CF5AD1C62507941F0562
SHA1:	D1BE29531E4DC4357612109BDD9A29CA8DA6C128
SHA-256:	BF5D8371BA72E2A571D915AC19DD450C8FAD74B751705C29E8375440B21C4873
SHA-512:	A6BD70E513B745989FE0DB76F8FC10CCCEC16ACCDDCACABB32993F11CAB3A0E62ABAAF3A2D970A41E6FB8A6E77AB5D1D736B68DABB497FA58D35A0D438459B9F
Malicious:	false
Reputation:	unknown
Preview:	............ .h...V......... ......... .... .....F...00.... ..%......@@.... .(B...D..(....... ..... ...................................................................................................................;0%.e\........................................................+...)...........................................................C...>.............................56................&...0...C...B...F.....MP................4...7.....0..................JL2...E...F...=............._d<...D...C......H..........................KLB...F...7...4...E...D...C...>...................................ihD...E...?...7...<...>...'.o...............................!"B...0...D...C...A...$.l...Pj................................+...E...0...C...>...>.....Vn..................................6:D...C...3...=...............................................=...C...B...6.....Zx......................................MT=...C...B...@...7...................................:...C...C...C...B...A...8.....6N......

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 783 x 239, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	24779
Entropy (8bit):	7.947885653348743
Encrypted:	false
SSDEEP:
MD5:	DDB6A10F460AD0F97722CACBEF9CC883
SHA1:	4A9D9BB23CBCC10483E29B8363F5BA2A7D36BED6
SHA-256:	D4C1361D1A6E5EBC7CC1DB774E00F86CF7CBAF0DB6430FFE1E31E7DE1901B250
SHA-512:	2EACD72C52A8FF6B5C388CA385970F48FBE7B547075529493F07023A8D013708365F9B8DF7224D66560382F86185E2E557F2E3AE6A1858666FCDF11A137C0EB4
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR..............p......pHYs...#...#.x.?v.. .IDATx....G..[...70.....=.h@.E..t...j...L.y..8.:0'..s..L^.e..,.xs......S.........h.....}.......@eFEQ\[;..b.............$...xd.h......'..........h.........P...................@....1<...........{..... ..........=.EQ.u....... +...]..E....iF..f.].l.E......-8....@....(..1ji...\|...Np...$..I98..../h..D.[tQ;:....y7...n........[s..]....sM.k........%y.>.E.SQ./h....'.....s...Z.y(.&....~.....?:......U.......H.o..v\....+.=..9/...........!..1lEaG...$d?..(..(.3....u.../-Zz.+.N.eQ.?.u..S......~...c..........\|M..#....w..C.p..<..;...BQ8cG=._..a.....pA.'EQ.$.\|..y;^...Gt.P"..}.....gw../...xLJ...EQ\|....d......7."...hW..0<../..&/.)...\|..~..y..hJ^.3..F..c....O-+.......O =..z.7.~.}.....(......$.X.........J..3.=...ra.].w8 .c.....%<.....Q.NB..aJ...=.o...VbF...;R..x}e......C......s............<r..r./\|..?uXA?......cyH...G......+.u8*......J..... l.[...@.(F.B~`....a[...(>.r.\.Yo.3wkV....h.$.QN.5y\@..

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (625)
Category:	downloaded
Size (bytes):	71800
Entropy (8bit):	4.9231210714807405
Encrypted:	false
SSDEEP:
MD5:	D993870BBCF7366C675CDD7ABA7297D1
SHA1:	7ECEBDB70B657B7E0F59F41D186BBF25D95A36A3
SHA-256:	6DE04BA48732E5DD0C4124C09637D369AB3867E343A901A631ADF44BD838EDAB
SHA-512:	62D37E0A2C9B0D1EC83F4E3D98776CEF192BB4582DA6CCCCB76C29248EE1C1A276AF1BB99ABC792D5E5FF10DC6AE2798347CD1820FAF6BBB2DF939ED02141180
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/developmentbank.wales/index.html
Preview:	<!DOCTYPE html>.<html lang="en" dir="ltr">.. Mirrored from developmentbank.wales/ by HTTrack Website Copier/3.x [XR&CO'2014], Thu, 25 Jul 2024 16:45:34 GMT -->. Added by HTTrack --><meta http-equiv="content-type" content="text/html;charset=UTF-8" /> /Added by HTTrack -->.<head>. <meta charset="utf-8" />.<noscript><style>form.antibot * :not(.antibot-message) { display: none !important; }</style>.</noscript><meta name="description" content="Flexible business finance for companies based in Wales from .1,000 up to .6million. Loans and equity. Secured and unsecured - Development Bank of Wales" />.<meta name="keywords" content="development bank of wales, business finance, business loans, equity, wales" />.<link rel="canonical" href="index.html" />.<link rel="shortlink" href="index.html" />.<meta name="Generator" content="Drupal 10 (https://www.drupal.org)" />.<meta name="MobileOptimized" content="width" />.<meta name="HandheldFriendly" content="true" />.<meta name="viewport" c

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32033)
Category:	dropped
Size (bytes):	37045
Entropy (8bit):	5.174934618594778
Encrypted:	false
SSDEEP:
MD5:	5869C96CC8F19086AEE625D670D741F9
SHA1:	430A443D74830FE9BE26EFCA431F448C1B3740F9
SHA-256:	53964478A7C634E8DAD34ECC303DD8048D00DCE4993906DE1BACF67F663486EF
SHA-512:	8B3B64A1BB2F9E329F02D4CD7479065630184EBAED942EE61A9FF9E1CE34C28C0EECB854458977815CF3704A8697FA8A5D096D2761F032B74B70D51DA3E37F45
Malicious:	false
Reputation:	unknown
Preview:	/!. Bootstrap v3.3.7 (http://getbootstrap.com). * Copyright 2011-2016 Twitter, Inc.. * Licensed under the MIT license. */.if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){"use strict";var b=a.fn.jquery.split(" ")[0].split(".");if(b[0]<2&&b[1]<9\|\|1==b[0]&&9==b[1]&&b[2]<1\|\|b[0]>3)throw new Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but lower than version 4")}(jQuery),+function(a){"use strict";function b(){var a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c\|\|a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b(),a.support.transition&&(a.event.

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (45343)
Category:	downloaded
Size (bytes):	478750
Entropy (8bit):	5.574820228409359
Encrypted:	false
SSDEEP:
MD5:	F205CB54F1018D0CC918B8505621F9D4
SHA1:	1480ED8A4CF5C49D97186F8DCE31AFEC295A9D9D
SHA-256:	180E79DB66BBCEA7F4CF34F9EAA1B2F3F6B308A209D10D9B8FA6CCFCDC12A0DA
SHA-512:	ECEDB0ED5A0CE9DFAB94134437DFDF3DB6BAFF44277FA572DF490240A4E5BCDFC30A22F1516DC59757B8EEF9D0FEF6191E4912B3CC66BB5AEBC33412A51362E0
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtm.js?id=GTM-TSLDWC7
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]\|\|{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"132",. . "macros":[{"function":"__e"},{"function":"__cid"},{"function":"__u","convert_case_to":1,"vtp_stripWww":true,"vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__dbg"},{"function":"__v","vtp_setDefaultValue":false,"vtp_dataLayerVersion":2,"vtp_name":"pageEnvironment"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_name":"visitorType"},{"function":"__jsm","vtp_javascript":["template","(function(){return!1})();"]},{"function":"__jsm","vtp_javascript":["template","(function(){return!0})();"]},{"function":"__smm","vtp_setDefaultValue":true,"vtp_input":["macro",5],"vtp_defaultValue":["macro",6],"vtp_map":["list",["map","key","administrator","value",["macro",7]],["map","key","editorial","value",["macro",7]]]},{"func

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 18008, version 1.0
Category:	downloaded
Size (bytes):	18008
Entropy (8bit):	7.986553708419653
Encrypted:	false
SSDEEP:
MD5:	E7681D1ED72D6C7B7453370796F40CB6
SHA1:	E53E4F287014A4D3CA981B09AB883C0E8E033D88
SHA-256:	0580E9E816DA1883AB597AF4ED3EA8E25D5325F39A64BC8951C2AA03045CA229
SHA-512:	35CA3C78A16BF640B354A85C88BAAA014B84D5C1DA0FAF24CC84B9020FF6EC642BAA422731EBB661B8BE121F8CB43535B0AFC0B97E050C3B30F3B927FBB09E30
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/use.typekit.net/af/6c50f4/00000000000000007735a544/30/l5bba?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Preview:	wOF2OTTO..FX......d...E............................?DYNAy?GDYN}..V..F.`..n.6.$..d....K. ..c..8.8..t.......pS.?...o...........8`..'..=.k..JB%T.B.y...4.f.....v.&;..T.-....._h.+f.:.....5.=._zD.....b##l;..gA........b"...1.....zf......1..%IPAA...x..1..^{..x.g/..DnE..iB6.F.6 X)b<.,.........X.E)-..0..N.v<l.[.....fK.9.....7\|...Z....\..%`I.......y.x...$..C,E......K;-L..Se.]..W..4.6....f."......@Q4.R.....d..E.c^..!.`...{z....&"b.....a. ......Y..R&.da..4..OPj..m.....C..Z...4..f...Y.IK....(.d.dy#C..l(A........"...&e..J....E..d,......!.(....b@.%wq.C>o.......6o_.-...g...x(....<.V....S].z........T.......C....@B.$B.C...p.N...1.7.,.1N.p.H...:4.]...`...]..i..k.#...4.-.C.\|V...5..j.......?!...jd.id..k:].^.5S.}f.....5...o..v....2NP..^C$!...V..Bh.Y.Q..4y.3.M......_.ZA.V.K..rQ....A_q.N.8.g.<......p<........d.YA.....En....yK........:...K.2..n...-.X"..rX!.3#..il.;.N.......W.5.....y>.......=<.'.)\|.......1..kD.H....L.!.b.X.V..b..'....%...#....$.DJ."k.,./Ke..\...e

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	3247
Entropy (8bit):	4.932003058408904
Encrypted:	false
SSDEEP:
MD5:	65F1411B7E14D2C1125617C62FC02588
SHA1:	24885C3814B547E0D298A062529D1C8FE1D2679C
SHA-256:	C3F8E23D85E3CE5C8E30FE8EAF91A3E9675EA3757E5150EC383CFD6874AA8F00
SHA-512:	238A767B6DC8FF6B8E08AAABC3F07F0721C111BFBD42D47FB3C7CD5DD864BDAC639BE79EA56F868DB7DD1FE9160E2016E37B405A4413C7B45FC3A443D6412ABD
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/ebanking/pages/customerlogin.php
Preview:	<!DOCTYPE html>.<html lang="en">.. Mirrored from greenvilleoffshorebank.us/ebanking/pages/login.php by HTTrack Website Copier/3.x [XR&CO'2014], Thu, 28 Mar 2019 11:05:35 GMT -->.<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<meta http-equiv="X-UA-Compatible" content="IE=edge">.<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">.<meta name="description" content="">.<meta name="author" content="">.<title>Invalid Login</title>.. Bootstrap Core CSS -->.<link href="../vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">.. Custom CSS -->.<link href="../css/adminnine_classic.css" rel="stylesheet">.. Custom Fonts -->.<link href="../vendor/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css">.. HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->. WARNING: Respond.js doesn't work if you view the page via file:// -->. [if lt IE 9]>. <script src="https

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	troff or preprocessor input, ASCII text, with very long lines (2756)
Category:	downloaded
Size (bytes):	15347
Entropy (8bit):	5.01678553299065
Encrypted:	false
SSDEEP:
MD5:	AFA57B06DE61B3F2E8CCAF2B270CF8C8
SHA1:	C43AC63F7B89EE3B20E74F27C282FBF4F1943867
SHA-256:	09D7B3E8B61524E9A079BD5EB31F93A98C865F3F6302F1EBE95ECCB98D91B0CD
SHA-512:	D7CF2F7707688AE6FC61E7BFFB4482D7347E053D360139835B4A35096E9FF46DF5656E73CAE3592000E7A31BB6FF89282C9B18CB118F8967128183C04232847E
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/developmentbank.wales/sites/default/files/css/css_u3McWBSK_oA3Drn77n83EbFBiX3zjeQh_ONHF54KdMEac4a.css?delta=0&language=en&theme=banc_2022&include=eJyFUlFyhDAIvVA0HS_kkIjKmoQ04LreftPVaT-2th_wgGHgPQbZRTFaB4LGQfJ999F1dgrsIDSie6A0mQwFpgJ5FjuUNUNofyrtmvLqAsmMg9nQjVyiPbH9cm9FDBgxaTugAgVpBe74b5PyNIX3NrjB48XbJtwkoCqW5o6Fxt2IgqLYAy4XRBSBCQ0kJcdqTzyoey5oKdWhqYq-fa5Y9t9FeY6ZhfRaCWclTtdE_Ix-cfz4gyvVU2sEWQyG0VbrvYgZ3NZ75oWwQtLCwR5pc6ZNPVDCYiRDJE8D2u_IeMjqZ3g9wBNozMr2
Preview:	/* @license GNU-GPL-2.0-or-later https://www.drupal.org/licensing/faq */..ajax-progress{display:inline-block;padding:1px 5px 2px 5px;}[dir="rtl"] .ajax-progress{float:right;}.ajax-progress-throbber .throbber{display:inline;padding:1px 5px 2px;background:transparent url(../../../../themes/contrib/stable/images/core/throbber-active.gif) no-repeat 0 center;}.ajax-progress-throbber .message{display:inline;padding:1px 5px 2px;}tr .ajax-progress-throbber .throbber{margin:0 2px;}.ajax-progress-bar{width:16em;}.ajax-progress-fullscreen{position:fixed;z-index:1000;top:48.5%;left:49%;width:24px;height:24px;padding:4px;opacity:0.9;border-radius:7px;background-color:#232323;background-image:url(../../../../themes/contrib/stable/images/core/loading-small.gif);background-repeat:no-repeat;background-position:center center;}[dir="rtl"] .ajax-progress-fullscreen{right:49%;left:auto;}..text-align-left{text-align:left;}.text-align-right{text-align:right;}.text-align-center{text-align:center;}.text-align-

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (42719)
Category:	downloaded
Size (bytes):	616832
Entropy (8bit):	5.31387554791936
Encrypted:	false
SSDEEP:
MD5:	91FA13A41A272D2A1C8BCBB67DDCE724
SHA1:	5CC5B542C035C06D1A7D35B17ADCA42479A23638
SHA-256:	9AF91840017F3E23F87E2A37C962623D852518BE41BE078ED212EB150F1F9FC3
SHA-512:	97C8AB41AFCFED19E23FC8132395E23B25032F57CBD2E3EBEDD4CC060106DAEBDCC123059EE439AE5596923A374229A582EA8EC0F6A885786A8A2B10F645F3DE
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/developmentbank.wales/sites/default/files/css/css_D6esYjL7rIh4M2PH3ZZtrzCVO7nt_SGMLVLCNxXvaVwe0ed.css?delta=1&language=en&theme=banc_2022&include=eJyFUlFyhDAIvVA0HS_kkIjKmoQ04LreftPVaT-2th_wgGHgPQbZRTFaB4LGQfJ999F1dgrsIDSie6A0mQwFpgJ5FjuUNUNofyrtmvLqAsmMg9nQjVyiPbH9cm9FDBgxaTugAgVpBe74b5PyNIX3NrjB48XbJtwkoCqW5o6Fxt2IgqLYAy4XRBSBCQ0kJcdqTzyoey5oKdWhqYq-fa5Y9t9FeY6ZhfRaCWclTtdE_Ix-cfz4gyvVU2sEWQyG0VbrvYgZ3NZ75oWwQtLCwR5pc6ZNPVDCYiRDJE8D2u_IeMjqZ3g9wBNozMr2
Preview:	/* @license GNU-GPL-2.0-or-later https://www.drupal.org/licensing/faq */..page__tag,.teaser__tag{background-color:#faa61a;border-radius:3px;color:#363534;font-family:"canada-type-gibson",Arial,sans-serif;font-size:16px;font-weight:500;line-height:1;padding:2px 15px;}:root{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef;--bs-gray-300:#dee2e6;--bs-gray-400:#ced4da;--bs-gray-500:#adb5bd;--bs-gray-600:#6c757d;--bs-gray-700:#495057;--bs-gray-800:#343a40;--bs-gray-900:#212529;--bs-primary:#dc003e;--bs-secondary:#e6ddb8;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-primary-rgb:220,0,62;--bs-secondary-rgb:230,221,184;--bs-success-rgb:25,135,84;--bs-info-rgb:13,202,240;--bs-warning-r

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	84
Entropy (8bit):	4.950919727307049
Encrypted:	false
SSDEEP:
MD5:	373A92012454D523087BEA32A3043987
SHA1:	D1E793FF7FFC4447DE536B5778379FF68ABA86D9
SHA-256:	A0CE8E5DEF1B8036D134A7E1F441401204E2452C40FBFD4470AB143FF24E48B3
SHA-512:	F15F0BAC2E3E29025F5F2AA33D634FEB7959FEF3404E73068EC8D9CD164CFDFBEC77F540D981821DE14F84D645F90F64C2B356E858C7D98BE364D3CCB1D56C0E
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSLAm2YpdmQ8V1ahIFDe-_jXMSBQ0AoAvKEgUN7WKrPxIFDUHqUa4SBQ1PLJV2?alt=proto
Preview:	Cj0KCw3vv41zGgQIAxgBCgsNAKALyhoECAUYAQoLDe1iqz8aBAg8GAEKCw1B6lGuGgQICRgBCgcNTyyVdhoA

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.066108939837481
Encrypted:	false
SSDEEP:
MD5:	96B191AE794C2C78387B3F4F9BB7A251
SHA1:	F974547DF0ADFFB7E80699552C6BCE3E709343A6
SHA-256:	CE76758AEEF2CAF12021AFB5257D0CA4E9E5C20015C2C85D68BB27FA6B1AFB28
SHA-512:	07EE1CFDBD53C1046FA4F44FF7C83F4456CDAA099299816B451D114E3EEAAD4BE8F0CD0FC09F0E838418BCBB5E50547E806E8E080B8E3421D0DB26FF4C15D412
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSFwkN7jfA0HYYAxIFDeeNQA4SBQ3OQUx6?alt=proto
Preview:	ChIKBw3njUAOGgAKBw3OQUx6GgA=

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (480)
Category:	downloaded
Size (bytes):	9331
Entropy (8bit):	5.160190695931363
Encrypted:	false
SSDEEP:
MD5:	1EC4343DA6FE29D2595F19D938E2BA25
SHA1:	AEA5598A1B3726D69CBAEABA841311F509290F99
SHA-256:	297D1457493FE5F24653C53EB499118F3FEFCA1BCDCD3F84BC6AEF658053DA2C
SHA-512:	611BC74BCF536369CA6DD11EDB980B84FBBFE826E6D493CF8F5351DC15327EDD80559A0FECD61F5F89A88FA1C7816320A93021B5A21EE6559ED07955A5A9C1E2
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/use.typekit.net/atd4dgy.css
Preview:	/. The Typekit service used to deliver this font or fonts for use on websites. * is provided by Adobe and is subject to these Terms of Use. * http://www.adobe.com/products/eulas/tou_typekit. For font license. * information, see the list below.. . canada-type-gibson:. * - http://typekit.com/eulas/00000000000000007735a53a. * - http://typekit.com/eulas/00000000000000007735a540. * - http://typekit.com/eulas/00000000000000007735a543. * - http://typekit.com/eulas/00000000000000007735a544. * - http://typekit.com/eulas/00000000000000007735e53c. * - http://typekit.com/eulas/00000000000000007735a548. * - http://typekit.com/eulas/00000000000000007735a54a. * freight-text-pro:. * - http://typekit.com/eulas/000000000000000000012059. * - http://typekit.com/eulas/00000000000000000001205b. * - http://typekit.com/eulas/000000000000000077359fb7. * - http://typekit.com/eulas/000000000000000077359fbd. * - http://typekit.com/eulas/000000000000000077359fcb. * - http://typekit.

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	116
Entropy (8bit):	4.931539356633287
Encrypted:	false
SSDEEP:
MD5:	80BE1992C45ED8686291D6E6459B4ED6
SHA1:	6826A0AD82108E2B7ECA12112206BB22F61F526C
SHA-256:	D30120EA25823D423EAFF2B679C5B5F781DE29E2EDC538137A5C591E28F4EB4B
SHA-512:	486D3EAA3D859480A73194E0A9E275E2C4634878D10209B4332132DBE4327705DDD195AB9032D08549AC3E03A69E414FF97987F501D25C0D72EDC6C8213C5BBD
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSLAllafsUjZnrFRIFDe-_jXMSBQ0AoAvKEgUN7WKrPxIFDUHqUa4SBQ1PLJV2EiUJGyW542FU5tsSBQ2h3lafEgUN8Xj5yRIFDU8slXYSBQ2w8hlg?alt=proto
Preview:	Ci0KBw3vv41zGgAKBw0AoAvKGgAKBw3tYqs/GgAKBw1B6lGuGgAKBw1PLJV2GgAKJAoHDaHeVp8aAAoHDfF4+ckaAAoHDU8slXYaAAoHDbDyGWAaAA==

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 750x500, components 3
Category:	dropped
Size (bytes):	47183
Entropy (8bit):	7.966810014915318
Encrypted:	false
SSDEEP:
MD5:	BDF905C984A7811ECE2797C4350DEC88
SHA1:	2386ED690F003D64C4AC9FF64D3CD8C0EFCD9DBE
SHA-256:	0A624897FE4137188356213160CF736E333D71CFF1728D3FC0657283C08C3E3E
SHA-512:	3D9605F6643F50508ECA943BC475D947F24CA5D19495D921964F069D247291AA27A9A79D29D020EB69CF28F4E0BD2E5032496A8CF5D2C0704CA59509CBEB3A63
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....`.`.....;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..JL.IL........4f.Q.`.......4f..........E....Z1E.-.Q@.!....E&).....)qN..(.<Q......b...Q..e..Q..LR.K.Z.1F)h....(...Q.)h.1E-%..b.(......QE..RR.@.E.)(...(..........JJZ1@.IK.B(.)3K.1@.IK.1@..)qF).........K.1@..&*M.m..J....i6..;i.T.h.@....1F(.=....P.1I.~(..3....I@....4P.qI.~)...b..i(.))..h.)(&.M.j.Z).....P..LR.@..LS...

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text
Category:	dropped
Size (bytes):	4479
Entropy (8bit):	4.781867341559364
Encrypted:	false
SSDEEP:
MD5:	5AFA2B2A16867E2F7F0197B7A89F3DA2
SHA1:	C44A95646FF5E499E644F51B1856B97DE2C555CA
SHA-256:	32259D71B57D11F1B70595F3DBD90293BE3100920CAE4F770C0559D6C7D6F608
SHA-512:	09E3A8AFB4068872D00CFE992F77782C60FD956CB756D02D0D6BD41FB30570B47C7334CD9C7E1E6BCE2B83838D6711F4B0CBB193CE7CC7934B49363328A6D89D
Malicious:	false
Reputation:	unknown
Preview:	"use strict";.$(document).ready(function(){. . /* url navigation active /. var url = window.location;. var element = $('.sidebar ul.nav a').filter(function() {. return this.href == url;. }).addClass('active').parent().addClass('in').parent().parent().addClass('active');. . while (true) {. if (element.is('li')) {. element = element.parent().addClass('in').parent();. } else {. break;. }. }. . . . / Side menu drop down code */.$(".menudropdown").on('click',function(){. if( $(this).parent().hasClass("active")==true){. $(this).next("ul.nav").slideUp();. $("ul.nav").parent().removeClass("active");. }else{. $(".sidebar-nav ul.nav ul.nav").slideUp();. $("ul.nav").parent().removeClass("active");. $(this).next("ul.nav").slideToggle();. $(this).parent().toggleClass("active");. } .});. $(".menudropdown2").on('click',function(){. if( $(this).parent().h

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 25420, version 1.0
Category:	downloaded
Size (bytes):	25420
Entropy (8bit):	7.98813457741632
Encrypted:	false
SSDEEP:
MD5:	704035FBF57FAC294953CDA065E5B863
SHA1:	E69BDD764BDCCEF6FA2DB0A1F22B10EC63304972
SHA-256:	2D86861BCABA4485DB2EEE84775164A16E2910F0154C305DE54934E6F1E599D1
SHA-512:	7E3889435E7CD2D30A2B9425370EB405468369835AEE8FFFA2748C919B217E8DECE9C11EC9F5561F94CF14EBDC73E3858D904C9CF6B7D5EAE450C90705837BBF
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/use.typekit.net/af/4b422b/000000000000000077359fbd/30/le003?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Preview:	wOF2OTTO..cL.......H..b............................g?DYNA.b?GDYN.u..n..0.`..p.6.$..h....L. ._.5..`...Z>.PU......._~....../N...1.=.(I{D..?....Jv....6.y...}zg....1...b.B....Xi..(...*MD..- .IW.....R,.XZbM.)...C...q.^.F..).B%m...NU...uj....._....i...?o..}vV.e....m1....E........6..n......9...6.S.3d.Y...of,..Xz..A,..J/.]...X....KU.K%AL.5.R..s../.TS..(mG"..........>.M.&b.d."....A..s..lV............=.......... .~...X95....J..Y.....Y....^..Xu...6.t...8......z...Z...z....j.~w.[p.d.v4....g..!p...3W.-.3../vd..3....(.$s..b,...Iz.yWX.I./...!..........n.....;c.0.yz.m.h8,..,.s0,.....-..N..........Y....."ZbD.`.....0G.7[8r..F....t....`1...\|X.6..aW..bpp.....ep.....s..\|...o..P2..%..KV#..m..$$-r,9..@.'/...W.o....e.M7.;SE.z<=.^K./...t.cl..X.m.vc.k.C..<v...=..`/.............G.2..{.:\|s......G.....j~3..?..._.?..1D.EE.#..{.H8q.8^.)..w.G......_J9V...M..R.L.&O....m.!..\|K~&....hihibif...~i...]S..H.>S!n]Q&.p.Hu......eL..z.'.Pea.'7-.PkhM-.tg.!..zmF..%Z.Y-..4.y-......~..-.@C.

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 17300, version 1.0
Category:	downloaded
Size (bytes):	17300
Entropy (8bit):	7.9857993922556085
Encrypted:	false
SSDEEP:
MD5:	C46F61790940F8ED3D58343200A8D23D
SHA1:	866D269E1127F090A54951B2CFFA0D0338724345
SHA-256:	E0839094A0F5D0F20DC868EB8B91942289EC146624FBD3719B6D82F8893D9DD9
SHA-512:	E2C834852DB09F4343016EC03E5EDE934B4A70B17A2C74BF50B95CE5BC435FADD945865A81D4F88198438998A97297EB2A66298BC0BDCB69BC91978CD03F3D21
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/use.typekit.net/af/37e7f5/00000000000000007735a548/30/l3eab?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Preview:	wOF2OTTO..C.......^D..C<..........................Z?DYNAy?GDYN}..V..F.`..n.6.$..`....<. .U]....Z<....%!.T5..._~.....?....U....4.9Zh..W.....<.M..Mv.....w.RQR..A..8.JS1.......wjG.%.] gQNx.K.d..N...`.J....O..k`..M.&.....y......u..{.S}...>lIo....U\3..L....p.N...m..n.q...R..X..+y...;..c..^....._..%........\..SPM...b..H...)V.....,@K...2F......}..<nZ~....c.R.2.g.L\...).Cg/...{.Mv.......r.X...b..T.N?8z.....X+..QJ.l.............h....A.!0....vvVq:...&H.M...iS..T..:.....+.U......a.3..c....."..H..Y..Wz...;.u....Pg..M...w+....y.S.s.[....~.K....sb....^P..9A......CCS3hC.h3gd...rq...\P.~......uB.........Z.w...]..d.....!.!.n......y^.....Cd..........k.+...N.(...8...P.j@...;.0...Qa.]s\|.9.b"....m.~.'.Q^'..im.e.#..QJW..e..H.r\j...-]ML....'...u{...f...}.v.Z.o....Xj.9....KScc..7.c[.HP...........(JE.Qvd.mi......Y....>.A0.L..B8.........EX.+b%...q0..y..W.6.{.1~.?..UdMXG.Mc...t.....l3....o..K......-...\|!_.W...?./.'....?.LQR....P1VL...._......Q..b.../5.Iv..d.9Z..SdP...<+..

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Category:	downloaded
Size (bytes):	1621
Entropy (8bit):	5.300142847488141
Encrypted:	false
SSDEEP:
MD5:	F273B2FB235BAD95E783A55203746D2B
SHA1:	5BA1C1F7B3B96E4FD2AFB988FF221E3F3BD92E72
SHA-256:	0426D1034D364120A75BA0535528612BE410E9E34E33875D60A18B1525446EE6
SHA-512:	CE7F96DF436EC00FBF493B18D481CFDB2FD689B655136483C34DBFBD356A3F57891F35E2F8F88D81225CD7326CAA25E008F4E3081692FF97D1FEC87F9BAD3848
Malicious:	false
Reputation:	unknown
URL:	https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Preview:	<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 404 (Not Found)!!1</title>. <style>. {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	152
Entropy (8bit):	5.101120867224018
Encrypted:	false
SSDEEP:
MD5:	D8BC130FEF6C255BF227286DFA8B0065
SHA1:	0E7815E30D9439405BE6A39C201D39CB2EA62211
SHA-256:	046CE5C572A560FB6160F3E80F9686F022433F2154739EA016A7E636CDDCE46C
SHA-512:	DF041DE0FDEEE67F07D06D8B23F092B7B7F92414253F63E7E8BE7700D1D615BAE092A646EB368776C72AE2B618549B9E7ABA301DE26B0D04CDD80335FE3E2B55
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAke6dK-LAeKmhIFDanCbSwSLAm2YpdmQ8V1ahIFDe-_jXMSBQ0AoAvKEgUN7WKrPxIFDUHqUa4SBQ1PLJV2EiUJZdUs0aoPFy4SBQ2h3lafEgUN8Xj5yRIFDU8slXYSBQ2w8hlg?alt=proto
Preview:	CgkKBw2pwm0sGgAKPQoLDe+/jXMaBAgDGAEKCw0AoAvKGgQIBRgBCgsN7WKrPxoECDwYAQoLDUHqUa4aBAgJGAEKBw1PLJV2GgAKJAoHDaHeVp8aAAoHDfF4+ckaAAoHDU8slXYaAAoHDbDyGWAaAA==

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2558)
Category:	dropped
Size (bytes):	8278
Entropy (8bit):	5.340006744800374
Encrypted:	false
SSDEEP:
MD5:	91CD6302760526034978DF6FF78EBA55
SHA1:	E026F3D9C5908452111E079195F191FB2F59CE35
SHA-256:	1622E70394C3DFFC283AB1262E5DAFB8EA3D9481AFB22E66FDBF9A005E015947
SHA-512:	18A0DA9F52EDAEDA944169DAB433D205C12F9712B8DAF56F98112B6DC6E70D6E40B5272613CCEEB75DB48157E85784217D4AC38886899F5B0FC4AC940128AF3A
Malicious:	false
Reputation:	unknown
Preview:	/* @license GNU-GPL-2.0-or-later https://www.drupal.org/licensing/faq /.(function($,Drupal,once){'use strict';if(window.Inputmask)window.Inputmask.extendAliases({currency:{prefix:'$ ',groupSeparator:',',alias:'numeric',placeholder:'0',autoGroup:true,digits:2,digitsOptional:false,clearMaskOnLostFocus:false},currency_negative:{prefix:'$ ',groupSeparator:',',alias:'numeric',placeholder:'0',autoGroup:true,digits:2,digitsOptional:false,clearMaskOnLostFocus:false},currency_positive_negative:{prefix:'$ ',groupSeparator:',',alias:'numeric',placeholder:'0',autoGroup:true,digits:2,digitsOptional:false,clearMaskOnLostFocus:false}});Drupal.behaviors.webformInputMask={attach:function(context){if(!$.fn.inputmask)return;$(once('webform-input-mask','input.js-webform-input-mask',context)).inputmask();}};})(jQuery,Drupal,once);;./ @license MIT https://raw.githubusercontent.com/js-cookie/js-cookie/v3.0.5/LICENSE */.!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (870), with no line terminators
Category:	downloaded
Size (bytes):	870
Entropy (8bit):	5.501518356025152
Encrypted:	false
SSDEEP:
MD5:	A93F07188BEE2920004C4937DA275D25
SHA1:	901CFEA09BC88D26A55CF2C57CCDAF45DFAEA95A
SHA-256:	587D5394DDB17DEC6F39DE2E973431F161A1E08A45D499FE7C7A6333A93904CD
SHA-512:	16855A943A768355129E31623E5EB7064741D4D07AC2C0FCD21C5742A1B2E2A2C3AF38E0F481BD7B8006DC96C408BE07B91BBBE28CE7C4F7F0F7D53E427500C9
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/www.google.com/recaptcha/apifef7.js?hl=en
Preview:	/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']\|\|[]).push('onload');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';po.src='https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js';po.crossOrigin='anonymous';po.integrity='sha384-1qCnjZ4tqdtwUnG8/biz1OfJ7vkM3jnPZ0W0wIcDu+NDwZyQHqHpscJVB8ezdlTM';var e=d.querySelector('script[nonce]'),n=e&&(e['nonce']\|\|e.getAttribute('nonce'));if(n){po.setAttribute('nonce',n);}var s=d.getElementsByTagName('script')[0];s.parentNode.insertBefore(po, s);})();

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), CFF, length 18064, version 1.0
Category:	downloaded
Size (bytes):	18064
Entropy (8bit):	7.98607762174791
Encrypted:	false
SSDEEP:
MD5:	645B7F7D03036EF871159C8FBF096258
SHA1:	09B5E1C1B5CD52C9813B4230738965AD74CBE58E
SHA-256:	FCF9AD39A58BD521789931E384B831A9CE7BBE3B5F9A05BF02C352E1E60C7EBB
SHA-512:	BC5403A9F8EFD1267F219BD736C262B538E7AFD901AF3C0C8DACBBF4FE5405277FC25006012EA83A4205708D557418994879CEA0C80D8B3856723A7BC2D5AF23
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/use.typekit.net/af/987a60/00000000000000007735a543/30/le196?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Preview:	wOF2OTTO..F.......c...F7..........................4?DYNAy?GDYN}..V..F.`..n.6.$..d....6. .-bu..e.....y.PU......._~......_]Y.....g".{)./'.7z.....w.9.&rr....sW4X.. .]K.t[...].....ky...EZScMU.(M..X.+&s......w...b..g.Un.>...6.u....9..3.....K.zMHE..$@...@.&F..jl.V...qg...d.......q\|...Z..&...R,..b..il..H..K...H.B_J..4#.5J4.g6g}...+.}2.........:.jj..<U....E... ..\ZL..~...i.<...,.K.....n.....&...w.=....MU..~`....}...g}.{.BVL...g.p....x..../M..'..'...J....+.!.7..f....dG..$.J.....3......0.w.....J...........h..: <,......x....d.."-...BJ.\|.....=d..K...{...(a.!-=..K/..FK...l.... ...,.D....!.[y.g.g......)....h%:..b......F.......ys.. .. o7M.:c.......2..4....r.P.......t........V..:...........6.w.0@.5.i.Y3.U.\|..B..>...P.$..t.purTF...{.D.TOOu.[..w.p..vr......z..@.f1YD.=R.....&c..yS>...w.[..6@...aL............yP..`7...p.n.m..o..\|.+.l.......8...r\...`$&`fb%V.v<....^....P}jE.?...4..A..@..KE....a:BG.,].....zO...Y.Ju..rk..=...y.O.<...J......{.?.s..s.gr>.p.Wr...

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2343)
Category:	downloaded
Size (bytes):	52916
Entropy (8bit):	5.51283890397623
Encrypted:	false
SSDEEP:
MD5:	575B5480531DA4D14E7453E2016FE0BC
SHA1:	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
SHA-256:	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
SHA-512:	174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
Malicious:	false
Reputation:	unknown
URL:	https://www.google-analytics.com/analytics.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u();v=v\|\|q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2\|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240\|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192\|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING\|\|[];w.TAGGING[a]=!0};var ba=Array.isArray,c

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65371)
Category:	downloaded
Size (bytes):	121230
Entropy (8bit):	5.098738723143644
Encrypted:	false
SSDEEP:
MD5:	E67C1C283209B9E159F7E3C2AC60CF6F
SHA1:	9D6EEA3D32D7F41DCF1F4AE45F4E3EB8A7CB3947
SHA-256:	0075037F6B8C04B853B9FA12F7123FC6163B4F403C26885B9F4DBE1FBC3CE37E
SHA-512:	1B54CC8DDF31557DFC4293106DA3492C9B072EDD92A5B49308B3D62C09A085C1B5748F9D0BF492FF78FD03FC9344490EB0C8957CFC9F6AAEC3273C40B9F9BFBF
Malicious:	false
Reputation:	unknown
URL:	https://developmentltd.online/ebanking/vendor/bootstrap/css/bootstrap.min.css
Preview:	/!. Bootstrap v3.3.7 (http://getbootstrap.com). * Copyright 2011-2016 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). //! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css */html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	3591
Entropy (8bit):	4.320137914412893
Encrypted:	false
SSDEEP:
MD5:	C315F429E37130C93B3BB9B49251617D
SHA1:	18438ABDE801E0405E7AD63D9457A27207DD5A9F
SHA-256:	F606AD7C5221F5A2F228D6B9C7250FB9F26167FF563FF26CB231ABC85DF83249
SHA-512:	C99670FE24E895E12E55E7C4DAB3BCB00D8591914C9F6EC9D90640CFAC7C432F3C789A3EAA922611C685B4D85CAC92706EC019EA03CBFC7EA17D18DFE043BF2E
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="UTF-8"?><svg id="Layer_2" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 312.05 123.94"><defs><style>.cls-1{clip-path:url(#clippath);}.cls-2{fill:none;}.cls-3{fill:#db1d41;}.cls-4{fill:#363534;}</style><clipPath id="clippath"><rect class="cls-2" width="312.05" height="123.94"/></clipPath></defs><g id="Layer_1-2"><g class="cls-1"><path class="cls-4" d="M62.43,98.41c0,11.6-7.94,24.07-26.51,24.07H0V38.3H33.35c15.03,0,24.68,9.04,24.68,21.74,0,6.23-2.44,14.66-11.6,17.47,10.75,1.83,16,11.36,16,20.89m-30.05-45.08h-15.39v18.45h15.39c5.38,0,8.68-3.54,8.68-9.29,0-5.13-2.69-9.16-8.68-9.16m1.1,54.12c7.94,0,11.85-5.13,11.85-10.75,0-5.25-3.54-10.75-11.61-10.75H16.98v21.5h16.49Z"/><path class="cls-4" d="M111.3,65.42h16.01v57.06h-16.01v-8.19c-3.79,5.86-11.12,9.65-18.82,9.65-15.76,0-27.49-12.22-27.49-29.93s11.49-30.05,27.86-30.05c7.33,0,14.66,3.18,18.45,9.04v-7.58Zm-.49,28.59c0-8.67-6.96-15.15-14.9-15.15s-14.54,6.84-14.54,15.15,6

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Process: OS API Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Creation, File: File Metadata, Module: Module Load, Process: OS API Execution, Process: Process Creation, Script: Script Execution, WMI: WMI Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://developmentltd.online/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

LLM Input / Output

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 126

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 136

Chrome Cache Entry: 138

Chrome Cache Entry: 139

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 151

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Windows Analysis Report
https://developmentltd.online/