Windows Analysis Report
https://www.wjx.cn/vm/h4qfUbg.aspx

Overview

General Information

Sample URL:	https://www.wjx.cn/vm/h4qfUbg.aspx
Analysis ID:	1417132

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Stores files to the Windows start menu directory

Classification

Signatures

Source: https://www.wjx.cn/vm/h4qfUbg.aspx	HTTP Parser: No favicon
Source: https://www.wjx.cn/vm/h4qfUbg.aspx	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.54.46.90:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.54.46.90:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49747 version: TLS 1.2

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.54.46.90

Source: unknown

DNS traffic detected: queries for: www.wjx.cn

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.54.46.90:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.54.46.90:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49747 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@14/36@32/221

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.wjx.cn/vm/h4qfUbg.aspx
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1960,i,6617503017148607142,9164832695687996193,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1960,i,6617503017148607142,9164832695687996193,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
8.25.82.239	pubnew.paperol.cn.w.kunlungr.com	United States	14112	NET-SECURENET-MTLCA	false
142.251.163.139	unknown	United States	15169	GOOGLEUS	false
8.25.82.249	unknown	United States	14112	NET-SECURENET-MTLCA	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
101.37.42.250	nvkfkpsp2pyh1bj9bwcv79lsm66x0l1t.aliyundunwaf.com	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
142.251.167.105	www.google.com	United States	15169	GOOGLEUS	false
142.251.111.94	unknown	United States	15169	GOOGLEUS	false
8.25.82.243	usercsscdn.wjx.com.w.kunlungr.com	United States	14112	NET-SECURENET-MTLCA	false
172.253.122.95	unknown	United States	15169	GOOGLEUS	false
172.253.122.94	unknown	United States	15169	GOOGLEUS	false
142.251.16.139	unknown	United States	15169	GOOGLEUS	false
124.239.14.252	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
124.239.14.253	vip-chinanet.ynuf.aliapp.org	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
8.45.52.140	g.alicdn.com.danuoyi.alicdn.com	United States	17639	CONVERGE-ASConvergeICTSolutionsIncPH	false
59.82.132.149	vip.cfc.aliyuncs.com	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
121.199.107.25	sojump.cn-hangzhou.log.aliyuncs.com	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
47.246.23.232	unknown	United States	24429	TAOBAOZhejiangTaobaoNetworkCoLtdCN	false
47.246.23.227	image.wjx.cn.w.cdngslb.com	United States	24429	TAOBAOZhejiangTaobaoNetworkCoLtdCN	false
142.251.163.84	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
sojump.cn-hangzhou.log.aliyuncs.com	121.199.107.25	true
usercsscdn.wjx.com.w.kunlungr.com	8.25.82.243	true
pubnew.paperol.cn.w.kunlungr.com	8.25.82.239	true
image.wjx.cn.w.cdngslb.com	47.246.23.227	true
g.alicdn.com.danuoyi.alicdn.com	8.45.52.140	true
vip-chinanet.ynuf.aliapp.org	124.239.14.253	true
www.google.com	142.251.167.105	true
vip.cfc.aliyuncs.com	59.82.132.149	true
nvkfkpsp2pyh1bj9bwcv79lsm66x0l1t.aliyundunwaf.com	101.37.42.250	true
www.wjx.cn	unknown	unknown
cf.aliyun.com	unknown	unknown
pubnew.paperol.cn	unknown	unknown
g.alicdn.com	unknown	unknown
image.wjx.cn	unknown	unknown
usercsscdn.wjx.com	unknown	unknown
ynuf.aliapp.org	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.wjx.cn/vm/h4qfUbg.aspx	false		high

ID:	1417132
Product:	CloudBasic
Start time:	16:36:05
Start date:	28.03.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 14:36:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	B145B62EB4D89E5D3F32A78B7064646A	398B36F6C629F70C9960392C4CD889AF3678438C	CFC4ADAC59C8B110F3B7E37C8670F5A5B6D6C7AA230CA26301A0ED82C5E88064
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 14:36:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	6A390007A844EE4B7AE1EEC3220B7A97	C6EDFB3609D3AB8DA33DFABA261384923595A210	D136FCE5BF63D155DF50B7812069EB1A953523403CD154B34B5A9D316824A780
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	86580D47EFF758DFCEB24E446A4C32DB	62653F47888EF4C12451E9E0549EF88B23419B46	5920779E9D2DFB3CCE68723886239D01900AAF8B6869458D1CCF5550AE0A7BE3
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 14:36:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	96B1D794127272A823AC1D2F35651961	AAB678104190DA520303D726998D4C3B4C91CDF0	EF9F52EB45DBB922B83644713A271D91D95F337C99F83C77788CECDF01A36438
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 14:36:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	5BCEBF4DAEAB5C6AFC58ABEC7A04C646	9DCCA2C684F1FD561809813FDAFA42B145016E4F	DA06A69EF4D3DD315DD6C10EBABE2111D93B5EF08C48EE9B22B2E12E786D888F
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 14:36:33 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	56AA58C84CC92099806975EEEC796F99	A62F9A057FF50BB5EA4D58AC829D2880624D9896	DEC85D917AA2E032A92C0F12D9667C83445AF8B41E46A23656C4CE0828C2310D
Chrome Cache Entry: 101	ASCII text, with very long lines (32072), with CRLF line terminators	E39D7F174407886A84C437F14182E57A	77E9EED704C96C3EB0180D35C6BA430B3F69A43A	C1BCC5F2066E4476E6DBAB0B5A9B9700B86F4D6EBEB2900D73EE97E53753D4F9
Chrome Cache Entry: 102	Unicode text, UTF-8 text, with very long lines (14040), with no line terminators	DD6329617ED192958BDDEFEF74A70268	7AB811278150D2F5E148C41D0FC0010B7377A767	5BB60FA1CB3AD73CC28B59CD7F25152EB52BDAD65B271E861EA050F8EAEB3739
Chrome Cache Entry: 103	ASCII text, with very long lines (6578), with no line terminators	618E9D4A2C33008BFF262C6A48FD212C	8B10F4A8B9524272BE1955DC8B6F500C0A4E9B60	729F8CD2E714975CE701E346A318A524B33F33ECEB8119B7DB21CE5F0F140354
Chrome Cache Entry: 105	HTML document, ASCII text, with very long lines (304), with no line terminators	26001F0E4AC58B95166116E7D7D771DB	BE336A006B4300DB32F0B3FCD04379DD94EAB746	3B76C4D2A1F6A1FDF2A32A5884FCBBCFA55EF4AAA1CCF2E4FF105485B03E518D
Chrome Cache Entry: 106	PNG image data, 1600 x 180, 8-bit/color RGB, non-interlaced	714DF1591DE361FB1D92CF798F0FBD98	10FE565F4939B3A0DCD2E7E36A311C82BA9F82BD	999C65ED777F0718156AA3E96E7B6A8C84340CEF666E507245548525C877B4D9
Chrome Cache Entry: 107	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	F0CBADA1819089F187A466C9C4618B6D	5469116F63B3E64CC9085E13501036DCE3DBFB0D	F6F971ECE4C5687A19A0CA08486AC764BAF539B35A8C1AF00BA4AFA924CEF9CE
Chrome Cache Entry: 108	Unicode text, UTF-8 text, with very long lines (22680)	E710AABA7133D392C3AE01BDCC36451D	F02223198F057582EC01C7A02488060687B58C2E	A97E4941CEB1A7DF7BCF5E9631B8D9E8F7B47D7CCB59B5ED3968380465E0E824
Chrome Cache Entry: 109	HTML document, ASCII text, with very long lines (304), with no line terminators	52EBE05E6024BCAC164F9D457D736372	F4D9C6FC0E6177757E9219ACE5643C1FC679B742	C0D67C767C31906A2E7281694129583C68C83E22C3D513305E9536427024E673
Chrome Cache Entry: 76	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	FF70B6DA5F20CB707DF0176FF7BD9891	7FE46C88ABEB83F361EE4C01E8BF76A242990398	2A048ECDCADB0E1B48DE9D4CFEF2293D2C8C575DD39026596D564A3D465FE997
Chrome Cache Entry: 78	Unicode text, UTF-8 text, with very long lines (10521), with no line terminators	51849F9EB6270F005B70E6F06D9D1344	A5B0673F368744B2FD59908097035D745DB4D4CE	2C04E47281493A9DD11557E73640FA1A02780D5B16A3CF68C7B02A7E76BF98B2
Chrome Cache Entry: 79	Web Open Font Format (Version 2), TrueType, length 43304, version 1.0	51E3191E7D70FC5B296457078A7AC4B2	13B70AA245A159B2A555248A0C64963D39279A1E	64EAF760CCB1BB05E28711C5805B8803727C7B99A239E3536406BB643793160C
Chrome Cache Entry: 80	ASCII text, with very long lines (14271), with no line terminators	C234EB06D5F32055092294E78957F17D	F15EE0BCB9694F32F5E1D524F2653AA0DD043402	5CDF3EDB27B0C9F8E48918C486E9AE65A9E5BEAB806B64C4A7BC5BAC53C0F540
Chrome Cache Entry: 81	ASCII text, with very long lines (329), with no line terminators	A726BE04D28CCEABCC94CB71C10F0642	C5D9B71D156552B4B803A37F14B05380F53F4395	70713DCCA595E7C9B62655E5867D3750FA1028FC270485ED711F787211D277A8
Chrome Cache Entry: 82	ASCII text, with very long lines (65536), with no line terminators	A4CFF78229E56FDE5F28D1999679A1D1	8D8F89AA7D26569337192DCE8A12DAAA1867BCD4	4C4701CA975DF0019B9CE5FFD2A8D33F413BAD55663A9F64BA9369DA7A444DB0
Chrome Cache Entry: 83	ASCII text, with very long lines (1614), with CRLF line terminators	0C78E136D5E0F8A71E6A29DD34AB5BD3	6E9327B69BB0B50FD2982E1D3B55A1BF9D80DB5D	0B598A754B7C955B28D367609C107C0DC61D9894F09D419413DA47C210F8808B
Chrome Cache Entry: 84	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	9D266505B08265FD54EE1DD49AA70DE2	7D11C2CEA3D80F6EF3DE219648D6E56A7B52FBA6	6857EAD3F665E9BF519FB0850A49E858FF7218236C2EB2523E0D1AF1E320072A
Chrome Cache Entry: 85	HTML document, Unicode text, UTF-8 text, with very long lines (15116), with CRLF line terminators	B89E7700FD7A3640A6CECF38576DC287	CB0C67B4208A5C826D9111E817F782BF2D405254	8F8691B407583B24D3B291A97473B72C90FED2544344BBE5AC024A9EA7A24F90
Chrome Cache Entry: 86	HTML document, ASCII text, with very long lines (8763), with no line terminators	3E22BE187EB8411DCFFB16E45D1D8A45	25642BBADBD7B8D073D72A965245833ABC1ED167	737E7B43414D8B16B18BB34BF894F4DEAF53504356DE2A9A4F51EC4A841AB73D
Chrome Cache Entry: 87	ASCII text, with no line terminators	809F9BDA1630A140F4AB9F5BBA9F6B0A	26B11899DF8FAB076779D7DF9C3F10A11BCA0590	BB94E5315DD9F342BE819F2A92E86B2F5DB1EC2574E392CD49E7FF2AB6DB3A06
Chrome Cache Entry: 88	data	75FB6B94DCB3A9C89ABB59A3FFD7546F	96101820857EF511BA83017E928AEEB88353B162	04975704505B42DC124568D9D4BE26AEE2D4592826A0487920CB1D016D1A8E58
Chrome Cache Entry: 89	ASCII text, with very long lines (1696)	20E738FB59A3F6D2DAA248CF6616C9A1	9A533F961990CA3FB81C89DBE6E3A3DE5F8146BD	91636A55F95DB3B97A0A9C2836BB47F632684598035CF3C637CA27766F9201FA
Chrome Cache Entry: 90	Unicode text, UTF-8 text, with very long lines (65488), with no line terminators	D1128551B55B3F5C99A4C58168287A76	EDB0E891E48245C290BC10D51832DA4903F7D891	02294DAC1DEAB71BFFAB0F483FFFC420CDF9B8776DDAC11C220CE0974B12575B
Chrome Cache Entry: 91	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x2400, components 3	60FB48E864E18A20D709B89A414E29C8	A9ABB8C2556451891004217FFAEAF42EC288EB6D	3F72616E7BEECBA8DCEA89422B08B7FF4CC36A88167FA4E0C321927FCF344DB5
Chrome Cache Entry: 92	CSV text	0DA2D7B1E7D88FEA928C6BFE9BC3E21E	5A7337275A72FBC5464B405A82EDAF3C898680C7	62F505D919D42FD3F25C3BF4B21CE777FA777C58D094E9B312F5D1CEB96927A5
Chrome Cache Entry: 93	ASCII text	38A2DF3FACCB1367DE7CEED37DE96D75	74E8FEFF32BA122A3ABC0D42464F13A9F26E2F5C	AA7D0BE85EB826BCB1E1C80C878DF5653B5781C92E66874709EF4D4D6D83F06F
Chrome Cache Entry: 94	gzip compressed data, max compression, from Unix, original size modulo 2^32 244173	B1A9399C22898253E248638047063862	237CA6D16947CDBF14DCD9C00A88BB9D0AB422E7	02AFEA774DD7985CEFE44C7AEDBD7315AAC3AF6E2B4AD7E34CFDA2946F493096
Chrome Cache Entry: 95	GIF image data, version 89a, 37 x 37	1140BC5C7863F8E54A3C2B179E640758	49E54ACBF5674212195E581848EC0D490282448F	7C6380E9985C8E4982F41F8DBA64D6B1C4A7997D0AA635D9F4BB7643AB815248
Chrome Cache Entry: 97	HTML document, Unicode text, UTF-8 text, with very long lines (64681), with no line terminators	951EB72B679E3FAC34E60D3FA5A6A292	95D683850A9B3BAA7A31DF247316ADA4D2586A66	B533A92D3A7763E0EBFB5B8DA4E61CA63C9A09304EEB23F6D7884358C81562A0
Chrome Cache Entry: 98	Unicode text, UTF-8 text, with very long lines (61850), with no line terminators	65B569B83219812139BDAA167CD9C86E	233C50D00DF83A06CC0D5813ADF29AC897625EF1	B58464053B59500775CB5F24BD07DB5AC8EAE4EB54991F2D467552482E3BC980
Chrome Cache Entry: 99	GIF image data, version 89a, 1 x 1	AD4B0F606E0F8465BC4C4C170B37E1A3	50B30FD5F87C85FE5CBA2635CB83316CA71250D7	CF4724B2F736ED1A0AE6BC28F1EAD963D9CD2C1FD87B6EF32E7799FC1C5C8BDA

Windows Analysis Report
https://www.wjx.cn/vm/h4qfUbg.aspx

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://www.wjx.cn/vm/h4qfUbg.aspx

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://www.wjx.cn/vm/h4qfUbg.aspx