Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://www.facebook.com/share/39GjjFzrA3GADipJ/

Overview

General Information

Sample URL:https://www.facebook.com/share/39GjjFzrA3GADipJ/
Analysis ID:1417142

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

HTML page contains hidden URLs or javascript code
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 1612 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.facebook.com/share/39GjjFzrA3GADipJ/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6224 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1904,i,12717620500919164502,5332162787627520515,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: Base64 decoded: ;/*FB_PKG_DELIM*/var dataElement=document.getElementById("envjson");if(dataElement!=null){var copyVariables=function(a){for(var b in variables)a[b]=variables[b]},variables=JSON.parse(dataElement.textContent);window.requireLazy?window.requireLazy(["Env"]...
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: <input type="password" .../> found
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: No <meta name="author".. found
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: No <meta name="copyright".. found
Source: https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3iHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.48.10.90:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.48.10.90:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 9MB later: 30MB
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownDNS traffic detected: queries for: www.facebook.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.48.10.90:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.48.10.90:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: classification engineClassification label: clean1.win@13/25@16/79
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.facebook.com/share/39GjjFzrA3GADipJ/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1904,i,12717620500919164502,5332162787627520515,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1904,i,12717620500919164502,5332162787627520515,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		1
Extra Window Memory Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://www.facebook.com/share/39GjjFzrA3GADipJ/0%Avira URL Cloudsafe
https://www.facebook.com/share/39GjjFzrA3GADipJ/0%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
star-mini.c10r.facebook.com
31.13.66.35
truefalse
    		high
    scontent.xx.fbcdn.net
    		157.240.229.1
    		truefalse
      		high
      video.xx.fbcdn.net
      		157.240.229.2
      		truefalse
        		high
        www.google.com
        		142.251.111.105
        		truefalse
          		high
          www.facebook.com
          		unknown
          		unknownfalse
            		high
            static.xx.fbcdn.net
            		unknown
            		unknownfalse
              		high

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              https://www.facebook.com/1484590871/posts/10231630788061145/?rdid=bhpR1yiVEqfGaS3ifalse
                		high

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                142.251.167.94
                		unknownUnited States
                		15169GOOGLEUSfalse
                1.1.1.1
                		unknownAustralia
                		13335CLOUDFLARENETUSfalse
                239.255.255.250
                		unknownReserved
                		unknownunknownfalse
                142.251.111.95
                		unknownUnited States
                		15169GOOGLEUSfalse
                31.13.66.35
                		star-mini.c10r.facebook.comIreland
                		32934FACEBOOKUSfalse
                142.251.167.101
                		unknownUnited States
                		15169GOOGLEUSfalse
                31.13.66.19
                		unknownIreland
                		32934FACEBOOKUSfalse
                172.253.62.94
                		unknownUnited States
                		15169GOOGLEUSfalse
                157.240.229.1
                		scontent.xx.fbcdn.netUnited States
                		32934FACEBOOKUSfalse
                142.251.111.105
                		www.google.comUnited States
                		15169GOOGLEUSfalse
                172.253.122.84
                		unknownUnited States
                		15169GOOGLEUSfalse

                Private

                IP
                192.168.2.16

                General Information

                Joe Sandbox version:40.0.0 Tourmaline
                Analysis ID:1417142
                Start date and time:2024-03-28 17:03:25 +01:00
                Joe Sandbox product:CloudBasic
                Overall analysis duration:
                Hypervisor based Inspection enabled:false
                Report type:full
                Cookbook file name:defaultwindowsinteractivecookbook.jbs
                Sample URL:https://www.facebook.com/share/39GjjFzrA3GADipJ/
                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                Number of analysed new started processes analysed:14
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • EGA enabled
                Analysis Mode:stream
                Analysis stop reason:Timeout
                Detection:CLEAN
                Classification:clean1.win@13/25@16/79

                Warnings

                • Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
                • Excluded IPs from analysis (whitelisted): 142.251.167.94, 142.251.167.101, 142.251.167.113, 142.251.167.138, 142.251.167.102, 142.251.167.139, 142.251.167.100, 172.253.122.84, 34.104.35.123, 142.251.111.95, 172.253.122.95, 142.251.163.95, 172.253.63.95, 142.250.31.95, 142.251.167.95, 172.253.62.95, 142.251.16.95, 172.253.115.95
                • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, clientservices.googleapis.com, clients.l.google.com
                • Not all processes where analyzed, report is missing behavior information

                Created / dropped Files

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 15:03:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2673
                Entropy (8bit):3.996533540134839
                Encrypted:false
                SSDEEP:
                MD5:3D3DE1330E467FB86E8D2195C701F6EE
                SHA1:C90CE54A221FAD2B179141C4D37AD825B47A6FAB
                SHA-256:FC39FD1F50B1DD726081C24A1226B4AD0000760978A1556EC058B3F63F2717D3
                SHA-512:228ECFA7FD8E0DEEA58B8D13A6585BE66CD09345A85AB11B8208F7DD48C695478A124A584638C2D5924B4824137EE6EFCDFFEE546ED8A949BB00AEF4458F0D4F
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,.....;..)...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|Xq.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............'`.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 15:03:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2675
                Entropy (8bit):4.00959735237275
                Encrypted:false
                SSDEEP:
                MD5:52564220C91A5544DBA03929E2B1F865
                SHA1:713C699A8AD4370F90F92AEB1A6FAB86711E8659
                SHA-256:D1B98C064D77FAACCE2F7CF8D3F0899A30202A0E60F07B2962E168F68182C97F
                SHA-512:2D6E5DC0C54624DFA02547D1C6C8A4544F257F532048EFEA9B8124663AEB4A685626353940C226BC95AA8D9109C64E1BEFE2FEECA8FE5899F1FE1AE884396F19
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,....r...)...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|Xq.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............'`.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2689
                Entropy (8bit):4.017710806605507
                Encrypted:false
                SSDEEP:
                MD5:F5F39A14F0C0ED910503C35231732D2D
                SHA1:C9860DD70CF3848B287AB1913898AB77832D6EF9
                SHA-256:25EECA3C2E76DCCA323A208FFA6A50ED38408796BEFD1452B1ED6A7C6DD39D9C
                SHA-512:5534FC9A4A86727E803B13FEE85DCE1B9289451B3B8AA75B28094B53904E24A4496D5B0031F3A94597BB8877907104C233F889E4CF1D74579E71739547FF1688
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|Xq.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............'`.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 15:03:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):4.011191824582279
                Encrypted:false
                SSDEEP:
                MD5:AC75DDE7B82EA48E9799D60980C57E11
                SHA1:F3894DC863312D41FCC58B74329725551520FBB2
                SHA-256:D89C3BE7162E8C97D51A8C42BD9D76486F09D303D70EC3F0D62DD2EBE4747A8B
                SHA-512:F91FC1D65E1C84B8F7E6F55971C6B6D8904806D1FF6FED5E0FBB1E8F86E913E00B7570C5867065A388B2F59D02A025FE72FE6530F3CCD067E3132BDA4BB973A8
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,....u]..)...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|Xq.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............'`.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 15:03:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):3.999235975180618
                Encrypted:false
                SSDEEP:
                MD5:5359C44942BE8F78131CF67A9A55F6C7
                SHA1:F2F448D422CA804E8A106FD7A04C70FA67F4A76F
                SHA-256:6C87B83FAD9088B7738A663BF61A6438DD19D3B9461005311A22A551EF8F7270
                SHA-512:07019516CD5FD0EFE1298A1839CDD6C42FE9E118E7CF29B69C620046025D578E275B30C471A00CD749A86DD9D6A63E4690A768AA6D85A674429D24E52F0BF53C
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,........)...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|Xq.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............'`.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 15:03:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2679
                Entropy (8bit):4.007478160700494
                Encrypted:false
                SSDEEP:
                MD5:219C28F0E2CBEFD297BF06D3A0DF612B
                SHA1:DF8501C69EBBF6FF9D233A133DE8A628908927D5
                SHA-256:0A1B2D001BC4A2B99655459D198C793C4E890358B12E0293A472574E687A433D
                SHA-512:EB9F8C6456C01414CD511412377B3B174966863FD7C106F53C3F67D3FAB4262ECB2C3B0B43440ED86815895C4E53D08144249AD3BF9A3965E03ED6FF12285054
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,....s5..)...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|Xq.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|Xz.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|Xz.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|Xz............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X|............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............'`.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                Chrome Cache Entry: 100

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:C source, ASCII text, with very long lines (8652)
                Category:downloaded
                Size (bytes):15525
                Entropy (8bit):5.318944945759572
                Encrypted:false
                SSDEEP:
                MD5:0A3FE4E2865E89C528B4FEB04144853D
                SHA1:7E172C21909A193457C1F6F731118B07FA1D2CDC
                SHA-256:CDB034FD65BF6818BA6FEBFBC6B1343855D6E09730B5D7FD456ADF500E1945A4
                SHA-512:BDB8419CAF2C48AE4DDD2CC047E5467825A5BA14AE5DDCF3069BC0D85E6D0B8D2E46B4B06178FD4FEF7912E9869E08484538A888B3F73FFB584AB4942E1AEC8F
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/mM84SfiWlvq.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("XControllerURIBuilder",["invariant","URI","gkx","isInternalFBURI"],(function(a,b,c,d,e,f,g,h){var i;a=function(){function a(a,b){this.$1={},this.$2=a,this.$3=b}var b=a.prototype;b.setInt=function(a,b){return this.__setParam(a,"Int",b)};b.setFBID=function(a,b){return this.__setParam(a,"FBID",b)};b.setFloat=function(a,b){return this.__setParam(a,"Float",b)};b.setString=function(a,b){return this.__setParam(a,"String",b)};b.setExists=function(a,b){b===!1&&(b=void 0);return this.__setParam(a,"Exists",b)};b.setBool=function(a,b){return this.__setParam(a,"Bool",b)};b.setBoolVector=function(a,b){return this.__setParam(a,"BoolVector",b)};b.setEnum=function(a,b){return this.__setParam(a,"Enum",b)};b.setPath=function(a,b){return this.__setParam(a,"Path",b)};b.setIntVector=function(a,b){return this.__setParam(a,"IntVector",b)};b.setIntKeyset=function(a,b){return this.__setParam(a,"IntKeyset",b)};b.setIntSet=function(a,b){return this.__setParam(a,"IntSet",b.join(","))};b.set

                Chrome Cache Entry: 101

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (6078)
                Category:downloaded
                Size (bytes):20508
                Entropy (8bit):5.593722387555805
                Encrypted:false
                SSDEEP:
                MD5:349F13CE472480E3011D4C5420E470E8
                SHA1:55EC138CB391047B14391E2C174D84E5BC959311
                SHA-256:62BE3947B245C406779B4435A6E8E6F032F188B19542C1E924C2978642B7EAC8
                SHA-512:79663855A7F627940AD6F8D9275443C0C22F4B4F49381C4417ADD0369759AA5BC6A66F228A91ED416ECECB33251630E70AA2BC10D5817EDCE69144D592B6D4AA
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/qCL2r601ymJ.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("usePartialViewImpression",["useVisibilityObserver"],(function(a,b,c,d,e,f,g){"use strict";function a(a){var b=a.onImpressionEnd;a=a.onImpressionStart;return c("useVisibilityObserver")({onHidden:b,onVisible:a,options:{hiddenWhenCSSStyleHidden:!0,hiddenWhenZeroArea:!0}})}g["default"]=a}),98);.__d("useFadeEffect",["clearTimeout","react","setTimeout","useDoubleEffectHack_DO_NOT_USE_THIS_IS_TRACKED"],(function(a,b,c,d,e,f,g){"use strict";var h;b=h||d("react");var i=b.useCallback,j=b.useLayoutEffect,k=b.useReducer,l=b.useRef,m=1e3;function n(a,b){switch(b.type){case"start":return{isTransitioning:!0,shouldBeVisible:b.shouldBeVisible};case"finish":return{isTransitioning:!1,shouldBeVisible:a.shouldBeVisible};default:return a}}function a(a){var b=l(null),d=k(n,{isTransitioning:!1,shouldBeVisible:!1}),e=d[0],f=e.isTransitioning;e=e.shouldBeVisible;var g=d[1],h=l(null),o=l(null);c("useDoubleEffectHack_DO_NOT_USE_THIS_IS_TRACKED")(function(){return function(){h.current!=null

                Chrome Cache Entry: 103

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (19300)
                Category:downloaded
                Size (bytes):278086
                Entropy (8bit):5.407986415868807
                Encrypted:false
                SSDEEP:
                MD5:F3C267E3F91CF5E960CF6860C5DD8671
                SHA1:C18A2E93CA4778DA5DB5433D5ED01644271771EC
                SHA-256:F41B5503570E6CCB6F12FC10D65474695B0B47BFCAE64A8A4336AC6949AFEC31
                SHA-512:09BD8F2317A9DBEE3003C7E8D4CF2E56D1AD65F8970CD63FCDA551958B7765DA2B6E63A7873FDD5CD17832B5D5718261CE1AB6CD49CB716076D4031DAAE1F834
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xhAcgB6kDqz.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/.."use strict";(function(){var a=typeof globalThis!=="undefined"&&globalThis||typeof self!=="undefined"&&self||typeof global!=="undefined"&&global;if(typeof a.AbortController!=="undefined")return;var b=function(){function a(){this.__listeners=new Map()}a.prototype=Object.create(Object.prototype);a.prototype.addEventListener=function(a,b,c){if(arguments.length<2)throw new TypeError("TypeError: Failed to execute 'addEventListener' on 'CustomEventTarget': 2 arguments required, but only "+arguments.length+" present.");var d=this.__listeners,e=a.toString();d.has(e)||d.set(e,new Map());var f=d.get(e);f.has(b)||f.set(b,c)};a.prototype.removeEventListener=function(a,b,c){if(arguments.length<2)throw new TypeError("TypeError: Failed to execute 'addEventListener' on 'CustomEventTarget': 2 arguments required, but only "+arguments.length+" present.");var d=this.__listeners,e=a.toString();if(d.has(e)){var f=d.get(e);f.has(b)&&f["delete"](b)}};a.prototype.dispatchEvent=function(a){if

                Chrome Cache Entry: 104

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (3094)
                Category:downloaded
                Size (bytes):25812
                Entropy (8bit):5.448044053843083
                Encrypted:false
                SSDEEP:
                MD5:E64098AEC28040AEECEE3F28D0431FB0
                SHA1:A02F87144AE4B7269068433F1D1A2063DD7F1A56
                SHA-256:E7F8080061428BC4486596A9CC9A8550813FFF1495421C77BCE654D58CD003D5
                SHA-512:D7B873078D50CDFFDA5F15149AC49372D24348364D226DCC50C66B2A250CCDA7F1A79FBA2E5D6930D8F3C97EDF75B05D950BFB80975BD286FB144B4E66A332FD
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3iMYX4/yk/l/en_US/jnw4PWi0NlA.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("CometHovercardQueryRendererQuery$Parameters",["VideoPlayerRelayReplaceDashManifestWithPlaylist.relayprovider"],(function(a,b,c,d,e,f){"use strict";a={kind:"PreloadableConcreteRequest",params:{id:"7485238031512819",metadata:{},name:"CometHovercardQueryRendererQuery",operationKind:"query",text:null,providedVariables:{__relay_internal__pv__VideoPlayerRelayReplaceDashManifestWithPlaylistrelayprovider:b("VideoPlayerRelayReplaceDashManifestWithPlaylist.relayprovider")}}};e.exports=a}),null);.__d("CometProfileVerificationBadgePopoverQuery_facebookRelayOperation",[],(function(a,b,c,d,e,f){e.exports="6477118522380066"}),null);.__d("CometProfileVerificationBadgePopoverQuery$Parameters",["CometProfileVerificationBadgePopoverQuery_facebookRelayOperation"],(function(a,b,c,d,e,f){"use strict";a={kind:"PreloadableConcreteRequest",params:{id:b("CometProfileVerificationBadgePopoverQuery_facebookRelayOperation"),metadata:{},name:"CometProfileVerificationBadgePopoverQuery",operati

                Chrome Cache Entry: 105

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (19833)
                Category:downloaded
                Size (bytes):1104008
                Entropy (8bit):5.470506284425481
                Encrypted:false
                SSDEEP:
                MD5:B33CE39F5F76F20020EAFF080BEF556B
                SHA1:85FF57435039AC4E0067178202900AA87DEB3052
                SHA-256:3A235CC09DF383B56E0BF655DBB7BFE657590FDD0F48A6AF920E19FB532EEC29
                SHA-512:D28BDF6CDA83C608C69F6F4392D978FDF492AA0DAAAC1D9074F53F31972B5014B36BC24E47034507FB4D82F9ED30D3BEA9C234FCEAC01922A9C4A2F00A973178
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3iQh04/yZ/l/en_US/4OfVhVda111.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("CometStyleXDarkTheme",[],(function(a,b,c,d,e,f){e.exports={"fds-black":"black","fds-black-alpha-05":"rgba(0, 0, 0, 0.05)","fds-black-alpha-10":"rgba(0, 0, 0, 0.1)","fds-black-alpha-15":"rgba(0, 0, 0, 0.15)","fds-black-alpha-20":"rgba(0, 0, 0, 0.2)","fds-black-alpha-30":"rgba(0, 0, 0, 0.3)","fds-black-alpha-40":"rgba(0, 0, 0, 0.4)","fds-black-alpha-50":"rgba(0, 0, 0, 0.5)","fds-black-alpha-60":"rgba(0, 0, 0, 0.6)","fds-black-alpha-80":"rgba(0, 0, 0, 0.8)","fds-blue-05":"black","fds-blue-30":"black","fds-blue-40":"black","fds-blue-60":"black","fds-blue-70":"black","fds-blue-80":"black","fds-button-text":"black","fds-comment-background":"black","fds-dark-mode-gray-35":"black","fds-dark-mode-gray-50":"black","fds-dark-mode-gray-70":"black","fds-dark-mode-gray-80":"black","fds-dark-mode-gray-90":"black","fds-dark-mode-gray-100":"black","fds-gray-00":"black","fds-gray-05":"black","fds-gray-10":"black","fds-gray-20":"black","fds-gray-25":"black","fds-gray-30":"black","

                Chrome Cache Entry: 83

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 189 x 177, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):7175
                Entropy (8bit):7.868685166674709
                Encrypted:false
                SSDEEP:
                MD5:2C4B8038DE92E58C7815F89BC771431C
                SHA1:C961C06831F5411E1C7BF9068AA02FC08E53C5B2
                SHA-256:5E75CAB6C1CE0FA52C3B086A864E4BC9AAFC0403DDEEA6B85645B1BD3F2F5B84
                SHA-512:7F126D53B9E8E03A3A9C9B3306791D74C6875C4CC13192CF193418A7528FE3062133A3907ABD5333CF2777D5C04488DF1ECD2D60D0B971F609A7DB5C50993629
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR...............Ly....PLTEGpL.......................................................................................................................................................................................................................................................................................................................................;;;...(((...................x............................................x..............w........................................................x..v..o..w..................................... ...w..w.....................................................w...........................................................w..............x..w..v..w....................x..w....................w..w..v..v..w...........w..w..w........w.............bA.....tRNS........>........H.8.Z....f.P.....pd.;..~..v..k.*.$K.....B...TE..6.W...^1....\...'..z4.,."N.~~....5....@...... .q...r....`....,@.z.]..X1x.b.9.....@.hF.....tJ..Q.,.@....l....

                Chrome Cache Entry: 84

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with no line terminators
                Category:downloaded
                Size (bytes):40
                Entropy (8bit):4.443942707918268
                Encrypted:false
                SSDEEP:
                MD5:A6AD64A173E2BF3243D4B5CF43E7736C
                SHA1:DA78B86A74D7A1BD1BB0ED7C00BAD5E58A745AA5
                SHA-256:7F898ECFC90E96439AD2070C6611EB10F81B2D2971F9ED6E2DE485B9F6BB480F
                SHA-512:7449C2BEEF964FC0BE4B08A581AAB1553416CFC0AB710EF3FE227668221D9BF81E7B7AB7F212EC5120E777E90483CA41A10DD9F253DD39F755F3CC6B035BFE76
                Malicious:false
                Reputation:unknown
                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwkbMnFS9SzlUhIFDYOoWz0SBQ3Fk8Qk?alt=proto
                Preview:ChoKCw2DqFs9GgQICRgBCgsNxZPEJBoECEsYAg==

                Chrome Cache Entry: 85

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (10333)
                Category:downloaded
                Size (bytes):70888
                Entropy (8bit):5.382436455726375
                Encrypted:false
                SSDEEP:
                MD5:1368AE057DA22373DD8F72A80EA6D34B
                SHA1:6E7776ED0E2BF85D05AC7DCB603417C659121E3D
                SHA-256:77CA29982C5C1211E68DE2A6A097436C4BB6B7E70090F4C2A51E8E6635EBFF11
                SHA-512:AB28DC4FE8157FEBF3992897F448A06BFFF5A2E7D0CA93B3343817156E050FB065BF9BB1E7175CD42A430A0CCAF4B672E1114EE1A57EB1F7030FC57922F226C8
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3idBq4/yv/l/en_US/v-SWhfFgyNF.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("GroupsCometAnswerAgentEducationModalQuery_facebookRelayOperation",[],(function(a,b,c,d,e,f){e.exports="25099363163044274"}),null);.__d("GroupsCometAnswerAgentEducationModalQuery$Parameters",["GroupsCometAnswerAgentEducationModalQuery_facebookRelayOperation","VideoPlayerRelayReplaceDashManifestWithPlaylist.relayprovider"],(function(a,b,c,d,e,f){"use strict";a={kind:"PreloadableConcreteRequest",params:{id:b("GroupsCometAnswerAgentEducationModalQuery_facebookRelayOperation"),metadata:{},name:"GroupsCometAnswerAgentEducationModalQuery",operationKind:"query",text:null,providedVariables:{__relay_internal__pv__VideoPlayerRelayReplaceDashManifestWithPlaylistrelayprovider:b("VideoPlayerRelayReplaceDashManifestWithPlaylist.relayprovider")}}};e.exports=a}),null);.__d("coerceRelayImage_image.graphql",[],(function(a,b,c,d,e,f){"use strict";a={argumentDefinitions:[],kind:"Fragment",metadata:{mask:!1},name:"coerceRelayImage_image",selections:[{alias:null,args:null,kind:"Scalar

                Chrome Cache Entry: 87

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (1825)
                Category:downloaded
                Size (bytes):2398
                Entropy (8bit):5.400988994293491
                Encrypted:false
                SSDEEP:
                MD5:FB8C6053B1AD2316E75D109AC26A48CC
                SHA1:74CE2C6E1C3A45CB762A4E02D80D75600B8F72E8
                SHA-256:DAE30A537679FFC498FA3668D80750811DCD865AEDF65812BED5D4379BC3198C
                SHA-512:A5BD969BE9E419E7C531053D8E8C80921383AE1E5CEC4FA0195008E4C000F13431EE3FA635353D99C541DAC4BCAE1B836D86D8911ED984ECBCD124E80C9C8929
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/EVQFXOpV-_q.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("TetraProfilePhoto.react",["CometProfilePhoto.react","react"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h||d("react");function a(a,b){return i.jsx(c("CometProfilePhoto.react"),babelHelpers["extends"]({},a,{ref:b}))}a.displayName=a.name+" [from "+f.id+"]";b=i.forwardRef(a);g["default"]=b}),98);.__d("Qe2JsExposureFalcoEvent",["FalcoLoggerInternal","getFalcoLogPolicy_DO_NOT_USE"],(function(a,b,c,d,e,f,g){"use strict";a=c("getFalcoLogPolicy_DO_NOT_USE")("1837559");b=d("FalcoLoggerInternal").create("qe2_js_exposure",a);e=b;g["default"]=e}),98);.__d("QE2Logger",["Qe2JsExposureFalcoEvent"],(function(a,b,c,d,e,f,g){"use strict";var h={};function a(a,b){C(a,(a=b)!=null?a:"",9)}function b(a,b){C(a,(a=b)!=null?a:"",9,!0)}function d(a){C(a,"",4)}function e(a){C(a,"",32)}function f(a){C(a,"",32,!0)}function i(a){C(a,"",54)}function j(a,b){C(a,b,3)}function k(a){C(a,"",5)}function l(a){C(a,"",5,!0)}function m(a){C(a,"",31)}function n(a){C(a,"",98)}function o(a,b){C(a,b,7)}

                Chrome Cache Entry: 88

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:downloaded
                Size (bytes):305
                Entropy (8bit):5.269919991343793
                Encrypted:false
                SSDEEP:
                MD5:3597B11FC3B17AB898C01C4352181298
                SHA1:FD703B65FB26E3E998F03BCA81C08F28A89CBAC9
                SHA-256:E66440B80362274601C578A2767E2361CD7818C3215491AC0D682F261DA38381
                SHA-512:E56B1042B46F5506CFE391A01FB76E070842241B3482CBF8C5D04794147087B1FDC924C483687D8F4326787333FE391F05B4CEEE401D92F0AC3C9AFE1B6EA2F4
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/fWxL1rr0Obq.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("CAAErrorTextWithLinkRenderer",["CDSInlinePressableText.react","react"],(function(a,b,c,d,e,f,g){"use strict";var h,i=h||d("react");a=function(a,b){return b.url==null?a:i.jsx(c("CDSInlinePressableText.react"),{linkProps:{target:"_self",url:b.url},children:a})};g["default"]=a}),98);

                Chrome Cache Entry: 89

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:SVG Scalable Vector Graphics image
                Category:dropped
                Size (bytes):997
                Entropy (8bit):5.023080424153227
                Encrypted:false
                SSDEEP:
                MD5:7850D784C53CDA239A9BE34372B242E6
                SHA1:988F8FD493FA61F1402A0C7EBEEFF6A438569C80
                SHA-256:7A10379A971BA3EDD630D99A643395A32574B5BCAC84B260659D804A46AA74A2
                SHA-512:EFDF7EE90453BB74A34831B5ABF0E4F0A2CB71A8150BF56837E5D31ED0E998CD1AABAE91186B2A1067405A2D0E795C8BD8B2F768158190C1DFB59FCDEE30C3E0
                Malicious:false
                Reputation:unknown
                Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 112 112">. <defs>. <clipPath id="a">. <path fill="none" d="M100.31 101.1H39.45V12.8h40.78l20.08 21.03v67.27z"/>. </clipPath>. </defs>. <path d="M38.54 39.69h1.82a11.78 11.78 0 0111.78 11.78v13.6h0-25.37 0v-13.6a11.78 11.78 0 0111.77-11.78z" stroke-miterlimit="10" stroke-width="9.48" stroke="#a4a7ab" fill="none"/>. <g clip-path="url(#a)">. <path fill="#90c3ff" d="M100.31 101.1H39.45V12.8h40.78l20.08 21.03v67.27z"/>. <path d="M80.28 10.59h23.26v23.26H87.32a7 7 0 01-7-7V10.59h-.04z" fill="#1876f2"/>. <path d="M38.54 39.69h1.82a11.78 11.78 0 0111.78 11.78v13.6h0-25.37 0v-13.6a11.78 11.78 0 0111.77-11.78z" stroke="#fff" stroke-miterlimit="10" stroke-width="9.48" fill="none"/>. </g>. <rect x="10.54" y="58.29" width="57.83" height="42.76" rx="4.41" fill="#64676b"/>. <circle cx="39.45" cy="75.25" r="6.3"/>. <path d="M36.62 73.73h5.67v12.48a2.63 2.63 0 01-2.63 2.63h-.41a2.63 2.63 0 01-2.63-2.63V73.73z"/>.</svg>.

                Chrome Cache Entry: 91

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (11661)
                Category:downloaded
                Size (bytes):1199495
                Entropy (8bit):5.507453932049611
                Encrypted:false
                SSDEEP:
                MD5:4B13630F8A6D4C87102500C765E74DB2
                SHA1:01DE6B8711E051B460624D2DBB0077CD9CBEDB0E
                SHA-256:6D6F4D861AE87B33B4FBB4C246666EF84753CC9CA436D768334197203C2711EA
                SHA-512:B86B75EC05FE5B44C374488ADAA0DE110C4E8BBDC71C44A207B545F726AB5576BE2260A06A974218723921E4389E7164E255E7B556D786CC42D1E20564101F58
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3i7-54/yC/l/en_US/hr4wnrnGRHO9Uu2qzjxEL9pHmFPqa9OByDYvatkvPhoOVlerAV3bwZ8MLy5NIM9adk1Rdzuzi16ygGc1wa-Oq19c8UFGgncWcrTOmPobANp9KHpDnYRWx5vjUkRtJTwzy8snYF7ZNFZkrWl_eJMlvvhSHqVjNQVlYqt0Sp55HfXW__mMgFRlCsGN0FHzi95_wmB-51YxoStyBz2gE2pEQn4HVER6.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("CometSetDenseModeMutation_facebookRelayOperation",[],(function(a,b,c,d,e,f){e.exports="4486145264820781"}),null);.__d("CometSetDenseModeMutation.graphql",["CometSetDenseModeMutation_facebookRelayOperation"],(function(a,b,c,d,e,f){"use strict";a=function(){var a=[{defaultValue:null,kind:"LocalArgument",name:"input"}],c=[{alias:null,args:[{kind:"Variable",name:"input",variableName:"input"}],concreteType:"SetDenseModeResponsePayload",kind:"LinkedField",name:"set_dense_mode",plural:!1,selections:[{alias:null,args:null,concreteType:"Viewer",kind:"LinkedField",name:"viewer",plural:!1,selections:[{alias:null,args:null,kind:"ScalarField",name:"dense_mode_setting",storageKey:null}],storageKey:null}],storageKey:null}];return{fragment:{argumentDefinitions:a,kind:"Fragment",metadata:null,name:"CometSetDenseModeMutation",selections:c,type:"Mutation",abstractKey:null},kind:"Request",operation:{argumentDefinitions:a,kind:"Operation",name:"CometSetDenseModeMutation",selections:

                Chrome Cache Entry: 92

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                Category:dropped
                Size (bytes):5430
                Entropy (8bit):2.6465732373896285
                Encrypted:false
                SSDEEP:
                MD5:3E764F0F737767B30A692FAB1DE3CE49
                SHA1:58FA0755A8EE455819769EE0E77C23829BF488DD
                SHA-256:88AE5454A7C32C630703440849D35C58F570D8EECC23C071DBE68D63CE6A40D7
                SHA-512:2831536A2CA9A2562B7BE1053DF21C2ED51807C9D332878CF349DC0B718D09EEB587423B488C415672C89E42D98D9A9218FACE1FCF8E773492535CB5BD67E278
                Malicious:false
                Reputation:unknown
                Preview:............ .h...&... .... .........(....... ..... ..........................................h. .f...............f...g...d.@.........................`...e...f...f...............f...f...f...e...p...............`...f...f...f...f...............f...f...f...f...f...p...........e...f...f...f...f...............f...f...f...f...f...e.......d.@.f...f...f...f...f...............f...f...f...f...f...f...h. .e...f...f...f....U..........................y'..f...f...f...g...f...f...f...f...............................U..f...f...f...f...f...f...f...f..................................f...f...f...f...f...f...f...f...f...f...............f...f...f...f...f...f...f...f...f...f...f...f...f...............p...f...f...f...f...f...f...f...f...f...f...f...f...................d...U..f...f...f...e...h. .f...f...f...f...f....d......................f...f...f...h.@.....f...f...f...f...f...f....t.................f...f...f...........p...f...f...f...f...f...f...f...f...f...f...f...f...`...............p...f...f...f...f

                Chrome Cache Entry: 93

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (18915)
                Category:downloaded
                Size (bytes):43237
                Entropy (8bit):5.680707641754852
                Encrypted:false
                SSDEEP:
                MD5:A20A57297296210AE55C26306436FCE5
                SHA1:AF8363C369F8FD23868093CE0FF02C8D88C229C0
                SHA-256:2DE52103B1FEEB037AF1757A1D10CB77A335258410AFF50F3CC4B93589357FDB
                SHA-512:E0BD233E5F75ECCC4D5018E1F7A4650D13BDD84D4DDCBB1BF482CB35CC836B85CE146F0A2B41DEA578CECF05FB8E7A6C9B6F28DC79A81801A9898B700860020C
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/YT7n1sgH1lv.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/../**. * License: https://www.facebook.com/legal/license/t3hOLs8wlXy/. */.__d("bignumber-js-9.0.1",[],(function(a,b,c,d,e,f){"use strict";b={};var g={exports:b},h;function i(){(function(a){var b,c=/^-?(?:\d+(?:\.\d*)?|\.\d+)(?:e[+-]?\d+)?$/i,d=Math.ceil,e=Math.floor,f="[BigNumber Error] ",i=f+"Number primitive has more than 15 significant digits: ",j=1e14,k=14,l=9007199254740991,m=[1,10,100,1e3,1e4,1e5,1e6,1e7,1e8,1e9,1e10,1e11,1e12,1e13],n=1e7,o=1e9;function p(b){var g,h,x,y=a.prototype={constructor:a,toString:null,valueOf:null},z=new a(1),A=20,B=4,C=-7,D=21,E=-1e7,F=1e7,G=!1,H=1,I=0,J={prefix:"",groupSize:3,secondaryGroupSize:0,groupSeparator:",",decimalSeparator:".",fractionGroupSize:0,fractionGroupSeparator:"\xa0",suffix:""},K="0123456789abcdefghijklmnopqrstuvwxyz";function a(b,d){var f,g,j,m,n,o,p,q,r=this;if(!(r instanceof a))return new a(b,d);if(d==null){if(b&&b._isBigNumber===!0){r.s=b.s;!b.c||b.e>F?r.c=r.e=null:b.e<E?r.c=[r.e=0]:(r.e=b.e,r.c=b.c.slice());retur

                Chrome Cache Entry: 94

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (31972)
                Category:downloaded
                Size (bytes):591110
                Entropy (8bit):5.283214211854435
                Encrypted:false
                SSDEEP:
                MD5:9C267113863E4D0C829BE6DD55F9F4F5
                SHA1:04EA409ECDA6A8387970F29A1F420B5C23B66087
                SHA-256:6F77EB2C010B4AA2B4F24A0A43BCF3DAF02506044E83EFEFF17D3E81C69A4AC2
                SHA-512:9A992132AF44C62583F49A72862488148C10E63C8836A550E1B53A5F3397954E3CBBF40E36C58BF414339D6FD5000FEE24CE69F44A75ECA25BAEA61EC323C152
                Malicious:false
                Reputation:unknown
                URL:"https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/uSn2aRZO8ux.css?_nc_x=Ij3Wp8lg5Kz"
                Preview:form{margin:0;padding:0}label{color:#606770;cursor:default;font-weight:600;vertical-align:middle}label input{font-weight:normal}textarea,.inputtext,.inputpassword{-webkit-appearance:none;border:1px solid #ccd0d5;border-radius:0;margin:0;padding:3px}textarea{max-width:100%}select{border:1px solid #ccd0d5;padding:2px}input,select,textarea{background-color:#fff;color:#1c1e21}.inputtext,.inputpassword{padding-bottom:4px}.inputtext:invalid,.inputpassword:invalid{box-shadow:none}.inputradio{margin:0 5px 0 0;padding:0;vertical-align:middle}.inputcheckbox{border:0;vertical-align:middle}.inputbutton,.inputsubmit{background-color:#4267b2;border-color:#DADDE1 #0e1f5b #0e1f5b #d9dfea;border-style:solid;border-width:1px;color:#fff;padding:2px 15px 3px 15px;text-align:center}.inputaux{background:#ebedf0;border-color:#EBEDF0 #666 #666 #e7e7e7;color:#000}.inputsearch{background:#FFFFFF url(/rsrc.php/v3/yL/r/unHwF9CkMyM.png) no-repeat left 4px;padding-left:17px}.html{touch-action:manipulation}body{back

                Chrome Cache Entry: 95

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (11661)
                Category:downloaded
                Size (bytes):1201135
                Entropy (8bit):5.5077879623029675
                Encrypted:false
                SSDEEP:
                MD5:723C183D4939F4A967218F16EA4CC3AE
                SHA1:B0E0EC839F1787FD838059057034E40CB3A804CC
                SHA-256:711A81C8A8C09B54EA8AC7815565B02D603B6CAA1B85DE2AFD63F8FDDF45A1D4
                SHA-512:E383274D8F12128B298FF1D21A586225D9F0AE2A79BC806DB76793394CA6F8A89CDF02D759A32113C2CCB9A7075B79E071B9C6C00269EEF888A064965240DFCA
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3i7-54/ye/l/en_US/hr4wnrnGRHO9Uu2qzjxEL9pHmFPqa9OByDYvatkvPhoOVlerAV3bwZ8MLy5NIM9adk1Rdzuzi16ygGc1wa-Oq19c8UFGgncWcrTOmPobANp9KHpDnYRWx5vjUsrAa0b9bMzukRtJTwzy8snYF7ZNFZkrWl_eJMlvvhSHqVjNQVlYqt0Sp55HfXW__mMgFRlCsGN0FHzi95_wmB-51YxoStyBz2gE2pEQn4HVER6.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("CometSetDenseModeMutation_facebookRelayOperation",[],(function(a,b,c,d,e,f){e.exports="4486145264820781"}),null);.__d("CometSetDenseModeMutation.graphql",["CometSetDenseModeMutation_facebookRelayOperation"],(function(a,b,c,d,e,f){"use strict";a=function(){var a=[{defaultValue:null,kind:"LocalArgument",name:"input"}],c=[{alias:null,args:[{kind:"Variable",name:"input",variableName:"input"}],concreteType:"SetDenseModeResponsePayload",kind:"LinkedField",name:"set_dense_mode",plural:!1,selections:[{alias:null,args:null,concreteType:"Viewer",kind:"LinkedField",name:"viewer",plural:!1,selections:[{alias:null,args:null,kind:"ScalarField",name:"dense_mode_setting",storageKey:null}],storageKey:null}],storageKey:null}];return{fragment:{argumentDefinitions:a,kind:"Fragment",metadata:null,name:"CometSetDenseModeMutation",selections:c,type:"Mutation",abstractKey:null},kind:"Request",operation:{argumentDefinitions:a,kind:"Operation",name:"CometSetDenseModeMutation",selections:

                Chrome Cache Entry: 96

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 10 x 10, 8-bit/color RGB, non-interlaced
                Category:dropped
                Size (bytes):79
                Entropy (8bit):4.71696959175789
                Encrypted:false
                SSDEEP:
                MD5:8DC258A49B60FAE051E9A7CE11AD05CF
                SHA1:DAFEF280663F4205FC7F0E47799E9945E6A68D6D
                SHA-256:C8CAED93847AFFC154CB3D424E34FC146E7340BB29ABEBD5EBA7063E3DCA0604
                SHA-512:5F11ED60D79A80EF7CCEFFA907CD55F31D8DB19BD2A7F4C2650C62A355C5071C5FB61DA1EB0A2071CE22ECDC35C0D12F51E4D13AAC3B0FDB95ED4629815B5AFB
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR..............PX.....IDAT.Wc...0a.!..)....A,....Zl....IEND.B`.

                Chrome Cache Entry: 97

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (8257)
                Category:downloaded
                Size (bytes):33740
                Entropy (8bit):5.284456684719883
                Encrypted:false
                SSDEEP:
                MD5:03396958B0ADC7F37D08E99EFE733CCD
                SHA1:43C9B2176C78B3CC51B33EB00B4640E69D2B7C71
                SHA-256:FFF14BF195511EBAA144E5358BE3B2FA35E4F26C08B85EFE6B58AEA753AD3AAB
                SHA-512:2DC84D520A214FD8326A941FBED39F0893E1FB60672784620BB6AE9DC9A0BA8AAA24FCDB2BF7649BC153A70685B964F2D38EAA8D9FAC159E81869522D8815877
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3i4nn4/yl/l/en_US/IOrr8Repg2I.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("CometTextWithEntitiesRelay_entity.graphql",[],(function(a,b,c,d,e,f){"use strict";a=function(){var a={alias:null,args:null,kind:"ScalarField",name:"id",storageKey:null},b={alias:null,args:null,concreteType:"WorkForeignEntityInfo",kind:"LinkedField",name:"work_foreign_entity_info",plural:!1,selections:[{alias:null,args:null,kind:"ScalarField",name:"type",storageKey:null}],storageKey:null},c={kind:"Variable",name:"scale",variableName:"scale"},d={alias:null,args:null,kind:"ScalarField",name:"height",storageKey:null},e={alias:null,args:null,kind:"ScalarField",name:"uri",storageKey:null},f={alias:null,args:null,kind:"ScalarField",name:"width",storageKey:null},g={alias:null,args:null,kind:"ScalarField",name:"name",storageKey:null};return{argumentDefinitions:[{kind:"RootArgument",name:"scale"}],kind:"Fragment",metadata:{mask:!1},name:"CometTextWithEntitiesRelay_entity",selections:[{alias:null,args:null,kind:"ScalarField",name:"__typename",storageKey:null},{alias:null,a

                Chrome Cache Entry: 99

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (7990)
                Category:downloaded
                Size (bytes):478853
                Entropy (8bit):5.5662983638969905
                Encrypted:false
                SSDEEP:
                MD5:66D23B39C14C1A246716EA0725DF4ED3
                SHA1:43648832B2EACF3DB44073B46B5597A6F76B204A
                SHA-256:172B95FE6C50D08D173E9C7D481904C2A6D69F082BD81D1014BE210A4CE0E7A5
                SHA-512:6094D06E537EDD740A96984D002AEC97980DF74EF050499C7F745DE55BC9741BA8278B8E9493A49B1252A829D73ABC05126FAD5A2DE2813DDE5A78604A5A652D
                Malicious:false
                Reputation:unknown
                URL:https://static.xx.fbcdn.net/rsrc.php/v3it4v4/ya/l/en_US/c6X24_t9bV6.js?_nc_x=Ij3Wp8lg5Kz
                Preview:;/*FB_PKG_DELIM*/..__d("CometBatchNotificationsStateChangeSubscription_facebookRelayOperation",[],(function(a,b,c,d,e,f){e.exports="6546596222061607"}),null);.__d("CometBatchNotificationsStateChangeSubscription.graphql",["CometBatchNotificationsStateChangeSubscription_facebookRelayOperation"],(function(a,b,c,d,e,f){"use strict";a=function(){var a={defaultValue:null,kind:"LocalArgument",name:"environment"},c={defaultValue:null,kind:"LocalArgument",name:"input"},d=[{alias:null,args:[{kind:"Variable",name:"data",variableName:"input"}],concreteType:"BatchNotificationStateChangeSubscribeResponsePayload",kind:"LinkedField",name:"batch_notification_state_change_subscribe",plural:!1,selections:[{alias:null,args:null,concreteType:"Notification",kind:"LinkedField",name:"aggregated_notifications",plural:!0,selections:[{alias:null,args:null,kind:"ScalarField",name:"id",storageKey:null},{alias:null,args:null,kind:"ScalarField",name:"seen_state",storageKey:null}],storageKey:null},{alias:null,args:nu

                Static File Info

                No static file info