Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074

Overview

General Information

Sample URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074
Analysis ID:1417334
Infos:

Detection

TechSupportScam
Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Phishing site detected (based on favicon image match)
Yara detected TechSupportScam

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 6016 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 1804 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2340,i,5308589142870088309,8442831917506824584,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6560 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_58JoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.0.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
      0.1.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security

        Sigma Signatures

        No Sigma rule has matched

        Snort Signatures

        No Snort rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Antivirus / Scanner detection for submitted sample
        Source: https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074SlashNext: detection malicious, Label: Scareware type: Phishing & Social Engineering

        Phishing

        barindex
        Phishing site detected (based on favicon image match)
        Source: https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074Matcher: Template: microsoft matched with high similarity
        Yara detected TechSupportScam
        Source: Yara matchFile source: 0.0.pages.csv, type: HTML
        Source: Yara matchFile source: 0.1.pages.csv, type: HTML
        Source: Yara matchFile source: dropped/chromecache_58, type: DROPPED
        Source: unknownHTTPS traffic detected: 23.48.10.90:443 -> 192.168.2.4:49758 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 23.48.10.90:443 -> 192.168.2.4:49764 version: TLS 1.2
        Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
        Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
        Source: unknownTCP traffic detected without corresponding DNS query: 162.222.105.35
        Source: unknownTCP traffic detected without corresponding DNS query: 162.222.105.35
        Source: unknownTCP traffic detected without corresponding DNS query: 162.222.105.35
        Source: unknownTCP traffic detected without corresponding DNS query: 162.222.105.35
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: global trafficHTTP traffic detected: GET /postback?format=img&sum={replace} HTTP/1.1Host: m03lm.rdtk.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://oom21-secondary.z1.web.core.windows.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
        Source: global trafficHTTP traffic detected: GET /get/script.js?referrer=https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074 HTTP/1.1Host: userstatics.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://oom21-secondary.z1.web.core.windows.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
        Source: unknownDNS traffic detected: queries for: m03lm.rdtk.io
        Source: chromecache_62.2.drString found in binary or memory: http://fontawesome.io
        Source: chromecache_62.2.drString found in binary or memory: http://fontawesome.io/license
        Source: chromecache_75.2.drString found in binary or memory: https://ezgif.com/optimize
        Source: chromecache_85.2.drString found in binary or memory: https://getbootstrap.com/)
        Source: chromecache_85.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
        Source: chromecache_85.2.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
        Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
        Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
        Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
        Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
        Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
        Source: unknownHTTPS traffic detected: 23.48.10.90:443 -> 192.168.2.4:49758 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 23.48.10.90:443 -> 192.168.2.4:49764 version: TLS 1.2

        Spam, unwanted Advertisements and Ransom Demands

        barindex
        Yara detected TechSupportScam
        Source: Yara matchFile source: 0.0.pages.csv, type: HTML
        Source: Yara matchFile source: 0.1.pages.csv, type: HTML
        Source: Yara matchFile source: dropped/chromecache_58, type: DROPPED
        Source: classification engineClassification label: mal64.phis.win@16/61@6/5
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2340,i,5308589142870088309,8442831917506824584,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074"
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2340,i,5308589142870088309,8442831917506824584,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
        Source: Window RecorderWindow detected: More than 3 window changes detected

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
        Process Injection        		1
        Process Injection        		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
        Encrypted Channel        		Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
        Non-Application Layer Protocol        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
        Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
        Ingress Tool Transfer        		Traffic DuplicationData Destruction

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-250740%Avira URL Cloudsafe
        https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-250743%VirustotalBrowse
        https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074100%SlashNextScareware type: Phishing & Social Engineering

        Dropped Files

        No Antivirus matches

        Unpacked PE Files

        No Antivirus matches

        Domains

        SourceDetectionScannerLabelLink
        wdc.rdtk.io0%VirustotalBrowse
        userstatics.com0%VirustotalBrowse
        fp2e7a.wpc.phicdn.net0%VirustotalBrowse
        edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com0%VirustotalBrowse
        m03lm.rdtk.io0%VirustotalBrowse

        URLs

        SourceDetectionScannerLabelLink
        https://m03lm.rdtk.io/postback?format=img&sum={replace}0%Avira URL Cloudsafe
        https://m03lm.rdtk.io/postback?format=img&sum={replace}0%VirustotalBrowse

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        userstatics.com
        		172.67.208.186
        		truefalseunknown
        edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
        		162.222.105.20
        		truefalseunknown
        wdc.rdtk.io
        		207.244.126.81
        		truefalseunknown
        www.google.com
        		172.253.115.99
        		truefalse
          		high
          fp2e7a.wpc.phicdn.net
          		192.229.211.108
          		truefalseunknown
          m03lm.rdtk.io
          		unknown
          		unknownfalseunknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://m03lm.rdtk.io/postback?format=img&sum={replace}false
          • 0%, Virustotal, Browse
          • Avira URL Cloud: safe
          		unknown

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          http://fontawesome.iochromecache_62.2.drfalse
            		high
            https://github.com/twbs/bootstrap/graphs/contributors)chromecache_85.2.drfalse
              		high
              https://getbootstrap.com/)chromecache_85.2.drfalse
                		high
                https://github.com/twbs/bootstrap/blob/main/LICENSE)chromecache_85.2.drfalse
                  		high
                  https://ezgif.com/optimizechromecache_75.2.drfalse
                    		high
                    http://fontawesome.io/licensechromecache_62.2.drfalse
                      		high

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      172.253.115.99
                      		www.google.comUnited States
                      		15169GOOGLEUSfalse
                      239.255.255.250
                      		unknownReserved
                      		unknownunknownfalse
                      207.244.126.81
                      		wdc.rdtk.ioUnited States
                      		30633LEASEWEB-USA-WDCUSfalse
                      172.67.208.186
                      		userstatics.comUnited States
                      		13335CLOUDFLARENETUSfalse

                      Private

                      IP
                      192.168.2.4

                      General Information

                      Joe Sandbox version:40.0.0 Tourmaline
                      Analysis ID:1417334
                      Start date and time:2024-03-29 01:00:20 +01:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:0h 3m 9s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:browseurl.jbs
                      Sample URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:7
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • HCA enabled
                      • EGA enabled
                      • AMSI enabled
                      Analysis Mode:default
                      Analysis stop reason:Timeout
                      Detection:MAL
                      Classification:mal64.phis.win@16/61@6/5
                      EGA Information:Failed
                      HCA Information:
                      • Successful, ratio: 100%
                      • Number of executed functions: 0
                      • Number of non-executed functions: 0

                      Warnings

                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
                      • Excluded IPs from analysis (whitelisted): 142.251.16.94, 172.253.62.100, 172.253.62.138, 172.253.62.101, 172.253.62.113, 172.253.62.139, 172.253.62.102, 172.253.115.84, 34.104.35.123, 20.38.121.4, 40.127.169.103, 162.222.105.20, 192.229.211.108, 20.242.39.171, 20.3.187.198, 52.165.164.15, 172.253.122.94
                      • Excluded domains from analysis (whitelisted): oom21-secondary.z1.web.core.windows.net, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, web.cpt21prdstr02b.store.core.windows.net, glb.sls.prod.dcat.dsp.trafficmanager.net
                      • Not all processes where analyzed, report is missing behavior information
                      • Report size getting too big, too many NtSetInformationFile calls found.

                      Simulations

                      Behavior and APIs

                      No simulations

                      Joe Sandbox View / Context

                      IPs

                      No context

                      Domains

                      No context

                      ASNs

                      No context

                      JA3 Fingerprints

                      No context

                      Dropped Files

                      No context

                      Created / dropped Files

                      Chrome Cache Entry: 55

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text
                      Category:downloaded
                      Size (bytes):464
                      Entropy (8bit):4.860420190181752
                      Encrypted:false
                      SSDEEP:12:8IDRR1Y5iLvnE5sR5GDRR1Y5i+h2DRRM5iLvsRGAUDRRu1Bm:8cRR14ibnEMwRR14igORRkibsRGAIRR3
                      MD5:2856B9008B89D67BE19D586E43AE8521
                      SHA1:D47AC3F1328FB58B19584D77D2E3ACC93663FB10
                      SHA-256:19E9AAA12F8478366B3707FF49B0E3CFC4818F9343B48F5D43890C943D1B1A3D
                      SHA-512:EDB79A20D1E279D96F637B23A0D769F7F98A5468BF6E01260E761F746CC3664D8515DD7C15C621EAF661122466B72486F6BE547DCAEB83734819E7C229B743F9
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/js/scripts.js
                      Preview:setTimeout(function () {. document.getElementById("box").style.display = "block";.. // 100%//. }, 8);. setTimeout(function () {. startScan();.}, 10);. function startScan() {. document.getElementById("box").style.display = "none";. document.getElementById("scan").style.display = "block";.. $(".alert_popup").delay(10).fadeIn(5);. $(".lst").delay(15).fadeIn(5);.. }.. function playSound() {. document.getElementById("beep").play();. }..

                      Chrome Cache Entry: 56

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Web Open Font Format (Version 2), TrueType, length 21716, version 1.0
                      Category:downloaded
                      Size (bytes):21716
                      Entropy (8bit):7.988919175869214
                      Encrypted:false
                      SSDEEP:384:DfspV407P6+jGlbMAA2cdv92Dg3AuGZ0KGKBb2ZXdWgb98JmSKMrN:D64Ei+n2c19NuqKuZXdWv79N
                      MD5:D4FF90DB5DA894C833F356F47A16E408
                      SHA1:30606044507D81B996C992895AB16B8A8D68BE97
                      SHA-256:F2C761EE3CE27469F940A05B64E38A829A400427727CD0BDBB4E36F1D572AFD7
                      SHA-512:85C6305EE6973EBF449EFCFC95BB10A66E5CBA92D026A2EC4F1072DC8CCBC5B4A4A384FE425E53E2DADE2180F37CCA56243ED354033CFCA5821CBB77FB8B0FA1
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/fonts/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
                      Preview:wOF2......T........P..Tp..........................4..,..@.`..~..d..u.....<..4.....6.$.... ..V..X..^...'..:...m......?..ts..6(#k.y........ON....Mn..X..~X%A...T...q.r.L..9..B}#e....*}......{..l.I>.n....*.u.>v(..}lo.2.f..D.TG...:mc.3.M..A...../aJl..ZT.b.S.E}..wq.B...&...Y..s.o....Qs....>.]u^O....d..Y....oEfh.........u..X.....E.3c*....r...Eb.....N2+%\...J.6]N:.g[~..,..>@.`IXs........LP...c.!K.X[......A7Z....O..g....5..1...=..X....e!._.A..u.raef..y.....>li,/+..-.P-)...w.I..3\..s^.....T.\.1.;.x.:.r.7g...dK.$;....L2.t.i..hz.....>............5...,~}...W#..X.2...E,.Y.3..f.#........[..X......fDW.d...Y..8..T....^.{BC...+.W..9...`...\ ...c`.nc........_...}6A5eM.0r.IG...Km...l.'.o..py.~7.........P....9...hI.A'...D9.....4Q...9sc..9..........9lw.P...dI..z...S.>U.5.@Z...{.....=`R(...l.T.5...4{K....*.L..A.]...Rg.3......l..a......I.>...p.q.H.E=.$...Ps..LU..=.$......YU....#Fn..Q..c...B...4...B..3....?....ywJ.$.I..L....yK...m.!..b_g.eH.3,.5 .@.D.........)N.?.<yR......Ro

                      Chrome Cache Entry: 57

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 33 x 31, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):463
                      Entropy (8bit):7.179067065082675
                      Encrypted:false
                      SSDEEP:12:6v/7Kk/ZULAVExM3OCHtL5bCRyqYJkz6Ziu/SAF5p9UCNb:dDEO+3VHt95tEWiu/SAF5p2ob
                      MD5:905D91C276116928FA306EA732723FA9
                      SHA1:092604F6A8786E46A7DEE06065D29D2896FCF568
                      SHA-256:9CFFD13C2CE05EBE032709A88FA59504E1218A12B175EC40D5AAB280C18BE51E
                      SHA-512:701EF9AF42666AA12CE68726C8BE76F093A6C22999E0869B05462163372ACD3A6E7B728815035B7C29423C3E74EFB3F8CD36806F709C6C3BFA744F036F67FE97
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/nOxp-sett.png
                      Preview:.PNG........IHDR...!.........^JT.....sRGB.........gAMA......a....~PLTE.................................................W.fT.c...=.Nzzz9.K5.G).<iii..39xD.."WWW/n:...GGG.t..b..].444.?.###.............IDATx....6.0.....%.:=.F..]D....-.Io.5...'.LZ...j....<d.Pg..g.s..-v....&.....&o#....q.H.........@L).].T.@....d..%.1....o...P..B..y.%;.k.a]fG.....g..3..'.....d.O.{...J.Y.N..z...tus:?.%...(]rv8J..w.ty8J.K...$.$........_..k~......nt.O....IEND.B`.

                      Chrome Cache Entry: 58

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:HTML document, Unicode text, UTF-8 text
                      Category:downloaded
                      Size (bytes):23236
                      Entropy (8bit):5.7125320397887345
                      Encrypted:false
                      SSDEEP:192:ClIazFsyvfAWkPV17BEg8NQnF8HtN1vZnzoMuGrm4gYn7ZiQ4l0AnkZZ4VmXEPSw:0ri2to8tZnnuGrm4TMjaXltLG/uQzT
                      MD5:2FE10C2E18939D250D347BAB1D9FA025
                      SHA1:55B6EBCD7EA3D897961C13A899AC02E460F03D5F
                      SHA-256:C1500B37F0B256D94481688CDF1CDD64A252E68AC1A4D079BD0C3CDD2AB5DFA1
                      SHA-512:7643EB47AE7A5147E826537D5F640B65663062B80779B36B339A9F71DFC7E263416E45EA31BDB221355BE755682618CAEFF70E6FFCF428F0B4E87BB8D3680E45
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074
                      Preview:<!DOCTYPE html><html>.<head>.. <script>. function jkdhasjkhdgwqhgehkqgweyuodq(name). {. name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");. var regexS = "[\\?&]"+name+"=([^&#]*)";. var regex = new RegExp( regexS );. var results = regex.exec( window.location.href );. if( results == null ). return "";. else. return results[1];. }. var bcda = jkdhasjkhdgwqhgehkqgweyuodq('bcda');. </script>..<meta name="robots" content="noindex, nofollow">. <meta charset="utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">. <title></title>. <link rel="stylesheet" href="css/styles.css">.<link rel="shortcut icon" href="images/microsoft.png" type="image/png">.<link rel="stylesheet" href="css/font-awesome.min.css">.<style>. @font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url

                      Chrome Cache Entry: 59

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):386359
                      Entropy (8bit):7.918825986924844
                      Encrypted:false
                      SSDEEP:6144:NA4ofIJI3N5DUXeDZyvPUeNf4N7CPKGfMZM2ZIc6zN3Nl6aF9YfUtuQ/iKgQbN:NDCx3jguDZynO7CPKGkZM2n6Dl6yYG7J
                      MD5:BE42AD7752720327D28BF52DBDBB64C2
                      SHA1:F4CCE31B9236319AA9C87FEE038638D1DE12C07D
                      SHA-256:C3AD6AA1C03FD108854F008CFEC2753BA623E1470A4D61798B5D8C050E474868
                      SHA-512:AFD543CC2D26243B5AC4EECCB90BAD2149A18713F7F904265337203B9D67D9E47ADAD554AE2A049C2D80D48D095048F091C40AE974621062F786B81821783AE0
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR... ... ......V......pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

                      Chrome Cache Entry: 60

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 66 x 68, 8-bit colormap, non-interlaced
                      Category:dropped
                      Size (bytes):542
                      Entropy (8bit):7.418889610906542
                      Encrypted:false
                      SSDEEP:12:6v/7mWM/pflYMfu+trSAY6azsD0I3PIeIexo841+kSfLI5Hn+EJnx:eMGOuAYHsD/3PIeIexo/okXeEb
                      MD5:0E9558D2D6E8000CE5C6C749C8FC67C2
                      SHA1:F7BA9490807EF70BB6195150D6287CD54B7FEFD0
                      SHA-256:91FB42A68A122344FD78CFD5F0CF9D06FF6D307FD4A5C68F40231C5950ECE9A1
                      SHA-512:C9EAA2F8FCADC41379CB22A7DFD3CDBE2AF35C14E38E6F328A78A38746BEF3902832E0DBB89E7A918F026A9768B520CDB1764113D130443C373ED97F2638FFC2
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...B...D.............sRGB.........gAMA......a....3PLTE................|..o..b..V..J..=..1..$......~..x..x......IDATx.... .E.E.y....Y.h[..vM.b..S..!i....u.Q}.P. ........}.eN...&.(.w...L..`.>.......e\:.. ...Z.Y../.....&...Q.O..'W.Q}.mQ...e..S..S.{...&r.p..0..6C$o..:...E..t...x...O....b..*.o .../U...Z=...D.t...$'.....E.<...@.'.+..@.c.|b..|.8.A........)?./.A...XdXA;V.3.N..b-...v.<g*......oS...?......8.:.I....0.P.E.%....Az.t(...|".l...}I...>......Y..fEe..U...T..!&.p.Uz...Wr..4M......5['.}..D....IEND.B`.

                      Chrome Cache Entry: 61

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 1903 x 1020, 8-bit/color RGB, non-interlaced
                      Category:downloaded
                      Size (bytes):549442
                      Entropy (8bit):7.994805157826083
                      Encrypted:true
                      SSDEEP:12288:IjQ8p0xvN9qc86dWDRfhVlu9vuInKyZH6Wjvp4qZaqAG58/:Ijfp0p/8dRE9K+bp4q0KW
                      MD5:F3E18C4DA95B83AB519A72F2876019F2
                      SHA1:209F613FED2D2202E134E00081AD3C32EC5E6A25
                      SHA-256:466835EF2D6F0F0BFDDAFA405154702E36A5588F69684DD3B6642F9013EB778B
                      SHA-512:169598F9793AA478FD14E5BE8785BA583EE9D0AF6C31E64BF8C2EDD05F9F5F6D2510669C38600E90448645CA12D4EC729E7953AC6DB99BF1E3C2AE98231E234B
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/bg1.jpg
                      Preview:.PNG........IHDR...o..........b.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........6.u....zTXtRaw profile type 8bim..X...]..*....E...@0.~...k.r...so....1B.ikK.\........%.X$H.yHH...{...5.{O,.l.._....7}.p......6,O..=..].w...MA=....b.n..[...G...p[4...{.;.zL..y}....i......E1..S{^.Q...:..K.........]....7...s.t..y.O..N...#z.{.....c7.........7..............}..[`.G..%H...g....M3<.P.......}Sox....n.e.e..x.~..W.....D.].KQ.!o.V..y.j9.. ..U.u...$.?\.......)g.?...v..q...y..5./.......9.......G./......WT.="..L.zzO...'..D@.:>...H\.2$..ZOA.{...Q..Dm&[..;n.|..V.._T...K...........p....]8..a..|3......v.L.K.'..._.c.V...C.-....l.........^.e..\.{.....I...aQ...M..d......o."..l@.M='W..6,..z....?.~V..<0..].<.....l!..S^q[',..' ...L..G....O._....B'e.By..tq?..K....C....r..rg.U.w%.t.)y].X........P..~.Y.^.\i.Q.h..)..L.I.L.h.x.I..[.X....a......[.c..b`\q|T..>.1.C.g...tl.c.....Y.......o.....:.I.=......]p)..y..k.l...W...PP.1.+R..

                      Chrome Cache Entry: 62

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (27265)
                      Category:downloaded
                      Size (bytes):27428
                      Entropy (8bit):4.747313933055305
                      Encrypted:false
                      SSDEEP:384:ci5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/8c:3lr+Klk3YlKfwYUf8l8yQ/T
                      MD5:FD1609EB97E739683ACF23120FD6F6C9
                      SHA1:19B2E83FE8DF09B85E74835C398AEFEE816BDFCB
                      SHA-256:CE26D1B76DAE2F3B5D0CCC8D0ECD88D2EDB411101B8A4C5EDC4D9AA7008C9B04
                      SHA-512:2183FDCC8AEF88B15048E735EB2D588868AE4CAAD624B4C369F276402188CABA9C962065699798AA27BC4C18AE97E16BF8FCF219D762B73726AFB1A924BABCD2
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/css/font-awesome.min.css
                      Preview:/*!. * Font Awesome 4.5.0 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot');src:url('../fonts/fontawesome-webfont_1.eot#iefix&v=4.5.0') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff2') format('woff2'),url('../fonts/fontawesome-webfont.woff') format('woff'),url('../fonts/fontawesome-webfont.ttf') format('truetype'),url('../images/fontawesome-webfont.svg#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.28571429em;text-align:center}.fa-ul{pa

                      Chrome Cache Entry: 63

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 77 x 72, 8-bit colormap, non-interlaced
                      Category:dropped
                      Size (bytes):813
                      Entropy (8bit):7.634265238983043
                      Encrypted:false
                      SSDEEP:24:h00pTjSMySX+80rKccuDFg9QaHIUv6NtSMRNCYtcaW:h00+e/8K/2eQaHIDzTW5
                      MD5:D648C1837D01495ECCD63E053491F72A
                      SHA1:991D8F6C72777239472410D6129FD5F25ED9D134
                      SHA-256:9EDBF56B360080F5D6765DCE77353B8130E9F8316AD34C68F6C2792CDC446321
                      SHA-512:522F6CC26722C7335CF574716FF3EF4C9040FEFD6F8F065F49F05D235D077B1980858824A6FF1C98710DB35511525D37FD350822FF412F38420317E82BD305A2
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...M...H........1....sRGB.........gAMA......a.....PLTE............................................|...o..o.|b..e..b.pV..W.fJ..T.c=..1..=.N5..9.K$..).<.....3..0.~..x..z...$.|..}..~...i..B..U..5..!....._..../IDATx..mW.0.....RCr.+Q.....[.....p.N..o......>)B'.tR.Mb.8..j..f..R...+...V2...r.z.`...NX.\.c....e........Fev.8|<..1..A..v.E..!.&..|........n.T..(....q.<.b.[U[......MmAjq.S.........>.g..l2.q..H.wZ-..#...O..3!.E.r...wg.C./wS......O...O.k=....u`=}.J.B[..z.......,cI..h*../.(5.{ ....i...LB.k.W.4....fr.....,..G+...#.na.H.F..m.0t...1c.^.........q?@.?... K...q...!4n..b..FZ...!L..AC.(v...+X&K....[w.&L..0...b]..`b...x...D....H=.....>..i..[...wK.R..g.....r..R....6.p...1}.j.6......\.G..p..i$.........h...L..v.A.....#2JI...,!...b..osk.....q....IEND.B`.

                      Chrome Cache Entry: 64

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=39, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=180], baseline, precision 8, 180x39, components 3
                      Category:dropped
                      Size (bytes):17173
                      Entropy (8bit):6.662336090490458
                      Encrypted:false
                      SSDEEP:192:ZjA6YNMtKwZPJrQy4luZBYNMtKwZPvRknP1tRQpw5v:ZdYNg7517i6YNg75vqnPzzN
                      MD5:4BF52EB9B3EFCE840ADD1A90D83A40E5
                      SHA1:6348A7617DFCE3165E07AF53A48DF7892D62FFE1
                      SHA-256:A85F1E749A829C5C909837844C6B53CE0A9AE2ADB7C8EAC0E7B96C372C679A0D
                      SHA-512:5EA12290BA3A6F3EFC59B91A594E8C5C652FE21E035AF851BF81ED40FE1C7D226A1DCD4A159E0D8207881AF3F65F4E20DE76E623BFDD5F4A663F479E414EE977
                      Malicious:false
                      Reputation:low
                      Preview:......Exif..II*...........................'...........................................................................(...........1...........2...........i........... ..............'.......'..Adobe Photoshop CS6 (Windows).2023:02:24 11:53:28.............0221................................'...............................n...........v...(...................~...................H.......H............XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

                      Chrome Cache Entry: 65

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (32478)
                      Category:downloaded
                      Size (bytes):84817
                      Entropy (8bit):5.373777901642572
                      Encrypted:false
                      SSDEEP:1536:AP1Wk7i6GUHdXXeyQazBu+4HhiO2Id0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:K4UdeJiz6UAIJ8pa98Hrb
                      MD5:20C129BEDB4A26DB02FC0F54D026C3F5
                      SHA1:093B9D2728788DE24A728742070A348B2848573F
                      SHA-256:436ECC90FAB5ED1034B68A4A0E924E0132D93D9E7FB59B4FE23018EB7D9242C1
                      SHA-512:1997641A1DBA92AF7C28FE67C14FC3F89C1E49BE14DD8A8903C3C5D4A4AAE6161B00BF37D02EDA6E8B45F88936C0A7871C1D465036D6F1D18C36ED8D419B78DE
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/js/jquery.min.js
                      Preview:/*! jQuery v2.1.3 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,functi

                      Chrome Cache Entry: 66

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 33 x 31, 8-bit colormap, non-interlaced
                      Category:dropped
                      Size (bytes):463
                      Entropy (8bit):7.179067065082675
                      Encrypted:false
                      SSDEEP:12:6v/7Kk/ZULAVExM3OCHtL5bCRyqYJkz6Ziu/SAF5p9UCNb:dDEO+3VHt95tEWiu/SAF5p2ob
                      MD5:905D91C276116928FA306EA732723FA9
                      SHA1:092604F6A8786E46A7DEE06065D29D2896FCF568
                      SHA-256:9CFFD13C2CE05EBE032709A88FA59504E1218A12B175EC40D5AAB280C18BE51E
                      SHA-512:701EF9AF42666AA12CE68726C8BE76F093A6C22999E0869B05462163372ACD3A6E7B728815035B7C29423C3E74EFB3F8CD36806F709C6C3BFA744F036F67FE97
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...!.........^JT.....sRGB.........gAMA......a....~PLTE.................................................W.fT.c...=.Nzzz9.K5.G).<iii..39xD.."WWW/n:...GGG.t..b..].444.?.###.............IDATx....6.0.....%.:=.F..]D....-.Io.5...'.LZ...j....<d.Pg..g.s..-v....&.....&o#....q.H.........@L).].T.@....d..%.1....o...P..B..y.%;.k.a]fG.....g..3..'.....d.O.{...J.Y.N..z...tus:?.%...(]rv8J..w.ty8J.K...$.$........_..k~......nt.O....IEND.B`.

                      Chrome Cache Entry: 67

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 1920 x 4340, 8-bit colormap, non-interlaced
                      Category:dropped
                      Size (bytes):462770
                      Entropy (8bit):7.96289736720607
                      Encrypted:false
                      SSDEEP:12288:DXMwroWYpUUd9hSjXrTM3RR1tTmtGOqxcBt:D8gId/sXrAP/4GOccX
                      MD5:AB996ED3B126F2B5F0C1F214B96AFE7A
                      SHA1:77223F12976D20E06058FE40040E261BD5688F39
                      SHA-256:4EAF7B7F53EA1A27A22BAE168F560D9DC78DC2E2185162BE9EE4DB59E1E1065A
                      SHA-512:821C654BC048F4AA5E0B563A91D0047EACA7F1EF2AC5C481481507F1B13EE539322B82BDFB30E23064BAB6405E3F69B2B951672EFD772535BE790D8E96D0E22D
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.............*.Wc....PLTE.........$..3..+w.H[....4n.lS.Ab....Js.&..TQ.......YK.__.......6....)...'..Yc....4......h.......a``...S.'(2......A{..................................................................yP.................-%...............bN.................................]( .j........D'..............TUV"i........................................................n..W.$.f..............CC<.......................n_R...V...e"......%..zk^...Qm..........................VnowwN5..t...yd../4>. ILMm>&.l...h....c....f.......:@P(..\F;.R..tn.}...|..P...O....l?.T...<........[A.L....xG.O&..|..a......hX[I..~a....P..t...Y(-O#Gzr}...E..bL.|.......gn......6P@s[....t..r....4J.n.?J.f...r..d....Y...6..v...R.C.QK...Gb.#...0.\9T.g.s4..W.7.b...@.M....mIDATx.....0...w.....*P#..u......f...6.........>t...................+.....3.A.3s.....W..<E.7;...4...7.z.C..... ....=..^..)D...^."=h G.".......e...UTVE....9.f.%.O....M.wS...m..

                      Chrome Cache Entry: 68

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 77 x 63, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):920
                      Entropy (8bit):7.724066066811572
                      Encrypted:false
                      SSDEEP:12:6v/7mB/l0/J6RqecpVWT8b+KOKdshUh+fawoZ0fIJJXTSpB9rXMnhiXy1wps22h:RLO5XWT8ahKdshUhgpuZTuB9rgiICw
                      MD5:B0495EDE4C875843FEC037C794E9FF9A
                      SHA1:C813AEFBA255A5CC53AEA7811F987CCB551C3128
                      SHA-256:52B762D47C066E16300675D56CC359B504FFD3239438C96EB973864311BB7B79
                      SHA-512:41C4F6A27BA85162C03B80AFB29CCE78F4F6BCED74D1249D4E8DECD53E9D9B52230CBC8321F7B579ED30C0285F75B9EECB14724D55DC2F4D4906BFDB2C2B75C3
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/qsbs-firewall.png
                      Preview:.PNG........IHDR...M...?......=.H....sRGB.........gAMA......a.....PLTE..........................................|......o..o.|b..b.pV..W.fJ..T.c=..D..1..=.N9.K$..(..).<........3..0.~..x..z...$.|...7..i..U..6..!....<......IDATx..m..@...*I.R.Ff..;......p...?....:{...o....7.......(..k.B..`BdCZ..cp.Tz..E.....q.6.\._)Q....._.)..q....}....r.B.|.q<.ZR,...v....:K.....e#.A/.o....p..]...j-..mu.p8....h\...>.....7!. u...JR.....V.N..Y..^a0..K5..... ......;p'!..'.R....Rx.L>....t-.......)....&%X.8.I......}.VZ....4..2`.=.n..6(.6..cpl.l.82..H[X.=..VH.e.c..r..Eom.Lm.+..F.r=..h..jn\l.-..../?e-.g.&..c...........9kB...].4..U....AK..::%3h........}..Tsw....P..+.M.vZ....d.....*..q'w.,t..a.~.<..:i;..$.O.O..4.Phig.F..=.......,.._..]....O~...+l.../y........I..,..........,..m.<9k/w...~..g:../.@...n.m#;...b..k..zD.....+.4..[..i"ma.pg.J...;..h^....2...y.lF7.(...C.W.V.nAor.......c.....IEND.B`.

                      Chrome Cache Entry: 69

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 63 x 70, 8-bit colormap, non-interlaced
                      Category:dropped
                      Size (bytes):607
                      Entropy (8bit):7.447485705839306
                      Encrypted:false
                      SSDEEP:12:6v/7O/RS6RqdZ2m7OCYi3XSB2/pduLOIQBhusIDnzBhY8fFNkc:k/ByCYinSA/6yIQvusIn7Y8vkc
                      MD5:2CD03A547F00CAD010F9038619DF45DE
                      SHA1:912F919836A77A514C76B990ACEAF5E930A24024
                      SHA-256:C56A8AE4818963E0D71EDA4EBF46B4F2CDD3A238537DC8E99711FB690D272A73
                      SHA-512:51363C08843984803C8C4A6D638A551E8FC83F32E3470B4DC260290263910968A2BFD54E044CB1AD8411524F6FDC4DA81B80EC1B1082E68F8688A0D827A28EFA
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...?...F.....L.......sRGB.........gAMA......a.....PLTE..........................................|...o..o..o.|b..b.pV..V..W.fJ..T.c=..1..=.N9.K$..).<.....3..0.~..x...$.|...#..~..i.."..A..5..!..........gIDATx...r.0.@..Zi@l..(..@/....\ga....:}...B..dCfv.......8..eV.(.{..x.=}Q.......av...'...2.;..._y.;.s.....g.9C..C.>.G..\J}MD........_$......'..1p.W..V.......7....P}^...E.}.R..>.}*....)...->.T...8 .@.m...48...:{.V..5...........o."...1[.)..M...T.4o...~.W.....7T...p....H..p........,\..9..\Ws..../......G.G........i...MRyf.....?H...<.ETi`M.....X..t.......IEND.B`.

                      Chrome Cache Entry: 70

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 1903 x 1020, 8-bit/color RGB, non-interlaced
                      Category:dropped
                      Size (bytes):549442
                      Entropy (8bit):7.994805157826083
                      Encrypted:true
                      SSDEEP:12288:IjQ8p0xvN9qc86dWDRfhVlu9vuInKyZH6Wjvp4qZaqAG58/:Ijfp0p/8dRE9K+bp4q0KW
                      MD5:F3E18C4DA95B83AB519A72F2876019F2
                      SHA1:209F613FED2D2202E134E00081AD3C32EC5E6A25
                      SHA-256:466835EF2D6F0F0BFDDAFA405154702E36A5588F69684DD3B6642F9013EB778B
                      SHA-512:169598F9793AA478FD14E5BE8785BA583EE9D0AF6C31E64BF8C2EDD05F9F5F6D2510669C38600E90448645CA12D4EC729E7953AC6DB99BF1E3C2AE98231E234B
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...o..........b.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........6.u....zTXtRaw profile type 8bim..X...]..*....E...@0.~...k.r...so....1B.ikK.\........%.X$H.yHH...{...5.{O,.l.._....7}.p......6,O..=..].w...MA=....b.n..[...G...p[4...{.;.zL..y}....i......E1..S{^.Q...:..K.........]....7...s.t..y.O..N...#z.{.....c7.........7..............}..[`.G..%H...g....M3<.P.......}Sox....n.e.e..x.~..W.....D.].KQ.!o.V..y.j9.. ..U.u...$.?\.......)g.?...v..q...y..5./.......9.......G./......WT.="..L.zzO...'..D@.:>...H\.2$..ZOA.{...Q..Dm&[..;n.|..V.._T...K...........p....]8..a..|3......v.L.K.'..._.c.V...C.-....l.........^.e..\.{.....I...aQ...M..d......o."..l@.M='W..6,..z....?.~V..<0..].<.....l!..S^q[',..' ...L..G....O._....B'e.By..tq?..K....C....r..rg.U.w%.t.)y].X........P..~.Y.^.\i.Q.h..)..L.I.L.h.x.I..[.X....a......[.c..b`\q|T..>.1.C.g...tl.c.....Y.......o.....:.I.=......]p)..y..k.l...W...PP.1.+R..

                      Chrome Cache Entry: 71

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:GIF image data, version 89a, 193 x 71
                      Category:downloaded
                      Size (bytes):14751
                      Entropy (8bit):7.927919850442063
                      Encrypted:false
                      SSDEEP:384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
                      MD5:6FCB78E0CD7933A70EEA2CF071F82118
                      SHA1:70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
                      SHA-256:4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
                      SHA-512:AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/re.gif
                      Preview:GIF89a..G............d....;.........z..|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../...*..!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i*..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....|..!.n....H[.8L:.P...Z.

                      Chrome Cache Entry: 72

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 42 x 702, 8-bit grayscale, non-interlaced
                      Category:dropped
                      Size (bytes):5377
                      Entropy (8bit):7.9053255966673515
                      Encrypted:false
                      SSDEEP:96:aLE4XxbDpcNPI1PtiJxmgX4XsRDKUiAS7zZfD61iGsr1UO2SpAdz:ao4XxegiJ/RWUIH8wbr1UO2x
                      MD5:51147EB9734C3C0CAF22AA77A80D96F0
                      SHA1:DC33807CD0C0C35BB98D8E23EFE2D625137A43F5
                      SHA-256:92D8510869B3D581401A93130FA72E4B54C5BF28DC8005994C5248D9AFBFC37B
                      SHA-512:4DBF85245CF6A9EC4274E58A872DA91E8EBA3966A48950981D3D5C85C4E2CDA00FC918C1214ED7EB70AF37E13227BDD495B22E723FEF7EC53FEA4C5BB37F830A
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...*.................sRGB.........IDATx..=v.X..c..Bb..-....%...1....F..I....T.%.......').5?...;F<Hx ..fz.>E.:Y.,....E....(..U........fP..P...@....A...a `0......`JU...@.... .!i.I.D..S(I.0.....0..#@PM.fP3..4DM....d..`...I...Z.@.B..:..J.4..F3.O@.j.....d.0...B..@...3......~.V7.)..T..T..E6.6j..~..$.@...$.....&e.....(._.%....>F.ui.O1.RA.F%j..w.&.5..TU...U......$...l......a......0..T3.jTU.....9.O..#..J.5../..k......TP.0X.K.......$...h$H.(.._0l../..d.G...=..Y.|..`.F}..4B..5`P.../.....%.6.=4.?....6....l....o...T#.3....w...n7......v.gU.B...J....Y...b....xm..s....)HEC....Z.FZ...}....T@.L..J@H#..@.....j.a.hCmH.L.2H.j.A.v.......*.....a.|..fT.....T.Y.j..m..m..i.$(..H..d....`h<.a...b...k(.....c_UU..T.xH.L.>S.."..^!.......a.G.t(.....1..d.x&..P.1;......^5x)..>.e...7.#.P5...6q..U........Ii`.........RD.O......P.&..0`.x.2.B.......,.G.3H.nah..[B.3..4I.U......^nI..h....k..K...S.5..36 j.l.UbaW.....&..gy.-..u....d..-hS..%6j@CE...1.......phe.QA.A.q.T..x%FX..

                      Chrome Cache Entry: 73

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with CRLF line terminators
                      Category:downloaded
                      Size (bytes):1358
                      Entropy (8bit):4.717392968695026
                      Encrypted:false
                      SSDEEP:24:SNWd8mpIpM8YuQI8cx8Iwopl8HoWe8HohN8HouBh8HocQKHhKVaL1UbBkV59BLF4:SNWd8WcC+dpHW4hfupcQKcVi1UbBmzv4
                      MD5:DA6AACC1CA8EAA4902D9FEE5C9C984B7
                      SHA1:A06F41817583CE6182DD7121460C0BD16EA8B088
                      SHA-256:989120D05B8F3D703FD6E63B49B94845D7E038D536DD27723619E1F00623683F
                      SHA-512:F6DD131520E31356B9A722D091FBEDCDE35FC0978A05B505ACF132429DC689A56EF49CC93729F1220B034B6F24CE26BC47DE12237CCB03D64352C885B85DF4CF
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/js/main.js
                      Preview:.. $(document).ready(function() {.. $("#chat-box").delay(1000).fadeIn(100);..});.... $(document).ready(function () {.. $("#mycanvas").click(function () {.. $("#welcomeDiv").show();.. });.. });......$(document).ready(function() {.. var audioElement = document.createElement('audio');.. audioElement.setAttribute('src', '_Fm7-alert.mp3');.. .. audioElement.addEventListener('ended', function() {.. this.play();.. }, false);.. .. .. $('.map').click(function() {.. audioElement.play();.. .. });.... $('.black').click(function() {.. audioElement.play();.. .. });.. .... $('#footer').click(function() {.. audioElement.play();.. .. });.... $('#poptxt').click(function() {.. audioElement.play();.. .. });.. .. .. .. .. ..});....$("#footer").fadeIn('slow')...css({top: '75%', position: 'absolute'})...animate({top: '92%'}, 80, function() {

                      Chrome Cache Entry: 74

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):386359
                      Entropy (8bit):7.918825986924844
                      Encrypted:false
                      SSDEEP:6144:NA4ofIJI3N5DUXeDZyvPUeNf4N7CPKGfMZM2ZIc6zN3Nl6aF9YfUtuQ/iKgQbN:NDCx3jguDZynO7CPKGkZM2n6Dl6yYG7J
                      MD5:BE42AD7752720327D28BF52DBDBB64C2
                      SHA1:F4CCE31B9236319AA9C87FEE038638D1DE12C07D
                      SHA-256:C3AD6AA1C03FD108854F008CFEC2753BA623E1470A4D61798B5D8C050E474868
                      SHA-512:AFD543CC2D26243B5AC4EECCB90BAD2149A18713F7F904265337203B9D67D9E47ADAD554AE2A049C2D80D48D095048F091C40AE974621062F786B81821783AE0
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/cross.png
                      Preview:.PNG........IHDR... ... ......V......pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

                      Chrome Cache Entry: 75

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:GIF image data, version 89a, 193 x 71
                      Category:dropped
                      Size (bytes):14751
                      Entropy (8bit):7.927919850442063
                      Encrypted:false
                      SSDEEP:384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
                      MD5:6FCB78E0CD7933A70EEA2CF071F82118
                      SHA1:70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
                      SHA-256:4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
                      SHA-512:AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
                      Malicious:false
                      Reputation:low
                      Preview:GIF89a..G............d....;.........z..|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../...*..!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i*..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....|..!.n....H[.8L:.P...Z.

                      Chrome Cache Entry: 76

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 27 x 28, 8-bit colormap, non-interlaced
                      Category:dropped
                      Size (bytes):1162
                      Entropy (8bit):7.723808800061788
                      Encrypted:false
                      SSDEEP:24:dpNeMBuYZOmwwtJweyghnv6TxsJhbNyLLiSQ7Dcx8kiffy:dXJQHmwe6TxsncuSyjkiffy
                      MD5:35629CC2ADC804353A548305F1217206
                      SHA1:CDA6E89C5F6A644683AEA6999A5D11E00DC64275
                      SHA-256:C1D52E31F7FC13CBB3EFCA8B0EC937DDD97A5EC545C4DAD26193429DB10D8662
                      SHA-512:EF05981D640985C67612B881F3EE426818589499EFB8B7F695A57D4C53634B22A097B47311673C105EF414A6062086761967EBFC638FE6131046D767689DEE03
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...............4.....sRGB.........gAMA......a.....PLTE.........................................................................................................................................................................................................................................................................................}....|.............r.~...............k.w...d.r...`.o`.n......[.j......N.^...E.VD.U...A.R...@.Q|||_.f9.K8.Jyyy6.H7.Httt<.Jrrrpppooo*.=mmm&.98.Fkkkjjj#.7!.5".5=.Ihhh..2gggfff<.Heee../..1../..+..*..*```..&..$]]]..#\\\@nH.. ..,ZZZ......YYYXXXWWW..................UUU......AZFPPPMMMLLLEOGIII@HBCCCBBBAAA???777666555444333111---+++***(((%'%&&&....................'9....IDATx.c`.( m.W..X.b/..#b].5y.C.t..".....M.?%....,....(!F...&[.c3.y!<....~"0..+.Wj..J.....A9.7..1dg`.6...eS....&w.zO..4.h.y............MK.u...o(@L..n..S....q.A.10..G.#...4T9.....P....rB!W#.X8......d..1..]NRv...=...SJ...3......_.a....= rr9..A.v.=.R;'9@.O

                      Chrome Cache Entry: 77

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced
                      Category:dropped
                      Size (bytes):1045
                      Entropy (8bit):6.248239976068452
                      Encrypted:false
                      SSDEEP:24:A1h6A1aWwjx82lY2T3PQVvmdN2yJ3V5L75Gs5eq46col:e11LNn2bQpEbJ3fH5ThOol
                      MD5:BF2B460590FBB9D8E9611A6E9006B816
                      SHA1:561E1DAB259D61E798B3CE380527B71B61074FF3
                      SHA-256:EE4BC5FE81FA7C1E8497D79C9C8A96485DF217092D334E9B48FA8840FED11D03
                      SHA-512:ACC9773B532BFF6A1284B78324D9BD51117A6EBFC0C549224BA4B703540DE8869AB1EFF1CCE8CC4FCA00C5B4F47D34FC27FAB27246873326CEE49D2DD5E877C0
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR.../..........{@.....tEXtSoftware.Adobe ImageReadyq.e<...#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:2413D6EDFC2911EA865EEF9650A38354" xmpMM:DocumentID="xmp.did:2413D6EEFC2911EA865EEF9650A38354"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2413D6EBFC2911EA865EEF9650A38354" stRef:documentID="xmp.did:2413D6ECFC2911EA865EEF9650A38354"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.....0......b..".#............N$..B2.U..inw.8p.^g......i......e...x.......<x......J.........[.._....C..

                      Chrome Cache Entry: 78

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:assembler source, ASCII text, with very long lines (1266)
                      Category:downloaded
                      Size (bytes):8998
                      Entropy (8bit):5.073503499348402
                      Encrypted:false
                      SSDEEP:192:MsW6dQjSpBjOnVX/tDSIZG43JPxDgXhCvl3RQ29Pibt04gxNgS0IOLh:MQqjujSX/5SIZV3JPJnvRvdxaLF
                      MD5:6EF2560453A7B6BFF8EA7EC4265A9816
                      SHA1:1ED7044A0579BB751B10BA7353A36E9D208C659E
                      SHA-256:A072681FF11D60E33EB625E1D75E828542F80C9362D905C3EB9626063E27B4CC
                      SHA-512:9F5F4680B6B344291F675C0E164CE20BF1626CA5B6FB84681CACD439EA8FA1DC02C0E9D9DA1DE09090DF3346E29460FAA71BA5557639B1CAF0829C34BD99AD50
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/css/styles.css
                      Preview:body {. background: #fff;. -webkit-user-select: none;.-ms-user-select: none;.user-select: none;. /*. background: url('bg.png');. background-repeat: no-repeat;. background-size: cover;. */.font-family: "Calibri", sans-serif;. overflow-y: hidden;. overflow-x: hidden;. }. .top {. padding-left: 10px;.. }..progress {.. width: 250px;..background: #d1d1d1;. height: 04px;..}...progress .progress__bar {. height: 100%;. width: 0%;. border-radius: 2px;. background-color: #3182be;. animation: fill-bar 6s 1;.}..@keyframes fill-bar {. from {width: 0%;}. to {width: 100%;}..}..textc {. color: grey;. font-size: 13px;.}..flex {. display: flex;.}..button {.background: #cccccc;.color: #000;.padding: 6px 32px;.text-align: center;.text-decoration: none;.display: inline-block;.font-size: 13px;.margin: 4px 2px;.cursor: pointer;.font-weight:350;..}.. .centerright img {. max-width: 100%;.}..centerright ul {. padding: 0;. list-style-type: none;.}..centerright ul {. columns: 3;.}..cente

                      Chrome Cache Entry: 79

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 66 x 68, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):542
                      Entropy (8bit):7.418889610906542
                      Encrypted:false
                      SSDEEP:12:6v/7mWM/pflYMfu+trSAY6azsD0I3PIeIexo841+kSfLI5Hn+EJnx:eMGOuAYHsD/3PIeIexo/okXeEb
                      MD5:0E9558D2D6E8000CE5C6C749C8FC67C2
                      SHA1:F7BA9490807EF70BB6195150D6287CD54B7FEFD0
                      SHA-256:91FB42A68A122344FD78CFD5F0CF9D06FF6D307FD4A5C68F40231C5950ECE9A1
                      SHA-512:C9EAA2F8FCADC41379CB22A7DFD3CDBE2AF35C14E38E6F328A78A38746BEF3902832E0DBB89E7A918F026A9768B520CDB1764113D130443C373ED97F2638FFC2
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/kxFy-clip.png
                      Preview:.PNG........IHDR...B...D.............sRGB.........gAMA......a....3PLTE................|..o..b..V..J..=..1..$......~..x..x......IDATx.... .E.E.y....Y.h[..vM.b..S..!i....u.Q}.P. ........}.eN...&.(.w...L..`.>.......e\:.. ...Z.Y../.....&...Q.O..'W.Q}.mQ...e..S..S.{...&r.p..0..6C$o..:...E..t...x...O....b..*.o .../U...Z=...D.t...$'.....E.<...@.'.+..@.c.|b..|.8.A........)?./.A...XdXA;V.3.N..b-...v.<g*......oS...?......8.:.I....0.P.E.%....Az.t(...|".l...}I...>......Y..fEe..U...T..!&.p.Uz...Wr..4M......5['.}..D....IEND.B`.

                      Chrome Cache Entry: 80

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 77 x 72, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):813
                      Entropy (8bit):7.634265238983043
                      Encrypted:false
                      SSDEEP:24:h00pTjSMySX+80rKccuDFg9QaHIUv6NtSMRNCYtcaW:h00+e/8K/2eQaHIDzTW5
                      MD5:D648C1837D01495ECCD63E053491F72A
                      SHA1:991D8F6C72777239472410D6129FD5F25ED9D134
                      SHA-256:9EDBF56B360080F5D6765DCE77353B8130E9F8316AD34C68F6C2792CDC446321
                      SHA-512:522F6CC26722C7335CF574716FF3EF4C9040FEFD6F8F065F49F05D235D077B1980858824A6FF1C98710DB35511525D37FD350822FF412F38420317E82BD305A2
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/s-S4-acc.png
                      Preview:.PNG........IHDR...M...H........1....sRGB.........gAMA......a.....PLTE............................................|...o..o.|b..e..b.pV..W.fJ..T.c=..1..=.N5..9.K$..).<.....3..0.~..x..z...$.|..}..~...i..B..U..5..!....._..../IDATx..mW.0.....RCr.+Q.....[.....p.N..o......>)B'.tR.Mb.8..j..f..R...+...V2...r.z.`...NX.\.c....e........Fev.8|<..1..A..v.E..!.&..|........n.T..(....q.<.b.[U[......MmAjq.S.........>.g..l2.q..H.wZ-..#...O..3!.E.r...wg.C./wS......O...O.k=....u`=}.J.B[..z.......,cI..h*../.(5.{ ....i...LB.k.W.4....fr.....,..G+...#.na.H.F..m.0t...1c.^.........q?@.?... K...q...!4n..b..FZ...!L..AC.(v...+X&K....[w.&L..0...b]..`b...x...D....H=.....>..i..[...wK.R..g.....r..R....6.p...1}.j.6......\.G..p..i$.........h...L..v.A.....#2JI...,!...b..osk.....q....IEND.B`.

                      Chrome Cache Entry: 81

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=39, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=180], baseline, precision 8, 180x39, components 3
                      Category:downloaded
                      Size (bytes):17173
                      Entropy (8bit):6.662336090490458
                      Encrypted:false
                      SSDEEP:192:ZjA6YNMtKwZPJrQy4luZBYNMtKwZPvRknP1tRQpw5v:ZdYNg7517i6YNg75vqnPzzN
                      MD5:4BF52EB9B3EFCE840ADD1A90D83A40E5
                      SHA1:6348A7617DFCE3165E07AF53A48DF7892D62FFE1
                      SHA-256:A85F1E749A829C5C909837844C6B53CE0A9AE2ADB7C8EAC0E7B96C372C679A0D
                      SHA-512:5EA12290BA3A6F3EFC59B91A594E8C5C652FE21E035AF851BF81ED40FE1C7D226A1DCD4A159E0D8207881AF3F65F4E20DE76E623BFDD5F4A663F479E414EE977
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/minimize.jpg
                      Preview:......Exif..II*...........................'...........................................................................(...........1...........2...........i........... ..............'.......'..Adobe Photoshop CS6 (Windows).2023:02:24 11:53:28.............0221................................'...............................n...........v...(...................~...................H.......H............XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

                      Chrome Cache Entry: 82

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 63 x 70, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):607
                      Entropy (8bit):7.447485705839306
                      Encrypted:false
                      SSDEEP:12:6v/7O/RS6RqdZ2m7OCYi3XSB2/pduLOIQBhusIDnzBhY8fFNkc:k/ByCYinSA/6yIQvusIn7Y8vkc
                      MD5:2CD03A547F00CAD010F9038619DF45DE
                      SHA1:912F919836A77A514C76B990ACEAF5E930A24024
                      SHA-256:C56A8AE4818963E0D71EDA4EBF46B4F2CDD3A238537DC8E99711FB690D272A73
                      SHA-512:51363C08843984803C8C4A6D638A551E8FC83F32E3470B4DC260290263910968A2BFD54E044CB1AD8411524F6FDC4DA81B80EC1B1082E68F8688A0D827A28EFA
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/Z5BR-network.png
                      Preview:.PNG........IHDR...?...F.....L.......sRGB.........gAMA......a.....PLTE..........................................|...o..o..o.|b..b.pV..V..W.fJ..T.c=..1..=.N9.K$..).<.....3..0.~..x...$.|...#..~..i.."..A..5..!..........gIDATx...r.0.@..Zi@l..(..@/....\ga....:}...B..dCfv.......8..eV.(.{..x.=}Q.......av...'...2.;..._y.;.s.....g.9C..C.>.G..\J}MD........_$......'..1p.W..V.......7....P}^...E.}.R..>.}*....)...->.T...8 .@.m...48...:{.V..5...........o."...1[.)..M...T.4o...~.W.....7T...p....H..p........,\..9..\Ws..../......G.G........i...MRyf.....?H...<.ETi`M.....X..t.......IEND.B`.

                      Chrome Cache Entry: 83

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with no line terminators
                      Category:downloaded
                      Size (bytes):133
                      Entropy (8bit):5.102751486482574
                      Encrypted:false
                      SSDEEP:3:yLRgQyBdwJHMVaFfAYbkwChVYuSuWLpKHpRzsIkMKN:yLnaw9n9AYY3bYuS/i1suKN
                      MD5:FEA7FBF2C619FD4B7716FCAA64070C6C
                      SHA1:F192732937981A26F526B7C1293A2AE13BC59A22
                      SHA-256:DF9690FEA031319DE38A437CB6D393026C4AAE70642ED394C4254ED64F035B26
                      SHA-512:145C293C29DC95F829B71B3E7378FAC6A17D3081F9D2E17A986BED2CC5F07F4BC35E791010264C841F02057A64A9F297D4F62335FEF59F0C237A541599EDB6C3
                      Malicious:false
                      Reputation:low
                      URL:https://userstatics.com/get/script.js?referrer=https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074
                      Preview:document.querySelectorAll("script").forEach(e=>{new RegExp(atob("dXNlcnN0YXRpY3MuY29t")).test(e.src)&&document.body.removeChild(e)});

                      Chrome Cache Entry: 84

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 77 x 63, 8-bit colormap, non-interlaced
                      Category:dropped
                      Size (bytes):920
                      Entropy (8bit):7.724066066811572
                      Encrypted:false
                      SSDEEP:12:6v/7mB/l0/J6RqecpVWT8b+KOKdshUh+fawoZ0fIJJXTSpB9rXMnhiXy1wps22h:RLO5XWT8ahKdshUhgpuZTuB9rgiICw
                      MD5:B0495EDE4C875843FEC037C794E9FF9A
                      SHA1:C813AEFBA255A5CC53AEA7811F987CCB551C3128
                      SHA-256:52B762D47C066E16300675D56CC359B504FFD3239438C96EB973864311BB7B79
                      SHA-512:41C4F6A27BA85162C03B80AFB29CCE78F4F6BCED74D1249D4E8DECD53E9D9B52230CBC8321F7B579ED30C0285F75B9EECB14724D55DC2F4D4906BFDB2C2B75C3
                      Malicious:false
                      Reputation:low
                      Preview:.PNG........IHDR...M...?......=.H....sRGB.........gAMA......a.....PLTE..........................................|......o..o.|b..b.pV..W.fJ..T.c=..D..1..=.N9.K$..(..).<........3..0.~..x..z...$.|...7..i..U..6..!....<......IDATx..m..@...*I.R.Ff..;......p...?....:{...o....7.......(..k.B..`BdCZ..cp.Tz..E.....q.6.\._)Q....._.)..q....}....r.B.|.q<.ZR,...v....:K.....e#.A/.o....p..]...j-..mu.p8....h\...>.....7!. u...JR.....V.N..Y..^a0..K5..... ......;p'!..'.R....Rx.L>....t-.......)....&%X.8.I......}.VZ....4..2`.=.n..6(.6..cpl.l.82..H[X.=..VH.e.c..r..Eom.Lm.+..F.r=..h..jn\l.-..../?e-.g.&..c...........9kB...].4..U....AK..::%3h........}..Tsw....P..+.M.vZ....d.....*..q'w.,t..a.~.<..:i;..$.O.O..4.Phig.F..=.......,.._..]....O~...+l.../y........I..,..........,..m.<9k/w...~..g:../.@...n.m#;...b..k..zD.....+.4..[..i"ma.pg.J...;..h^....2...y.lF7.(...C.W.V.nAor.......c.....IEND.B`.

                      Chrome Cache Entry: 85

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:ASCII text, with very long lines (59765)
                      Category:downloaded
                      Size (bytes):60044
                      Entropy (8bit):5.145139926823033
                      Encrypted:false
                      SSDEEP:768:wfAnnayQIk8HVheIE8Dg76TXQI4vPKMEK6viTlCDFm4n6xOp6Pxg3/wCVaAk2:wfUnTcWCw6xJxg7aAz
                      MD5:02D223393E00C273EFDCB1ADE8F4F8B1
                      SHA1:0CC93B8421D89C24A889642428B363CB831DE78A
                      SHA-256:79C599DD760CEC0C1621A1AF49D9A2A49DA5D45E1B37D4575BACE0A5E0226582
                      SHA-512:339296DF3B6E2080A65488634AA5DED35A15D9BA5EDB8F203B1AA695C62B13302FC2CECFC37CFA04AD2219BAF0BDDAD4414862DDE5E0B71A7923C3C3A3D61F8D
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/js/bootstrap.min.js
                      Preview:/*!. * Bootstrap v4.5.2 (https://getbootstrap.com/). * Copyright 2011-2020 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t="undefined"!=typeof globalThis?globalThis:t||self).bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function o(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function s(){return(s=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&Objec

                      Chrome Cache Entry: 86

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 42 x 702, 8-bit grayscale, non-interlaced
                      Category:downloaded
                      Size (bytes):5377
                      Entropy (8bit):7.9053255966673515
                      Encrypted:false
                      SSDEEP:96:aLE4XxbDpcNPI1PtiJxmgX4XsRDKUiAS7zZfD61iGsr1UO2SpAdz:ao4XxegiJ/RWUIH8wbr1UO2x
                      MD5:51147EB9734C3C0CAF22AA77A80D96F0
                      SHA1:DC33807CD0C0C35BB98D8E23EFE2D625137A43F5
                      SHA-256:92D8510869B3D581401A93130FA72E4B54C5BF28DC8005994C5248D9AFBFC37B
                      SHA-512:4DBF85245CF6A9EC4274E58A872DA91E8EBA3966A48950981D3D5C85C4E2CDA00FC918C1214ED7EB70AF37E13227BDD495B22E723FEF7EC53FEA4C5BB37F830A
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/uZbx-si.png
                      Preview:.PNG........IHDR...*.................sRGB.........IDATx..=v.X..c..Bb..-....%...1....F..I....T.%.......').5?...;F<Hx ..fz.>E.:Y.,....E....(..U........fP..P...@....A...a `0......`JU...@.... .!i.I.D..S(I.0.....0..#@PM.fP3..4DM....d..`...I...Z.@.B..:..J.4..F3.O@.j.....d.0...B..@...3......~.V7.)..T..T..E6.6j..~..$.@...$.....&e.....(._.%....>F.ui.O1.RA.F%j..w.&.5..TU...U......$...l......a......0..T3.jTU.....9.O..#..J.5../..k......TP.0X.K.......$...h$H.(.._0l../..d.G...=..Y.|..`.F}..4B..5`P.../.....%.6.=4.?....6....l....o...T#.3....w...n7......v.gU.B...J....Y...b....xm..s....)HEC....Z.FZ...}....T@.L..J@H#..@.....j.a.hCmH.L.2H.j.A.v.......*.....a.|..fT.....T.Y.j..m..m..i.$(..H..d....`h<.a...b...k(.....c_UU..T.xH.L.>S.."..^!.......a.G.t(.....1..d.x&..P.1;......^5x)..>.e...7.#.P5...6q..U........Ii`.........RD.O......P.&..0`.x.2.B.......,.G.3H.nah..[B.3..4I.U......^nI..h....k..K...S.5..36 j.l.UbaW.....&..gy.-..u....d..-hS..%6j@CE...1.......phe.QA.A.q.T..x%FX..

                      Chrome Cache Entry: 87

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced
                      Category:downloaded
                      Size (bytes):1045
                      Entropy (8bit):6.248239976068452
                      Encrypted:false
                      SSDEEP:24:A1h6A1aWwjx82lY2T3PQVvmdN2yJ3V5L75Gs5eq46col:e11LNn2bQpEbJ3fH5ThOol
                      MD5:BF2B460590FBB9D8E9611A6E9006B816
                      SHA1:561E1DAB259D61E798B3CE380527B71B61074FF3
                      SHA-256:EE4BC5FE81FA7C1E8497D79C9C8A96485DF217092D334E9B48FA8840FED11D03
                      SHA-512:ACC9773B532BFF6A1284B78324D9BD51117A6EBFC0C549224BA4B703540DE8869AB1EFF1CCE8CC4FCA00C5B4F47D34FC27FAB27246873326CEE49D2DD5E877C0
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/microsoft.png
                      Preview:.PNG........IHDR.../..........{@.....tEXtSoftware.Adobe ImageReadyq.e<...#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c148 79.164036, 2019/08/13-01:06:57 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 21.0 (Windows)" xmpMM:InstanceID="xmp.iid:2413D6EDFC2911EA865EEF9650A38354" xmpMM:DocumentID="xmp.did:2413D6EEFC2911EA865EEF9650A38354"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2413D6EBFC2911EA865EEF9650A38354" stRef:documentID="xmp.did:2413D6ECFC2911EA865EEF9650A38354"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.....0......b..".#............N$..B2.U..inw.8p.^g......i......e...x.......<x......J.........[.._....C..

                      Chrome Cache Entry: 88

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 1920 x 4340, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):462770
                      Entropy (8bit):7.96289736720607
                      Encrypted:false
                      SSDEEP:12288:DXMwroWYpUUd9hSjXrTM3RR1tTmtGOqxcBt:D8gId/sXrAP/4GOccX
                      MD5:AB996ED3B126F2B5F0C1F214B96AFE7A
                      SHA1:77223F12976D20E06058FE40040E261BD5688F39
                      SHA-256:4EAF7B7F53EA1A27A22BAE168F560D9DC78DC2E2185162BE9EE4DB59E1E1065A
                      SHA-512:821C654BC048F4AA5E0B563A91D0047EACA7F1EF2AC5C481481507F1B13EE539322B82BDFB30E23064BAB6405E3F69B2B951672EFD772535BE790D8E96D0E22D
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/bg2.jpg
                      Preview:.PNG........IHDR.............*.Wc....PLTE.........$..3..+w.H[....4n.lS.Ab....Js.&..TQ.......YK.__.......6....)...'..Yc....4......h.......a``...S.'(2......A{..................................................................yP.................-%...............bN.................................]( .j........D'..............TUV"i........................................................n..W.$.f..............CC<.......................n_R...V...e"......%..zk^...Qm..........................VnowwN5..t...yd../4>. ILMm>&.l...h....c....f.......:@P(..\F;.R..tn.}...|..P...O....l?.T...<........[A.L....xG.O&..|..a......hX[I..~a....P..t...Y(-O#Gzr}...E..bL.|.......gn......6P@s[....t..r....4J.n.?J.f...r..d....Y...6..v...R.C.QK...Gb.#...0.\9T.g.s4..W.7.b...@.M....mIDATx.....0...w.....*P#..u......f...6.........>t...................+.....3.A.3s.....W..<E.7;...4...7.z.C..... ....=..^..)D...^."=h G.".......e...UTVE....9.f.%.O....M.wS...m..

                      Chrome Cache Entry: 89

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Web Open Font Format (Version 2), TrueType, length 66624, version 4.262
                      Category:downloaded
                      Size (bytes):66624
                      Entropy (8bit):7.996443365254666
                      Encrypted:true
                      SSDEEP:1536:P7P0ehdxE792JHJ2qrz+MoCpeUtsG9eDeh9Zw+ZyqJ:PPlYw1re8Lsqh7MqJ
                      MD5:DB812D8A70A4E88E888744C1C9A27E89
                      SHA1:638C652D623280A58144F93E7B552C66D1667A11
                      SHA-256:FF82AEED6B9BB6701696C84D1B223D2E682EB78C89117A438CE6CFEA8C498995
                      SHA-512:17222F02957B3335849E3FE277B17C21C4AAF0C76CD3DA01A4CA39C035629695D29645913865B78E097066492F9CEE5618AF5159560363D2723BED7C3B9CF2A8
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/fonts/fontawesome-webfont.woff2
                      Preview:wOF2.......@......*.............................?FFTM.. .`..r........5.6.$........ ..... ?webf.[.....@...nC....t.TL...f...t....q...5....?=i.l..\.vl ..T...b.... .1.f..7.T.Q....D.;:...1.l.jv..e....n..E....k5>.d.7Q.l..Ba....u.x].......W.C....$.8.v#..y`..F..1aM.8.....w.=|'..0..T|..2/..M.%.b.. .tY$!.....5cb.....(.&.-A/mY......./y..o\........Z=.....5c.k._.n3...(W.........Nag+.....O.R.'...5...=?....m...L......:..*._V...........z+zc.1`..Q#j.../.Z0...-..F..i.b.F"2.<EE...;.."u?..........R.Z.HR..D...x.Y,.5.Tt.vb...e..YN..sFND+........1.......`.....D.(.&6baP6(.....X.6gNW.6k..9]..v......$Cf.v.v..x@..-J.`G...w..w[..A.......4.msI>....i.......p..F(2b....~H.]J.]..j....F.f-~.@......gg.B.-..Tx.%..pU.u..me....'........;...@7..t.=pN....../_.U8.....r....s...X=g....H........j..c....d._1l:1i..I..T.r..>.....v{Gb...T1*...f.-.x.-i..{..1..h...>..(..3.3..!.$.:.....j.~....:ugv.......%.....?...d..5+......fU.z...X.X.<.c%@fBHO.8.....i..G...{...[..M#.FZk."_.'.n{.

                      Chrome Cache Entry: 90

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 48 kbps, 22.05 kHz, Monaural
                      Category:downloaded
                      Size (bytes):212587
                      Entropy (8bit):7.890386224671732
                      Encrypted:false
                      SSDEEP:6144:oNKHh8qcruM2azrtohbxdxU9YaLN3GiiLZgaq:owHhTM2Rtdx8N3RiLez
                      MD5:3353517BD4961205D2DD2C695F4D84B6
                      SHA1:A1CE152D8551CA6E0473E1FCCD1D1DAF8E218D78
                      SHA-256:42FD1FC591EF25CD9206C35C28070F2328BE0BF040E887E60280368D1A492B1C
                      SHA-512:A4FFB041EF9EEF907693224CBD078F131E1B70F3BF8A9DA1E490D67A707DBE1DB3A76614DDBF3C3E5EC4C2A480A167B00D3766AC49E8955F0059281DBEEB31FC
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/media/_Fm7-alert.mp3:2f73579f4a8603:0
                      Preview:ID3......#TSSE.......Lavf58.45.100.............`...|...`Fh..~...o..,......N.@3.....q=.....WB.X.........B....\..q.......^..4J.w......%s......M.......Bs......y....G.......h.0!..z..G.........@P....b.. .N$.O@..x(bD"!.(..17..{{...^....}8..r...=.....DB..Dww......wwt..B....&....+.......D .......<\\>...?..{.....r.....v.%..k.V*...,.S...5.Fy!.......90.J...b.&(#.._.@.....Z.......t.U..T4U.w&;.?..D.y...C..(..J.....J...nC.!3.w{J.+c...^.>...HY.OJ".ww.q....F....|.L....... ,.5.Tq=}.=.....U....(...a.s............b.."....@..=.n.0.S......4..[2{R.;8CbB`....8....0PG....:....<........x.......b.}Y..{2.B..9.....$....8Gx.......{v..*.^....R.}..D@....K.'..ji.....ijL..`..$...\.Rn....cLI.A.a.....k......nmC\k.n.0.H..6....%3....r=I..5h.........M......{.........G.IF...8.k..C...S.c..AA+.........Pl.jh{....... #$....L...b..$.....J..2.:C..fCV..$.......j.....H......)%ZP....K...k.)..ps..$.:.h.&.g%D.d-...a....O.?z..a......GGM?.?V.V_R?9.Q..euo...\.-..vs.......%.W;.(....Z..b..#k......B

                      Chrome Cache Entry: 91

                      Download File
                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                      File Type:PNG image data, 27 x 28, 8-bit colormap, non-interlaced
                      Category:downloaded
                      Size (bytes):1162
                      Entropy (8bit):7.723808800061788
                      Encrypted:false
                      SSDEEP:24:dpNeMBuYZOmwwtJweyghnv6TxsJhbNyLLiSQ7Dcx8kiffy:dXJQHmwe6TxsncuSyjkiffy
                      MD5:35629CC2ADC804353A548305F1217206
                      SHA1:CDA6E89C5F6A644683AEA6999A5D11E00DC64275
                      SHA-256:C1D52E31F7FC13CBB3EFCA8B0EC937DDD97A5EC545C4DAD26193429DB10D8662
                      SHA-512:EF05981D640985C67612B881F3EE426818589499EFB8B7F695A57D4C53634B22A097B47311673C105EF414A6062086761967EBFC638FE6131046D767689DEE03
                      Malicious:false
                      Reputation:low
                      URL:https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/images/-EBq-current.png
                      Preview:.PNG........IHDR...............4.....sRGB.........gAMA......a.....PLTE.........................................................................................................................................................................................................................................................................................}....|.............r.~...............k.w...d.r...`.o`.n......[.j......N.^...E.VD.U...A.R...@.Q|||_.f9.K8.Jyyy6.H7.Httt<.Jrrrpppooo*.=mmm&.98.Fkkkjjj#.7!.5".5=.Ihhh..2gggfff<.Heee../..1../..+..*..*```..&..$]]]..#\\\@nH.. ..,ZZZ......YYYXXXWWW..................UUU......AZFPPPMMMLLLEOGIII@HBCCCBBBAAA???777666555444333111---+++***(((%'%&&&....................'9....IDATx.c`.( m.W..X.b/..#b].5y.C.t..".....M.?%....,....(!F...&[.c3.y!<....~"0..+.Wj..J.....A9.7..1dg`.6...eS....&w.zO..4.h.y............MK.u...o(@L..n..S....q.A.10..G.#...4T9.....P....rB!W#.X8......d..1..]NRv...=...SJ...3......_.a....= rr9..A.v.=.R;'9@.O

                      Static File Info

                      No static file info

                      Network Behavior

                      Network Port Distribution

                      TCP Packets

                      TimestampSource PortDest PortSource IPDest IP
                      Mar 29, 2024 01:01:02.892056942 CET49678443192.168.2.4104.46.162.224
                      Mar 29, 2024 01:01:02.923326015 CET49675443192.168.2.4173.222.162.32
                      Mar 29, 2024 01:01:10.502074003 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.502084970 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.502147913 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.502347946 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.502357006 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.799305916 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.811625957 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.811639071 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.812557936 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.812635899 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.830753088 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.830809116 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.831299067 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.831310987 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.882098913 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.926964998 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.927006006 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:10.927052975 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.931509972 CET49743443192.168.2.4207.244.126.81
                      Mar 29, 2024 01:01:10.931519032 CET44349743207.244.126.81192.168.2.4
                      Mar 29, 2024 01:01:11.911880970 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:11.911905050 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:11.912009001 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:11.912671089 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:11.912684917 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:12.134361029 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:12.134622097 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:12.134639025 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:12.135518074 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:12.135775089 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:12.415878057 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:12.415988922 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:12.471399069 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:12.471412897 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:12.518564939 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:13.665698051 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:13.665710926 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:13.665875912 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:13.667542934 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:13.667551994 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:14.021733046 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:14.021799088 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:14.698659897 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:14.698673010 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:14.698920012 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:14.741055965 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.323012114 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.368227959 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.500684977 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.500741005 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.500797987 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.500886917 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.500895023 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.500904083 CET49758443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.500909090 CET4434975823.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.537977934 CET49764443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.537998915 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.538064957 CET49764443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.538320065 CET49764443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.538330078 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.883188009 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.883280993 CET49764443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.932496071 CET49764443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.932511091 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.932813883 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:15.935877085 CET49764443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:15.980235100 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:16.233036041 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:16.233124018 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:16.234447002 CET49764443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:16.352763891 CET49764443192.168.2.423.48.10.90
                      Mar 29, 2024 01:01:16.352777004 CET4434976423.48.10.90192.168.2.4
                      Mar 29, 2024 01:01:17.062113047 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.062131882 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.062187910 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.064001083 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.064006090 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.270032883 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.316334009 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.316346884 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.317439079 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.317503929 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.323618889 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.323687077 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.325568914 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.325577021 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.367613077 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.689698935 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.689810991 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:17.689853907 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.696085930 CET49774443192.168.2.4172.67.208.186
                      Mar 29, 2024 01:01:17.696096897 CET44349774172.67.208.186192.168.2.4
                      Mar 29, 2024 01:01:22.140064001 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:22.140126944 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:22.140188932 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:22.141782999 CET49748443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:01:22.141799927 CET44349748172.253.115.99192.168.2.4
                      Mar 29, 2024 01:01:32.226907969 CET8049723162.222.105.35192.168.2.4
                      Mar 29, 2024 01:01:32.230604887 CET4972380192.168.2.4162.222.105.35
                      Mar 29, 2024 01:01:32.230604887 CET4972380192.168.2.4162.222.105.35
                      Mar 29, 2024 01:01:32.326455116 CET8049723162.222.105.35192.168.2.4
                      Mar 29, 2024 01:01:46.530343056 CET8049724162.222.105.35192.168.2.4
                      Mar 29, 2024 01:01:46.530453920 CET4972480192.168.2.4162.222.105.35
                      Mar 29, 2024 01:01:46.530493021 CET4972480192.168.2.4162.222.105.35
                      Mar 29, 2024 01:01:46.627300978 CET8049724162.222.105.35192.168.2.4
                      Mar 29, 2024 01:02:11.868869066 CET49792443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:02:11.868917942 CET44349792172.253.115.99192.168.2.4
                      Mar 29, 2024 01:02:11.869005919 CET49792443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:02:11.869227886 CET49792443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:02:11.869249105 CET44349792172.253.115.99192.168.2.4
                      Mar 29, 2024 01:02:12.085536003 CET44349792172.253.115.99192.168.2.4
                      Mar 29, 2024 01:02:12.085762978 CET49792443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:02:12.085781097 CET44349792172.253.115.99192.168.2.4
                      Mar 29, 2024 01:02:12.086071968 CET44349792172.253.115.99192.168.2.4
                      Mar 29, 2024 01:02:12.086585999 CET49792443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:02:12.086646080 CET44349792172.253.115.99192.168.2.4
                      Mar 29, 2024 01:02:12.128536940 CET49792443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:02:22.085470915 CET44349792172.253.115.99192.168.2.4
                      Mar 29, 2024 01:02:22.085531950 CET44349792172.253.115.99192.168.2.4
                      Mar 29, 2024 01:02:22.085649967 CET49792443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:02:22.291306973 CET49792443192.168.2.4172.253.115.99
                      Mar 29, 2024 01:02:22.291327953 CET44349792172.253.115.99192.168.2.4

                      UDP Packets

                      TimestampSource PortDest PortSource IPDest IP
                      Mar 29, 2024 01:01:07.894916058 CET53546671.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:07.937799931 CET53587851.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:08.551882029 CET53642111.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:10.387808084 CET5874453192.168.2.41.1.1.1
                      Mar 29, 2024 01:01:10.387952089 CET5406653192.168.2.41.1.1.1
                      Mar 29, 2024 01:01:10.498843908 CET53587441.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:10.501512051 CET53540661.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:11.813549995 CET5184953192.168.2.41.1.1.1
                      Mar 29, 2024 01:01:11.814048052 CET5809353192.168.2.41.1.1.1
                      Mar 29, 2024 01:01:11.909035921 CET53518491.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:11.909169912 CET53580931.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:16.960613966 CET5821053192.168.2.41.1.1.1
                      Mar 29, 2024 01:01:16.960922003 CET6130553192.168.2.41.1.1.1
                      Mar 29, 2024 01:01:17.059377909 CET53582101.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:17.059758902 CET53613051.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:25.612701893 CET53626591.1.1.1192.168.2.4
                      Mar 29, 2024 01:01:33.426906109 CET138138192.168.2.4192.168.2.255
                      Mar 29, 2024 01:01:46.170655012 CET53498481.1.1.1192.168.2.4
                      Mar 29, 2024 01:02:07.279717922 CET53609071.1.1.1192.168.2.4
                      Mar 29, 2024 01:02:09.077733994 CET53589251.1.1.1192.168.2.4
                      Mar 29, 2024 01:02:35.293977022 CET53593491.1.1.1192.168.2.4

                      DNS Queries

                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                      Mar 29, 2024 01:01:10.387808084 CET192.168.2.41.1.1.10xd387Standard query (0)m03lm.rdtk.ioA (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:10.387952089 CET192.168.2.41.1.1.10x2296Standard query (0)m03lm.rdtk.io65IN (0x0001)false
                      Mar 29, 2024 01:01:11.813549995 CET192.168.2.41.1.1.10x1b25Standard query (0)www.google.comA (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:11.814048052 CET192.168.2.41.1.1.10x6dbcStandard query (0)www.google.com65IN (0x0001)false
                      Mar 29, 2024 01:01:16.960613966 CET192.168.2.41.1.1.10xa49eStandard query (0)userstatics.comA (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:16.960922003 CET192.168.2.41.1.1.10x8888Standard query (0)userstatics.com65IN (0x0001)false

                      DNS Answers

                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                      Mar 29, 2024 01:01:10.498843908 CET1.1.1.1192.168.2.40xd387No error (0)m03lm.rdtk.iowdc.rdtk.ioCNAME (Canonical name)IN (0x0001)false
                      Mar 29, 2024 01:01:10.498843908 CET1.1.1.1192.168.2.40xd387No error (0)wdc.rdtk.io207.244.126.81A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:10.501512051 CET1.1.1.1192.168.2.40x2296No error (0)m03lm.rdtk.iowdc.rdtk.ioCNAME (Canonical name)IN (0x0001)false
                      Mar 29, 2024 01:01:11.909035921 CET1.1.1.1192.168.2.40x1b25No error (0)www.google.com172.253.115.99A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:11.909035921 CET1.1.1.1192.168.2.40x1b25No error (0)www.google.com172.253.115.104A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:11.909035921 CET1.1.1.1192.168.2.40x1b25No error (0)www.google.com172.253.115.147A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:11.909035921 CET1.1.1.1192.168.2.40x1b25No error (0)www.google.com172.253.115.105A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:11.909035921 CET1.1.1.1192.168.2.40x1b25No error (0)www.google.com172.253.115.103A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:11.909035921 CET1.1.1.1192.168.2.40x1b25No error (0)www.google.com172.253.115.106A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:11.909169912 CET1.1.1.1192.168.2.40x6dbcNo error (0)www.google.com65IN (0x0001)false
                      Mar 29, 2024 01:01:17.059377909 CET1.1.1.1192.168.2.40xa49eNo error (0)userstatics.com172.67.208.186A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:17.059377909 CET1.1.1.1192.168.2.40xa49eNo error (0)userstatics.com104.21.53.38A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:17.059758902 CET1.1.1.1192.168.2.40x8888No error (0)userstatics.com65IN (0x0001)false
                      Mar 29, 2024 01:01:26.372473955 CET1.1.1.1192.168.2.40x89a0No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com162.222.105.20A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:26.372473955 CET1.1.1.1192.168.2.40x89a0No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com162.222.105.37A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:26.372473955 CET1.1.1.1192.168.2.40x89a0No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com162.222.105.23A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:26.372473955 CET1.1.1.1192.168.2.40x89a0No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com162.222.105.40A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:26.372473955 CET1.1.1.1192.168.2.40x89a0No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com162.222.105.34A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:26.372473955 CET1.1.1.1192.168.2.40x89a0No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com162.222.105.22A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:26.372473955 CET1.1.1.1192.168.2.40x89a0No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com162.222.105.19A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:26.372473955 CET1.1.1.1192.168.2.40x89a0No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com162.222.105.36A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:26.704293013 CET1.1.1.1192.168.2.40x91aeNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 29, 2024 01:01:26.704293013 CET1.1.1.1192.168.2.40x91aeNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:01:42.354882956 CET1.1.1.1192.168.2.40x471eNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 29, 2024 01:01:42.354882956 CET1.1.1.1192.168.2.40x471eNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:02:01.412101984 CET1.1.1.1192.168.2.40x8b0aNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 29, 2024 01:02:01.412101984 CET1.1.1.1192.168.2.40x8b0aNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                      Mar 29, 2024 01:02:20.589663982 CET1.1.1.1192.168.2.40xf9f5No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                      Mar 29, 2024 01:02:20.589663982 CET1.1.1.1192.168.2.40xf9f5No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                      HTTP Request Dependency Graph

                      • https:
                        • m03lm.rdtk.io
                        • userstatics.com
                      • fs.microsoft.com

                      HTTPS Proxied Packets

                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      0192.168.2.449743207.244.126.814431804C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-29 00:01:10 UTC629OUTGET /postback?format=img&sum={replace} HTTP/1.1
                      Host: m03lm.rdtk.io
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: image
                      Referer: https://oom21-secondary.z1.web.core.windows.net/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-29 00:01:10 UTC158INHTTP/1.1 400 Bad Request
                      Server: nginx/1.20.2
                      Date: Fri, 29 Mar 2024 00:01:10 GMT
                      Content-Type: application/json
                      Content-Length: 73
                      Connection: close
                      2024-03-29 00:01:10 UTC73INData Raw: 7b 22 73 74 61 74 75 73 22 3a 30 2c 22 6d 65 73 73 61 67 65 22 3a 22 69 6e 76 61 6c 69 64 20 61 74 74 72 69 62 75 74 69 6f 6e 20 70 61 72 61 6d 65 74 65 72 73 3a 20 76 61 6c 69 64 61 74 69 6f 6e 20 65 72 72 6f 72 22 7d
                      Data Ascii: {"status":0,"message":"invalid attribution parameters: validation error"}


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      1192.168.2.44975823.48.10.90443
                      TimestampBytes transferredDirectionData
                      2024-03-29 00:01:15 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                      Connection: Keep-Alive
                      Accept: */*
                      Accept-Encoding: identity
                      User-Agent: Microsoft BITS/7.8
                      Host: fs.microsoft.com
                      2024-03-29 00:01:15 UTC468INHTTP/1.1 200 OK
                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                      Content-Type: application/octet-stream
                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                      Server: ECAcc (chd/073D)
                      X-CID: 11
                      X-Ms-ApiVersion: Distribute 1.2
                      X-Ms-Region: prod-eus2-z1
                      Cache-Control: public, max-age=198112
                      Date: Fri, 29 Mar 2024 00:01:15 GMT
                      Connection: close
                      X-CID: 2


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      2192.168.2.44976423.48.10.90443
                      TimestampBytes transferredDirectionData
                      2024-03-29 00:01:15 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                      Connection: Keep-Alive
                      Accept: */*
                      Accept-Encoding: identity
                      If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                      Range: bytes=0-2147483646
                      User-Agent: Microsoft BITS/7.8
                      Host: fs.microsoft.com
                      2024-03-29 00:01:16 UTC774INHTTP/1.1 200 OK
                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                      ApiVersion: Distribute 1.1
                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                      X-CID: 7
                      X-CCC: US
                      X-Azure-Ref-OriginShield: Ref A: 8BFC17DD061B46CAAD2B2AEB7B19C3D8 Ref B: CH1AA2040901011 Ref C: 2023-07-21T06:04:00Z
                      X-MSEdge-Ref: Ref A: 1421F39FA7224BE199CC2F2C3DD24574 Ref B: CHI30EDGE0415 Ref C: 2023-07-21T06:04:00Z
                      Content-Type: application/octet-stream
                      X-Azure-Ref: 0DMGnYgAAAACXaXykPZuVRq4aV6pCkeO8U0pDRURHRTAzMTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                      Cache-Control: public, max-age=198153
                      Date: Fri, 29 Mar 2024 00:01:16 GMT
                      Content-Length: 55
                      Connection: close
                      X-CID: 2
                      2024-03-29 00:01:16 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                      Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                      3192.168.2.449774172.67.208.1864431804C:\Program Files\Google\Chrome\Application\chrome.exe
                      TimestampBytes transferredDirectionData
                      2024-03-29 00:01:17 UTC648OUTGET /get/script.js?referrer=https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074 HTTP/1.1
                      Host: userstatics.com
                      Connection: keep-alive
                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                      sec-ch-ua-mobile: ?0
                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      Accept: */*
                      Sec-Fetch-Site: cross-site
                      Sec-Fetch-Mode: no-cors
                      Sec-Fetch-Dest: script
                      Referer: https://oom21-secondary.z1.web.core.windows.net/
                      Accept-Encoding: gzip, deflate, br
                      Accept-Language: en-US,en;q=0.9
                      2024-03-29 00:01:17 UTC821INHTTP/1.1 200 OK
                      Date: Fri, 29 Mar 2024 00:01:17 GMT
                      Content-Type: text/html; charset=utf-8
                      Transfer-Encoding: chunked
                      Connection: close
                      X-Powered-By: PHP/8.2.1
                      Access-Control-Allow-Origin: https://oom21-secondary.z1.web.core.windows.net
                      Access-Control-Allow-Methods: GET, POST
                      Access-Control-Allow-Headers: X-Requested-With,content-type
                      Access-Control-Allow-Credentials: true
                      CF-Cache-Status: DYNAMIC
                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WMcInt4XeMli%2FVb0wjkHaDKlZzZk04SZ0kPGSbmNgPKJrkm02Pj9Qtfd%2B9xmGzff3fGhoxf54Nw0P2EFQ0tAYpBmo94v53H%2FfDvNxgP0b784RDib8x%2FwvDssDYsxKtiEpC0%3D"}],"group":"cf-nel","max_age":604800}
                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                      Server: cloudflare
                      CF-RAY: 86bb95a40d51580f-IAD
                      alt-svc: h3=":443"; ma=86400
                      2024-03-29 00:01:17 UTC139INData Raw: 38 35 0d 0a 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 73 63 72 69 70 74 22 29 2e 66 6f 72 45 61 63 68 28 65 3d 3e 7b 6e 65 77 20 52 65 67 45 78 70 28 61 74 6f 62 28 22 64 58 4e 6c 63 6e 4e 30 59 58 52 70 59 33 4d 75 59 32 39 74 22 29 29 2e 74 65 73 74 28 65 2e 73 72 63 29 26 26 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 65 29 7d 29 3b 0d 0a
                      Data Ascii: 85document.querySelectorAll("script").forEach(e=>{new RegExp(atob("dXNlcnN0YXRpY3MuY29t")).test(e.src)&&document.body.removeChild(e)});
                      2024-03-29 00:01:17 UTC5INData Raw: 30 0d 0a 0d 0a
                      Data Ascii: 0


                      Statistics

                      CPU Usage

                      Click to jump to process

                      Memory Usage

                      Click to jump to process

                      Behavior

                      Click to jump to process

                      System Behavior

                      General

                      Target ID:0
                      Start time:01:01:04
                      Start date:29/03/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                      Imagebase:0x7ff76e190000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false

                      General

                      Target ID:2
                      Start time:01:01:05
                      Start date:29/03/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2340,i,5308589142870088309,8442831917506824584,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                      Imagebase:0x7ff76e190000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:false

                      General

                      Target ID:3
                      Start time:01:01:07
                      Start date:29/03/2024
                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                      Wow64 process (32bit):false
                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://oom21-secondary.z1.web.core.windows.net/werrx01USAHTML/?bcda=(0101)-88868-25074"
                      Imagebase:0x7ff76e190000
                      File size:3'242'272 bytes
                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                      Has elevated privileges:true
                      Has administrator privileges:true
                      Programmed in:C, C++ or other language
                      Reputation:low
                      Has exited:true

                      Disassembly

                      No disassembly