Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://amerityf-my.sharepoint.com/:b:/p/jhunt/EWzTxvMAy2lPir_gLAR19iYBvGdNkLwE7QF2aBj-4KhsVA?e=E1OL4y

Overview

General Information

Sample URL:https://amerityf-my.sharepoint.com/:b:/p/jhunt/EWzTxvMAy2lPir_gLAR19iYBvGdNkLwE7QF2aBj-4KhsVA?e=E1OL4y
Analysis ID:1428359

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Phishing site detected (based on OCR NLP Model)
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 3952 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://amerityf-my.sharepoint.com/:b:/p/jhunt/EWzTxvMAy2lPir_gLAR19iYBvGdNkLwE7QF2aBj-4KhsVA?e=E1OL4y MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 3676 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1920,i,4758365181315914950,9757403865534054341,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: Chrome DOM: 0.2ML Model on OCR Text: Matched 96.4% probability on "This link has been removed. Sorry, access to this document has been removed. Please contact the person who shared it with u. TECHNICAL DETAILS Troubleshoot issues with Microsoft SharePoint Foundation. Correlation da4c20a1-50d7-n)O-249c-4gc5be80a038 Date and Time: 4/18/2024 PM GO BACK TO SITE "
Source: unknownHTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.18:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.18:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.18:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.28.14:443 -> 192.168.2.18:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.18:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.18:49725 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownDNS traffic detected: queries for: amerityf-my.sharepoint.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49697 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49697
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownHTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.18:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.18:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.18:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.28.14:443 -> 192.168.2.18:49723 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.18:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.18:49725 version: TLS 1.2
Source: classification engineClassification label: clean1.win@14/20@8/96
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://amerityf-my.sharepoint.com/:b:/p/jhunt/EWzTxvMAy2lPir_gLAR19iYBvGdNkLwE7QF2aBj-4KhsVA?e=E1OL4y
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1920,i,4758365181315914950,9757403865534054341,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1920,i,4758365181315914950,9757403865534054341,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
dual-spo-0005.spo-msedge.net
13.107.136.10
truefalse
    		unknown
    www.google.com
    		142.251.15.147
    		truefalse
      		high
      amerityf-my.sharepoint.com
      		unknown
      		unknownfalse
        		unknown
        m365cdn.nel.measure.office.net
        		unknown
        		unknownfalse
          		high

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://amerityf-my.sharepoint.com/:b:/p/jhunt/EWzTxvMAy2lPir_gLAR19iYBvGdNkLwE7QF2aBj-4KhsVA?e=E1OL4yfalse
            		unknown

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            1.1.1.1
            		unknownAustralia
            		13335CLOUDFLARENETUSfalse
            13.107.136.10
            		dual-spo-0005.spo-msedge.netUnited States
            		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
            142.250.105.94
            		unknownUnited States
            		15169GOOGLEUSfalse
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse
            142.250.9.139
            		unknownUnited States
            		15169GOOGLEUSfalse
            142.250.9.84
            		unknownUnited States
            		15169GOOGLEUSfalse
            142.250.105.113
            		unknownUnited States
            		15169GOOGLEUSfalse
            172.217.215.94
            		unknownUnited States
            		15169GOOGLEUSfalse
            142.251.15.147
            		www.google.comUnited States
            		15169GOOGLEUSfalse
            23.45.235.184
            		unknownUnited States
            		20940AKAMAI-ASN1EUfalse
            23.223.31.204
            		unknownUnited States
            		16625AKAMAI-ASUSfalse

            Private

            IP
            192.168.2.18

            General Information

            Joe Sandbox version:40.0.0 Tourmaline
            Analysis ID:1428359
            Start date and time:2024-04-18 21:12:58 +02:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:defaultwindowsinteractivecookbook.jbs
            Sample URL:https://amerityf-my.sharepoint.com/:b:/p/jhunt/EWzTxvMAy2lPir_gLAR19iYBvGdNkLwE7QF2aBj-4KhsVA?e=E1OL4y
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:15
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • EGA enabled
            Analysis Mode:stream
            Analysis stop reason:Timeout
            Detection:CLEAN
            Classification:clean1.win@14/20@8/96

            Warnings

            • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 142.250.105.94, 142.250.9.139, 142.250.9.113, 142.250.9.138, 142.250.9.100, 142.250.9.102, 142.250.9.101, 142.250.9.84, 34.104.35.123, 23.45.235.184, 23.45.235.177, 23.45.235.203, 23.45.235.107, 23.45.235.104, 23.45.235.98, 23.45.235.176, 23.45.235.192, 23.45.235.193
            • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, clientservices.googleapis.com, res-1.cdn.office.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net, 193312-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net
            • Not all processes where analyzed, report is missing behavior information
            • VT rate limit hit for: https://amerityf-my.sharepoint.com/:b:/p/jhunt/EWzTxvMAy2lPir_gLAR19iYBvGdNkLwE7QF2aBj-4KhsVA?e=E1OL4y

            Created / dropped Files

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:13:31 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2675
            Entropy (8bit):3.9838570557272406
            Encrypted:false
            SSDEEP:
            MD5:19FE4D0F8D619627B7BFFC859884732B
            SHA1:9FD69D2393201368374D4075700B856621524039
            SHA-256:0141C729C6B48EF3F605D714A46549BB9DAAB7C4C903952C0CADCF3E5F352C5D
            SHA-512:ABE155CDB13C22B4BDDC0F5A1926DCE5F8EE3B7A97B9D1B56A7DAE019FCA747DD93E4E79FF15B3AF95A506A1F87F7DFD1851446C3C6EFFB6ECA2DD569200FBB0
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,....C\.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X......B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X......M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............f.{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:13:31 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):4.005166498618738
            Encrypted:false
            SSDEEP:
            MD5:13303159AE1DBFCBB84FFDE01C59784D
            SHA1:5C0E1BE3337685FDC329043C5D6EB798A999A876
            SHA-256:8D8BC3661ECB26337E73042861278DD4194B001247E26DCB54C08D4864FB71B7
            SHA-512:EA0F69E13B72ED9B99ECDB24E9402D49377BC52064BF227A8E0A829FB62F7D56B2C54CDECF95E2303E82326A9C958BCEA7D148FC170EC43377695F74A0EA51EB
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,...............y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X......B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X......M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............f.{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 09:23:19 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2691
            Entropy (8bit):4.008462698931926
            Encrypted:false
            SSDEEP:
            MD5:3F26E53BBD91F874FC0594BB85C3B379
            SHA1:113A1711E937D0F2E8264244D8DCB412643E4509
            SHA-256:E0126C1460278A92425F2A90D335D956D377AC8F06055806B2F4A7D0348AAD4D
            SHA-512:4472F69F579509705F87770B5601A30361AC8534EFB0BBC0CBD19206CB1C06C96A3671FE6B14B0D5E9731CEB1C6CB376C91577559576E22C9D7DF0A785D5D29A
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,....?.4 ?.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X......B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X......M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.R.....#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............f.{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:13:31 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):4.001357615880291
            Encrypted:false
            SSDEEP:
            MD5:A852ABE251F7CCE0FC1DD15DC15817FE
            SHA1:35BDF2B98E0680FA1D491862FEFA422C00E8E8C1
            SHA-256:7C5548408B1AC15D2C61ED762457E12F4DCCFB15CEE71A8D70DAD9DF63354125
            SHA-512:5E4D0357B999ADB5CFA13AB3AFDD77E9D71B1A4E573CF4A1E4E06865C18852AD9C1C3438BEA2351FDD379AB6D7B10D258C78A172C30C1FA761C71EDA903BDA9D
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,.....Z.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X......B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X......M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............f.{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:13:31 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):3.9886658503667833
            Encrypted:false
            SSDEEP:
            MD5:41D432EDE3A57842D2D8B4C80BFCC9E9
            SHA1:ED451BDBF60163806C750B82E181685B0AC1E796
            SHA-256:A52DFD0F7BF67F168223BB845731A26A204887CCD9CA5FE00162A7BAA940AF16
            SHA-512:CD1FC0860953EDAFA167C654D5EC223FFA2A8CD4AB89884D826739547615A510A1A53BF23C7F448585EC2F186407BF3F91FB973968D5B7679015349FC932C9FD
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,.....A.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X......B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X......M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............f.{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 18:13:31 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):4.003891315036718
            Encrypted:false
            SSDEEP:
            MD5:517A3BD259F58DE479A633F3E3EF9378
            SHA1:19F7B110BC1F7AAF0A697E28CB95F7A75F027BFA
            SHA-256:E7DA68AE1F796D06E60C6D7BA9BAA7EFFE86649D3F1BFC20D9F46FA69DAF39C4
            SHA-512:F0CBC0C9C764F334E7A324C3055204B442551B0087F32491C1F290E79E16664FE11B58FC0C864FFACA64626C2F40F05059D5A9EEE0918FA9F3C7BA94B42B6892
            Malicious:false
            Reputation:unknown
            Preview:L..................F.@.. ...$+.,......v........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I.X......B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V.X......M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V.X.............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.X.......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............f.{.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            Chrome Cache Entry: 74

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (35238), with no line terminators
            Category:downloaded
            Size (bytes):35238
            Entropy (8bit):5.390650418562352
            Encrypted:false
            SSDEEP:
            MD5:C637DE6889D81964119BA1FD124E2454
            SHA1:5DB2B1681BE6FF9A7B26E269CD80D817D41A01BE
            SHA-256:18E8366C8C5590C3D056BA6CA9691B7471D6970EE00D0E22A4B68E517B54F087
            SHA-512:78288767F08DB38F6DC8C366546CECC05DF35C25BCD898B94DCCC5ECCB3ACD7807817BAF813BCA11F4CCAC169A980E4F10EBF4334000C4D2D0F74DCC30BB36EE
            Malicious:false
            Reputation:unknown
            URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.24727.12008/theming.js
            Preview:var Theming={__namespace:true};Theming_module_def();function Theming_module_def(){Theming.ApplyThemeToCss=tb;Theming.ReplaceCssTextForElement=J;Theming.ThemeInfo=E;Theming.ImageProcessor=R;Theming.Colors={Color:a,ColorApplication:x,HslColor:h};function cb(d,c,e){for(var b=true,a=0;a<c.length;a++)if(d.charCodeAt(e+a)!==c.charCodeAt(a)){b=false;break}return b}var c={text:0,comment:1,string:2,url:3,right_par:4,font_family:5,rgb:6,rgba:7,colon:8,semicolon:9,right_curly:10,color:11};function d(a,b){this.kind=a;this.text=b}function Db(b){var e,a,g,f,l="*/",u="url(",i=")",j="font-family",t="rgb(",s="rgba(",o="#",w=":",y=";",x="}",k=new d(c.text,"");if(!Boolean(b))b="";a=0;f=b.length;m.prototype={kind:0,text:"",getToken:function(){return null}};function m(){}var r={"/":{},"'":{},'"':{},"#":{},")":new d(c.right_par,")"),";":new d(c.semicolon,";"),":":new d(c.colon,":"),"}":new d(c.right_curly,"}"),u:{getToken:q},f:{getToken:n},r:{getToken:p}};function h(c){var a=b.indexOf(")",c);if(a<0)a=f;retu

            Chrome Cache Entry: 75

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
            Category:dropped
            Size (bytes):7886
            Entropy (8bit):3.9482833105763633
            Encrypted:false
            SSDEEP:
            MD5:0B60F3C9E4DA6E807E808DA7360F24F2
            SHA1:9AFC7ABB910DE855EFB426206E547574A1E074B7
            SHA-256:ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
            SHA-512:1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
            Malicious:false
            Reputation:unknown
            Preview:...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

            Chrome Cache Entry: 76

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:HTML document, ASCII text, with very long lines (64255), with CRLF, LF line terminators
            Category:downloaded
            Size (bytes):199272
            Entropy (8bit):4.975242970884925
            Encrypted:false
            SSDEEP:
            MD5:E348B9DA046794B39C4E0B419A8A6B76
            SHA1:B0633F6579FB30C1290AAE282860B56939943787
            SHA-256:F4B3FC9251F35A1A9238A6F4A7F6098CF0C67BBA9EB2A78B37E1BA01A52510E3
            SHA-512:6E7E19EB50CE7DEF962247C13C80AF87321F2601CCFC2FB43111EF526BC226DB7EA83BCCE930EBF6F2CF0BF54B7EE8D995CA43E01D5C7F3EF031E5E36579769B
            Malicious:false
            Reputation:unknown
            URL:https://amerityf-my.sharepoint.com/:b:/p/jhunt/EWzTxvMAy2lPir_gLAR19iYBvGdNkLwE7QF2aBj-4KhsVA?e=E1OL4y
            Preview:..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN".."http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta http-equiv="X-UA-Compatible" content="IE=8"/><meta name="ROBOTS" content="NOHTMLINDEX" /><title>......Error....</title><link id="CssLink-365e0cfef35d44cf86721274809cd9cc" rel="stylesheet" type="text/css" href="/_layouts/15/1033/styles/corev15.css?rev=d9H3to%2BPaydkiWscqN0mJQ%3D%3DTAG240"/>.<link id="CssLink-9b7e337302644d7c8cab3eb525e69488" rel="stylesheet" type="text/css" href="/_layouts/15/1033/styles/error.css?rev=tF7fyfzbaQzNoASoSDlV4A%3D%3DTAG240"/>.<style id="SPThemeHideForms" type="text/css">body {opacity:0 !important}</style><script type="text/javascript">// <![CDATA[ ...var _initGlobalSnapShot = {};try { if

            Chrome Cache Entry: 77

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (23437), with CRLF line terminators
            Category:downloaded
            Size (bytes):23594
            Entropy (8bit):5.107347306409284
            Encrypted:false
            SSDEEP:
            MD5:964FCB2BAF87049DC68975291AE89431
            SHA1:D0CD8C989D44BC531472B632868D3FB2DE4B3184
            SHA-256:B8F7BD568E379502CF0C00027581D2761C7DC14B166F5D25FC048A0B56B7BFBB
            SHA-512:03CB58D197A776F9C315C2A14B9C034D88C7B7E9F4247C5698396F4FE7363A22FC2042A24C02A245C7E035DD2862F88E8EF46A7E5A269EDC2B69E39752A52987
            Malicious:false
            Reputation:unknown
            URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.24727.12008/1033/initstrings.js
            Preview:var Strings; if (Strings === undefined) { Strings=new Object(); }Strings.STS=function(){};Strings.STS.L_NewTab="New tab";Strings.STS.L_CalloutLastEditedNameAndDate="Changed by ^1 on ^2";Strings.STS.L_CalloutSourceUrlHeader="Location";Strings.STS.L_SPDiscBestUndo="Remove best reply";Strings.STS.L_SPClientManage="manage";Strings.STS.L_SPAddNewWiki="new Wiki page";Strings.STS.L_SPCategorySortRecent="Recent";Strings.STS.L_ViewSelectorTitle="Change View";Strings.STS.L_SPDiscNumberOfLikes="{0} likes||{0} like||{0} likes";Strings.STS.L_Timeline_DfltViewName="Timeline";Strings.STS.L_TimelineToday="Today";Strings.STS.L_SPDiscNoPreviewAvailable="No preview available for this reply";Strings.STS.L_NODOCView="There are no documents in this view.";Strings.STS.L_SPBlogPostAuthorCategories="by {0} in {1}";Strings.STS.L_SPBlogsNoItemsInCategory="There are no posts in this category.";Strings.STS.L_QRCodeDescription="Scan this QR code with your phone or tablet to open {0}";Strings.STS.L_RelativeDateTime

            Chrome Cache Entry: 78

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with CRLF line terminators
            Category:downloaded
            Size (bytes):341640
            Entropy (8bit):5.323830561122645
            Encrypted:false
            SSDEEP:
            MD5:77D1F7B68F8F6B2764896B1CA8DD2625
            SHA1:029DB673E5079D061FAF65C929E62381A2997112
            SHA-256:6A8AA4FE96A0E0846655C2977C533F9AFABC9F8B02E6F4643244CD417D28263C
            SHA-512:B0E66C55F74FBB23A6A62A55175280E6D1429FFB04745CB7127CD75E8AE88DE8AAEC27808965B690AB88B510CC9C6CC80B1DC7B9948B4C630A0730954E9CDD3B
            Malicious:false
            Reputation:unknown
            URL:https://amerityf-my.sharepoint.com/_layouts/15/1033/styles/corev15.css?rev=d9H3to%2BPaydkiWscqN0mJQ%3D%3DTAG240
            Preview:/* _lcid="1033".._LocalBinding */..body,...ms-core-defaultFont,..#pageStatusBar,..#hybridTooltipStatusBar,...ms-status-msg,...js-callout-body..{../* [ReplaceFont(themeFont:"body")] */ font-family:"Segoe UI","Segoe",Tahoma,Helvetica,Arial,sans-serif;..font-size:13px;..}..body,...ms-core-defaultFont,...js-callout-body..{../* [ReplaceColor(themeColor:"BodyText")] */ color:#444;..}...ms-core-defaultFont..{..font-weight:normal;..text-decoration:none;..white-space:normal;..word-break:normal;..line-height:normal;..}..body..{..margin:0px;..overflow:hidden;../* [ReplaceColor(themeColor:"PageBackground")] */ background-color:#fff;..background-size:cover;..background-repeat:no-repeat;..}..html > .ms-core-needIEFilter..{../* [ReplaceBGImage] */ -ms-filter:"progid:DXImageTransform.Microsoft.AlphaImageLoader(src='about:blank',sizingMethod='scale');";..}...ms-backgroundImage..{../* [ReplaceBGImage] */ background-image:url();..}..#s4-ribbonrow..{..position:relative;..}..#s4-workspace..{..overflow:auto

            Chrome Cache Entry: 79

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (65536), with no line terminators
            Category:downloaded
            Size (bytes):186722
            Entropy (8bit):5.127936869447186
            Encrypted:false
            SSDEEP:
            MD5:2DE2482829622DE740DB42E04CBCD047
            SHA1:2A88D65A01BDA232B97B24163F66BA7F90A63386
            SHA-256:947D9E7117E8528021EC98FBBD6FE75A4D393A699DFFFFB3A2803EAE42845CEB
            SHA-512:35A2B88CF1FD1505BAD30CF68FB235ED5E5029D4824EC8586452A53E820563229AEA06156B46702C5046DC4BCE0046DFC74E934E215BFDD040B2715D298E8886
            Malicious:false
            Reputation:unknown
            URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.24727.12008/1033/strings.js
            Preview:var Strings; if (Strings === undefined) { Strings=new Object(); }Strings.CMS=function(){};Strings.CMS.L_SelectAllAltKey_TEXT="false";Strings.CMS.L_SpellCheckKey_VALUE="0x76";Strings.CMS.L_Callout_Usage_Count="<p>{0}</p>view||<p>{0}</p>views";Strings.CMS.L_NoElementStylesWereRemoved_TEXT="The selection did not contain any instances of element styles to remove.";Strings.CMS.L_DecWidthAltKey_TEXT="false";Strings.CMS.L_ExpandedTagNameH4="Heading 4";Strings.CMS.L_DecWidthShiftKey_TEXT="true";Strings.CMS.L_EditImageRenditionsAction="Edit Renditions";Strings.CMS.L_TabBackKey_TEXT="N";Strings.CMS.L_SvrBusySpellchecker_TEXT="The spell checking server was busy";Strings.CMS.L_RemoveLinkShiftKey_TEXT="false";Strings.CMS.L_Show_TEXT="Show";Strings.CMS.L_Title_TEXT="Title:";Strings.CMS.L_ShowSpecific_TEXT="Show the selected item in navigation";Strings.CMS.L_DecHeightShiftKey_TEXT="true";Strings.CMS.L_ChangeColumnWidthAndRowHeightKey_TEXT="W";Strings.CMS.L_UnlinkToolTip_TEXT="Remove Hyperlink";Strin

            Chrome Cache Entry: 80

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (456), with no line terminators
            Category:downloaded
            Size (bytes):456
            Entropy (8bit):5.232572180433318
            Encrypted:false
            SSDEEP:
            MD5:812A51FE4BCC81F7290964637A165DC7
            SHA1:F798FF78C093C431C8069139A4137EF99482456C
            SHA-256:FB516CFAA70B446C3DFE6125EEBE06462DC4C28FC471F8EBBA4AFEC1716632C4
            SHA-512:BE48D6A8114F548B4843F54E482624390769C499CF04D6B67E9770F0558C4FBC491BA66262E43141DE297A29B2A54A52AD40FBA736D811DC37420C1B596F510E
            Malicious:false
            Reputation:unknown
            URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.24727.12008/blank.js
            Preview:function $_global_blank(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["blank.js"]={version:{rmj:16,rmm:0,rup:24727,rpr:12008}};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_blank.js");typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkEnd_blank.js")}function ULSaew(){var a={};a.ULSTeamName="Microsoft SharePoint Foundation";a.ULSFileName="blank.commentedjs";return a}$_global_blank();

            Chrome Cache Entry: 81

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (2015), with no line terminators
            Category:downloaded
            Size (bytes):2015
            Entropy (8bit):5.37074156919073
            Encrypted:false
            SSDEEP:
            MD5:1B66CA2166BF0326317487587F36DBD6
            SHA1:6080EB6E5B7160E7975665946C884B024809817E
            SHA-256:163B9570B694A788FC732A44F6665138638D35F755DFC8A397B30A95ECFFDEAC
            SHA-512:D5BD3112CBCE497A68DDEE6F151350731DC56A87337F1B2143F739362E6DBB652A673CB7EA7D9B4F808C163CB72B5A1743F8D6986FE444076D66B7B7ECBB6DC3
            Malicious:false
            Reputation:unknown
            URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.24727.12008/foldhyperlink.js
            Preview:function $_global_foldhyperlink(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["foldhyperlink.js"]={version:{rmj:16,rmm:0,rup:24727,rpr:12008}};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_foldhyperlink.js");typeof Sys!="undefined"&&Sys!=null&&Sys.Application!=null&&Sys.Application.notifyScriptLoaded();typeof NotifyScriptLoadedAndExecuteWaitingJobs=="function"&&NotifyScriptLoadedAndExecuteWaitingJobs("foldHyperLink.js");typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkEnd_foldhyperlink.js")}function ULS8Cx(){var a={};a.ULSTeamName="Microsoft SharePoint Foundation";a.ULSFileName="foldhyperlink.commentedjs";return a}function ToggleElementDisplay(a,c,d,b){if(Boolean(a)){var e=GetCurrentEltStyle(a,"display");if(e=="none")EnsureScriptFunc("core.js","RemoveCssClassFromElement",function(){a:;SetOpacity(a,0);RemoveCssClassFromElement(a,c);SPAnimationUtility.BasicAnimator.FadeIn(a,d,null)});else SPAnimationUtility.BasicAni

            Chrome Cache Entry: 82

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 40329
            Category:downloaded
            Size (bytes):9984
            Entropy (8bit):7.979200972475404
            Encrypted:false
            SSDEEP:
            MD5:027A7D52E1CEED8AEF7DC13505B81D36
            SHA1:33CF0BCE6A4C8B44B4A80B3116C978C12EE93FD0
            SHA-256:29061464FB6FCE2326B952EACAA95C3C6183BFEA74C3851390E9838720D372A6
            SHA-512:FCDDEBF6DE759B5079E7DF2432771A866DE1824B119AD8CB3BAE11F9FAA060B943D52F121E4C63E7E20D43F31B2220C1D4E9C24A20004C4B061CD1A0A5EE5AC9
            Malicious:false
            Reputation:unknown
            URL:https://amerityf-my.sharepoint.com/ScriptResource.axd?d=oSMmx_zvItX-8usWdkZkaPUYqo0X93a_BwOQmaboXmrf-SpyDJhwwhlTkKtNBKmcuy07lrYr9mH7cZ_bo1O09C8iZRFg9CBB6Vl5WXYHgeV_Z-08rY9oNeu7iYUesv_1DIhHtzKot5wQR44YsTN9dBOsDLjBHNxauZJ-ycYnXFuz-Vd8PjR2Y5Xk6JE5iDFE0&t=722fe453
            Preview:...........}ks.H......@a{ebU......h.^.._a..3!k...HB....m.%....?i..e..U@.........wefefefU........O.....?8).we:...?x..eQ.....EQ.:-.`p.e.^....b.W..X.........UQ.......,...4.jV~..tQ........`......Y..,.]........sR..E...M....\.c>H5.t......xW.jt.?6?.c(..`_....B.G..'.<.1.c....o...yZ..cZ.a=K+....l.l...EQ..4.=......L_..Z..4gYuQ|._!]m1.`Q.uQ....)..=..|.....2.8G."XY.......]c..*|xT....3@..?..Zm..E.'..*......2..E gy..<(.Z...8XY..4O2....U...4.0..5.W!}x._i.`.T,.V.G...b/.t..j>...<.((....,."Uo5X}.@QE.b.khU.h...>...Q~=.k.?.....o.0k........GM..X......P^G....=..<fY.U..S....K....H..9:*......'...J=).O....#G[m...30k...j.2+.im.(Km3.uxv._.pT.4.>..f.-..UZ.=e...C....._5..xR.:..\U..jR. .....9A..1:1.......a..2...U......YTP..`...l0.9.t.}.'.p.c3q.. {m.,...G1..".L.Aj@.D.h.p......fZ{...eYB......1.Ep.b&..% .c.._i9.).,.eD.'...`.E.i..M3#+6...9+....B..NYB..%..8..?....zv.r..XP..W.../+..e.N........Z..i..... ....4I..iR...8+.>....k...N?....MA.....uU...&...Xyb..u*..H....%.

            Chrome Cache Entry: 83

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (65536), with no line terminators
            Category:downloaded
            Size (bytes):511765
            Entropy (8bit):5.440748482969972
            Encrypted:false
            SSDEEP:
            MD5:A2E6B0DBB425AF181D51BDE75DFE31B7
            SHA1:1F3DC7D98ADF930101F4A50DA6159DBE26C813A3
            SHA-256:CC22978657C015FFDB2A15F584CA14BBCFB25B6075F809E04FB9B9B23382A244
            SHA-512:41C5D03EE0B2CC9D532D08A52C6AC3842AD349251F17A2DDFE2698D2ADF8AECC11AA38CBFC60DA7AA1C2358D1F26D74C9022810AE284A0B307439561F7FA4F0F
            Malicious:false
            Reputation:unknown
            URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.24727.12008/core.js
            Preview:function $_global_core(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["core.js"]={version:{rmj:16,rmm:0,rup:24727,rpr:12008}};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_core.js");SPAnimation={};SPAnimation.g_Curves=new Array(7);SPAnimation.g_Curves[0]=new SPCurve(0,0,0,0,0,0);SPAnimation.g_Curves[1]=new SPCurve(1,1,0,0,0,0);SPAnimation.g_Curves[2]=new SPCurve(2,2,0,0,0,0);SPAnimation.g_Curves[3]=new SPCurve(3,3,.1,.9,.2,1);SPAnimation.g_Curves[4]=new SPCurve(4,3,.42,0,1,1);SPAnimation.g_Curves[5]=new SPCurve(5,3,0,0,.58,1);SPAnimation.g_Curves[6]=new SPCurve(6,3,.42,0,.58,1);SPKeyFrame.prototype={type:0,curveID:0,startTime:0,endTime:0,startValue:0,endValue:0,relativeTo:0,operationType:0};SPAnimation.Attribute={PositionX:1,PositionY:2,Height:3,Width:4,Opacity:5};SPAnimation.ID={Basic_Show:0,Basic_SlowShow:1,Basic_Fade:2,Basic_Move:3,Basic_Size:4,Content_SlideInFadeInRight:5,Content_SlideInFadeInRightInc:6,Content_SlideOutFadeOutRigh

            Chrome Cache Entry: 84

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with CRLF line terminators
            Category:downloaded
            Size (bytes):622
            Entropy (8bit):5.030708856292114
            Encrypted:false
            SSDEEP:
            MD5:B45EDFC9FCDB690CCDA004A8483955E0
            SHA1:BAEDF73329EABB32504CAC640538EE3B6B31819F
            SHA-256:E817BF53005172205995AA07E0021BD8254A0204A1177E925F365E838C32D069
            SHA-512:E2709C77BA686FC58FE528EC2C2CEB6B9C84D045018D77FB9B376359F204FB6B889910B6748C978B4FF9712A7611342DF3C8C59711AA42090219DEC0C83778D2
            Malicious:false
            Reputation:unknown
            URL:https://amerityf-my.sharepoint.com/_layouts/15/1033/styles/error.css?rev=tF7fyfzbaQzNoASoSDlV4A%3D%3DTAG240
            Preview:/* _lcid="1033".._LocalBinding */..#ms-error-header..{..margin:118px 0px 16px;..min-height:50px;..}..#ms-error-gobackcont..{..margin-top:28px;..}..#ms-accessDenied-reqDialog..{..max-width:100%;..}..#ms-error-body..{..background-size:auto;..overflow:auto;..width:830px;..margin-right:auto;..margin-left:auto;..}...ms-error-returnLink..{..line-height:19px;..vertical-align:middle;..}...ms-error-detailsFold..{..padding-top:42px;..}...ms-error-techMsg..{..padding-top:28px;..}...ms-error-groupJoinPanel..{..margin-top:15px;..}...ms-error-groupProfileText..{..margin-top:17px;..}...ms-error-separator..{..margin:34px 0px;..}..

            Chrome Cache Entry: 85

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines (65536), with no line terminators
            Category:downloaded
            Size (bytes):341066
            Entropy (8bit):5.443381043002205
            Encrypted:false
            SSDEEP:
            MD5:14075DE0975BC94F1D20DD49119A86CA
            SHA1:45E94A68D971A065B7EA12F4693AAA1090609252
            SHA-256:503593AD87367F233322D3DC9DB7007B3C8940E078D99C42D154A2BBF273EDBC
            SHA-512:00E0A74909494D250A9652525204C07AEA59F76B24A46049994E239BFD7BD77AE347DC0DF322CA3F4263CBC3571D21937D42A05264DE15A98CB795F65BD07484
            Malicious:false
            Reputation:unknown
            URL:https://res-1.cdn.office.net/bld/_layouts/15/16.0.24727.12008/init.js
            Preview:function $_global_init(){if("undefined"==typeof g_all_modules)g_all_modules={};g_all_modules["init.js"]={version:{rmj:16,rmm:0,rup:24727,rpr:12008}};if(-1!=navigator.userAgent.indexOf("ProfilerMark")&&"function"==typeof msWriteProfilerMark)spWriteProfilerMark=function(a){window.msWriteProfilerMark(a)};typeof spWriteProfilerMark=="function"&&spWriteProfilerMark("perfMarkBegin_init.js");if(typeof OffSwitch=="undefined"){OffSwitch={__namespace:true};OffSwitch_module_def()}if(typeof RuntimeErrors=="undefined"){RuntimeErrors={__namespace:true};RuntimeErrors_module_def()}if(typeof Verify=="undefined"){Verify={__namespace:true};Verify_module_def()}if(typeof Define=="undefined"){Define={__namespace:true};Define_module_def()}if(typeof BrowserDetection=="undefined"){BrowserDetection={__namespace:true};BrowserDetection_module_def()}(function(){b.prototype={firefox:undefined,firefox36up:undefined,firefox3up:undefined,firefox4up:undefined,ie:undefined,ie55up:undefined,ie5up:undefined,ie7down:undefi

            Chrome Cache Entry: 86

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 102804
            Category:downloaded
            Size (bytes):25609
            Entropy (8bit):7.992070293592458
            Encrypted:true
            SSDEEP:
            MD5:B62553925BD98826C60457D2EB6B9A46
            SHA1:84DBBB6D9B36A587C21B5A56B1D9E587E33BA943
            SHA-256:C58166FE4DF4BA8F25A960C21451EAF841D97F6F552F104E43431C9DB1C2E2CC
            SHA-512:7B6872144AE308224FF671A1EC63F040A40115888790CF6834AD85D517471CE5DAD3EC297EE751FB196B55118A181017151F7F06FCE0F2F26FF94E8EEC070033
            Malicious:false
            Reputation:unknown
            URL:https://amerityf-my.sharepoint.com/ScriptResource.axd?d=yUoH3se3ARruq_kJl76NP8fIVKp475vZyhDMYnVwlnOPIISZxsS6aGarL3X6r-PWy_MFRLh6vQa0Wk5HhnBJzuGqdTGtD_tdVaTV1678FffnnHfSexTTgFiSbJV-QmZ6KYacuod7pMx4yxT6twN2BltChWIuTETTXR9tHmowFnsH1p4a0cJtw3s8qt_KcIsm0&t=722fe453
            Preview:............r.I.(.>f..d..B6. )U/.(....mGRuw.... I..B..X...<.O..p}.=#.P.>s.Y...D,..........................'.......;.'..2.Uu5.C..%..v.M&;T...u1.T.=...m....'_z.......4.&?~.__....".db00..IR..|.(tj6+.y.$.L.$..."..FIx3+..tG%.7...N.'..........A9....9;.O...j...Y|8.........LW........h&.%WW...|\.Q..Tr....$\..?-&....}O...w..$R}....W.k.+.._..q...P..dR......`^.j]0.L..9......)...."...I....,.K..j...`1.a9-.`..-p..O..t...|Bo..Uu.~.t...uB9S.J.o..Fe<.....A.SM.....d>.].HO..Qx...ao....a.J..h6K..q7.N.n'..Ga78....v..n...>..0.I.X?...$=...x..H*..&.V.+.h..GyTJ....AT...x.Jl..*.X..t.H4...$9..^u....r9rq3.._..a...^I.{{.Ch....@.l.....@..BW.[..8~6.U3].I#....8....H`...4..I..6...I...Q1...W^]>...P.KJ.L......A...>.@hf.M...RP..)m.F...Wp{.!.R.".j.....!soO..]k...a."eo.S,...G|n.|!F[..O../.aR...$.\..4.N.-p1..}...2...r\a[`e.E..{H..?.....J.ak.Y...P......DP.d.?...<..Y.8....%d...@..e.....exc..g...b.....<z....7*8!...n..wG0.C..f..Y5....qE..p....2.rH-..r.S........q..R.$Q^q....!....

            Chrome Cache Entry: 87

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with CRLF line terminators
            Category:downloaded
            Size (bytes):23063
            Entropy (8bit):4.7535440881548165
            Encrypted:false
            SSDEEP:
            MD5:90EA7274F19755002360945D54C2A0D7
            SHA1:647B5D8BF7D119A2C97895363A07A0C6EB8CD284
            SHA-256:40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
            SHA-512:7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
            Malicious:false
            Reputation:unknown
            URL:https://amerityf-my.sharepoint.com/WebResource.axd?d=DTLCw0g9N-6B3rTKvlcJ7mU8wi9CML-iioP-GOdX7h2iL-gH6Li-Jjvi89n43mRCLlenq7nSDIzDhYm3B19sLAd1qag-YTVvFgfrQVQhufU1&t=638449966421100877
            Preview:function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

            Static File Info

            No static file info